Upbeat music plays >> Voice Over: TheCUBE presents Ignite 22, brought to you by Palo Alto Networks. >> Good morning everyone. Welcome to theCUBE. Lisa Martin here with Dave Vellante. We are live at Palo Alto Networks Ignite. This is the 10th annual Ignite. There's about 3,000 people here, excited to really see where this powerhouse organization is taking security. Dave, it's great to be here. Our first time covering Ignite. People are ready to be back. They.. and security is top. It's a board level conversation. >> It is the other Ignite, I like to call it cuz of course there's another big company has a conference name Ignite, so I'm really excited to be here. Palo Alto Networks, a company we've covered for a number of years, as we just wrote in our recent breaking analysis, we've called them the gold standard but it's not just our opinion, we've backed it up with data. The company's on track. We think to do close to 7 billion in revenue by 2023. That's double it's 2020 revenue. You can measure it with execution, market cap M and A prowess. I'm super excited to have the CEO here. >> We have the CEO here, Nikesh Arora joins us from Palo Alto Networks. Nikesh, great to have you on theCube. Thank you for joining us. >> Well thank you very much for having me Lisa and Dave >> Lisa: It was great to see your keynote this morning. You said that, you know fundamentally security is a data problem. Well these days every company has to be a data company. Grocery stores, gas stations, car dealers. How is Palo Alto networks making customers, these data companies, more secure? >> Well Lisa, you know, (coughs) I've only done cybersecurity for about four, four and a half years so when I came to the industry I was amazed to see how security is so reactive as opposed to proactive. We should be able to stop bad threats, right? as they're happening. But I think a lot of threats get through because we don't have the right infrastructure and the right tooling and right products in there. So I think we've been working hard for the last four and a half years to turn it around so we can have consistent data flow across an enterprise and then mine that data for threats and anomalous behavior and try and protect our customers. >> You know the problem, I wrote this, this weekend, the problem in cybersecurity is well understood, you put up that Optiv graph and it's like 8,000 companies >> Yes >> and I think you mentioned your keynote on average, you know 30 to 40 tools, maybe 50, at least 20, >> Yes. >> from the folks that I talked to. So, okay, great, but actually solving that problem is not trivial. To be a consolidator, I mean, everybody wants to consolidate tools. So in your three to four years and security as you well know, it's, you can't fake security. It's a really, really challenging topic. So when you joined Palo Alto Networks and you heard that strategy, I know you guys have been thinking about this for some time, what did you see as the challenges to actually executing on that and how is it that you've been able to sort of get through that knot hole. >> So Dave, you know, it's interesting if you look at the history of cybersecurity, I call them the flavor of the decade, a flare, you know a new threat vector gets created, very large market gets created, a solution comes through, people flock, you get four or five companies will chase that opportunity, and then they become leaders in that space whether it's firewalls or endpoints or identity. And then people stick to their swim lane. The problem is that's a very product centric approach to security. It's not a customer-centric approach. The customer wants a more secure enterprise. They don't want to solve 20 different solutions.. problems with 20 different point solutions. But that's kind of how the industry's grown up, and it's been impossible for a large security company in one category, to actually have a substantive presence in the next category. Now what we've been able to do in the last four and a half years is, you know, from our firewall base we had resources, we had intellectual capability from a security perspective and we had cash. So we used that to pay off our technical debt. We acquired a bunch of companies, we created capability. In the last three years, four years we've created three incremental businesses which are all on track to hit a billion dollars the next 12 to 18 months. >> Yeah, so it's interesting on Twitter last night we had a little conversation about acquirers and who was a good, who was not so good. It was, there was Oracle, they came up actually very high, they'd done pretty, pretty good Job, VMware was on the list, IBM, Cisco, ServiceNow. And if you look at IBM and Cisco's strategy, they tend to be very services heavy, >> Mm >> right? How is it that you have been able to, you mentioned get rid of your technical debt, you invested in that. I wonder if you could, was it the, the Cloud, even though a lot of the Cloud was your own Cloud, was that a difference in terms of your ability to integrate? Because so many companies have tried it in the past. Oracle I think has done a good job, but it took 'em 10 to 12 years, you know, to, to get there. What was the sort of secret sauce? Is it culture, is it just great engineering? >> Dave it's a.. thank you for that. I think, look, it's, it's a mix of everything. First and foremost, you know, there are certain categories we didn't play in so there was nothing to integrate. We built a capability in a category in automation. We didn't have a product, we acquired a company. It's a net new capability in instant response. We didn't have a capability. It was net new capability. So there was, there was, other than integrating culturally and into the organization into our core to market processes there was no technical integration needed. Most of our technical integration was needed in our Cloud platform, which we bought five or six companies, we integrated then we just bought one recently called cyber security as well, which is going to get integrated in the Cloud platform. >> Dave: Yeah. >> And the thing is like, the Cloud platform is net new in the industry. We.. nobody's created a Cloud security platform yet, so we're working hard to create it because we don't want to replicate the mistakes of the past, that were made in enterprise security, in Cloud security. So it's a combination of cultural integration it's a combination of technical integration. The two things we do differently I think, than most people in the industry is look, we have no pride of, you know of innovations. Like, if somebody else has done it, we respect it and we'll acquire it, but we always want to acquire number one or number two in their category. I don't want number three or four. There's three or four for a reason and there still leaves one or two out there to compete with. So we've always acquired one or two, one. And the second thing, which is as important is most of these companies are in the early stage of development. So it's very important for the founding team to be around. So we spend a lot of time making sure they stick around. We actually make our people work for them. My principle is, listen, if they beat us in the open market with all our resources and our people, then they deserve to run this as opposed to us. So most of our new product categories are run by founders of companies required. >> So a little bit of Jack Welch, a little bit of Franks Lubens is a, you know always deference to the founders. But go ahead Lisa. >> Speaking of cultural transformation, you were mentioning your keynote this morning, there's been a significant workforce transformation at Palo Alto Networks. >> Yeah >> Talk a little bit about that, cause that's a big challenge, for many organizations to achieve. Sounds like you've done it pretty well. >> Well you know, my old boss, Eric Schmidt, used to say, 'revenue solves all known problems'. Which kind of, you know, it is a part joking, part true, but you know as Dave mentioned, we've doubled or two and a half time the revenues in the last four and a half years. That allows you to grow, that allows you to increase headcount. So we've gone from four and a half thousand people to 14,000 people. Good news is that's 9,500 people are net new to the company. So you can hire a whole new set of people who have new skills, new capabilities and there's some attrition four and a half thousand, some part of that turns over in four and a half years, so we effectively have 80% net new people, and the people we have, who are there from before, are amazing because they've built a phenomenal firewall business. So it's kind of been right sized across the board. It's very hard to do this if you're not growing. So you got to focus on growing. >> Dave: It's like winning in sports. So speaking of firewalls, I got to ask you does self-driving cars need brakes? So if I got a shout out to my friend Zeus Cararvela so like that's his line about why you need firewalls, right? >> Nikesh: Yes. >> I mean you mentioned it in your keynote today. You said it's the number one question that you get. >> and I don't get it why P industry observers don't go back and say that's, this is ridiculous. The network traffic is doubling or tripling. (clears throat) In fact, I gave an interesting example. We shut down our data centers, as I said, we are all on Google Cloud and Amazon Cloud and then, you know our internal team comes in, we'd want a bigger firewall. I'm like, why do you want a bigger firewall? We shut down our data centers as well. The traffic coming in and out of our campus is doubled. We need a bigger firewall. So you still need a firewall even if you're in the Cloud. >> So I'm going to come back to >> Nikesh: (coughs) >> the M and A strategy. My question is, can you be both best of breed and develop a comprehensive suite number.. part one and part one A of that is do you even have to, because generally sweets win out over best of breed. But what, how do you, how do you respond? >> Well, you know, this is this age old debate and people get trapped in that, I think in my mind, and let me try and expand the analogy which I tried to do up in my keynote. You know, let's assume that Oracle, Microsoft, Dynamics and Salesforce did not exist, okay? And you were running a large company of 50,000 people and your job was to manage the customer process which easier to understand than security. And I said, okay, guess what? I have a quoting system and a lead system but the lead system doesn't talk to my coding system. So I get leads, but I don't know who those customers. And I write codes for a whole new set of customers and I have a customer database. Then when they come as purchase orders, I have a new database with all the customers who've bought something from me, and then when I go get them licensing I have a new database and when I go have customer support, I have a fifth database and there are customers in all five databases. You'll say Nikesh you're crazy, you should have one customer database, otherwise you're never going to be able to make this work. But security is the same problem. >> Dave: Mm I should.. I need consistency in data from suit to nuts. If it's in Cloud, if you're writing code, I need to understand the security flaws before they go into deployment, before they go into production. We for somehow ridiculously have bought security like IT. Now the difference between IT and security is, IT is required to talk to each other, so a Dell server and HP server work very similarly but a Palo Alto firewall and a Checkpoint firewall Fortnight firewall work formally differently. And then how that transitions into endpoints is a whole different ball game. So you need consistency in data, as Lisa was saying earlier, it's a data problem. You need consistency as you traverse to the enterprise. And that's why that's the number one need. Now, when you say best of breed, (coughs) best of breed, if it's fine, if it's a specific problem that you're trying to solve. But if you're trying to make sure that's the data flow that happens, you need both best of breed, you know, technology that stops things and need integration on data. So what we are trying to do is we're trying to give people best to breed solutions in the categories they want because otherwise they won't buy us. But we're also trying to make sure we stitch the data. >> But that definition of best of breed is a little bit of nuance than different in security is what I'm hearing because that consistency >> Nikesh: (coughs) Yes, >> across products. What about across Cloud? You mentioned Google and Amazon. >> Yeah so that's great question. >> Dave: Are you building the security super Cloud, I call it, above the Cloud? >> It's, it's not, it's, less so a super Cloud, It's more like Switzerland and I used to work at Google for 10 years, not a secret. And we used to sell advertising and we decided to go into pub into display ads or publishing, right. Now we had no publishing platform so we had to be good at everybody else's publishing platform >> Dave: Mm >> but we never were able to search ads for everybody else because we only focus on our own platform. So part of it is when the Cloud guys they're busy solving security for their Cloud. Google is not doing anything about Amazon Cloud or Microsoft Cloud, Microsoft's Azure, right? AWS is not doing anything about Google Cloud or Azure. So what we do is we don't have a Cloud. Our job in providing Cloud securities, be Switzerland make sure it works consistently across every Cloud. Now if you try to replicate what we offer Prisma Cloud, by using AWS, Azure and GCP, you'd have to first of all, have three panes of glass for all three of them. But even within them they have four panes of glass for the capabilities we offer. So you could end up with 12 different interfaces to manage a development process, we give you one. Now you tell me which is better. >> Dave: Sounds like a super Cloud to me Lisa (laughing) >> He's big on super Cloud >> Uber Cloud, there you >> Hey I like that, Uber Cloud. Well, so I want to understand Nikesh, what's realistic. You mentioned in your keynote Dave, brought it up that the average organization has 30 to 50 tools, security tools. >> Nikesh: Yes, yes >> On their network. What is realistic for from a consolidation perspective where Palo Alto can come in and say, let me make this consistent and simple for you. >> Well, I'll give you your own example, right? (clears throat) We're probably sub 10 substantively, right? There may be small things here and there we do. But on a substantive protecting the enterprise perspective you be should be down to eight or 10 vendors, and that is not perfect but it's a lot better than 50, >> Lisa: Right? >> because don't forget 50 tools means you have to have capability to understand what those 50 tools are doing. You have to have the capability to upgrade them on a constant basis, learn about their new capabilities. And I just can't imagine why customers have two sets of firewalls right. Now you got to learn both the files on how to deploy both them. That's silly because that's why we need 7 million more people. You need people to understand, so all these tools, who work for companies. If you had less tools, we need less people. >> Do you think, you know I wrote about this as well, that the security industry is anomalous and that the leader has, you know, single digit, low single digit >> Yes >> market shares. Do you think that you can change that? >> Well, you know, when I started that was exactly the observation I had Dave, which you highlighted in your article. We were the largest by revenue, by small margin. And we were one and half percent of the industry. Now we're closer to three, three to four percent and we're still at, you know, like you said, going to be around $7 billion. So I see a path for us to double from here and then double from there, and hopefully as we keep doubling and some point in time, you know, I'd like to get to double digits to start with. >> One of the things that I think has to happen is this has to grow dramatically, the ecosystem. I wonder if you could talk about the ecosystem and your strategy there. >> Well, you know, it's a matter of perspective. I think we have to get more penetrated in our largest customers. So we have, you know, 1800 of the top 2000 customers in the world are Palo Alto customers. But we're not fully penetrated with all our capabilities and the same customers set, so yes the ecosystem needs to grow, but the pandemic has taught us the ecosystem can grow wherever they are without having to come to Vegas. Which I don't think is a bad thing to be honest. So the ecosystem is growing. You are seeing new players come to the ecosystem. Five years ago you didn't see a lot of systems integrators and security. You didn't see security offshoots of telecom companies. You didn't see the Optivs, the WWTs, the (indistinct) of the world (coughs) make a concerted shift towards consolidation or services and all that is happening >> Dave: Mm >> as we speak today in the audience you will find people from Google, Amazon Microsoft are sitting in the audience. People from telecom companies are sitting in the audience. These people weren't there five years ago. So you are seeing >> Dave: Mm >> the ecosystem's adapting. They're, they want to be front and center of solving the customer's problem around security and they want to consolidate capability, they need. They don't want to go work with a hundred vendors because you know, it's like, it's hard. >> And the global system integrators are key. I always say they like to eat at the trough and there's a lot of money in security. >> Yes. >> Dave: (laughs) >> Well speaking of the ecosystem, you had Thomas Curry and Google Cloud CEO in your fireside chat in the keynote. Talk a little bit about how Google Cloud plus Palo Alto Networks, the Zero Trust Partnership and what it's enable customers to achieve. >> Lisa, that's a great question. (clears his throat) Thank you for bringing it up. Look, you know the, one of the most fundamental shifts that is happening is obviously the shift to the Cloud. Now when that shift fully, sort of, takes shape you will realize if your network has changed and you're delivering everything to the Cloud you need to go figure out how to bring the traffic to the Cloud. You don't have to bring it back to your data center you can bring it straight to the Cloud. So in that context, you know we use Google Cloud and Amazon Cloud, to be able to carry our traffic. We're going from a product company to a services company in addition, right? Cuz when we go from firewalls to SASE we're not carrying your traffic. When we carry our traffic, we need to make sure we have underlying capability which is world class. We think GCP and AWS and Azure run some of the biggest and best networks in the world. So our partnership with Google is such that we use their public Cloud, we sit on top of their Cloud, they give us increased enhanced functionality so that our customers SASE traffic gets delivered in priority anywhere in the world. They give us tooling to make sure that there's high reliability. So you know, we partner, they have Beyond Corp which is their version of Zero Trust which allows you to take unmanaged devices with browsers. We have SASE, which allows you to have managed devices. So the combination gives our collective customers the ability for Zero Trust. >> Do you feel like there has to be more collaboration within the ecosystem, the security, you know, landscape even amongst competitors? I mean I think about Google acquires Mandiant. You guys have Unit 42. Should and will, like, Wendy Whitmore and maybe they already are, Kevin Mandia talk more and share more data. If security's a data problem is all this data >> Nikesh: Yeah look I think the industry shares threat data, both in private organizations as well as public and private context, so that's not a problem. You know the challenge with too much collaboration in security is you never know. Like you know, the moment you start sharing your stuff at third parties, you go out of Secure Zone. >> Lisa: Mm >> Our biggest challenge is, you know, I can't trust a third party competitor partner product. I have to treat it with as much suspicion as anything else out there because the only way I can deliver Zero Trust is to not trust anything. So collaboration in Zero Trust are a bit of odds with each other. >> Sounds like another problem you can solve >> (laughs) >> Nikesh last question for you. >> Yes >> Favorite customer or example that you think really articulates the value of what Palo Alto was delivering? >> Look you know, it's a great question, Lisa. I had this seminal conversation with a customer and I explained all those things we were talking about and the customer said to me, great, okay so what do I need to do? I said, fun, you got to trust me because you know, we are on a journey, because in the past, customers have had to take the onus on themselves of integrating everything because they weren't sure a small startup will be independent, be bought by another cybersecurity company or a large cybersecurity company won't get gobbled up and split into pieces by private equity because every one of the cybersecurity companies have had a shelf life. So you know, our aspiration is to be the evergreen cybersecurity company. We will always be around and we will always tackle innovation and be on the front line. So the customer understood what we're doing. Over the last three years we've been working on a transformation journey with them. We're trying to bring them, or we have brought them along the path of Zero Trust and we're trying to work with them to deliver this notion of reducing their meantime to remediate from days to minutes. Now that's an outcome based approach that's a partnership based approach and we'd like, love to have more and more customers of that kind. I think we weren't ready to be honest as a company four and a half years ago, but I think today we're ready. Hence my keynote was called The Perfect Storm. I think we're at the right time in the industry with the right capabilities and the right ecosystem to be able to deliver what the industry needs. >> The perfect storm, partners, customers, investors, employees. Nikesh, it's been such a pleasure having you on theCUBE. Thank you for coming to talk to Dave and me right after your keynote. We appreciate that and we look forward to two days of great coverage from your executives, your customers, and your partners. Thank you. >> Well, thank you for having me, Lisa and Dave and thank you >> Dave: Pleasure >> for what you guys do for our industry. >> Our pleasure. For Nikesh Arora and Dave Vellante, I'm Lisa Martin, you're watching theCUBE live at MGM Grand Hotel in Las Vegas, Palo Alto Ignite 22. Stick around Dave and I will be joined by our next guest in just a minute. (cheerful music plays out)

>> Now we're recording. >> All right. >> Appreciate that, Hannah. >> Yeah, so I mean, I think in general we continue to do very, very well as a company. I think like everybody, there's economic headwinds today that are unavoidable, but I think we have a couple things going for us. One, we're in the cyberspace, which I think is, for the most part, recession proof as an industry. I think the impact of a recession will impact some vendors and some categories, but in general, I think the industry is pretty resilient. It's like the power industry, no? Recession or not, you still need electricity to your house. Cybersecurity is almost becoming a utility like that as far as the needs of companies go. I think for us, we also have the ability to do the security, the security operations, for a lot of companies, and if you look at the value proposition, the ROI for the cost of less than one to maybe two or three, depending on how big you are as a customer, what you'd have to pay for half to three security operations people, we can give you a full security operations. And so the ROI is is almost kind of brain dead simple, and so that keeps us going pretty well. And I think the other areas, we remove all that complexity for people. So in a world where you got other problems to worry about, handling all the security complexity is something that adds to that ROI. So for us, I think what we're seeing is mostly is some of the larger deals are taking a little bit longer than they have, some of the large enterprise deals, 'cause I think they are being a little more cautious about how they spend it, but in general, business is still kind of cranking along. >> Anything you can share with me that you guys have talked about publicly in terms of any metrics, or what can you tell me other than cranking? >> Yeah, I mean, I would just say we're still very, very high growth, so I think our financial profile would kind of still put us clearly in the cyber unicorn position, but I think other than that, we don't really share business metrics as a private- >> Okay, so how about headcount? >> Still growing. So we're not growing as fast as we've been growing, but I don't think we were anyway. I think we kind of, we're getting to the point of critical mass. We'll start to grow in a more kind of normal course and speed. I don't think we overhired like a lot of companies did in the past, even though we added, almost doubled the size of the company in the last 18 months. So we're still hiring, but very kind of targeted to certain roles going forward 'cause I do think we're kind of at critical mass in some of the other functions. >> You disclose headcount or no? >> We do not. >> You don't, okay. And never have? >> Not that I'm aware of, no. >> Okay, on the macro, I don't know if security's recession proof, but it's less susceptible, let's say. I've had Nikesh Arora on recently, we're at Palo Alto's Ignite, and he was saying, "Look," it's just like you were saying, "Larger deal's a little harder." A lot of times customers, he was saying customers are breaking larger deals into smaller deals, more POCs, more approvals, more people to get through the approval, not whole, blah, blah, blah. Now they're a different animal, I understand, but are you seeing similar trends, and how are you dealing with that? >> Yeah, I think the exact same trends, and I think it's just in a world where spending a dollar matters, I think a lot more oversight comes into play, a lot more reviewers, and can you shave it down here? Can you reduce the scope of the project to save money there? And I think it just caused a lot of those things. I think, in the large enterprise, I think most of those deals for companies like us and Palo and CrowdStrike and kind of the upper tier companies, they'll still go through. I think they'll just going to take a lot longer, and, yeah, maybe they're 80% of what they would've been otherwise, but there's still a lot of business to be had out there. >> So how are you dealing with that? I mean, you're talking about you double the size of the company. Is it kind of more focused on go-to-market, more sort of, maybe not overlay, but sort of SE types that are going to be doing more handholding. How have you dealt with that? Or have you just sort of said, "Hey, it is what it is, and we're not going to, we're not going to tactically respond to. We got long-term direction"? >> Yeah, I think it's more the latter. I think for us, it's we've gone through all these things before. It just takes longer now. So a lot of the steps we're taking are the same steps. We're still involved in a lot of POCs, we're involved in a lot of demos, and I don't think that changed. It's just the time between your POC and when someone sends you the PO, there's five more people now got to review things and go through a budget committee and all sorts of stuff like that. I think where we're probably focused more now is adding more and more capabilities just so we continue to be on the front foot of innovation and being relevant to the market, and trying to create more differentiators for us and the competitors. That's something that's just built into our culture, and we don't want to slow that down. And so even though the business is still doing extremely, extremely well, we want to keep investing in kind of technology. >> So the deal size, is it fair to say the initial deal size for new accounts, while it may be smaller, you're adding more capabilities, and so over time, your average contract values will go up? Are you seeing that trend? Or am I- >> Well, I would say I don't even necessarily see our average deal size has gotten smaller. I think in total, it's probably gotten a little bigger. I think what happens is when something like this happens, the old cream rises to the top thing, I think, comes into play, and you'll see some organizations instead of doing a deal with three or four vendors, they may want to pick one or two and really kind of put a lot of energy behind that. For them, they're maybe spending a little less money, but for those vendors who are amongst those getting chosen, I think they're doing pretty good. So our average deal size is pretty stable. For us, it's just a temporal thing. It's just the larger deals take a little bit longer. I don't think we're seeing much of a deal velocity difference in our mid-market commercial spaces, but in the large enterprise it's a little bit slower. But for us, we have ambitious plans in our strategy or on how we want to execute and what we want to build, and so I think we want to just continue to make sure we go down that path technically. >> So I have some questions on sort of the target markets and the cohorts you're going after, and I have some product questions. I know we're somewhat limited on time, but the historical focus has been on SMB, and I know you guys have gone in into enterprise. I'm curious as to how that's going. Any guidance you can give me on mix? Or when I talk to the big guys, right, you know who they are, the big managed service providers, MSSPs, and they're like, "Poo poo on Arctic Wolf," like, "Oh, they're (groans)." I said, "Yeah, that's what they used to say about the PC. It's just a toy. Or Microsoft SQL Server." But so I kind of love that narrative for you guys, but I'm curious from your words as to, what is that enterprise? How's the historical business doing, and how's the entrance into the enterprise going? What kind of hurdles are you having, blockers are you having to remove? Any color you can give me there would be super helpful. >> Yeah, so I think our commercial S&B business continues to do really good. Our mid-market is a very strong market for us. And I think while a lot of companies like to focus purely on large enterprise, there's a lot more mid-market companies, and a much larger piece of the IT puzzle collectively is in mid-market than it is large enterprise. That being said, we started to get pulled into the large enterprise not because we're a toy but because we're quite a comprehensive service. And so I think what we're trying to do from a roadmap perspective is catch up with some of the kind of capabilities that a large enterprise would want from us that a potential mid-market customer wouldn't. In some case, it's not doing more. It's just doing it different. Like, so we have a very kind of hands-on engagement with some of our smaller customers, something we call our concierge. Some of the large enterprises want more of a hybrid where they do some stuff and you do some stuff. And so kind of building that capability into the platform is something that's really important for us. Just how we engage with them as far as giving 'em access to their data, the certain APIs they want, things of that nature, what we're building out for large enterprise, but the demand by large enterprise on our business is enormous. And so it's really just us kind of catching up with some of the kind of the features that they want that we lack today, but many of 'em are still signing up with us, obviously, and in lieu of that, knowing that it's coming soon. And so I think if you look at the growth of our large enterprise, it's one of our fastest growing segments, and I think it shows anything but we're a toy. I would be shocked, frankly, if there's an MSSP, and, of course, we don't see ourself as an MSSP, but I'd be shocked if any of them operate a platform at the scale that ours operates. >> Okay, so wow. A lot I want to unpack there. So just to follow up on that last question, you don't see yourself as an MSSP because why, you see yourselves as a technology platform? >> Yes, I mean, the vast, vast, vast majority of what we deliver is our own technology. So we integrate with third-party solutions mostly to bring in that telemetry. So we've built our own platform from the ground up. We have our own threat intelligence, our own detection logic. We do have our own agents and network sensors. MSSP is typically cobbling together other tools, third party off-the-shelf tools to run their SOC. Ours is all homegrown technology. So I have a whole group called Arctic Wolf Labs, is building, just cranking out ML-based detections, building out infrastructure to take feeds in from a variety of different sources. We have a full integration kind of effort where we integrate into other third parties. So when we go into a customer, we can leverage whatever they have, but at the same time, we produce some tech that if they're lacking in a certain area, we can provide that tech, particularly around things like endpoint agents and network sensors and the like. >> What about like identity, doing your own identity? >> So we don't do our own identity, but we take feeds in from things like Okta and Active Directory and the like, and we have detection logic built on top of that. So part of our value add is we were XDR before XDR was the cool thing to talk about, meaning we can look across multiple attack surfaces and come to a security conclusion where most EDR vendors started with looking just at the endpoint, right? And then they called themselves XDR because now they took in a network feed, but they still looked at it as a separate network detection. We actually look at the things across multiple attack surfaces and stitch 'em together to look at that from a security perspective. In some cases we have automatic detections that will fire. In other cases, we can surface some to a security professional who can go start pulling on that thread. >> So you don't need to purchase CrowdStrike software and integrate it. You have your own equivalent essentially. >> Well, we'll take a feed from the CrowdStrike endpoint into our platform. We don't have to rely on their detections and their alerts, and things of that nature. Now obviously anything they discover we pull in as well, it's just additional context, but we have all our own tech behind it. So we operate kind of at an MSSP scale. We have a similar value proposition in the sense that we'll use whatever the customer has, but once that data kind of comes into our pipeline, it's all our own homegrown tech from there. >> But I mean, what I like about the MSSP piece of your business is it's very high touch. It's very intimate. What I like about what you're saying is that it's software-like economics, so software, software-like part of it. >> That's what makes us the unicorn, right? Is we do have, our concierges is very hands-on. We continue to drive automation that makes our concierge security professionals more efficient, but we always want that customer to have that concierge person as, is almost an extension to their security team, or in some cases, for companies that don't even have a security team, as their security team. As we go down the path, as I mentioned, one of the things we want to be able to do is start to have a more flexible model where we can have that high touch if you want it. We can have the high touch on certain occasions, and you can do stuff. We can have low touch, like we can span the spectrum, but we never want to lose our kind of unique value proposition around the concierge, but we also want to make sure that we're providing an interface that any customer would want to use. >> So given that sort of software-like economics, I mean, services companies need this too, but especially in software, things like net revenue retention and churn are super important. How are those metrics looking? What can you share with me there? >> Yeah, I mean, again, we don't share those metrics publicly, but all's I can continue to repeat is, if you looked at all of our financial metrics, I think you would clearly put us in the unicorn category. I think very few companies are going to have the level of growth that we have on the amount of ARR that we have with the net revenue retention and the churn and upsell. All those aspects continue to be very, very strong for us. >> I want to go back to the sort of enterprise conversation. So large enterprises would engage with you as a complement to their existing SOC, correct? Is that a fair statement or not necessarily? >> It's in some cases. In some cases, they're looking to not have a SOC. So we run into a lot of cases where they want to replace their SIEM, and they want a solution like Arctic Wolf to do that. And so there's a poll, I can't remember, I think it was Forrester, IDC, one of them did it a couple years ago, and they found out that 70% of large enterprises do not want to build the SOC, and it's not 'cause they don't need one, it's 'cause they can't afford it, they can't staff it, they don't have the expertise. And you think about if you're a tech company or a bank, or something like that, of course you can do it, but if you're an international plumbing distributor, you're not going to (chuckles), someone's not going to graduate from Stanford with a cybersecurity degree and go, "Cool, I want to go work for a plumbing distributor in their SOC," right? So they're going to have trouble kind of bringing in the right talent, and as a result, it's difficult to go make a multimillion-dollar investment into a SOC if you're not going to get the quality people to operate it, so they turn to companies like us. >> Got it, so, okay, so you're talking earlier about capabilities that large enterprises require that there might be some gaps, you might lack some features. A couple questions there. One is, when you do some of those, I inferred some of that is integrations. Are those integrations sort of one-off snowflakes or are you finding that you're able to scale those across the large enterprises? That's my first question. >> Yeah, so most of the integrations are pretty straightforward. I think where we run into things that are kind of enterprise-centric, they definitely want open APIs, they want access to our platform, which we don't do today, which we are going to be doing, but we don't do that yet today. They want to do more of a SIEM replacement. So we're really kind of what we call an open XDR platform, so there's things that we would need to build to kind of do raw log ingestion. I mean, we do this today. We have raw log ingestion, we have log storage, we have log searching, but there's like some of the compliance scenarios that they need out of their SIEM. We don't do those today. And so that's kind of holding them back from getting off their SIEM and going fully onto a solution like ours. Then the other one is kind of the level of customization, so the ability to create a whole bunch of custom rules, and that ties back to, "I want to get off my SIEM. I've built all these custom rules in my SIEM, and it's great that you guys do all this automatic AI stuff in the background, but I need these very specific things to be executed on." And so trying to build an interface for them to be able to do that and then also simulate it, again, because, no matter how big they are running their SIEM and their SOC... Like, we talked to one of the largest financial institutions in the world. As far as we were told, they have the largest individual company SOC in the world, and we operate almost 15 times their size. So we always have to be careful because this is a cloud-based native platform, but someone creates some rule that then just craters the performance of the whole platform, so we have to build kind of those guardrails around it. So those are the things primarily that the large enterprises are asking for. Most of those issues are not holding them back from coming. They want to know they're coming, and we're working on all of those. >> Cool, and see, just aside, I was talking to CISO the other day, said, "If it weren't for my compliance and audit group, I would chuck my SIEM." I mean, everybody wants to get rid of their SIEM. >> I've never met anyone who likes their SIEM. >> Do you feel like you've achieved product market fit in the larger enterprise or is that still something that you're sorting out? >> So I think we know, like, we're on a path to do that. We're on a provable path to do that, so I don't think there's any surprises left. I think everything that we know we need to do for that is someone's writing code for it today. It's just a matter of getting it through the system and getting into production. So I feel pretty good about it. I think that's why we are seeing such a high growth rate in our large enterprise business, 'cause we share that feedback with some of those key customers. We have a Customer Advisory Board that we share a lot of this information with. So yeah, I mean, I feel pretty good about what we need to do. We're certainly operate at large enterprise scales, so taking in the amount of the volume of data they're going to have and the types of integrations they need. We're comfortable with that. It's just more or less the interfaces that a large enterprise would want that some of the smaller companies don't ask for. >> Do you have enough tenure in the market to get a sense as to stickiness or even indicators that will lead toward retention? Have you been at it long enough in the enterprise or you still, again, figuring that out? >> Yeah, no, I think we've been at it long enough, and our retention rates are extremely high. If anything, kind of our net retention rates, well over 100% 'cause we have opportunities to upsell into new modules and expanding the coverage of what they have today. I think the areas that if you cornered enterprise that use us and things they would complain about are things I just told you about, right? There's still some things I want to do in my Splunk, and I need an API to pull my data out and put it in my Splunk and stuff like that, and those are the things we want to enable. >> Yeah, so I can't wait till you guys go public because you got Snowflake up here, and you got Veritas down here, and I'm very curious as to where you guys go. When's the IPO? You want to tell me that? (chuckling) >> Unfortunately, it's not up to us right now. You got to get the markets- >> Yeah, I hear you. Right, if the market were better. Well, if the market were better, you think you'd be out? >> Yeah, I mean, we'd certainly be a viable candidate to go. >> Yeah, there you go. I have a question for you because I don't have a SOC. I run a small business with my co-CEO. We're like 30, 40 people W-2s, we got another 50 or so contractors, and I'm always like have one eye, sleep with one eye open 'cause of security. What is your ideal SMB customer? Think S. >> Yeah. >> Would I fit? >> Yeah, I mean you're you're right in the sweet spot. I think where the company started and where we still have a lot of value proposition, which is companies like, like you said it, you sleep with one eye open, but you don't have necessarily the technical acumen to be able to do that security for yourself, and that's where we fit in. We bring kind of this whole security, we call it Security Operations Cloud, to bear, and we have some of the best professionals in the world who can basically be your SOC for less than it would cost you to hire somebody right out of college to do IT stuff. And so the value proposition's there. You're going to get the best of the best, providing you a kind of a security service that you couldn't possibly build on your own, and that way you can go to bed at night and close both eyes. >> So (chuckling) I'm sure something else would keep me up. But so in thinking about that, our Amazon bill keeps growing and growing and growing. What would it, and I presume I can engage with you on a monthly basis, right? As a consumption model, or how's the pricing work? >> Yeah, so there's two models that we have. So typically the kind of the monthly billing type of models would be through one of our MSP partners, where they have monthly billing capabilities. Usually direct with us is more of a longer term deal, could be one, two, or three, or it's up to the customer. And so we have both of those engagement models. Were doing more and more and more through MSPs today because of that model you just described, and they do kind of target the very S in the SMB as well. >> I mean, rough numbers, even ranges. If I wanted to go with the MSP monthly, I mean, what would a small company like mine be looking at a month? >> Honestly, I do not even know the answer to that. >> We're not talking hundreds of thousands of dollars a month? >> No. God, no. God, no. No, no, no. >> I mean, order of magnitude, we're talking thousands, tens of thousands? >> Thousands, on a monthly basis. Yeah. >> Yeah, yeah. Thousands per month. So if I were to budget between 20 and $50,000 a year, I'm definitely within the envelope. Is that fair? I mean, I'm giving a wide range >> That's fair. just to try to make- >> No, that's fair. >> And if I wanted to go direct with you, I would be signing up for a longer term agreement, correct, like I do with Salesforce? >> Yeah, yeah, a year. A year would, I think, be the minimum for that, and, yeah, I think the budget you set aside is kind of right in the sweet spot there. >> Yeah, I'm interested, I'm going to... Have a sales guy call me (chuckles) somehow. >> All right, will do. >> No, I'm serious. I want to start >> I will. >> investigating these things because we sell to very large organizations. I mean, name a tech company. That's our client base, except for Arctic Wolf. We should talk about that. And increasingly they're paranoid about data protection agreements, how you're protecting your data, our data. We write a lot of software and deliver it as part of our services, so it's something that's increasingly important. It's certainly a board level discussion and beyond, and most large organizations and small companies oftentimes don't think about it or try not to. They just put their head in the sand and, "We don't want to be doing that," so. >> Yeah, I will definitely have someone get in touch with you. >> Cool. Let's see. Anything else you can tell me on the product side? Are there things that you're doing that we talked about, the gaps at the high end that you're, some of the features that you're building in, which was super helpful. Anything in the SMB space that you want to share? >> Yeah, I think the biggest thing that we're doing technically now is really trying to drive more and more automation and efficiency through our operations, and that comes through really kind of a generous use of AI. So building models around more efficient detections based upon signal, but also automating the actions of our operators so we can start to learn through the interface. When they do A and B, they always do C. Well, let's just do C for them, stuff like that. Then also building more automation as far as the response back to third-party solutions as well so we can remediate more directly on third-party products without having to get into the consoles or having our customers do it. So that's really just trying to drive efficiency in the system, and that helps provide better security outcomes but also has a big impact on our margins as well. >> I know you got to go, but I want to show you something real quick. I have data. I do a weekly program called "Breaking Analysis," and I have a partner called ETR, Enterprise Technology Research, and they have a platform. I don't know if you can see this. They have a survey platform, and each quarter, they do a survey of about 1,500 IT decision makers. They also have a survey on, they call ETS, Emerging Technology Survey. So it's private companies. And I don't want to go into it too much, but this is a sentiment graph. This is net sentiment. >> Just so you know, all I see is a white- >> Yeah, just a white bar. >> Oh, that's weird. Oh, whiteboard. Oh, here we go. How about that? >> There you go. >> Yeah, so this is a sentiment graph. So this is net sentiment and this is mindshare. And if I go to Arctic Wolf... So it's typical security, right? The 8,000 companies. And when I go here, what impresses me about this is you got a decent mindshare, that's this axis, but you've also got an N in the survey. It's about 1,500 in the survey, It's 479 Arctic Wolf customers responded to this. 57% don't know you. Oh, sorry, they're aware of you, but no plan to evaluate; 19% plan to evaluate, 7% are evaluating; 11%, no plan to utilize even though they've evaluated you; and 1% say they've evaluated you and plan to utilize. It's a small percentage, but actually it's not bad in the random sample of the world about that. And so obviously you want to get that number up, but this is a really impressive position right here that I wanted to just share with you. I do a lot of analysis weekly, and this is a really, it's completely independent survey, and you're sort of separating from the pack, as you can see. So kind of- >> Well, it's good to see that. And I think that just is a further indicator of what I was telling you. We continue to have a strong financial performance. >> Yeah, in a good market. Okay, well, thanks you guys. And hey, if I can get this recording, Hannah, I may even figure out how to write it up. (chuckles) That would be super helpful. >> Yes. We'll get that up. >> And David or Hannah, if you can send me David's contact info so I can get a salesperson in touch with him. (Hannah chuckling) >> Yeah, great. >> Yeah, we'll work on that as well. Thanks so much for both your time. >> Thanks a lot. It was great talking with you. >> Thanks, you guys. Great to meet you. >> Thank you. >> Bye. >> Bye.

>>The Cube presents Ignite 22, brought to you by Palo Alto Networks. >>Welcome back everyone. We're so glad that you're still with us. It's the Cube Live at the MGM Grand. This is our second day of coverage of Palo Alto Networks Ignite. This is takeaways from Ignite 22. Lisa Martin here with two really smart guys, Dave Valante. Dave, we're joined by one of our cube alumni, a friend, a friend of the, we say friend of the Cube. >>Yeah, otc. A friend of the Cube >>Karala joined us. Guys, it's great to have you here. It's been an exciting show. A lot of cybersecurity is one of my favorite topics to talk about. But I'd love to get some of the big takeaways from both of you. Dave, we'll start with you. >>A breathing room from two weeks ago. Yeah, that was, that was really pleasant. You know, I mean, I know was, yes, you sat in the analyst program, interested in what your takeaways were from there. But, you know, coming into this, we wrote a piece, Palo Alto's Gold Standard, what they need to do to, to keep that, that status. And we hear it a lot about consolidation. That's their big theme now, which is timely, right? Cause people wanna save money, they wanna do more with less. But I'm really interested in hearing zeus's thoughts on how that's playing in the market. How customers, how easy is it to just say, oh, hey, I'm gonna consolidate. I wanna get into that a little bit with you, how well the strategy's working. We're gonna get into some of the m and a activity and really bring your perspectives to the table. Well, >>It's, it's not easy. I mean, people have been calling for the consolidation of security for decades, and it's, it's, they're the first company that's actually made it happen. Right? And, and I think this is what we're seeing here is the culmination of this long term strategy, this company trying to build more of a platform. And they, you know, they, they came out as a firewall vendor. And I think it's safe to say they're more than firewall today. That's only about two thirds of their revenue now. So down from 80% a few years ago. And when I think of what Palo Alto has become, they're really a data company. Now, if you look at, you know, unit 42 in Cortex, the, the, the Cortex Data Lake, they've done an excellent job of taking telemetry from their products and from the acquisitions they have, right? And bringing that together into one big data lake. >>And then they're able to use that to, to do faster threat notification, forensics, things like that. And so I think the old model of security of create signatures for known threats, it's safe to say it never really worked and it wasn't ever gonna work. You had too many day zero exploits and things. The only way to fight security today is with a AI and ML based analytics. And they have, they're the gold standard. I think the one thing about your post that I would add the gold standard from a data standpoint, and that's given them this competitive advantage to go out and become a platform for a security. Which, like I said, the people have tried to do that for years. And the first one that's actually done it, well, >>We've heard this from some of the startups, like Lacework will say, oh, we treat security as a data problem. Of course there's a startup, Palo Alto's got, you know, whatever, 10, 15 years of, of, of history. But one of the things I wanted to explore with you coming into this was the notion of can you be best of breed and develop a suite? And we, we've been hearing a consistent answer to that question, which is, and, and do you need to, and the answer is, well, best of breed in security requires that full spectrum, that full view. So here's my question to you. So, okay, let's take Esty win relatively new for these guys, right? Yeah. Okay. And >>And one of the few products are not top two, top three in, right? Exactly. >>Yeah. So that's why I want to take that. Yeah. Because in bakeoffs, they're gonna lose on a head-to-head best of breed. And so the customer's gonna say, Hey, you know, I love your, your consolidation play, your esty win's. Just, okay, how about a little discount on that? And you know, these guys are premium priced. Yes. So, you know, are they in essentially through their pricing strategies, sort of creating that stuff, fighting that, is that friction for them where they've got, you know, the customer says, all right, well forget it, we're gonna go stove pipe with the SD WAN will consolidate some of the stuff. Are you seeing that? >>Yeah, I, I, I still think the sales model is that way. And I think that's something they need to work on changing. If they get into a situation where they have to get down into a feature battle of my SD WAN versus your SD wan, my firewall versus your firewall, frankly they've already lost, you know, because their value prop is the suite and, and is the platform. And I was talking to the CISO here that told me, he realizes now that you don't need best of breed everywhere to have best in class threat protection. In fact, best of breed everywhere leads to suboptimal threat protection. Cuz you have all these data data sets that are in silos, right? And so from a data scientist standpoint, right, there's the good data leads to good insights. Well, partial data leads to fragmented insights and that's, that's what the best, best of breed approach gives you. And so I was talking with Palo about this, can they have this vision of being best of breed and platform? I don't really think you can maintain best of breed everywhere across this portfolio this big, but you don't need to. >>That was my second point of my >>Question. That's the point. >>Yeah. And so, cuz cuz because you know, we've talked about this, that that sweets always win in the long run, >>Sweets >>Win. Yeah. But here's the thing, I, I wonder to your your point about, you know, the customer, you know, understanding that that that, that this resonates with them. I, my guess is a lot of customers, you know, at that mid-level and the fat middle are like still sort of wed, you know, hugging that, that tool. So there's, there's work to be done here, but I think they, they, they got it right Because if they devolve, to your point, if they devolve down to that speeds and feeds, eh, what's the point of that? Where's their valuable? >>You do not wanna get into a knife fight. And I, and I, and I think for them the, a big challenge now is convincing customers that the suite, the suite approach does work. And they have to be able to do that in actual customer examples. And so, you know, I I interviewed a bunch of customers here and the ones that have bought into XDR and xor and even are looking at their sim have told me that the, the, so think of soc operations, the old way heavily manually oriented, right? You have multiple panes of glass and you know, and then you've got, so there's a lot of people work before you bring the tools in, right? If done correctly with AI and ml, the machines would do all the heavy lifting and then you'd bring people in at the end to clean up the little bits that were missed, right? >>And so you, you moved to, from something that was very people heavy to something that's machine heavy and machines can work a lot faster than people. And the, and so the ones that I've talked that have, that have done that have said, look, our engineers have moved on to a lot different things. They're doing penetration testing, they're, you know, helping us with, with strategy and they're not fighting that, that daily fight of looking through log files. And the only proof point you need, Dave, is look at every big breach that we've had over the last five years. There's some SIM vendor up there that says, we caught it. Yeah. >>Yeah. We we had the data. >>Yeah. But, but, but the security team missed it. Well they missed it because you're, nobody can look at that much data manually. And so the, I I think their approach of relying heavily on machines to fight the fight is actually the right way. >>Is that a differentiator for them versus, we were talking before we went live that you and I first hit our very first segment back in 2017 at Fort Net. Is that, where do the two stand in your >>Yeah, it's funny cuz if you talk to the two vendors, they don't really see each other in a lot of accounts because Fort Net's more small market mid-market. It's the same strategy to some degree where Fort Net relies heavily on in-house development and Palo Alto relies heavily on acquisition. Yeah. And so I think from a consistently feature set, you know, Fort Net has an advantage there because it, it's all run off their, their their silicon. Where, where Palo's able to innovate very quickly. The, it it requires a lot of work right? To, to bring the front end and back ends together. But they're serving different markets. So >>Do you see that as a differentiator? The integration strategy that Palo Alto has as a differentiator? We talk to so many companies who have an a strong m and a strategy and, and execution arm. But the challenge is always integrating the technology so that the customer to, you know, ultimately it's the customer. >>I actually think they're, they're underrated as a, an acquirer. In fact, Dave wrote a post to a prior on Silicon Angle prior to Accelerate and he, he on, you put it on Twitter and you asked people to rank 'em as an acquirer and they were in the middle of the pack, >>Right? It was, it was. So it was Oracle, VMware, emc, ibm, Cisco, ServiceNow, and Palo Alto. Yeah. Or Oracle got very high marks. It was like 8.5 out of, you know, 10. Yeah. VMware I think was 6.5. Nice. Era was high emc, big range. IBM five to seven. Cisco was three to eight. Yeah. Yeah, right. ServiceNow was a seven. And then, yeah, Palo Alto was like a five. And I, which I think it was unfair. >>Well, and I think it depends on how you look at it. And I, so I think a lot of the acquisitions Palo Altos made, they've done a good job of integrating their backend data and they've almost ignored the front end. And so when you buy some of the products, it's a little clunky today. You know, if you work with Prisma Cloud, it could be a little bit cleaner. And even with, you know, the SD wan that took 'em a long time to bring CloudGenix in and stuff. But I think the approach is right. I don't, I don't necessarily believe you should integrate the front end until you've integrated the back end. >>That's >>The hard part, right? Because UL ultimately what you're gonna get, you're gonna get two panes of glass and one pane of glass and it might look pretty all mush together, but ultimately you're not solving the bigger problem, right. Of, of being able to create that big data like the, the fight security. And so I think, you know, the approach they've taken is the right one. I think from a user standpoint, maybe it doesn't show up as neatly because you don't see the frontend integration, but the way they're doing it is the right way to do it. And I'm glad they're doing it that way versus caving to the pressures of what, you know, the industry might want >>Showed up in the performance of the company. I mean, this company was basically gonna double revenues to 7 billion from 2020 to >>2023. Three. Think about that at that, that >>Make a, that's unbelievable, right? I mean, and then and they wanna double again. Yeah. You know, so, well >>What did, what did Nikesh was quoted as saying they wanna be the first cyber company that's a hundred billion dollars. He didn't give a timeline market cap. >>Right. >>Market cap, right. Do what I wanna get both of your opinions on what you saw and heard and felt this week. What do you think the likelihood is? And and do you have any projections on how, you know, how many years it's gonna take for them to get there? >>Well, >>Well I think so if they're gonna get that big, right? And, and we were talking about this pre-show, any company that's becoming a big company does it through ecosystem >>Bingo. >>Right? And that when you look around the show floor, it's not that impressive. And if that, if there's an area they need to focus on, it's building that ecosystem. And it's not with other security vendors, it's with application vendors and it's with the cloud companies and stuff. And they've got some relationships there, but they need to do more. I actually challenge 'em on that. One of the analyst sessions. They said, look, we've got 800 cortex partners. Well where are they? Right? Why isn't there a cortex stand here with a bunch of the small companies here? So I do think that that is an area they need to focus on. If they are gonna get to that, that market caps number, they will do so do so through ecosystem. Because every company that's achieved that has done it through ecosystem. >>A hundred percent agree. And you know, if you look at CrowdStrike's ecosystem, it's pretty similar. Yeah. You know, it doesn't really, you know, make much, much, not much different from this, but I went back and just looked at some, you know, peak valuations during the pandemic and shortly thereafter CrowdStrike was 70 billion. You know, that's what their roughly their peak Palo Alto was 56, fortune was 59 for the actually diverged. Right. And now Palo Alto has taken the, the top mantle, you know, today it's market cap's 52. So it's held 93% of its peak value. Everybody else is tanking. Even Okta was 45 billion. It's been crushed as you well know. But, so Palo Alto wasn't always, you know, the number one in terms of market cap. But I guess my point is, look, if CrowdStrike could got to 70 billion during Yeah. During the frenzy, I think it's gonna take, to answer your question, I think it's gonna be five years. Okay. Before they get back there. I think this market's gonna be tough for a while from a valuation standpoint. I think generally tech is gonna kind of go up and down and sideways for a good year and a half, maybe even two years could be even longer. And then I think there's gonna be some next wave of productivity innovation that that hits. And then you're gonna, you're almost always gonna exceed the previous highs. It's gonna take a while. Yeah, >>Yeah, yeah. But I think their ability to disrupt the SIM market actually is something I, I believe they're gonna do. I've been calling for the death of the sim for a long time and I know some people at Palo Alto are very cautious about saying that cuz the Splunks and the, you know, they're, they're their partners. But I, I think the, you know, it's what I said before, the, the tools are catching them, but they're, it's not in a way that's useful for the IT pro and, but I, I don't think the SIM vendors have that ecosystem of insight across network cloud endpoint. Right. Which is what you need in order to make a sim useful. >>CISO at an ETR roundtable said, if, if it weren't for my regulators, I would chuck my sim. >>Yes. >>But that's the only reason that, that this person was keeping it. So, >>Yeah. And I think the, the fact that most of those companies have moved to a perpetual MO or a a recurring revenue model actually helps unseat them. Typically when you pour a bunch of money into something, you remember the old computer associate days, nobody ever took it out cuz the sunk dollars you spent to do it. But now that you're paying an annual recurring fee, it's actually makes it easier to take out. So >>Yeah, it's it's an ebb and flow, right? Yeah. Because the maintenance costs were, you know, relatively low. Maybe it was 20% of the total. And then, you know, once every five years you had to do a refresh and you were still locked into the sort of maintenance and, and so yeah, I think you're right. The switching costs with sas, you know, in theory anyway, should be less >>Yeah. As long as you can migrate the data over. And I think they've got a pretty good handle on that. So, >>Yeah. So guys, I wanna get your perspective as a whole bunch of announcements here. We've only been here for a couple days, not a big conference as, as you can see from behind us. What Zs in your opinion was Palo Alto's main message and and what do you think about it main message at this event? And then same question for you. >>Yeah, I, I think their message largely wrapped around disruption, right? And, and they, in The's keynote already talked about that, right? And where they disrupted the firewall market by creating a NextGen firewall. In fact, if you look at all the new services they added to their firewall, you, you could almost say it's a NextGen NextGen firewall. But, but I do think the, the work they've done in the area of cloud and cortex actually I think is, is pretty impressive. And I think that's the, the SOC is ripe for disruption because it's for, for the most part, most socks still, you know, run off legacy playbooks. They run off legacy, you know, forensic models and things and they don't work. It's why we have so many breaches today. The, the dirty little secret that nobody ever wants to talk about is the bad guys are using machine learning, right? And so if you're using a signature based model, all they're do is tweak their model a little bit and it becomes, it bypasses them. So I, I think the only way to fight the the bad guys today is with you gotta fight fire with fire. And I think that's, that's the path they've, they've headed >>Down and the bad guys are hiding in plain sight, you know? >>Yeah, yeah. Well it's, it's not hard to do now with a lot of those legacy tools. So >>I think, I think for me, you know, the stat that we threw out earlier, I think yesterday at our keynote analysis was, you know, the ETR data shows that are, that are that last survey around 35% of the respondents said we are actively consolidating, sorry, 44%, sorry, 35 says we're actively consolidating vendors, redundant vendors today. That number's up to 44%. Yeah. It's by far the number one cost optimization technique. That's what these guys are pitching. And I think it's gonna resonate with people and, and I think to your point, they're integrating at the backend, their beeps are technical, right? I mean, they can deal with that complexity. Yeah. And so they don't need eye candy. Eventually they, they, they want to have that cuz it'll allow 'em to have deeper market penetration and make people more productive. But you know, that consolidation message came through loud and clear. >>Yeah. The big change in this industry too is all the new startups are all cloud native, right? They're all built on Amazon or Google or whatever. Yeah. And when your cloud native and you buy a cloud native integration is fast. It's not like having to integrate this big monolithic software stack anymore. Right. So I I think their pace of integration will only accelerate from here because everything's now cloud native. >>If a customer comes to you or when a customer comes to you and says, Zs help us with this cyber transformation we have, our board isn't necessarily with our executives in terms of execution of a security strategy. How do you advise them where Palo Alto is concerned? >>Yeah. You know, a lot, a lot of this is just fighting legacy mindset. And I've, I was talking with some CISOs here from state and local governments and things and they're, you know, they can't get more budget. They're fighting the tide. But what they did find is through the use of automation technology, they're able to bring their people costs way down. Right. And then be able to use that budget to invest in a lot of new projects. And so with that, you, you have to start with your biggest pain points, apply automation where you can, and then be able to use that budget to reinvest back in your security strategy. And it's good for the IT pros too, the security pros, my advice to, to it pros is if you're doing things today that aren't resume building, stop doing them. Right? Find a way to automate the money your job. And so if you're patching systems and you're looking through log files, there's no reason machines can't do that. And you go do something a lot more interesting. >>So true. It's like storage guys 10 years ago, provisioning loans. Yes. It's like, stop doing that. Yeah. You're gonna be outta a job. And so who, last question I have is, is who do you see as the big competitors, the horses on the track question, right? So obviously Cisco kind of service has led for a while and you know, big portfolio company, CrowdStrike coming at it from end point. You know who, who, who do you see as the real players going for that? You know, right now the market's three to 4%. The leader has three, three 4% of the market. You know who they're all going for? 10, 15, maybe 20% of the market. Who, who are the likely candidates? Yeah, >>I don't know if CrowdStrike really has the breadth of portfolio to compete long term though. I I think they've had a nice run, but I, we might start to see the follow 'em. I think Microsoft is gonna be for middle. They've laid down the gauntlet, right? They are a security vendor, right? We, we were at Reinvent and a AWS is the platform for security vendors. Yes. Middle, somewhere in the middle. But Microsoft make no mistake, they're in security. They've got some good products. I think a lot of 'em are kind of good enough and they, they tie it to the licensing and I'm not sure that works in security, but they've certainly got the ear of a lot of it pros. >>It might work in smb. >>Yeah. Yeah. It, it might. And, and I do like Zscaler. I, I know these guys poo poo the proxy model, but they've, they've done about as much with proxies as you can. And I, I think it's, it's a battle of, I love the, the, the near, you know, proxies are dead and Jay's model, you know, Jay over at c skater throw 'em back at 'em. So I, it's good to see that kind of fight going on between the two. >>Oh, it's great. Well, and, and again, ZScaler's coming at it from their cloud security angle. CrowdStrike's coming at it from endpoint. I, I do think CrowdStrike has an opportunity to build out the portfolio through m and a and maybe ecosystem. And then obviously, you know, Palo Alto's getting it done. How about Cisco? >>Yeah. Cisco's interesting. And I, I think if Cisco can make the network matter in security and it should, right? We're talking about how a lot of you need a lot of forensics to fight security today. Well, they're gonna see things long before anybody else because they have all that network data. If they can tie network security, I, I mean they could really have that business take off. But we've been saying that about Cisco for 20 years. >>But big install based though. Yeah. It's hard for a company, any company to just say, okay, hey Cisco customer sweep the floor and come with us. That's, that's >>A tough thing. They have a lot of good peace parts, right? And like duo's a good product and umbrella's a good product. They've, they've not done a good job. >>They're the opposite of these guys. >>They've not done a good job of the backend integration that, that's where Cisco needs to, to focus. And I do think g G two Patel there fixed the WebEx group and I think he's now, in fact when you talk to him, he's doing very little on WebEx that that group's running itself and he's more focused in security. So I, I think we could see a resurgence there. But you know, they have a, from a revenue perspective, it's a little misleading cuz they have this big legacy base that's in decline while they're moving to cloud and stuff. So, but they, but they, there's a lot of work there're trying to, to tie to network. >>Right. Lots of fuel for conversation. We're gonna have to carry this on, on Silicon angle.com guys. Yes. And Wikibon, lets do see us. Thank you so much for joining Dave and me giving us your insights as to this event. Where are you gonna be next? Are you gonna be on vacation? >>There's nothing more fun than mean on the cube, so, right. What's outside of that though? Yeah, you know, Christmas coming up, I gotta go see family and do the obligatory, although for me that's a lot of travel, so I guess >>More planes. Yeah. >>Hopefully not in Vegas. >>Not in Vegas. >>Awesome. Nothing against Vegas. Yeah, no, >>We love it. We >>Love it. Although I will say my year started off with ces. Yeah. And it's finishing up with Palo Alto here. The bookends. Yeah, exactly. In Vegas bookends. >>Well thanks so much for joining us. Thank you Dave. Always a pleasure to host a show with you and hear your insights. Reading your breaking analysis always kicks off my prep for show and it's always great to see, but predictions come true. So thank you for being my co-host bet. All right. For Dave Valante Enz as Carla, I'm Lisa Martin. You've been watching The Cube, the leader in live, emerging and enterprise tech coverage. Thanks for watching.

>>The Cube presents Ignite 22, brought to you by Palo Alto Networks. >>Welcome back everyone. We're so glad that you're still with us. It's the Cube Live at the MGM Grand. This is our second day of coverage of Palo Alto Networks Ignite. This is takeaways from Ignite 22. Lisa Martin here with two really smart guys, Dave Valante. Dave, we're joined by one of our cube alumni, a friend, a friend of the, we say friend of the Cube. >>Yeah, F otc. A friend of the Cube >>Karala joins us. Guys, it's great to have you here. It's been an exciting show. A lot of cybersecurity is one of my favorite topics to talk about. But I'd love to get some of the big takeaways from both of you. Dave, we'll start with >>You. A breathing room from two weeks ago. Yeah, that was, that was really pleasant. You know, I mean, I know was, yes, you sat in the analyst program, interested in what your takeaways were from there. But, you know, coming into this, we wrote a piece, Palo Alto's Gold Standard, what they need to do to, to keep that, that status. And we hear it a lot about consolidation. That's their big theme now, which is timely, right? Cause people wanna save money, they wanna do more with less. But I'm really interested in hearing zeus's thoughts on how that's playing in the market. How customers, how easy is it to just say, oh, hey, I'm gonna consolidate. I wanna get into that a little bit with you, how well the strategy's working. We're gonna get into some of the m and a activity and really bring your perspectives to the table. Well, >>It's, it's not easy. I mean, people have been calling for the consolidation of security for decades, and it's, it's, they're the first company that's actually made it happen. Right? And, and I think this is what we're seeing here is the culmination of this long-term strategy, this company trying to build more of a platform. And they, you know, they, they came out as a firewall vendor. And I think it's safe to say they're more than firewall today. That's only about two thirds of their revenue now. So down from 80% a few years ago. And when I think of what Palo Alto has become, they're really a data company. Now, if you look at, you know, unit 42 in Cortex, the, the, the Cortex Data Lake, they've done an excellent job of taking telemetry from their products and from the acquisitions they have, right? And bringing that together into one big data lake. >>And then they're able to use that to, to do faster threat notification, forensics, things like that. And so I think the old model of security of create signatures for known threats, it's safe to say it never really worked and it wasn't ever gonna work. You had too many days, zero exploits and things. The only way to fight security today is with a AI and ML based analytics. And they have, they're the gold standard. I think the one thing about your post that I would add, they're the gold standard from a data standpoint. And that's given them this competitive advantage to go out and become a platform for security. Which, like I said, the people have tried to do that for years. And the first one that's actually done it, well, >>We've heard this from some of the startups, like Lacework will say, oh, we treat security as a data problem. Of course there's a startup, Palo Alto's got, you know, whatever, 10, 15 years of, of, of history. But one of the things I wanted to explore with you coming into this was the notion of can you be best of breed and develop a suite? And we, we've been hearing a consistent answer to that question, which is, and, and do you need to, and the answer is, well, best of breed in security requires that full spectrum, that full view. So here's my question to you. So, okay, let's take Estee win relatively new for these guys, right? Yeah. Okay. And >>And one of the few products are not top two, top three in, right? >>Exactly. Yeah. So that's why I want to take that. Yeah. Because in bakeoffs, they're gonna lose on a head-to-head best of breed. And so the customer's gonna say, Hey, you know, I love your, your consolidation play, your esty win's. Just, okay, how about a little discount on that? And you know, these guys are premium priced. Yes. So, you know, are they in essentially through their pricing strategies, sort of creating that stuff, fighting that, is that friction for them where they've got, you know, the customer says, all right, well forget it, we're gonna go stove pipe with the SD WAN will consolidate some of the stuff. Are you seeing that? >>Yeah, I, I, I still think the sales model is that way. And I think that's something they need to work on changing. If they get into a situation where they have to get down into a feature battle of my SD WAN versus your SD wan, my firewall versus your firewall, frankly they've already lost, you know, because their value prop is the suite and, and is the platform. And I was talking with the CISO here that told me, he realizes now that you don't need best of breed everywhere to have best in class threat protection. In fact, best of breed everywhere leads to suboptimal threat protection. Cuz you have all these data data sets that are in silos, right? And so from a data scientist standpoint, right, there's the good data leads to good insights. Well, partial data leads to fragmented insights and that's, that's what the best, best of breed approach gives you. And so I was talking with Palo about this, can they have this vision of being best of breed and platform? I don't really think you can maintain best of breed everywhere across this portfolio this big, but you don't need to. >>That was my second point of my question. That's the point I'm saying. Yeah. And so, cuz cuz because you know, we've talked about this, that that sweets always win in the long run, >>Sweets win. >>Yeah. But here's the thing, I, I wonder to your your point about, you know, the customer, you know, understanding that that that, that this resonates with them. I, my guess is a lot of customers, you know, at that mid-level and the fat middle are like still sort of wed, you know, hugging that, that tool. So there's, there's work to be done here, but I think they, they, they got it right Because if they devolve, to your point, if they devolve down to that speeds and feeds, eh, what's the point of that? Where's their >>Valuable? You do not wanna get into a knife fight. And I, and I, and I think for them the, a big challenge now is convincing customers that the suite, the suite approach does work. And they have to be able to do that in actual customer examples. And so, you know, I I interviewed a bunch of customers here and the ones that have bought into XDR and xor and even are looking at their sim have told me that the, the, so think of soc operations, the old way heavily manually oriented, right? You have multiple panes of glass and you know, and then you've got, so there's a lot of people work before you bring the tools in, right? If done correctly with AI and ml, the machines would do all the heavy lifting and then you'd bring people in at the end to clean up the little bits that were missed, right? >>And so you, you moved to, from something that was very people heavy to something that's machine heavy and machines can work a lot faster than people. And the, and so the ones that I've talked that have, that have done that have said, look, our engineers have moved on to a lot different things. They're doing penetration testing, they're, you know, helping us with, with strategy and they're not fighting that, that daily fight of looking through log files. And the only proof point you need, Dave, is look at every big breach that we've had over the last five years. There's some SIM vendor up there that says, we caught it. Yeah. >>Yeah. We we had the data. >>Yeah. But, but, but the security team missed it. Well they missed it because you're, nobody can look at that much data manually. And so the, I I think their approach of relying heavily on machines to fight the fight is actually the right way. >>Is that a differentiator for them versus, we were talking before we went live that you and I first hit our very first segment back in 2017 at Fort Net. Is that, where do the two stand in your >>Yeah, it's funny cuz if you talk to the two vendors, they don't really see each other in a lot of accounts because Fort Net's more small market mid-market. It's the same strategy to some degree where Fort Net relies heavily on in-house development in Palo Alto relies heavily on acquisition. Yeah. And so I think from a consistently feature set, you know, Fort Net has an advantage there because it, it's all run off their, their their silicon. Where, where Palo's able to innovate very quickly. The, it it requires a lot of work right? To, to bring the front end and back ends together. But they're serving different markets. So >>Do you see that as a differentiator? The integration strategy that Palo Alto has as a differentiator? We talk to so many companies who have an a strong m and a strategy and, and execution arm. But the challenge is always integrating the technology so that the customer to, you know, ultimately it's the customer. >>I actually think they're, they're underrated as a, an acquirer. In fact, Dave wrote a post to a prior on Silicon Angle prior to Accelerate and he, he on, you put it on Twitter and you asked people to rank 'em as an acquirer and they were in the middle of the pack, >>Right? It was, it was. So it was Oracle, VMware, emc, ibm, Cisco, ServiceNow, and Palo Alto. Yeah. Or Oracle got very high marks. It was like 8.5 out of, you know, 10. Yeah. VMware I think was 6.5. Naira was high emc, big range. IBM five to seven. Cisco was three to eight. Yeah. Yeah, right. ServiceNow was a seven. And then, yeah, Palo Alto was like a five. And I, which I think it was unfair. Well, >>And I think it depends on how you look at it. And I, so I think a lot of the acquisitions Palo Alto's made, they've done a good job of integrating the backend data and they've almost ignored the front end. And so when you buy some of the products, it's a little clunky today. You know, if you work with Prisma Cloud, it could be a little bit cleaner. And even with, you know, the SD wan that took 'em a long time to bring CloudGenix in and stuff. But I think the approach is right. I don't, I don't necessarily believe you should integrate the front end until you've integrated the back end. >>That's >>The hard part, right? Because UL ultimately what you're gonna get, you're gonna get two panes of glass and one pane of glass and it might look pretty and all mush together, but ultimately you're not solving the bigger problem, right. Of, of being able to create that big data lake to, to fight security. And so I think, you know, the approach they've taken is the right one. I think from a user standpoint, maybe it doesn't show up as neatly because you don't see the frontend integration, but the way they're doing it is the right way to do it. And I'm glad they're doing it that way versus caving to the pressures of what, you know, the industry might want or >>Showed up in the performance of the company. I mean, this company was basically gonna double revenues to 7 billion from 2020 to >>2023. Think about that at that. That makes, >>I mean that's unbelievable, right? I mean, and then and they wanna double again. Yeah. You know, so, well >>What did, what did Nikesh was quoted as saying they wanna be the first cyber company that's a hundred billion dollars. He didn't give a timeline market >>Cap. Right. >>Market cap, right. Do what I wanna get both of your opinions on what you saw and heard and felt this week. What do you think the likelihood is? And and do you have any projections on how, you know, how many years it's gonna take for them to get there? >>Well, >>Well I think so if they're gonna get that big, right? And, and we were talking about this pre-show, any company that's becoming a big company does it through ecosystem >>Bingo >>Go, right? And that when you look around the show floor, it's not that impressive. No. And if that, if there's an area they need to focus on, it's building that ecosystem. And it's not with other security vendors, it's with application vendors and it's with the cloud companies and stuff. And they've got some relationships there, but they need to do more. I actually challenge 'em on that. One of the analyst sessions. They said, look, we've got 800 cortex partners. Well where are they? Right? Why isn't there a cortex stand here with a bunch of the small companies here? So I do think that that is an area they need to focus on. If they are gonna get to that, that market caps number, they will do so do so through ecosystem. Because every company that's achieved that has done it through ecosystem. >>A hundred percent agree. And you know, if you look at CrowdStrike's ecosystem, it's, I mean, pretty similar. Yeah. You know, it doesn't really, you know, make much, much, not much different from this, but I went back and just looked at some, you know, peak valuations during the pandemic and shortly thereafter CrowdStrike was 70 billion. You know, that's what their roughly their peak Palo Alto was 56, fortune was 59 for the actually diverged. Right. And now Palo Alto has taken the, the top mantle, you know, today it's market cap's 52. So it's held 93% of its peak value. Everybody else is tanking. Even Okta was 45 billion. It's been crushed as you well know. But, so Palo Alto wasn't always, you know, the number one in terms of market cap. But I guess my point is, look, if CrowdStrike could got to 70 billion during Yeah. During the frenzy, I think it's gonna take, to answer your question, I think it's gonna be five years. Okay. Before they get back there. I think this market's gonna be tough for a while from a valuation standpoint. I think generally tech is gonna kind of go up and down and sideways for a good year and a half, maybe even two years could be even longer. And then I think there's gonna be some next wave of productivity innovation that that hits. And then you're gonna, you're almost always gonna exceed the previous highs. It's gonna take a while. Yeah. >>Yeah, yeah. But I think their ability to disrupt the SIM market actually is something that I, I believe they're gonna do. I've been calling for the death of the sim for a long time and I know some people of Palo Alto are very cautious about saying that cuz the Splunks and the, you know, they're, they're their partners. But I, I think the, you know, it's what I said before, the, the tools are catching them, but they're, it's not in a way that's useful for the IT pro and, but I, I don't think the SIM vendors have that ecosystem of insight across network cloud endpoint. Right. Which is what you need in order to make a sim useful. >>CISO at an ETR round table said, if, if it weren't for my regulators, I would chuck my sim. >>Yes. >>But that's the only reason that, that this person was keeping it. No. >>Yeah. And I think the, the fact that most of those companies have moved to a perpetual MO or a a recurring revenue model actually helps unseat them. Typically when you pour a bunch of money into something, you remember the old computer associate says nobody ever took it out cuz the sunk dollars you spent to do it. But now that you're paying an annual recurring fee, it's actually makes it easier to take out. So >>Yeah, it's just an ebb and flow, right? Yeah. Because the maintenance costs were, you know, relatively low. Maybe it was 20% of the total. And then, you know, once every five years you had to do a refresh and you were still locked into the sort of maintenance and, and so yeah, I think you're right. The switching costs with sas, you know, in theory anyway, should be less >>Yeah. As long as you can migrate the data over. And I think they've got a pretty good handle on that. So, >>Yeah. So guys, I wanna get your perspective as a whole bunch of announcements here. We've only been here for a couple days, not a big conference as, as you can see from behind us. What Zs in your opinion was Palo Alto's main message and and what do you think about it main message at this event? And then same question for you. >>Yeah, I, I think their message largely wrapped around disruption, right? And, and they, and The's keynote already talked about that, right? And where they disrupted the firewall market by creating a NextGen firewall. In fact, if you look at all the new services they added to their firewall, you, you could almost say it's a NextGen NextGen firewall. But, but I do think the, the work they've done in the area of cloud and cortex actually I think is, is pretty impressive. And I think that's the, the SOC is ripe for disruption because it's for, for the most part, most socks still, you know, run off legacy playbooks. They run off legacy, you know, forensic models and things and they don't work. It's why we have so many breaches today. The, the dirty little secret that nobody ever wants to talk about is the bad guys are using machine learning, right? And so if you're using a signature based model, all they gotta do is tweak their model a little bit and it becomes, it bypasses them. So I, I think the only way to fight the the bad guys today is with you're gonna fight fire with fire. And I think that's, that's the path they've, they've headed >>Down. Yeah. The bad guys are hiding in plain sight, you know? Yeah, >>Yeah. Well it's, it's not hard to do now with a lot of those legacy tools. So >>I think, I think for me, you know, the stat that we threw out earlier, I think yesterday at our keynote analysis was, you know, the ETR data shows that are, that are that last survey around 35% of the respondents said we are actively consolidating, sorry, 44%, sorry, 35 says who are actively consolidating vendors, redundant vendors today that number's up to 44%. Yeah. It's by far the number one cost optimization technique. That's what these guys are pitching. And I think it's gonna resonate with people and, and I think to your point, they're integrating at the backend, their beeps are technical, right? I mean, they can deal with that complexity. Yeah. And so they don't need eye candy. Eventually they, they, they want to have that cuz it'll allow 'em to have deeper market penetration and make people more productive. But you know, that consolidation message came through loud and clear. >>Yeah. The big change in this industry too is all the new startups are all cloud native, right? They're all built on Amazon or Google or whatever. Yeah. And when your cloud native and you buy a cloud native integration is fast. It's not like having to integrate this big monolithic software stack anymore. Right. So I, I think their pace of integration will only accelerate from here because everything's now cloud native. >>If a customer comes to you or when a customer comes to you and says, Zs help us with this cyber transformation we have, our board isn't necessarily aligned with our executives in terms of execution of a security strategy. How do you advise them where Palo Alto is concerned? >>Yeah. You know, a lot, a lot of this is just fighting legacy mindset. And I've, I was talking with some CISOs here from state and local governments and things and they're, you know, they can't get more budget. They're fighting the tide. But what they did find is through the use of automation technology, they're able to bring their people costs way down. Right. And then be able to use that budget to invest in a lot of new projects. And so with that, you, you have to start with your biggest pain points, apply automation where you can, and then be able to use that budget to reinvest back in your security strategy. And it's good for the IT pros too, the security pros, my advice to the IT pros is, is if you're doing things today that aren't resume building, stop doing them. Right. Find a way to automate the money your job. And so if you're patching systems and you're looking through log files, there's no reason machines can't do that. And you go do something a lot more interesting. >>So true. It's like storage guys 10 years ago, provisioning loans. Yes. It's like, stop doing that. Yeah. You're gonna be outta a job. So who, last question I have is, is who do you see as the big competitors, the horses on the track question, right? So obviously Cisco kind of service has led for a while and you know, big portfolio company, CrowdStrike coming at it from end point. You know who, who, who do you see as the real players going for that? You know, right now the market's three to 4%. The leader has three, three 4% of the market. You know who they're all going for? 10, 15, maybe 20% of the market. Who, who are the likely candidates? Yeah, >>I don't know if CrowdStrike really has the breadth of portfolio to compete long term though. I I think they've had a nice run, but I, we might start to see the follow 'em. I think Microsoft is gonna be for middle. They've laid down the gauntlet, right? They are a security vendor, right? We, we were at Reinvent and a AWS is the platform for security vendors. Yes. Middle, somewhere in the middle. But Microsoft make no mistake, they're in security. They've got some good products. I think a lot of 'em are kind of good enough and they, they tie it to the licensing and I'm not sure that works in security, but they've certainly got the ear of a lot of it pros. >>It might work in smb. >>Yeah, yeah. It, it might. And, and I do like Zscaler. I, I know these guys poo poo the proxy model, but they've, they've done about as much with prox as you can. And I, I think it's, it's a battle of, I love the, the, the near, you know, proxies are dead and Jay's model, you know, Jay over at csca, throw 'em back at 'em. So I, it's good to see that kind of fight going on between the >>Two. Oh, it's great. Well, and, and again, ZScaler's coming at it from their cloud security angle. CrowdStrike's coming at it from endpoint. I, I do think CrowdStrike has an opportunity to build out the portfolio through m and a and maybe ecosystem. And then obviously, you know, Palo Alto's getting it done. How about Cisco? >>Yeah, Cisco's interesting. And I I think if Cisco can make the network matter in security and it should, right? We're talking about how a lot of you need a lot of forensics to fight security today. Well, they're gonna see things long before anybody else because they have all that network data. If they can tie network security, I, I mean they could really have that business take off. But we've been saying that about Cisco for 20 years. >>But big install based though. Yeah. It's hard for a company, any company to say, okay, hey Cisco customer sweep the floor and come with us. That's, that's >>A tough thing. They have a lot of good peace parts, right? And like duo's a good product and umbrella's a good product. They've, they've not done a good job. >>They're the opposite of these guys. >>They've not done a good job of the backend integration and that, that's where Cisco needs to, to focus. And I do think g G two Patel there fixed the WebEx group and I think he's now, in fact when you talk to him, he's doing very little on WebEx that that group's running itself and he's more focused in security. So I, I think we could see a resurgence there. But you know, they have a, from a revenue perspective, it's a little misleading cuz they have this big legacy base that's in decline while they're moving to cloud and stuff. So, but they, but they, there's a lot of Rick there trying to, to tie to network. >>Lots of fuel for conversation. We're gonna have to carry this on, on Silicon angle.com guys. Yes. And Wi KeePon. Lets do see us. Thank you so much for joining Dave and me giving us your insights as to this event. Where are gonna be next? Are you gonna be on >>Vacation? There's nothing more fun than mean on the cube. So what's outside of that though? Yeah, you know, Christmas coming up, I gotta go see family and be the obligatory, although for me that's a lot of travel, so I guess >>More planes. Yeah. >>Hopefully not in Vegas. >>Not in Vegas. >>Awesome. Nothing against Vegas. Yeah, no, >>We love it. We love >>It. Although I will say my year started off with ces. Yeah. And it's finishing up with Palo Alto here. The bookends. Yeah, exactly. In Vegas bookends. >>Well thanks so much for joining us. Thank you Dave. Always a pleasure to host a show with you and hear your insights. Reading your breaking analysis always kicks off my prep for show. And it, it's always great to see, but predictions come true. So thank you for being my co-host bet. All right. For Dave Valante Enz as Carla, I'm Lisa Martin. You've been watching The Cube, the leader in live, emerging and enterprise tech coverage. Thanks for watching.

the cube presents ignite 22. brought to you by Palo Alto Networks hey guys and girls welcome back to Las Vegas it's thecube we are live at Palo Alto networks ignite 22. this is day one of two days of cube coverage Lisa Martin here with Dave vellante Dave we've had great conversations today talking with Executives the partner ecosystem is evolving it's growing at Palo Alto networks going to be digging into that next well we heard a lot of talk about you know Palo Alto you know the goal 100 billion dollar you know market cap company and to me a way and I think a critical way in which you get there is partner with the ecosystem because you can't do it alone the power of many versus the resources of one agree completely agree we've got Carl Sutherland with us SVP of North America ecosystem sales at Palo Alto networks welcome to the cube thanks so much for having me it's great being here so here we are the first full day of the conference actually started yesterday with the partner Summit give the audience a flavor of the partner Summit who was there what was talked about what's the current voice of the partner these days yeah great questions so we had a 150 Partners from around the globe representing all of our different routes to Market and for us our partner Community is expanding we work with system integrators we work with gsis we work with service providers Distributors traditional value-added resellers so it was a whole host of partners that were there it was a c-level audience and we really talked about the direction of where we're going as a company how they can continue to invest with us and have greater success long term and so from a voice of the partner standpoint what they're here to do is share with us where they want to engage more how we can enable them to be successful you talked about the Power of One Versus a community we're really looking at a segment of the marketplace right now for us to scale and hit our aspirational goals we can't do it with Palo Alto Network employees we have an employee base of 12 000 people if you take our ecosystem it's over a hundred thousand employees so if we can get them aligned and selling and motivated it's going to be a good day for all of us what so what are they telling you where do they want to spend their time where do they want to add value where are they winning yeah that's a great question so there's a transformation that's going on right now in the partner Community what's happening is a lot of Partners going that are transitioning from what would be traditional transactional Partners or resale Partners to being services-led and the Market's driving them there and what I mean by that is that customers are in a desperate dire State needing assistance figuring out and solving these very complex security problems so if there is a subset of Partners out there that have the skill set and capabilities that can come in from a consultative standpoint help them to develop the structure through deployment a full-blown management and do life cycle management that's a tremendous value I mean the numbers you hear thrown around in the industry right now is up to seven million uh security I.T jobs right now that are out there the open head count is tremendous people can't hire people fast enough all of us in the industry are going through and trying to find early in career or college graduates so we can train quickly or cross-train from other segments to get them into cyber security so if our part of the community can continue to get skilled and expand it's only going to help and the cloud is obviously where does the cloud fit in Carl because you know a lot of the partners when the clouds really start on the Steep part of the s-curve are like we have an opportunity here and by the way if we don't transition our business we could get commoditized yes so that you know that but you were talking about the transactional we can help people move to the cloud and a big part of that has got to be we can secure them in the cloud because it's a more in a lot of ways you know Cloud security is great but in a lot of ways it adds complexity what are you hearing from the party yeah so we are fortunate at Palo Alto networks when you look across the three loud largest cloud service provider from a Google AWS and Microsoft Azure we're either their number one isv or absolutely their number one security ISP so we've got a great uh relationships with them now our partners are coming along and saying how do we transact how do we add value a lot of times that value to your question is wrapping services around it to make sure it's a successful deployment because exactly what you stated the complexity is an all-time high so how do we make sure that we can solve a complex problem in a short term while increasing their security posture and that's really the goal and so where there there's sometimes complexity and mystery there's opportunity and partners can be profitable in doing that I wrote a piece once chaos is cash I have a security you know the criminals and vendors as well yes yes where there is is challenge and complexity there is great opportunity yeah talk about some of the partner program Evolution and some of the things that were announced with respect to the next wave program just yesterday yeah so at next wave um the program's been around for 12 years we constantly are looking to make enhancements and how we make those enhancements are by going out and speaking with these partners and listening to what they need so I have the honor to get to represent what their needs are and how we bring it to market for them so a couple interesting announcements that we made yesterday first of all we announced a new structural format for the program which is really going to allow our different route to markets to have a program that's fit for them because in the past when we were just traditionally a firewall company when the ecosystem just meant resale it was an easy model to have it's complex right now sometimes it's resale sometimes it's influence sometimes its services only we really need to be flexible and credible so we announced a Services only path so if you are a consulting company if you are a insurance company and you want to bring opportunities and leads to Palo Alto Network and you want to provide the services if you're not interested in the transaction you don't want to get involved in that we now have a pathway for you to support you to enable you and Kennedy to give you recognition within Palo Alto networks from an alignment standpoint so we're super excited about that uh as I know you guys speak quite a bit about the managed Services industry so it's a red hot area within Palo Alto networks one of the needs out there was that all not all managed Service Partners are created equally and so some have fantastic capabilities some have gaps we were calling it a P2P part of the partner program within managed services so our two managed Services Partners can actually work together to solve the problem that the end user has and give them a better outcome and fill each other's gaps so candidly it's been going on for a while the partnering but we've never really recognized it so we really built a program around it and now are sponsoring and supporting it versus people doing it on a sidebar so those guys were here in force yesterday yes sir right and and so obviously a lot of energy I'm sure do you see a day where they're here in force on the show floor yeah and and how do you see that evolving so they are here enforcement just right here you see a few of them I'm looking at AWS who's our you know we are their largest isv I'm looking at CDW we had them on the floor is our if not largest second largest partner globally right now and continuing to grow at a rate well they will probably be our first billion dollar partner to think about the size and scale of that relationship and where we've come from um their name CDW don't they never really thought of CDW right as a as a security firm wow what a transformation but please carry on and think about that let's talk about CDW saying think about reach that CDW has it's a 23 billion dollar organization and in a way an inside out sales model meaning there's a tremendous reach they have from their inside sales team and the relationships that they have traditionally historically they were procurement relationships in a way and I said this to the CDW team they were the easy button in the past now what they're doing is they made Seven Acquisitions over the last two years all of them Services oriented so now they're coming in as a consultative Viewpoint and solving a lot of complex problems and I see Google Cloud right here another great partner for us that we continue to invest in we have a great amount of integration and Technology integration with them and so and those are the three that I'm seeing just looking over my left shoulder right if I turn around I'll probably name five more so the majority of this room are the partners that fall within our ecosystem today fantastic so okay so what's your vision for where you want to take this ecosystem because as I said at the top I mean ecosystems are sort of the Hallmark of a I guess you're not a cloud company see I think you of you as a cloud company and so okay good so and I know you don't own your own public cloud and you know your history is you had your own data centers but yeah but you're the security Cloud yeah and so a security Cloud any Cloud needs a great ecosystem so what's your vision for the ecosystem let's go you know five plus years out sure you we start with the end in mind and what I mean by that is we always start with the end user what's the end user's needs the end user today needs flexibility with how they consume the technology they need help in how they support and deploy the technology they need guidance in how they plan out for their future and what their growth is so what we're doing is building a very diverse set of Partners in our ecosystem that all have special skills that they bring to the table so when nikesh sits up here and talks about being a 10 billion or a 20 billion or a 50 billion dollar company we absolutely cannot do it without our ecosystem and without having a very diverse ecosystem that all has different skills that can help us scale because again Palo Alto does not want to be a services company right let's work with the people who are the best at that when we think about the deloittees and accentures and the value they have within the end user base and our joint customer base what a fantastic time to to partner together and solve those boardroom challenges and that's where I really see the vision is that at the boardroom we're building out a plan that's three to five years that's going to continue to increase their security posture because we're not thinking if we're not forward thinking like that will be left behind because the Bad actors are thinking about how they find the different areas to penetrate they're getting so sophisticated the badocracy adversaries they are well funded they're motivated Grant the ransomware attack numbers in terms of the Velocity the complexity yes no longer are we going to get if it's when yeah uh big challenge for organizations Acro across I mean really across an organization regardless of Industry are you guys having any conversations with boards in the partner organization to help align the board with the executive level and really not just have security as a board level initiative but actually being able to execute a strategy yeah and you you nailed it it's not an initiative the initiative to me means there's a beginning and an end right a strategy means there's going to be a comprehensive approach how you continue to improve and we are very fortunate that a lot of our largest Partners around the globe have that position within the boards where they are the trusted advisor so what we're doing now is enabling them and giving them the skills so they can have a more comprehensive conversation around our platform approach around the challenges you know BJ I knew who was with you earlier today likes to say that the average customer he goes and sees has 50 to 70 disparate Technologies within their environment how do you manage that how do you maintain it how do you do renewals oh and by the way most likely the people who actually initially procured that aren't with you anymore they're in a different company so the need for a platform approach is there more so than ever but the decision for the platform quite often has to come from the most senior levels within the organization because again I'm going to go back to your what was your chaos line that you said chaos is Cash chaos is Cash well also chaos is job security so if you're at at the lower level within an organization that chaos and that magic gives you a little job security but that's a short term long term you really need to think about how you're protecting the environment holistically so it is a boardroom decision down that we need to have and you know that chaos the the motivation for that piece that I wrote was from the criminals standpoint right and then I was like okay but there's great opportunities for the technology industry but but I think that you know where we're headed I wonder if I get your thoughts on thoughts on this Carlos we always talk about the Board Room I think we're going now Beyond it here I am you know I'm hypersensitive about my security I got password managers two-factor authentication I don't want SMS based two-factor authentication I want my own authenticator and that's still not enough yeah I got air gaps yeah you know for my crypto you know and I'm super paranoid my point is I think the the individuals are getting much more Savvy about security why because we've all been hacked you know it's like when you lost your data in the because you weren't backed up you know that never happens anymore it's in the cloud or you know some people have multiple backups so it's it's becoming a cultural Trend beyond the board and it's because of the board lord said hey this is really important and so I think it's not only top down I think you're going to see bottom up and middle out and the exciting part for Palo Alto networks is and maybe for you as well is there any more exciting environment to talk about that's rapidly changing and constantly changing you could come back next week and our conversation is going to change as far as what we're doing we constantly need to be thinking three steps ahead of where we're going to move and be flexible and dynamic enough to change and that's what's going to keep us ahead of the economy yeah there's no segment as Dynamic I mean data is dynamic but not as fast changing as cyber I mean because of the adversary as you mentioned I mean so smart so now now they have open adversary ecosystems I mean the adversaries are building ecosystems right absolutely insane I've got peers that are bad guys yeah right right chaos is Cash what's your favorite partner story that you think really demonstrates the value of the ecosystem that Palo Alto networks has built yeah so without sharing names I'll talk about a large U.S national partner that was very uh that was founded on a networking business and partnered with a very large networking company and built that business and was successful doing that they wanted to Pivot into the security space and very early on they made a commitment to Paulo and Ulta networks to say we're going to learn we're going to invest we're going to align with your sales force and we're going to work together and right now they are our largest partner globally and they grew 70 year over year wow so think about that this is not on a small base we're talking about a half a billion dollars in Revenue growing at 70 year over year because to your point earlier it wasn't an initiative it was a strategy and they're executing on the strategy so I tell a lot of we call War Stories like that to other partners that are looking to invest from different markets it could be a large service provider that's you know trying to transform themselves into a security player and talk about the potential of what it could be in for their Marketplace and by the way I say publicly quite often Palo Alto networks will be your most profitable relationship that you have because of the total addressable Market that we're going after because of the solutions that we bring to Market and because of the opportunity within the end users right now and we're excited I want to come back to the mssp in that in its context so we've seen the rise of the mssp and particularly you know we were talking earlier I think it was with Wendy that uh no it was with CDW like 50 of the organizations in North America don't even have a sock yeah right so they need a service provider to come out so you said we you don't want to be in the services business right you're a product company right and that's from a financial standpoint that's phenomenal you're roughly 50 billion dollar market cap company let's let's call it six billion in Revenue so that's a nice Revenue multiple 8X you know and and and the Market's down so you're a 10x Revenue multiple company typically services companies are a 1x or a 2X are you seeing a change there where technology is giving these service providers operating leverage where they're able to scale whether it's because of the cloud because of the Partnerships the Eco would you call it before the the peer-to-peer ecosystem yes like the Gap fillers yes are you do you see the economics of services changing yeah from a baseline economic standpoint not looking at the valuations but let's look at it from a an opportunity to be profitable with Palo Alto networks we know if you are just doing the transaction you have a certain range of margin that you're going to make in the opportunity we know if you wrap services around it you're going to get 3x to 4X that margin we know that if it's managed services and there's life cycle management you're talking 5x to 8X that initial transaction and by the way it's recurring revenue for them so when you think about it if you just do a transaction you're only recurring revenue is a renewal that's predictable but it's not extremely profitable now we're saying the operating leverage you get is if you wrap that services and you're going to have an increased opportunity for a greater margin and it's sticky it's hard to replace a partner who's adding value to your team and A lot of times you walk in the end user you can't tell who the partner is and who the end user is because they are one team that's value yes and that's going to drive ebit yep for your partners and that's going to drive valuation you know you know I want to come back to valuation not that I'm not you can do that okay but because I was I predicted I do my prediction post every year and I predicted last year that we're going to see you know a Spate of MSS mssps I predicted you're going to see someone go public nobody's going public these days but I still think it's a great business yeah that's an untapped opportunity it's not an 8X or it's not a software marginal economics or but it's really sticky super high value yeah and I think it has you know long-term potential yeah to your point if you want to talk valuations for a second let's look at what's happened to the marketplace over the last 12 to 18 months the large majority of the non-public partners that we work with have taken on Capital from private Equity the private Equity that has come in has challenged them to go through a transformation that transformation is you we need you to be Services LED and that service is value because they believe there's going to is going to be a great greater evaluation from that end and they'll be able to scale and grow and stay ahead of the market doing that so when we have conversations when I have conversations yes I'm talking about the technology and the direction of the company but I'm also in there as a consultant saying where's the direction of your company and how do we have this great platform and how do we build it into your business and you wrap services around it and those are the conversations that CEOs want to have when I'm sitting down with our partner CEOs I bet they don't want to talk about our product being better than someone else's product they want to talk about the direction and health of their business yeah it's their business that's a business discussion business decision and they're thinking about okay what's my five-year strategic plan because they got to make bets yeah they're going to bet on a platform that they can add value to that creates that flywheel effect and they get a bet on your ecosystem as well correct oh correct absolutely good to be the leader it's good to be a leader and you know I'm sure as you've heard a few times we believe that economic headwinds are going to favor the market leaders and economic headwinds are going to favor the platform approach so we're going in more aggressive with our partner Community than ever before and there's just so much energy and excitement I feel like I keep on using that term over and over again but that's really what we walk away with last question for you is we have about 30 seconds left a lot of momentum in the partner ecosystem as you've described eloquently what's next what's next what's next yeah so when I I rolled out the strategy for what's next and what it is is a foundational platform that is going to allow flexibility for the partners and for them to decide where they want to invest and it can be in new areas it can be I went online closer with the cloud service providers it could be I want to build a managed Services business can you help us do this it could be I want to go through and I want to drive greater penetration into geographical areas we haven't been before so again we're almost acting as a consultant looking at what they're going from the direction and building a program and a platform where we can grow and work with them it's exciting it's fun it's great highly collaborative highly collaborative highly collaborative thank you for joining us on the program on the partner program the ecosystem Better Together what you guys are doing and ultimately how it benefits the end user customer we really appreciate your insights excellent thank you thank you so much appreciate it all right our pleasure for our guests and Dave vellante I'm Lisa Martin you're watching the cube the leader in live Enterprise and emerging Tech coverage [Music]

>> Narrator: TheCUBE presents Ignite '22, brought to you by Palo Alto Networks. >> Greetings from the MGM Grand Hotel in beautiful Las Vegas. It's theCUBE Live Day two of our coverage of Palo Alto Networks, ignite 22. Lisa Martin, Dave Vellante. Dave, what can I say? This has been a great couple of days. The amount of content we have created and shared with our viewers on theCUBE is second to none. >> Well, the cloud has completely changed the way that people think about security. >> Yeah. You know at first it was like, oh, the cloud, how can that be secure? And they realized, wow actually cloud is pretty secure if we do it right. And so shared responsibility model and partnerships are critical. >> Partnerships are critical, especially as more and more organizations are multicloud by default. Right? These days we're going to be bring Google into the conversation. Josh Haslet joins us. Strategic Partnership Manager at Google. Welcome. Great to have you Josh. >> Hi Lisa, thanks for having me here. >> So you are a secret squirrel from Palo Alto Networks. Talk to me a little bit about your background and about your role at Google in terms of partnership management. >> Sure, I feel like we need to add that to my title. [Lisa] You should, secret squirrel. >> Great. Yeah, so as a matter of fact, I've been at Google for two and a half years. Prior to that, I was at Palo Alto Networks. I was managing the business development relationship with Google, and I was kind of at the inception of when the cash came in and, and decided that we needed to think about how to do security in a new way from a platform standpoint, right? And so it was exciting because when I started with the partnership, we were focusing on still securing you know, workloads in the cloud with next generation firewall. And then as we went through acquisitions the Palo Alto added it expanded the capabilities of what we could do from cloud security. And so it was very exciting, you know, to, to make sure that we could onboard with Google Cloud, take a look at how not only Palo Alto was enhancing their solutions as they built those and delivered those from Google Cloud. But then how did we help customers adopt cloud in a more easy fashion by making things, you know more tightly integrated? And so that's really been a lot of what I've been involved in, which has been exciting to see the growth of both organizations as we see customers shifting to cloud transformation. And then how do they deploy these new methodologies and tools from a security perspective to embrace this new way of working and this new way of, you know creating applications and doing digital transformation. >> Important, since work is no longer a place, it's an activity. Organizations have have to be able to cater to the distributed workforce. Of course, the, the, the workforce has to be able to access everything that they need to, but it has to be done in a secure way regardless of what kind of company you are. >> Yeah, you're right, Lisa. It's interesting. I mean, the pandemic has really changed and accelerated that transformation. I think, you know really remote working has started previous to that. And I think Nikesh called that out in the keynote too right? He, he really said that this has been ongoing for a while, but I think, you know organizations had to figure out how to scale and that was something that they weren't as prepared for. And a lot of the technology that was deployed for VPN connectivity or supporting remote work that was fixed hardware. And so cloud deployment and cloud architecture specifically with Prisma access really enabled this transformation to happen in a much faster, you know, manner. And where we've come together is how do we make sure that customers, no matter what device, what user what application you're accessing. As we take a look at ZTNA, Zero Trust Network Access 2.0, how can we come together to partner to make sure the customers have that wide range of coverage and capability? >> How, how do you how would you describe Josh Google's partner strategy generally and specifically, you know, in the world of cyber and what makes it unique and different? >> Yeah, so that's a great question. I think, you know, from Google Cloud perspective we heard TK mention this in the keynote with Nikesh. You know, we focus on on building a secure platform first and foremost, right? We want to be a trusted cloud for customers to deploy on. And so, you know, we find that as customers do one of two things, they're looking at, you know, reducing cost as they move to cloud and consolidate workloads or as they embrace innovation and look at, you know leveraging things like BigQuery for analytics and you know machine learning for the way that they want to innovate and stay ahead of the competition. They have to think about how do they secure in a new way. And so, not only do we work on how do we secure our own platform, we work with trusted partners to make sure that customers have you mentioned it earlier, Dave the shared security model, right? How do they take a look at their applications and their workloads and this new way of working as they go to CI/CD pipelines, they start thinking about DevSecOps. How do they integrate tooling that is frictionless and seamless for their, for their teams to deploy but allows them to quickly embrace that cloud transformation journey. And so, yes, partners are critical to that. The other thing is, you know we find that, you mentioned earlier, Lisa that customers are multicloud, right? That's kind of the the new normal as we look at enterprises today. And so Google Cloud's going to do a great job at securing our platform, but we need partners that can help customers deploy policy that embraces not only the things that they put in Google Cloud but as they're in their transformation journey. How that embraces the estates that are in data centers the things that are still on-prem. And really this is about making sure that the applications no matter where they are, the databases no matter where they are, and the users no matter where they are are all secure in that new framework of deploying and embracing innovation on public cloud. >> One of the things that almost everybody from Palo Alto Networks talks about is their partnering strategy their acquisition strategy integrations. And I was doing some research. There's over 50 joint integrations that Google Cloud and Palo Alto Networks. Have you talked about Zero Trust Network Access 2.0 that was announced yesterday. >> Correct. >> Give us a flavor of what that is and what does it deliver that 1.0 did not? >> Well, great. And what I'd like to do is touch a little bit on those 50 integrations because it's been, you know, a a building rolling thunder, shall we say as far as how have we taken a look at customers embracing the cloud. The first thing was we took a look at at how do we make sure that Palo Alto solutions are easier for customers to deploy and to orchestrate in Google Cloud making their journey to embracing cloud seamless and easy. The second thing was how could we make that deployment and the infrastructure even more easy to adopt by doing first party integrations? So earlier this year we announced cloud IDS intrusion detection system where we actually have first party directly in our console of customers being able to simply select, they want to turn on inspection of the traffic that's running on Google Cloud and it leverages the threat detection capability from Palo Alto Networks. So we've gone from third party integration alone to first party integration. And that really takes us to, you know, the direction of what we're seeing customers need to embrace now which is, this is your Zero Trusts strategy and Zero Trust 2.0 helps customers do a number of things. The first is, you know, we don't want to just verify a user and their access into the environment once. It needs to be continuous inspection, right? Cause their state could change. I think, you know, the, the teams we're talking about some really good ways of addressing, you know for instance, TSA checkpoints, right? And how does that experience look? We need to make sure that we're constantly evaluating that user's access into the environment and then we need to make sure that the content that's being accessed or, you know, loaded into the environment is inspected. So we need continuous content inspection. And that's where our partnership really comes together very well, is not only can we take care of any app any device, any user, and especially as we take a look at you know, embracing contractor like use cases for instance where we have managed devices and unmanaged devices we bring together beyond Corp and Prisma access to take a look at how can we make sure any device, any user any application is secure throughout. And then we've got content inspection of how that ZTNA 2.0 experience looks like. >> Josh, that threat data that you just talked about. >> Yeah. >> Who has access to that? Is it available to any partner, any customer, how... it seems like there's gold in them, NAR hills, so. >> There is. But, this could be gold going both ways. So how, how do you adjudicate and, how do you make sure that first of all that that data's accessible for, for good and not in how do you protect it against, you know, wrong use? >> Well, this is one of the great things about partnering with Palo Alto because technically the the threat intelligence is coming from their ingestion of malware, known threats, and unknown threats right into their technology. Wildfire, for instance, is a tremendous example of this where unit 42 does, you know, analysis on unknown threats based upon what Nikesh said on stage. They've taken their I think he said 27 days to identification and remediation down to less than a minute, right? So they've been able to take the intelligence of what they ingest from all of their existing customers the unknown vulnerabilities that are identified quickly assessing what those look like, and then pushing out information to the rest of their customers so that they can remediate and protect against those threats. So we get this shared intelligence from the way that Palo Alto leverages that capability and we've brought that natively into Google Cloud with cloud intrusion detection. >> So, okay, so I'm, I'm I dunno why I have high frequency trading in my mind cause it used to be, you know, like the norm was, oh it's going to take a year to identify an intrusion. And, and, and now it's down to, you know take was down to 27 days. Now it's down to a minute. Now it's not. That's best practice. And I'm, again, I'm thinking high frequency trading how do I beat the speed of light? And that's kind of where we're headed, right? >> Right. >> And so that's why he said one minute's not enough. We have to keep going. >> That's right. >> So guys got your best people working on that? >> Well, as a matter of fact, so Palo Alto Networks, you know when we take a look at what Nikesh said from stage, he talked about using machine learning and AI to get ahead of what we what they look at as far as predictability not only about behaviors in the environment so things that are not necessarily known threats but things that aren't behaving properly in the environment. And you can start to detect based on that. The second piece of it then is a lot of that technology is built on Google Cloud. So we're leveraging, their leveraging the capabilities that come together with you know, aggregation of, of logs the file stitching across the entire environment from the endpoint through to cloud operations the things that they detect for network content inspection putting all those files together to understand, you know where has the threat vector entered how has it gone lateral inside the environment? And then how do you make sure that you remediate all of those points of intrusion. And so yeah it's been exciting to see how our product teams have worked together to continue to advance the capabilities for speed for customers. >> And secure speed is critical. We had the opportunity this morning to speak with Lee Claridge, the chief product officer, and you know one of the things that I had heard about Lee is that despite all of the challenges in cybersecurity and the amorphous expansion of the threat network and the sophistication of the adversaries he's really optimistic about what it's going to enable organizations to do. I see you smiling. Do you share that optimism? >> I, I do. I think, you know, when you bring, when you bring leaders together to tackle big problems, I think, you know we've got the right teams working on the right things and we understand the problems that the customers are facing. And so, you know, from a a Google cloud perspective we understand that partnering with Palo Alto Networks helps to make sure that that optimism continues. You know, we work on continuous innovation when it comes to Google Cloud security framework, but then partnering with Palo Alto brings additional capabilities to the table. >> Vision for the, for the partnership. Where do you want to see it go? What's... we're two to five years down the road, what's it look like? Maybe two to three years. Let's go. >> Well, it was interesting. I, I think neer was the one that mentioned on stage about, you know how AI is going to start replacing us in our main jobs, right? I I think there's a lot of truth to that. I think as we look forward, we see that our teams are going to continue to help with automation remediation and we're going to have the humans working on things that are more interesting and important. And so that's an exciting place to go because today the reality is that we are understaffed in cybersecurity across the industry and we just can't hire enough people to make sure that we can detect, remediate and secure, you know every user endpoint and environment out there. So it's exciting to see that we've got a capability to move in a direction to where we can make sure that we get ahead of the threat actors. >> Yeah. So he said within five years your SOC will be AI based and and basically he elaborated saying there's a lot of stuff that you're doing today that you're not going to be doing tomorrow. >> That's true. >> And that's going to continue to be a moving target I would think Google is probably ahead in that game and ahead of most, right? I mean, you guys were there early. I mean, I remember when Hadoop was all the rage like just at the beginning you guys like, yeah, you know Google's like, no, no, no, we're not doing Hadoop anymore. That's like old news. So you tended to be, I don't know, at least five maybe seven years ahead of the industry. So I imagine you using a lot of those AI techniques in your own business today. >> Absolutely. I mean, I think you see it in our consumer products, and you certainly see it in the the capabilities we make available to enterprise as far as how they can innovate on our cloud. And we want to make sure that we continue to provide those capabilities, you know not only for the tools that we build but the tools that customers use. >> What's the, as we kind of get towards the end of our conversation here, we we talk about zero trust as, as a journey, as an approach. It's not a product, it's not a tool. What is the, who's involved in the zero trust journey from the customers perspective? Is this solely with the CSO, CSO, CIOs or is this at the CEO level going, we have to be a data company but we have to be a secure data company 24/7. >> It's interesting as you've seen malware, phishing, ransomware attacks. >> Yeah. >> This is not only just a CSO CIO conversation it's a board level conversation. And so, you know the way to address this new way of working where we have very distributed environments where you can't create a perimeter anymore. You need to strategize with zero trust. And so continuously, when we're talking to customers we're hearing that as a main initiative, you know from the CIO's office and from the board level. >> Got it, last question. The upgrade path for existing customers from 1., ZTNA 1.0 to 2.0. How simple is that? >> It's easy. You know, when we take- >> Is there an easy button? >> So here's the great thing [Dave] If you're feeling lucky. [Lisa] Yeah. (group laughs) >> Well, Palo Alto, right? Billing prisma access has really taken what was traditional security that was an on-prem or a data center deployed strategy to cloud-based. And so we've worked with customers like Princeton University who had to quickly transition from in-person learning to distance learning find a way to ramp their staff their faculty and their students. And we were able to, you know Palo Alto deploy it on Google Cloud's, you know network that solution in very quick order and had those, you know, everybody back up and running. So deployment and upgrade path is, is simple when you look at cloud deployed architectures to address zero trusts network. >> That's awesome. Some of those, some of those use cases that came out of the pandemic were mind blowing but also really set the table for other organizations to go, yes, this can be done. And it doesn't have to take forever because frankly where security is concerned, we don't have time. >> That's right. And it's so much faster than traditional architectures where you had to procure hardware. >> Yeah. >> Deploy it, configure it, and then, you know push agents out to all the endpoints and and get your users provisioned. In this case, we're talking about cloud delivered, right? So I've seen, you know, with Palo Alto deploying for customers that run on Google Cloud they've deployed tens of thousands of users in a very short order. You know, we're talking It was, it's not months anymore. It's not weeks anymore. It's days >> Has to be days. Josh, it's been such a pleasure having you on the program. Thank you for stopping by and talking with Dave and me about Google Cloud, Palo Alto Networks in in addition to secret squirrel. I feel like when you were describing your background that you're like the love child of Palo Alto Networks and Google Cloud, you might put that on your cartoon. >> That is a huge compliment. I really appreciate that, Lisa, thank you so much. >> Thanks so much, Josh. [Josh] It's been a pleasure being here with you. [Dave] Thank you >> Oh, likewise. For Josh Haslett and Dave, I'm Lisa Martin. You're watching theCUBE, the leader in live coverage for emerging and enterprise tech. (upbeat outro music)

>>The Cube presents Ignite 22, brought to you by Palo Alto Networks. >>Welcome back everyone. Happy afternoon. It's Lisa Martin and Dave Valante of the Cube. We are live at MGM Grand. This is Palo Alto Ignite 22, our second day of coverage. Dave, we've had some amazing conversations, as we always do on the queue, but cybersecurity one of my favorite topics. So interesting to hear what Palo Alto Networks is doing, how it's differentiating itself and how it's ecosystem is >>Growing. Yeah, well one of the things I always, I often use ServiceNow as a reference example. I go back to 2013, had a kind of a tiny ecosystem and then sort of watched it grow. And one of those key signs was when the global system integrators actually began to lean in Accenture, obviously world class, one of the, you know, definitely in the top, you know, they talk about top five QBs, Accenture, you know, top five GSI easily. >>Yep. So, and in fact, Accenture, we've got Rex Stex in here, senior managing director at Accenture Security. You guys have been the GSI partner of the year for Palo Alto Networks for four years in a row, six years plus strong partnership. Give us a little flavor and history of the pan of the Palo Alto partnership with et cetera. >>I think, you know, we started early, right? And I think as they've evolved, we've evolved our partnership with them and as they've gone, you know, to more of a software footprint with, you know, around cloud security and network security and sassy, we've, we've seen a lot of growth and we're super excited about the opportunity that's ahead of us and the meaningful outcomes that we've been providing our clients as it relates to, you know, vendor consolidation, toll consolidation, tech debt reduction. You know, there's a lot of opportunity here to simplify our clients' lives with them. And that's something we're super excited about. >>Simplification, consolidation, been a theme of the last couple of days. Talk about some of the joint accomplishments that you guys have achieved. I know that you developed a lot of offers across all of Palo Alto Network's, GTMs, what are some of the highlights that come to mind? I >>Think one of the things that we're most excited about, you know, that being client specific is what we've been able to do on, on, on the network side with sasi and, and zero trust, network access. You know, as when Covid hit, there was a lot of change that happened with remote workforce and, you know, clients couldn't log in because their VPNs were crashing left and right. And so we were able to, you know, go in and help stand up, you know, this, you know, zero trust network infrastructure and help our clients get back online and get their employees back to work in a productive manner. And then it's evolved with the hybrid work model over time. And so it's, it's been a, that's probably the most gratifying cause there was a real crisis at, at a certain point in time, you know, a couple years ago were >>There Rex, were there unintended consequences of that, you know, rapid, we were forced, you know, the forced march to digital in terms of just multiple tools, plugging holes, and then sort of stepping back, you know, post isolation economy saying, okay, hey, we got through this, but now we need to take a new direction, new >>Strategy. I think that there, there isn't an intended consequence if you look at, most clients have, I saw a number 76, we counted as around 80 different security vendors and tools that they managed because a lot of people went and went after best of breed type capabilities. And, and so what we've seen now is, is the need to, you know, rationalize that, you know, their, their infrastructure and their, and their capability and, and consolidate and reduce that and, and move to, you know, more of what I would call platform providers. Cause if you may have, when you have 80 products, you have 80 integrations, 80 points of failure, and it gets very complex and, you know, there's a lot of finger pointing. And so as we're starting to see clients take a step back and say, Hey, look, if I, you know, spend the time to, you know, I call it modernization, but you know, modernize my security infrastructure and footprint focused around, you know, automation, orchestration, leveraging, you know, true ml and I know there's are buzzwords, but, you know, but you know, using 'em in, in, in the proper fashion, right? >>They, they can, you know, reduce that footprint, save a bunch of money, right? And, and, and drive that cost savings and then help scale their business. Cuz you have all these different vendors and what security is typically in the digital footprint is the slowdown, right? We, we've typically been the bottleneck in the past. And what we're seeing with, with, with what, you know, we've been very focused on is helping our clients scale their security footprints and their infrastructure and, you know, through automation orchestration, I i, I always say some folks do it your mess for less with labor arbitrage and bodies, but they're not enough security people in the world to do this. And so we're very focused on automation and orchestration and driving that into, into the market. >>Yeah. So you don't want to be in the business of, of filling those holes with labor. >>Exactly. You >>Want to actually get paid for outcomes. >>A hundred percent. And everything we've done is we've tried to simplify things not only for, you know, big Accenture, but even for our clients so that, you know, we can be focused on business outcomes, not necessarily technology outcomes. Cuz doing technology for the sake of technology. Is that unintended consequence that you described earlier, >>Speaking of transformation and outcomes I should say, what are you hearing most from CIOs and CISOs in terms of what they need now to be able to transform, to deliver the business outcomes so that they can become secure data companies regardless of industry? Yep. >>I think the, the biggest thing we're seeing right now is the need to, you know, leverage true automation and orchestration. We have to break the headcount model. There's not enough security professionals in the world to do, you know, to solve the world's problems. In order to scale that, you know, it's one of the reasons we're, you know, partnering with Palo Alto is because of, you know, the capabilities and the investments they've made in innovation to help drive that automation and orchestration through, you know, numerous capabilities from stock transformation to to to sassy cloud security, et cetera. But our clients need scale. They need to be able to go fast and net pace and they need to, they need to do it with confidence securely. And that, that's one of the big focuses. But the other focus is, is we're starting to see a need to, you know, vendor consolidation in the market. You've seen the acquisitions, I'm sure you've talked to people in over the last couple days. You know, there's, there's a, a tremendous amount of consolidation going around. And what our clients, you know, are asking for is, Hey, I need to reduce the number of vendors I interact with. I need to simplify my infrastructure, I need to focus on automation and, and orchestration from that perspective, >>What's happening with multi-cloud? What are you hearing from from customers? You know, we hear a lot of the, the, the conversations about, oh it's, you know, it's, and I agree by the way, multi-cloud is kind of a symptom of multi-vendor, you know, Chuck Whittens thing about multi-cloud by default versus design, you know, it's good, good line and I think rings true, but, but what a customer's telling you in terms of the real challenges generally and then specifically around security. >>I think it's, you know, each cloud service product has their own security capabilities and security models and, and, and being able to train the people to be able to manage those different models. I think that's where, you know, tools like, you know, Prisma Cloud for instance come in and help clients be able to manage the security and compliance of those infrastructures in, in a way to do that. And then to be able to manage applications security consistently, right? It's not just the cloud itself, but it's actually the applications that may, you know, cross, you know, be for, for resiliency but you know, be in, you know, multi-cloud, you know, multiple clouds and being able to make sure you have consistent security across those. And I think, you know, one of the things that it's permeated is, is just the, with data and identity and, and you know, cloud infrastructure and tolerance management, it's been a big problem cuz it's like the wild, wild west. I always look, when I look at identity and the cloud and how it's done, it, it looks like 1995 identity. It's, it's, it's ridiculously backwards. And so, you know, we've seen things like, you know, keem that have come into play to help manage those relationships and, and simplify it across multiple clouds consistently, if that makes sense. >>Yep. >>You, you mentioned Prisma Cloud most recently Accenture and Palo Alto developed the Secure Cloud Express. Correct. Can you talk to us a little bit about what that is and what outcomes is it gonna enable? Yeah, >>So great question and we're pretty excited about this cuz what we did with that was we manage cloud, you know, our cloud environments for numerous customers. So we've developed hundreds of policies that, you know, we implemented in Prisma Cloud to manage, you know, multiple clients, our internal infrastructure. And what we did was we said, well, most of our clients have to build those from scratch. So what we said is we will come in, in the best of week of time and come in and, and do a data-driven exercise to show our clients, you know, where where they sit from a, from a security perspective as it relates leveraging Prisma cloud and, and those policies that we've created. And what, what that has led to is another step, which is where we're focused on auto remediation. So, you know, when you, when you get, when you get the findings, then what do you do with them, right? If you have hundreds or thousands in some cases we've had clients with 1100 findings and they just sit there and they go, whoa, you know, so to speak. And so what we've done is we try to take those highest, most frequent findings and build securities code to auto remediate those for clients so they can choose to implement that and work down those, you know, findings very quickly, which helps, you know, drive more value out of, out of their prisma cloud >>Purchases. Accenture obviously has deep industry expertise around the globe. What are you seeing in terms of industries actually? So as they digitize not just their IT transformation but a business transformation, there are starting to see companies, financial services in particular bring their business to their cloud, sify their business. And specifically I'm interested in what's happening at the edge with operations technology. We just talked about healthcare and and medical devices. What's happening there? How connected or disconnected is that to the rest of the estate, the multi-cloud on-prem, et cetera? I >>Mean, I think OT is, is fairly disconnected, right? Sure. From, from that perspective, obviously, but I, I, I think what we're starting to see is an uptick, you know, on, I think secure edge and Sassy will come to OT cause it's a better way. Because what happens is if someone, you know, gets into the network, they can traverse it, right? And if they can apply those zero trust principles to ot, which is you're talking to people that have been, you know, wearing hard hats Yeah. And engineers, that's a big shift for them. And so, but I think that you'll start to see that play more prevalence, you know, with the industries like, you know, financial services, we're seeing a huge uptick in cloud adoption, right? They were, they were slow to do it, but now they're, they're going at pace and faster than most, right? Yeah, sure. And I think, you know, healthcare is a, is another big one where we've seen a lot of migration and a lot of need for multi-cloud. Cuz you know, some, they may be running their analytics on, you know, Google and, and their workloads on Azure, right? Or aws. And so you're starting to see a lot of people leveraging the best of what each cloud provider does well >>From that. And, and just an aside on that Palo Alto survey, we saw construction was one of the hardest hit industries. Yeah. Which I, I was like, what? And then of course it's because they're not really focused on security. They're focused on building stuff. No, >>It's really interesting. We're working with a large builder, I can't say the name, but one of the things that they're looking to do is, you know, they're moving to the cloud and they're building the capability to manage some of the, you know, largest skyscrapers in the world, but also manage the OT sensors and also do selling that creating another business, not only just managing those buildings, but managing other people's buildings for them and ha and selling security as a service for that because they built that capability around their devices and, and, and switches, hvac, et cetera. Do, >>Do you think that because I mean, you know, the operations technology, they're engineers and they're hardcore, like, don't touch my stuff. Exactly. And so do you feel like as, I mean I know that business has kind of done a reach around everything, you know, be becoming connected, but do you feel like they're gonna be more on top of it then, then, then sort of the, the broad commercial market has been? Or is it gonna be wild West all over again? >>My hope is that, you know, us as gsi, you know, my fellow GSIs, that we will help our clients make the better decisions this time around and, and not go to the wild, wild west. And you know, we see a lot of it in manufacturing, you know, if you saw, you know, with the, you know, the invasion Ukraine, you know, one of the big groups that was hit was manufacturing, right? There was factory shut down all over the world, you know, and, and so, you know, and that is an OT environment, but I, you know, what we've seen is them are, you know, those clients take more serious steps to protect those environments cuz they're on, you know, windows 10 servers running, you know, large machines. So we're starting to see a lot more care and feeding in into those environments as well. >>Can I ask you a question about the conversations that you're having? That survey that Dave mentioned, it's was released yesterday. There's a board behind us, what's next in cyber? That was the survey and amazing data that came from it. Like 96% of organizations have been hit by at least one attack in the last year. They were surprised that the number was that high, but we know that no industry, no company is safe. But one of the things that the survey found that, that surprised me was that we always say, oh, security is a board level conversation. We know that to some degree. But what they found was lack of alignment between the board and the executive level. In your Accenture's relationships, I know you guys have deep relationships across organizations and their boards. Can you help bring the board together with the executives and, and really not just talk about cybersecurity, but really develop a cybersecurity transformation strategy that actually delivers resilience? >>Yeah, no ab absolutely. And we've, we, we actually took a step back and, and reorganized our business this last year. And one of those areas that we focused on was within strategy and the C-suite agenda, right? And we actually published looking at gia, it was either the CEO handbook, I think it's what we called it, but they helped them and board be able to, you know, drive more meaningful conversations that relates to risk and and whatnot. And so we're very focused on that right now. And it's, we need to up-level our conversations within the organization. Cause even the buyers in these large, you know, two years ago was mainly the cso, now we're dealing with the cio, CTOs, cfo because these are, you know, meaningful business conversations, right? That are driving business outcomes and security needs to be a business enabler, not, not a a, a bottleneck >>Is the chief data officer starting to emerge as, as we see, you know, Nikesh said yesterday in his keynote and we talked about it with him when he was here, security is a data problem. >>Yep. It is. It's a huge data problem. And we're starting to, you know, I think we've talked a lot about zero trust, but zero trust data is, is a, is a significant problem, right? Because that you talk about the wild, wild west is we see clients that have people that have in, you know, they, they have access to, you know, what we call dev development environment data, right? But then you find out that they can hop four levels over into production data and this been exposed to, you know, the wrong people, you know, not focused on that least privileged aspect. I think data's a real problem, you know, per na kesha's statement in the cloud. It's something that really needs to be addressed. And I think we're starting to see a lot of innovation around that area. Cuz what typical data security has always been, I have all these problems, it creates, I call it noise, right? I got thousands of findings and then just, you know, need just sit there and they go, what do I do? Right? It's too much. And so I think there, there's gonna be more intelligence around that and more, you know, what I call auto remediation, right? Being able to remediate those findings quickly from from that >>Perspective. I've been watching this board behind us. Yeah. It's this what's next in cyber. And people come in and they write, it's just been growing, you know, all week and somebody just wrote sock transformation. Yeah. We were just sort of talking about earlier what, what, in your estimation, what percent of organizations that you target. I understand that you're not going after the, you know, mom and pop organizations, but what percent of that, you know, fat middle and the tip of the pyramid, that a euro, that's your sweet spot. What percent of those organizations don't have a sock? >>I mean, most every organization has a sock. You know, I talked to, you know, CISOs of large financial service organization, they said, do we even need a sock anymore? It could be a virtual sock so to speak, but I think, you know, am was SOC transformation. I think we could potentially head to something like that. But you know, but what's really been strange is there's been, you know, what we call soar, right? Security, you know, orchestration, automation, whatever. And what another, >>Another acronym, their >>Acronym that I security that I might brain is >>Hold apologize. >>But you know, they've, people have never really driven the value out of it because they build these automation playbooks and, and for one company to do it and build 20 of 'em or 30 of 'em to ha it doesn't pay off in the long run. And what we're starting to see is people, you know, bring to the table more crowdsource these capabilities so that they can scale those sock transformations. Cause it's really about, you know, orchestration and automation. That's where, you know, nirvana comes in because it's not about people with headsets on looking at, you know, 20 screens. It's not helpful, right? The humans, we make mistakes. And so if we can automate as much of that as possible, get rid of the false positives, leverage AI and and ML to do that. And I think we're starting to see, you know, what I would call more advanced AI and ml. I think in the early days in security, AI and ML was very nascent and, and, and now you're starting to see, you know, more powerful concepts come in better learning, better outcomes out of that. >>Well, it was a lot of modeling in the cloud still is, but it's increasingly going toward real time inference and that's, you know, game changing. >>Agreed. >>Last question for you. What's are some of the things that are next on the plate for Accenture and Palo Networks? What's next up? >>I think, you know, we're very focused on, on Sassy right now in, in the market. And I think we think that is, you know, I think both of us think that's the next big wave, right? Because I think what we learned out of, you know, these last two and a half, three years is that these concepts work, but they can actually scale out to drive significant cost savings. I mean, if you look at Accenture, you know, we don't have a a network backbone anymore. We're pure cloud wan, right? We're leveraging the internet for that. And I think that and what we're trying to do with Palo Alto and driving, you know, cloud WAN and Sassy as a service, I think will be super, super meaningful. And, and, and, and >>Well that's interesting. That has implications for a number of companies out >>There. Yeah. Well I think, you know, it's obviously the, you know, it, it's a, it is a big implication for a lot of, a lot of, you know, our customers even, right? Yeah. And so we have to be very careful and thoughtful about how we work to make that happen over time. >>Right. A lot of opportunity. Rex, thank you so much for joining us on the program and really dissecting what Accenture and Palo Alto are doing, all the value in it for organizations across industries. We appreciate your insights. Yep. >>Thank you >>For Rex Dexon and Dave Valante. I'm Lisa Martin, you're watching the Cubes stick around. Dave and I will be right back with our next guest. This is the Cube, the leader in live, emerging and enterprise tech coverage.

>> Narrator: theCUBE presents Ignite 22. Brought to you by Palo Alto Networks. >> Hey, welcome back to Las Vegas. Lisa Martin here with Dave Vellante. This is day two of theCUBE's coverage of Palo Alto Ignite 2022. Dave we're just talking about how many times we're in Vegas. And we were here two weeks ago with our guest who's back in Alumni. And it's a blur, right? >> It's true, I lost count. Luckily I'm not flying red eye tonight. So that's good. >> I'm impressed. >> Excited about that. >> Yeah >> I'm actually going to enjoy the, nightlife here for a period of time. And, you know, we were at re-Invent. >> Yeah. >> And what a difference. This is nice and relaxed. You have time. You're not getting bumped in the hallway. >> Right. >> A lot of time for learning. So it's been great show. >> It's been great. And one of the things that we've been talking about is the supply chain. Securing the modern software supply chain is really complicated. We've got an Alumni back with us, to talk about what Palo Alto is doing in that respect. Ankur Shah joins us. The SVP and GM of Cloud Security at Palo Alto Networks. Welcome back. >> Yeah, happy to be back. Good to see you again. Dave and Lisa. >> It's been two long weeks. >> Ankur: I know. It's been two weeks, yeah >> Dave: It's kind of crazy. I mean, ReInvent really was a blur. And it's like you had everything coming at you. And there was obviously a big chunk of security, but you. It was just so much to absorb. >> Yeah. >> Right? >> Yeah, and I couldn't get into any of the sessions versus at Ignite. I mean, you could, you could learn a lot. To your point Dave. And 70,000 people versus 3000 in change. Big difference. >> Dave: Yeah. >> Lisa: Huge difference. >> Yeah. >> Lisa: Huge difference. So we touched on the Cider acquisition. >> Ankur: Yeah. >> Which was announced the intent to acquire last month. Let's dig into a little bit more of that, and then some of the great things that had been announced. >> Ankur: Yeah. >> In the last couple of days. >> Oh, absolutely. So, this is something that we have been marinating for last nine months. Thinking about how best to secure supply chain. And this is software supply chain. The modern application software is fairly complex. You know, back in the days when I was a developer, it was a simple three tier application. Ship the code once a year, et cetera. But now with microservices, new architectures, Kubernetes Public Cloud, we talked about this. It's getting super complicated, and the customers are really worried about securing their entire supply chain. Which is nothing but the software pipeline. And so we started looking at a whole bunch of companies and Cider really stood out. I mean, they had, they were the innovators in this space. Very early days, we've seen supply chain attack. But there hasn't been a really good and strong solution in that space. And Cider just delivered that incredible team. Great technology, super excited about what that integration will look like. in the coming quarters. >> What do we need to know about them? I mean, I'll be honest with you, I wasn't familiar with Cider until I saw you guys made the announcement of the intent to acquire them. What, what should we know about them? Why Cider? What was it that attracted you to them? >> Ankur: Yeah, so, you know, we have a history of technology acquisitions as you know, over the last four years, just in the public cloud. We acquire over half a a dozen companies, small and large. And typically we are always looking for companies who have the next gen technology available. Technology that is more in tune with how application software is going to look like in future. So we're not always going after companies that are making you know, tens of hundreds of millions of dollars in a year and all. We're looking for the right tech. The future. And that's what we found in Cider. Like they have a really strong application security background. And AppSec just broadly speaking, supply chain is part of it. But application security, just broadly speaking, is right for disruption. You've got a lot of vendors, who have been around for like last two decades. Old school stuff, lots and lots of false positives. So we've been bolstering, beefing up our portfolio in the application security space. And Cider really fits right nicely into it. Because it can like I said, secure a lot of technology and tooling, that software developers use as part of their software supply chain. So, great founding team, great technology. It was a perfect fit. >> Talk about integration. We spoke with Nikesh yesterday, with Nir, with a whole bunch of folks. Lee this morning. BJ yesterday as well. And one of the things that seems to stick out at me. With all the shows that we do, is the focus that Palo Alto has on ensuring that it's making the right acquisitions. But that it's the integration, is really seems to be like leading part of the strategy. That seems to be a little bit of a differentiator to me. >> Yeah, it absolutely is. There are two ways to integrate a technology into an existing platform. And Prisma Cloud is a platform as you know. Code-to-cloud, CNAPP platform as we call it. One is just kind of slotted in, put the whole thing in a box. And that's basically making one plus one equal to two. We're looking for high leverage in integrations, whereby once that integration comes along. It makes the rest of the platform even better and superior. It makes that technology look even better. So that's why there's a lot of focus on ensuring that we're delivering the right type of integration, that delivers instant customer value. And that makes the overall platform even superior. So customers don't feel like hey, like there's just one more add-on, on top of the other thing. >> Lisa: Right, not a bolt on. >> So that's why there's a lot of focus on that. Getting the strategy nailed. Because the founding teams generally have a preconceived notion about how the world looks like. Then they understand how Prisma cloud and Palo Alto Networks think about it. And then, we sort of merge the two ideas, and build something that's incredible. So I am, we're spending a lot of time in integration. That honeymoon phase of like, let's high five acquisitions done, that's over. Now it's the grinding work of actually getting this right. And you know, getting hundreds and thousands of customers. >> Well I like how you don't have the private equity mentality. It's not about EBITDA and cashflow. We'll take care of that. >> Ankur: Yeah. >> You know, it's about getting that integration. Getting that flywheel effect, inside the platform. You know, we said one plus one equals, maybe even more than two. Can you explain Prisma Cloud Secrets Security? What is that all about? What do we need to know about that? >> Ankur: Absolutely. So, the developers, you know generally store some stuff in the code repo for their automation work to build application. And that thing, the API keys or as Secrets are stored in code repo. It shouldn't be. Or even if they are, they should be encrypted, or locked down and things of that nature. But, you know, the need for speed trumps everything else. Developers want to go fast. And sometimes they're like, okay well. I guess my application needs this particular, you know API access token or secret. I'm just going to stick it in the code. Now the challenge with that is that, if somebody gets hold of your code repo. Now not only is your code repo, which has all your sensitive data. Your code is the life and blood of a technology company. That's in trouble. But also those secrets and API access keys can be used to log into your cloud accounts. And there you may have sensitive customer data. Everything that you have as a technology company stored in that public cloud accounts. So that's the worry. It's usually the initial access for the kill chain. Because that's where the attacks start. Let me get the secret, let me get the API access key. And let me see what I can do in public cloud. So we are now giving customers the visibility into where the secrets are stored. More importantly, it just right there on developer's face. In the code repo as they're checking in the code. They say why, hey, there's a secret here. Are you sure you want to, you want to keep it like this, no? Okay, well then you can either encrypt it, or just get rid of it. So we're making, we're bringing security where the developers are in their code repo, et cetera. >> So I can see a lot of developers saying, yeah, go ahead, encrypt it. So I don't have to do anything else, you know, extra. It's almost, the analogy is a very small you know, version of this. Its like, use a password manager. You store all your passwords in your contacts on your phone, right? I mean, somebody gets a hold of your contacts, you're screwed. >> Ankur: That's exactly right. >> And so, but I could still see a lot of developers say, check in the box. Say, yeah just encrypt it, leave it there. But you're saying best practice is to not to do that, right? >> Yeah, usually you're not supposed to, you know, store all your secrets, et cetera in code repo to begin with. But if you do, you know, you use a key wall like technology to really encrypt it and store it in a secret manner, yeah. >> Dave: There's an old saying, bad user behavior trump's great security every time. >> Ankur: Every time. >> But this is an example where, we know you're going to have bad behavior. So we're going to protect the bad behavior. >> Yeah, and actually, sorry Lisa, just to that point. The bad user behavior trumps good security. The classic example, this happened three weeks ago. Three, four weeks ago, where Dropbox, one of the file sharing companies there. 120 plus code repos were exposed. And the way their attack started, was a simple social engineering attack. Bad user behavior. There was an email, hey, like your passwords are updated for your, you know, this code plugin. Can you enter the password? And boom, now you have access to the code repo. And now if you have secrets inside of it, now, you know all bets are off. >> Are there hard-coded secrets versus like, I mean, like I think like, like you were saying, Dave. Like usernames and passwords and tokens, versus like soft coded secrets. >> Ankur: It's, I think it, this is more so two forms of it, you know. The most primary one is what we call the API access keys. And this keys are used to access cloud accounts, workloads and things of that nature. But there are actually secret secrets. Could be database login passwords, et cetera. The application is using it to spin up databases. Now, you know, you have access to the data stores. Any other application, there's a login password, all of that stuff. So it's less about the user password, but more the application and databases and things of that nature. >> Dave: So again, and, again, everybody should be using password managers. But when you use a password manager, it's going to give you a long list of passwords, that are either been compromised or are weak. And you just go uh, okay. So can you help? How do you help customers identify what the high risk? You know, API, you know, access are versus those ones that they may not have to worry about. >> Ankur: Yeah, look. You know, secrets aside. Risk prioritization is one of the biggest topics that our customers have across the board, in cloud security. All the security vendors are really, really good at one thing, generating alerts. Everybody does it. They generate an alert. You know, your ring camera, if you've got one. I mean this pop up every day, like every minute rather. Well like can you prioritize it for me? What should I really look at it? So that's a number one thing. What Prisma Cloud does is, you know, contextualize it. What the real risk is? They can tell you like, hey, here's the kill chain. If this thing, you know, goes to public internet. These are the potential exposures that you have. So we provide a prioritized risk of critical alerts that customers have to take care of before they can start taking care of more hygiene type of stuff, right? So that's how we do it. Like we leverage a lot of technology. We apply a lot of context. We tell you like, hey, this code repo is not protected by multifactor authentication. And then there's a secret inside. Are you sure, you know, you don't want to fix it? So that's what we do. But it's a great question. Top of mind for all our customers. And that's how we think about it across the board. Versus generating just alerts all the time. >> Dave: Is the strategy, Because we all know phishing is the sort of most, you know obvious way to. It's the top way in which people get hacked. >> Ankur: Yeah. >> Is your strategy essentially to say. Okay we know that's going to happen, so we're going to try to protect it at the back end. How much of the, maybe it's an industry question. more so than just a Palo Alto specifically, How much emphasis is do you think the industry is taking or should be taking on stopping that, you know that those phishing attacks? Because if that's the number one problem you know, maybe that's where we should be starting. >> Yeah, it's a great question. It's typically the initial vector, for a lot of attacks to your point. But there is one thing that technology and AI cannot solve. Which is the user behavior, to your point. Like we can't get into the heads of the user. I mean, you can train them, you can do everything. You can't prevent somebody from clicking a button. Of course there's technology out there for email security that does that. But your point is, right, it's going to happen. Now what do you do? How do you protect your applications, your crown jewel? You know, whether it's in the cloud or it's in the code repo. So a lot of what we are trying to do in code security, or cloud security, or in general at Palo Alto Networks. is to protect those crown jewel. Because we can't prevent somebody from doing something. User behavior is hard to change. >> Dave: So it's almost like, okay, you left your front door open. Somebody's going to walk in, but oh, they walk into a vault. And they don't know where to go. And there's nowhere they can- >> Ankur: Yeah. >> You know, nothing they can take. They can't get to the silverware or the jewelry. >> I think that's it, yeah. >> What are some of the things, like as we look at, we're wrapping up calendar year '22 heading into '23. That customers can look to Palo Alto Networks to help them achieve? One of the things that we talked about with Nikesh and Niri yesterday, is consolidation. Like, and you guys just did a recent, survey. >> Ankur: Yeah. >> About the state of Cyber, and organizations on average have 366 apps in their environment. 31 security tools, 30 to 50 security tools. >> Ankur: Yeah. >> Consolidation is really key there. What are some of the things that you are excited about to deliver to customers where consolidation is concerned? >> Ankur: Yeah. >> Where software supply chain security is concerned in the next year? >> Yeah, absolutely. Look, there are over 3000 security vendors. And this can be, I mean you talked about average customer having 300. I was talking to a CSO, this was last year for one of the largest financial institution I go, "How many security tools do you have?" He got 120. I said, why? He goes, we have a no vendor left behind policy. >> Wow. >> It's crazy. >> Dave: What? >> Obviously he was joking, but it's crazy, right? Like that's how the CSO's are. >> Dave: I mean, he was kidding. >> Yeah. >> Dave: But recognized that. Wow. >> Yeah, and, this is the state the security industry is in. And our mission has been, and Lee and Nikesh and Niri talked about it. Is just platforms, will platforms take moonshots, things long term. And especially the, macro headwinds that we're seeing. We're hearing more and more from the customers that, look we're not going to buy point product. Then we got to buy another product that stitches it all together. We need platforms, whether it's for zero trust, Prisma SaaS, whether it's cloud. Prisma cloud or for your sock transformation. You know XIM and Cortex line of products. So I think you're going to see more and more of that in 2023. I'm confident in that. >> We heard from Lee today, the world record's 400. >> Yes. >> Yeah. >> That's crazy. >> He's going for it. He's got a ways to go. 120 He's got to... >> Maybe he wasn't, that guy wasn't kidding about his no vendor left behind policy. (laughing) Do you have Ankur, a favorite customer story that really articulates the value of what Palo Alto delivers and continues to. You know, 'cause one of the things that Nikesh said in his keynote was that you know, security's a data problem. Well every company these days, in every industry has to be a data company. But really what they need to be able to be is a secured data company. >> Ankur: Yeah. >> How are you guys enabling that? >> Oh, absolutely. Look, many customer examples come to mind, but speaking of data. You know, one of, some of our largest customers who are protecting their PCI workers where they have sensitive data. They're using for example, Prisma Cloud, to ensure that malicious attacks don't happen. And those workloads are used for credit card processing. They're processing tens of thousands of credit card transactions a second. And make sure that nobody gets hold of that. And that's why they have to make sure that nobody is. No attacker is trying to get hold of the sensitive data, to your point, So we have customers across financial services, media and entertainment technology company. Where we are helping them go as fast as possible in public cloud. Go through digital transformation, by securing their applications. >> Dave: What's the T-shirt say? I see code. >> Oh yeah. >> Dave: Secure from Code to Cloud. >> Lisa: Shift Happens. >> Shift Happens, Secrets from Code to Cloud. >> I love that. I was looking at that, going back to that, what's next in cyber survey? >> Ankur: Yeah. >> It said 74% of respondents, and I believe there was 1300 CIO's, CXO's that were surveyed globally. Where they said security is slowing down DevOps. Can customers look to Palo Alto Networks to help them? >> Ankur: Be enablers? >> Yes. >> Yeah, hundred percent. Look, the conversation over the last few years have changed now. Security used to say like, oh, I don't know about these people who are building applications. The DevOps is like security slowing down. I think there's an opportunity for companies like Palo Alto Networks, to build the bridge between the two. And the way we do it is make the securities easy, simple and not super intrusive. Where developers have to do a natural thing. And one part of it, and I talked about it earlier, is bring security where the developers are. In their code repo, in their IDE. Make it super simple. Don't make them do unnatural things. And it just, this is no different from changing the behavior of our kids. Right? Like you make them do unnatural things, they're not going to do it. But if it is part of their regular, you know, day-to-day operating procedures. I think they're going to be more open to change. Yeah. So I think it's possible. And Palo Alto has a huge responsibility to bridge the divide between the apps team, or the DevOps and the security organization. >> Lisa: Lots of great stuff to come. We thank you so much for coming back, two weeks. Only being on two weeks ago. We appreciate your insights, learning more information. It's great to see you at Palo Alto Ignite. And we'll have to have you back on. 'Cause we know that there's so much more to follow with respect to what you're doing. And shifting left, shift happens. >> Awesome. Lisa, Dave, thank you so much. It's been a pleasure. >> Lisa: Thank you so much. For Ankur Shah and Dave Vellante. I'm Lisa Martin. You're watching theCUBE. The leader in live and emerging tech coverage.

>>The cube presents Ignite 22, brought to you by Palo Alto Networks. >>Good morning. Live from the MGM Grand. It's the cube at Palo Alto Networks Ignite 2022. Lisa Martin here with Dave Valante, day two, Dave of our coverage, or last live day of the year, which I can't believe, lots of good news coming out from Palo Alto Networks. We're gonna sit down with its Chief product officer next and dissect all of that. >>Yeah. You know, oftentimes in, in events like this, day two is product day. And look, it's all about products and sales. Yeah, I mean those, that's the, the, the golden rule. Get the product right, get the sales right, and everything else will take care of itself. So let's talk product. >>Yeah, let's talk product. Lee Claridge joins us, the Chief Product Officer at Palo Alto Networks. Welcome Lee. Great to have >>You. Thank you so much. >>So we didn't get to see your keynote yesterday, but we heard one of the things, you know, we've been talking about the threat landscape, the challenges. We had Unit 42, Wendy on yesterday. We had Nash on and near talking about the massive challenges in the threat landscape. But we understand, despite that you are optimistic. I am. Talk about your optimism given the massive challenges that every organization is facing today. >>Look, cybersecurity's hard and often in cybersecurity in the industry, a lot of people get sort of really focused on what the threat actors are doing, why they're successful. We investigate breaches and we think of it, it just starts to feel somewhat overwhelming for a lot of folks. And I just happen to think a little bit differently. I, I look at it and I think it's actually a solvable problem. >>Talk about cyber resilience. How does Palo Alto Networks define that and how does it help customers achieve that? Cuz that's the, that's the holy grail these days. >>Yes. Look, the, the way I think about cyber resilience is basically in two pieces. One, it's all about how do we prevent the threat actors from actually being successful in the first place. Second, we also have to be prepared for what happens if they happen to find a way to get through, and how do we make sure that that happens? The blast radius is, is as narrowly contained as possible. And so the, the way that we approach this is, you know, I, I kind of think in terms of like threes three core principles. Number one, we have to have amazing technology and we have to constantly be, keep keeping up with and ideally ahead of what attackers are doing. It's a big part of my job as the chief product officer, right? Second is we, you know, one of the, the big transformations that's happened is the advent of, of AI and the opportunity, as long as we can do it, a great job of collecting great data, we can drive AI and machine learning models that can start to be used for our advantage as defenders, and then further use that to drive automation. >>So we take the human out of the response as much as possible. What that allows us to do is actually to start using AI and automation to disrupt attackers as it's happening. The third piece then becomes natively integrating these capabilities into a platform. And when we do that, what allows us to do is to make sure that we are consistently delivering cybersecurity everywhere that it needs to happen. That we don't have gaps. Yeah. So great tech AI and automation deliver natively integrated through platforms. This is how we achieve cyber resilience. >>So I like the positivity. In fact, Steven Schmidt, who's now the CSO of, of Amazon, you know, Steven, and it was the CSO at AWS at the time, the first reinforced, he stood up on stage and said, listen, this narrative that's all gloom and doom is not the right approach. We actually are doing a good job and we have the capability. So I was like, yeah, you know, okay. I'm, I'm down with that. Now when I, my question is around the, the portfolio. I, I was looking at, you know, some of your alternatives and options and the website. I mean, you got network security, cloud security, you got sassy, you got capp, you got endpoint, pretty much everything. You got cider security, which you just recently acquired for, you know, this whole shift left stuff, you know, nothing in there on identity yet. That's good. You partner for that, but, so could you describe sort of how you think about the portfolio from a product standpoint? How you continue to evolve it and what's the direction? Yes. >>So the, the, the cybersecurity industry has long had this, I'm gonna call it a major flaw. And the major flaw of the cybersecurity industry has been that every time there is a problem to be solved, there's another 10 or 20 startups that get funded to solve that problem. And so pretty soon what you have is you're, if you're a customer of this is you have 50, a hundred, the, the record is over 400 different cybersecurity products that as a customer you're trying to operationalize. >>It's not a good record to have. >>No, it's not a good record. No. This is, this is the opposite of Yes. Not a good personal best. So the, so the reason I start there in answering your question is the, the way that, so that's one end of the extreme, the other end of the extreme view to say, is there such a thing as a single platform that does everything? No, there's not. That would be nice. That was, that sounds nice. But the reality is that cybersecurity has to be much broader than any one single thing can do. And so the, the way that we approach this is, is three fundamental areas that, that we, Palo Alto Networks are going to be the best at. One is network security within network security. This includes hardware, NextGen, firewalls, software NextGen, firewalls, sassy, all the different security services that tie into that. All of that makes up our network security platforms. >>So everything to do with network security is integrated in that one place. Second is around cloud security. The shift to the cloud is happening is very real. That's where Prisma Cloud takes center stage. C a P is the industry acronym. If if five letters thrown together can be called an acronym. The, so cloud native application protection platform, right? So this is where we bring all of the different cloud security capabilities integrated together, delivered through one platform. And then security, security operations is the third for us. This is Cortex. And this is where we bring together endpoint security, edr, ndr, attack, surface management automation, all of this. And what we had, what we announced earlier this year is x Im, which is a Cortex product for actually integrating all of that together into one SOC transformation platform. So those are the three platforms, and that's how we deliver much, much, much greater levels of native integration of capabilities, but in a logical way where we're not trying to overdo it. >>And cider will fit into two or three >>Into Prisma cloud into the second cloud to two. Yeah. As part of the shift left strategy of how we secure makes sense applications in the cloud >>When you're in customer conversations. You mentioned the record of 400 different product. That's crazy. Nash was saying yesterday between 30 and 50 and we talked with him and near about what's realistic in terms of getting organizations to, to be able to consolidate. I'd love to understand what does cybersecurity transformation look like for the average organization that's running 30 to 50 point >>Solutions? Yeah, look, 30 to 50 is probably, maybe normal. A hundred is not unusual. Obviously 400 is the extreme example. But all of those are, those numbers are too big right now. I think, I think realistic is high. Single digits, low double digits is probably somewhat realistic for most organizations, the most complex organizations that might go a bit above that if we're really doing a good job. That's, that's what I think. Now second, I do really want to point out on, on the product guy. So, so maybe this is just my way of thinking, consolidation is an outcome of having more tightly and natively integrated capabilities. Got you. And the reason I flip that around is if I just went to you and say, Hey, would you like to consolidate? That just means maybe fewer vendors that that helps the procurement person. Yes. You know, have to negotiate with fewer companies. Yeah. Integration is actually a technology statement. It's delivering better outcomes because we've designed multiple capabilities to work together natively ourselves as the developers so that the customer doesn't have to figure out how to do it. It just happens that by, by doing that, the customer gets all this wonderful technical benefit. And then there's this outcome sitting there called, you've just consolidated your complexity. How >>Specialized is the customer? I think a data pipelines, and I think I have a data engineer, have a data scientists, a data analyst, but hyper specialized roles. If, if, let's say I have, you know, 30 or 40, and one of 'em is an SD wan, you know, security product. Yeah. I'm best of breed an SD wan. Okay, great. Palo Alto comes in as you, you pointed out, I'm gonna help you with your procurement side. Are there hyper specialized individuals that are aligned to that? And how that's kind of part A and B, how, assuming that's the case, how does that integration, you know, carry through to the business case? So >>Obviously there are specializations, this is the, and, and cybersecurity is really important. And so there, this is why there had, there's this tendency in the past to head toward, well I have this problem, so who's the best at solving this one problem? And if you only had one problem to solve, you would go find the specialist. The, the, the, the challenge becomes, well, what do you have a hundred problems to solve? I is the right answer, a hundred specialized solutions for your a hundred problems. And what what I think is missing in this approach is, is understanding that almost every problem that needs to be solved is interconnected with other problems to be solved. It's that interconnectedness of the problems where all of a sudden, so, so you mentioned SD wan. Okay, great. I have Estee wan, I need it. Well what are you connecting SD WAN to? >>Well, ideally our view is you would connect SD WAN and branch to the cloud. Well, would you run in the cloud? Well, in our case, we can take our SD wan, connect it to Prisma access, which is our cloud security solution, and we can natively integrate those two things together such that when you use 'em together, way easier. Right? All of a sudden we took what seemed like two separate problems. We said, no, actually these problems are related and we can deliver a solution where those, those things are actually brought together. And that's just one simple example, but you could, you could extend that across a lot of these other areas. And so that's the difference. And that's how the, the, the mindset shift that is happening. And, and I I was gonna say needs to happen, but it's starting to happen. I'm talking to customers where they're telling me this as opposed to me telling them. >>So when you walk around the floor here, there's a visual, it's called a day in the life of a fuel member. And basically what it has, it's got like, I dunno, six or seven different roles or personas, you know, one is management, one is a network engineer, one's a coder, and it gives you an X and an O. And it says, okay, put the X on things that you spend your time doing, put the o on things that you wanna spend your time doing a across all different sort of activities that a SecOps pro would do. There's Xs and O's in every one of 'em. You know, to your point, there's so much overlap going on. This was really difficult to discern, you know, any kind of consistent pattern because it, it, it, unlike the hyper specialization and data pipelines that I just described, it, it's, it's not, it, it, there's way more overlap between those, those specialization roles. >>And there's a, there's a second challenge that, that I've observed and that we are, we've, we've been trying to solve this and now I'd say we've become, started to become a lot more purposeful in, in, in trying to solve this, which is, I believe cybersecurity, in order for cyber security vendors to become partners, we actually have to start to become more opinionated. We actually have to start, guys >>Are pretty opinionated. >>Well, yes, but, but the industry large. So yes, we're opinionated. We build these products, but that have, that have our, I'll call our opinions built into it, and then we, we sell the, the product and then, and then what happens? Customer says, great, thank you for the product. I'm going to deploy it however I want to, which is fine. Obviously it's their choice at the end of the day, but we actually should start to exert an opinion to say, well, here's what we would recommend, here's why we would recommend that. Here's how we envisioned it providing the most value to you. And actually starting to build that into the products themselves so that they start to guide the customer toward these outcomes as opposed to just saying, here's a product, good luck. >>What's, what's the customer lifecycle, not lifecycle, but really kind of that, that collaboration, like it's one thing to, to have products that you're saying that have opinions to be able to inform customers how to deploy, how to use, but where is their feedback in this cycle of product development? >>Oh, look, my, this, this is, this is my life. I'm, this is, this is why I'm here. This is like, you know, all day long I'm meeting with customers and, and I share what we're doing. But, but it's, it's a, it's a 50 50, I'm half the time I'm listening as well to understand what they're trying to do, what they're trying to accomplish, and how, what they need us to do better in order to help them solve the problem. So the, the, and, and so my entire organization is oriented around not just telling customers, here's what we did, but listening and understanding and bringing that feedback in and constantly making the products better. That's, that's the, the main way in which we do this. Now there's a second way, which is we also allow our products to be customized. You know, I can say, here's our best practices, we see it, but then allowing our customer to, to customize that and tailor it to their environment, because there are going to be uniquenesses for different customers in parti, we need more complex environments. Explain >>Why fire firewalls won't go away >>From your perspective. Oh, Nikesh actually did a great job of explaining this yesterday, and although he gave me credit for it, so this is like a, a circular kind of reference here. But if you think about the firewalls slightly more abstract, and you basically say a NextGen firewalls job is to inspect every connection in order to make sure the connection should be allowed. And then if it is allowed to make sure that it's secure, >>Which that is the definition of an NextGen firewall, by the way, exactly what I just said. Now what you noticed is, I didn't describe it as a hardware device, right? It can be delivered in hardware because there are environments where you need super high throughput, low latency, guess what? Hardware is the best way of delivering that functionality. There's other use cases cloud where you can't, you, you can't ship hardware to a cloud provider and say, can you install this hardware in front of my cloud? No, no, no. You deployed in a software. So you take that same functionality, you instantly in a software, then you have other use cases, branch offices, remote workforce, et cetera, where you say, actually, I just want it delivered from the cloud. This is what sassy is. So when I, when I look at and say, the firewall's not going away, what, what, what I see is the functionality needed is not only not going away, it's actually expanding. But how we deliver it is going to be across these three form factors. And then the customer's going to decide how they need to intermix these form factors for their environment. >>We put forth this notion of super cloud a while about a year ago. And the idea being you're gonna leverage the hyperscale infrastructure and you're gonna build a, a, you're gonna solve a common problem across clouds and even on-prem, super cloud above the cloud. Not Superman, but super as in Latin. But it turned into this sort of, you know, superlative, which is fun. But the, my, my question to you is, is, is, is Palo Alto essentially building a common cross-cloud on-prem, presumably out to the edge consistent experience that we would call a super cloud? >>Yeah, I don't know that we've ever used the term surfer cloud to describe it. Oh, you don't have to, but yeah. But yes, based on how you describe it, absolutely. And it has three main benefits that I describe to customers all the time. The first is the end user experience. So imagine your employee, and you might work from the office, you might work from home, you might work while from, from traveling and hotels and conferences. And, and by the way, in one day you might actually work from all of those places. So, so the first part is the end user experience becomes way better when it doesn't matter where they're working from. They always get the same experience, huge benefit from productivity perspective, no second benefit security operations. You think about the, the people who are actually administering these policies and analyzing the security events. >>Imagine how much better it is for them when it's all common and consistent across everywhere that has to happen. Cloud, on-prem branch, remote workforce, et cetera. So there's a operational benefit that is super valuable. Third, security benefit. Imagine if in this, this platform-based approach, if we come out with some new amazing innovation that is able to detect and block, you know, new types of attacks, guess what, we can deliver that across hardware, software, and sassi uniformly and keep it all up to date. So from a security perspective, way better than trying to figure out, okay, there's some new technology, you know, does my hardware provider have that technology or not? Does my soft provider? So it's bringing that in to one place. >>From a developer perspective, is there a, a, a PAs layer, forgive me super PAs, that a allows the developers to have a common experience across irrespective of physical location with the explicit purpose of serving the objective of your platform. >>So normally when I think of the context of developers, I'm thinking of the context of, of the people who are building the applications that are being deployed. And those applications may be deployed in a data center, increasing the data centers, depending private clouds might be deployed into, into public cloud. It might even be hybrid in nature. And so if you think about what the developer wants, the developer actually wants to not have to think about security, quite frankly. Yeah. They want to think about how do I develop the functionality I need as quickly as possible with the highest quality >>Possible, but they are being forced to think about it more and more. Well, but anyway, I didn't mean to >>Interrupt you. No, it's a, it is a good, it's a, it's, it's a great point. The >>Well we're trying to do is we're trying to enable our security capabilities to work in a way that actually enables what the developer wants that actually allows them to develop faster that actually allows them to focus on the things they want to focus. And, and the way we do that is by actually surfacing the security information that they need to know in the tools that they use as opposed to trying to bring them to our tools. So you think about this, so our customer is a security customer. Yet in the application development lifecycle, the developer is often the user. So we, we we're selling, we're so providing a solution to security and then we're enabling them to surface it in the developer tools. And by, by doing this, we actually make life easier for the developers such that they're not actually thinking about security so much as they're just saying, oh, I pulled down the wrong open source package, it's outdated, it has vulnerabilities. I was notified the second I did it, and I was told which one I should pull down. So I pulled down the right one. Now, if you're a developer, do you think that's security getting your way? Not at all. No. If you're a developer, you're thinking, thank god, thank you, thank, thank you. Yeah. You told me at a point where it was easy as opposed to waiting a week or two and then telling me where it's gonna be really hard to fix it. Yeah. Nothing >>More than, so maybe be talking to Terraform or some other hash corp, you know, environment. I got it. Okay. >>Absolutely. >>We're 30 seconds. We're almost out of time. Sure. But I'd love to get your snapshot. Here we are at the end of calendar 2022. What are you, we know you're optimistic in this threat landscape, which we're gonna see obviously more dynamics next year. What kind of nuggets can you drop about what we might hear and see in 23? >>You're gonna see across everything. We do a lot more focus on the use of AI and machine learning to drive automated outcomes for our customers. And you're gonna see us across everything we do. And that's going to be the big transformation. It'll be a multi-year transformation, but you're gonna see significant progress in the next 12 months. All >>Right, well >>What will be the sign of that progress? If I had to make a prediction, which >>I'm better security with less effort. >>Okay, great. I feel like that's, we can measure that. I >>Feel, I feel like that's a mic drop moment. Lee, it's been great having you on the program. Thank you for walking us through such great detail. What's going on in the organization, what you're doing for customers, where you're meeting, how you're meeting the developers, where they are. We'll have to have you back. There's just, just too much to unpack. Thank you both so much. Actually, our pleasure for Lee Cler and Dave Valante. I'm Lisa Martin. You're watching The Cube Live from Palo Alto Networks Ignite 22, the Cube, the leader in live, emerging and enterprise tech coverage.

>> Announcer: TheCUBE presents Ignite '22, brought to you by Palo Alto Networks. >> Welcome back to Las Vegas. It's theCUBE covering Palo Alto Networks '22, from the MGM Grand, Lisa Martin with Dave Vellante. Dave, we are going to unpack in the next few minutes what we heard and saw at day one of Palo Alto Networks, Ignite. A lot of great conversations, some great guests on the program today. >> Yeah last event, CUBE event of the year. Probably last major tech event of the year. It's kind of an interesting choice of timing, two weeks after reInvent. But you know, this crowd is it's a lot of like network engineers, SecOps pros. There's not a lot of suits here. I think they were here yesterday, all the partners. >> Yeah. >> We talked to Carl Sunderland about, Hey, these, these guys want to know how do I grow my business? You know, so it was a lot of C level executives talking about their business, and how they partner with Palo Alto to grow. The crowd today is really, you know hardcore security professionals. >> Yeah. >> So we're hearing a story of consolidation. >> Yes. >> No surprise. We've talked about that and reported on it, you know, quite extensively. The one big takeaway, and I want, I came in, as you know, wanting to understand, okay, can you through m and a maintain, you know, build a suite of great, big portfolio and at the same time maintain best of breed? And the answer was consistent. We heard it from Nikesh, we heard it from Nir Zuk. The answer was you can't be best of breed without having that large portfolio, single data lake, you know? Single version of the truth, of there is such a thing. That was interesting, that in security, you have to have that visibility. I would imagine, that's true for a lot of things. Data, see what Snowflake and Databricks are both trying to do, now AWS. So to join, we heard that last week, so that was one of the big takeaways. What were your, some of your thoughts? >> Just impressed with the level of threat intelligence that Unit 42 has done. I mean, we had Wendy Whitmer on, and she was one of the alumni, great guest. The landscape has changed so dramatically. Every business, in any industry, nobody's safe. They have such great intelligence on what's going on with malware, with ransomware, with Smishing, that they're able to get, help organizations on their way to becoming cyber resilient. You know, we've been talking a lot about cyber resiliency lately. I always want to understand, well what does it mean? How do different organizations and customers define it? Can they actually really get there? And Wendy talked about yes, it is a journey, but organizations can achieve cyber resiliency. But they need to partner with Palo Alto Networks to be able to understand the landscape and ensure that they've got security established across their organization, as it's now growingly Multicloud. >> Yeah, she's a blonde-haired Wonder Woman, superhero. I always ask security pros that question. But you know, when you talk to people like Wendy Whitmore, Kevin Mandy is somebody else. And the people at AWS, or the big cloud companies, who are on the inside, looking at the threat intelligence. They have so much data, and they have so much knowledge. They can, they analyze, they could identify the fingerprints of nation states, different, you know, criminal organizations. And the the one thing, I think it was Wendy who said, maybe it was somebody else, I think it was Wendy, that they're they're tearing down and reforming, right? >> Yes. >> After they're discovered. Okay, they pack up and leave. They're like, you know, Oceans 11. >> Yep. >> Okay. And then they recruit them and bring them back in. So that was really fascinating. Nir Zuk, we'd never had him on theCUBE before. He was tremendous founder and and CTO of Palo Alto Networks, very opinionated. You know, very clear thinker, basically saying, look you're SOC is going to be run by AI >> Yeah. >> within the next five years. And machines are going to do things that humans can't do at scale, is really what he was saying. And then they're going to get better at that, and they're going to do other things that you have done well that they haven't done well, and then they're going to do well. And so, this is an interesting discussion about you know, I remember, you know we had an event with MIT. Eric Brynjolfsson and Andy McAfee, they wrote the book "Second Machine Age." And they made the point, machines have always replaced humans. This is the first time ever that machines are replacing humans in cognitive functions. So what does that mean? That means that humans have to rely on, you know, creativity. There's got to be new training, new thinking. So it's not like you're going to be out of a job, you're just going to be doing a different job. >> Right. I thought Nir Zuk did a great job of explaining that. We often hear people that are concerned with machines taking jobs. He did a great job of, and you did a great recap, of articulating the value that both bring, and the opportunities to the humans that the machines actually deliver as well. >> Yeah so, you know, we didn't, we didn't get deep into the products today. Tomorrow we're going to have a little bit more deep dive on products. We did, we had some partners on, AWS came on, talked about their ecosystem. BJ Jenkins so, you know, BJ Jenkins again I mean super senior executive. And if I were Nikesh, he's doing exactly what I would do. Putting him on a plane and saying, go meet with customers, go make rain, right? And that's what he's doing is, he's an individual who really knows how to interact with the C-suite, has driven value, you know, over the years. So they've got that angle goin', they're driving go to market. They've got the technology piece and they've, they got to build out the ecosystem. That I think is the big opportunity for them. You know, if they're going to double as a company, this ecosystem has to quadruple. >> Yeah, yeah. >> In my opinion. And I, we saw the same thing at CrowdStrike. We said the same thing about Service Now in 2013. And so, what's happened is the GSIs, the global system integrators start to get involved. They start to partner with them and then they get to get that flywheel effect. And then there's a supercloud, I think that, you know I think Nir Zuk said, Hey, we are basically building out that, he didn't use the term supercloud. But, we're building out that cross cloud capability. You don't need another stove pipe for the edge. You know, so they got on-prem, they got AWS, Azure, you said you have to, absolutely have to run on Microsoft. 'Cause I don't believe today, right? Today they run on, I heard somebody say they run on AWS and Google. >> Yeah. >> I haven't heard much about Microsoft. >> Right. >> Both AWS and Google are here. Microsoft, the bigger competitor in security, but Nir Zuk was unequivocal. Yes, of course you have to run, you got to run it on an Alibaba cloud. He didn't say that, but if you want to secure the China cloud, you got to run on Alibaba. >> Absolutely. >> And Oracle he said. Didn't mention IBM, but no reason they can't run on IBM's cloud. But unless IBM doesn't want 'em to. >> Well they're very customer focused and customer first. So it'll be interesting to see if customers take them in that direction. >> Well it's a good point, right? If customers say, Hey we want you running in this cloud, they will. And, but he did call out Oracle, which I thought was interesting. And so, Oracle's all about mission critical data, mission critical apps. So, you know, that's a good sign. You know, I mean there's so much opportunity in cyber, but so much confusion. You know, sneak had a raise today. It was a down round, no surprise there. But you know, these companies are going to start getting tight on cash, and you've seen layoffs, right? And so, I dunno who said it, I think it was Carl at the end said in a downturn, the strongest companies come out stronger. And that's generally, generally been the case. That kind of rich get richer. We see that in the last downturn? Yes and no, to a certain extent. It's still all about execution. I mean I think about EMC coming out of the last downturn. They did come out stronger and then they started to rocket, but then look what happened. They couldn't remain independent. They were just using m and a as a technique to hide the warts. You know so, what Nir Zuk said that was most interesting to me is when we acquire, we acquire with the intent of integrating. ServiceNow has a similar philosophy. I think that's why they've been somewhat successful. And Oracle, for sure, has had a similar philosophy. So, and that idea of shifting labor into vendor R and D has always been a winning formula. >> I think we heard that today. Excited for day two tomorrow. We've got some great conversations. We're going to be able to talk with some customers, the chief product officer is on. So we have more great content coming from our last live show over the year. Dave, it's been great co-hosting day one with you. Look forward to doing it tomorrow. >> Yeah, thanks for doing this. >> All right. >> All right. For Dave Vellante, I'm Lisa Martin. You've been watching theCUBE, the leader in live enterprise and emerging tech coverage. See you tomorrow. (gentle music fades)

>> TheCUBE presents Ignite 22 brought to you by Palo Alto Networks. >> Welcome back to Las Vegas, everyone. We're glad you're with us. This is theCUBE live at Palo Alto Ignite 22 at the MGM Grant in Las Vegas. Lisa Martin here with Dave Vellante, day one of our coverage. We've had great conversations. The cybersecurity landscape is so interesting Dave, it's such a challenging problem to solve but it's so diverse and dynamic at the same time. >> You know, Lisa theCUBE started in May of 2010 in Boston. We called it the chowder event, chowder and Lobster. It was a EMC world, 2010. BJ Jenkins, who's here, of course, was a longtime friend of theCUBE and made the, made the transition into from, well, it's still data, data to, to cyber. So >> True. And BJ is back with us. BJ Jenkins, president Palo Alto Networks great to have you back on theCUBE. >> It is great to be here in person on theCube >> Isn't it great? >> In Vegas. It's awesome. >> And we can tell by your voice will be, will be gentle. You, you've been in Vegas typical Vegas occupational hazard of losing the voice. >> Yeah. It was one of the benefits of Covid. I didn't lose my voice at home sitting talking to a TV. You lose it when you come to Vegas. >> Exactly. >> But it's a small price to pay. >> So things kick off yesterday with the partner summit. You had a keynote then, you had a customer, a CISO on stage. You had a keynote today, which we didn't get to see. But talk to us a little bit about the lay of the land. What are you hearing from CISOs, from CIOs as we know security is a board level conversation. >> Yeah, I, you know it's been an interesting three or four months here. Let me start with that. I think, cybersecurity in general is still front and center on CIOs and CISO's minds. It has to be, if you saw Wendy's presentation today and the threats out there companies have to have it front and center. I do think it's been interesting though with the macro uncertainty. We've taken to calling this year the revenge of the CFO and you know these deals in cybersecurity are still a top priority but they're getting finance and procurements, scrutiny which I think in this environment is a necessity but it's still a, you know, number one number two imperative no matter who you talked to, in my mind >> It was interesting what Nikesh was saying in the last conference call that, hey we just have to get more approvals. We know this. We're, we're bringing more go-to-market people on board. We, we have, we're filling the pipeline 'cause we know they're going to split up deals big deals go into smaller chunks. So the question I have for you is is how are you able to successfully integrate those people so that you can get ahead of that sort of macro transition? >> Yeah I, you know, I think there's two things I'd say about uncertain macro situations and Dave, you know how old I am. I'm pretty old. I've been through a lot of cycles. And in those cycles I've always found stronger companies with stronger value proposition separate themselves actually in uncertain, economic times. And so I think there's actually an opportunity here. The message tilts a little bit though where it's been about innovation and new threat vectors to one of you have 20, 30, 40 vendors you can consolidate become more effective in your security posture and save money on your TCOs. So one of the things as we bring people on board it's training them on that business value proposition. How do you take a customer who's got 20 or 30 tools take 'em down to 5 or 10 where Palo is more central and strategic and be able to demonstrate that value. So we do that through, we're making a huge investment in our people but macroeconomic times also puts some stronger people back on the market and we're able to incorporate them into the business. >> What are the conditions that are necessary for that consolidation? Like I would imagine if you're, if you're a big customer of a big, you know, competitor of yours that that migration is going to be harder than if you're dealing with lots of little point tools. Do those, do those point tools, are they sort of is it the end of the subscription? Is it just stuff that's off the books now? What's, the condition that is ripe for that kind of consolidation? >> Look, I think the challenge coming into this year was skills. And so customers had all of these point products. It required a lot more human intervention as Nikesh was talking about to integrate them or make them work. And as all of us know finding people with cybersecurity skills over the last 12 months has been incredibly hard. That drove, if you know, if you think about that a CIO and a CISO sitting there going, I have all all this investment in tools. I don't have the people to operate 'em. What do I need to do? What we tried to do is elevate that conversation because in a customer, everybody who's bought one of those, they they bought it to solve a problem. And there's people with affinity for that tool. They're not just going to say I want to get consolidated and give up my tool. They're going to wrap their arms around it. And so what we needed to do and this changed our ecosystem strategy too how we leverage partners. We needed to get into the CIO and CISO and say look at this chaos you have here and the challenges around people that it's, it's presenting you. We can help solve that by, by standardizing, consolidating taking that integration away from you as Nikesh talked about, and making it easier for your your high skill people to work on high skill, you know high challenges in there. >> Let chaos reign, and then reign in the chaos. >> Yes. >> Andy Grove. >> I was looking at some stats that there's 26 million developers but less than 3 million cybersecurity professionals. >> Talked about that skills gap and what CISOs and CIOs are facing is do you consider from a value prop perspective Palo Alto Networks to be a, a facilitator of helping organizations deal with that skills gap? >> I think there's a short term and a long term. I think Nikesh today talked about the long term that we'll never win this battle with human beings. We're going to have to win it with automation. That, that's the long term the short term right here and now is that people need people with cybersecurity skills. Now what we're trying to do, you know, is multifaceted. We work with universities to standardize programs to develop skills that people can come into the marketplace with. We run our own programs inside the company. We have a cloud academy program now where we take people high aptitude for sales and technical aptitude and we will put them through a six month boot camp on cloud and they'll come out of that ready to really work with the leading experts in cloud security. The third angle is partners, right, there are partners in the marketplace who want to drive their business into high services areas. They have people, they know how to train. We give them, we partner with them to give them training. Hopefully that helps solve some of the short-term gaps that are out there today. >> So you made the jump from data storage to security and >> Yeah. >> You know, network security, all kinds of security. What was that like? What you must have learned a lot in the last better part of a decade? >> Yeah. >> Take us through that. >> You know, so the first jump was from EMC. I was 15 years there to be CEO of Barracuda. And you know, it was interesting because EMC was, you know large enterprise for the most part. At Barracuda we had, you know 250,000 small and mid-size enterprises. And it was, it's interesting to get into security in small and mid-size businesses because, you know Wendy today was talking about nation states. For small and mid-size business, it's common thievery right? It's ransomware, it's, and, those customers don't have, you know, the human and financial resources to keep up with the threat factor. So, you know, Nikesh talked about how it's taken 'em four and a half years to get into cybersecurity. I remember my first week at Barracuda, I was talking with a customer who had, you know, breached data shut down. There wasn't much bitcoin back then so it was just a pure ransom. And I'm like, wow, this is, you know, incredible industry. So it's been a good, you know, transition for me. I still think data is at the heart of all of this. Right? And I have always believed there's a strong connection between the things I learned growing up at EMC and what I put into practice today at Palo Alto Networks. >> And how about a culture because I, you know I know have observed the EMC culture >> Yeah. >> And you were there in really the heyday. >> Yeah. >> Right? Which was an awesome place. And it seems like Palo Alto obviously, different times but you know, similar like laser focus on solving problems, you know, obviously great, you know value sellers, you know, you guys aren't the commodity >> Yeah. For Product. But there seemed to be some similarities from afar. I don't know Palo Alto as well as I know EMC. >> I think there's a lot. When I joined EMC, it was about, it was 2 billion in in revenue and I think when I left it was over 20, 20, 21. And, you know, we're at, you know hopefully 5, 5 5 in revenue. I feel like it's this very similar, there's a sense of urgency, there's an incredible focus on the customer. you know, Near and Moche are definitely different individuals but the both same kind of disruptive, Israeli force out there driving the business. There are a lot of similarities. I, you know, the passion, I feel privileged as a, you know go to market person that I have this incredible portfolio to go, you know, work with customers on. It's a lucky position to be in, but very I feel like it is a movie I've seen before. >> Yeah. And but, and the course, the challenges from the, the target that you're disrupting is different. It was, you know, EMC had a lot of big, you know IBM obviously was, you know, bigger target whereas you got thousands of, you know, smaller companies. >> Yes. >> And, and so that's a different dynamic but that's why the consolidation play is so important. >> Look at, that's why I joined Palo Alto Networks when I was at Barracuda for nine years. It just fascinated me, that there was 3000 plus players in security and why didn't security evolve like the storage market did or the server market or network where working >> Yeah, right. >> You know, two or three big gorillas came to, to dominate those markets. And it's, I think it's what Nikesh talked about today. There was a new problem in best of breed. It was always best of breed. You can never in security go in and, you know, say, Hey it's good I saved us some money but I got the third best product in the marketplace. And there was that kind of gap between products. I, believe in why I joined here I think this is my last gig is we have a chance to change that. And this is the first company as I look from the outside in that had best of breed as, you know Nikesh said 13 categories. >> Yeah. >> And you know, we're in the leaders quadrant and it's a conversation I have with customers. You don't have to sacrifice best of breed but get the benefits of a platform. And I, think that resonates today. I think we have a chance to change the industry from that viewpoint. >> Give us a little view of the voice of the customer. You had, was it Sabre? >> Yeah. >> That was on >> Scott Moser, The CISO from Sabre. >> Give us a view, what are you hearing from the voice of the customer? Obviously they're quite a successful customer but challenges, concerns, the partnership. >> Yeah. Look, I think security is similar to industries where we come up with magic marketing phrases and, you know, things to you know, make you want to procure our solutions. You know, zero trust is one. And you know, you'll talk to customers and they're like, okay, yes. And you know, the government, right? Joe, Joe Biden's putting out zero trust executive orders. And the, the problem is if you talk to customers, it's a journey. They have legacy infrastructure they have business drivers that you know they just don't deal with us. They've got to deal with the business side who's trying to make the money that keeps the, the company going. it's really helped them draw a map from where they're at today to zero trust or to a better security architecture. Or, you know, they're moving their apps into the cloud. How am I going to migrate? Right? Again, that discussion three years ago was around lift and shift, right? Today it's about, well, no I need cloud native developed apps to service the business the way I want to, I want to service it. How do I, so I, I think there's this element of a trusted partner and relationship. And again, I think this is why you can't have 40 or 50 of those. You got to start narrowing it down if you want to be able to meet and beat the threats that are out there for you. So I, you know, the customers, I see a lot of 'em. It's, here's where I'm at help me get here to a better position. And they know it's, you know Scott said in our keynote today, you don't just, you know have layer three firewall policies and decide, okay tomorrow I'm going to go to layer seven. That, that's not how it works. Right? There's, and, and by the way these things are a mission critical type areas. So there's got to be a game plan that you help customers go through to get there. >> Definitely. Last question, my last question for you is, is security being a board level conversation I was reading some stats from a survey I think it was the what's new in Cypress survey that that Palo Alto released today that showed that while significant numbers of organizations think they've got a cyber resiliency playbook, there's a lot of disconnect or lack of alignment at the boardroom. Are you in those conversations? How can you help facilitate that alignment between the executive team and the board when it comes to security being so foundational to any business? >> Yeah, it's, I've been on three, four public company boards. I'm on, I'm on two today. I would say four years ago, this was a almost a taboo topic. It was a, put your head in the sand and pray to God nothing happened. And you know, the world has changed significantly. And because of the number of breaches the impact it's had on brand, boards have to think about this in duty of care and their fiduciary duty. Okay. So then you start with a board that may not have the technical skills. The first problem the security industry had is how do I explain your risk profile in a way you can understand it. I'm, I'm on the board of Generac that makes home generators. It's a manufacturing, you know, company but they put Wifi modules in their boxes so that the dealers could help do the maintenance on 'em. And all of a sudden these things were getting attacked. Right? And they're being used for bot attacks. >> Yeah. >> Everybody on their board had a manufacturing background. >> Ah. >> So how do you help that board understand the risk they have that's what's changed over the last four years. It's a constant discussion. It's one I have with CISOs where they're like help us put it in layman's terms so they understand they know what we're doing and they feel confident but at the same time understand the marketplace better. And that's a journey for us. >> That Generac example is a great one because, you know, think about IOT Technologies. They've historically been air gaped >> Yes. >> By design. And all of a sudden the business comes in and says, "Hey we can put wifi in there", you know >> Connect it to a home Wifi system that >> Make our lives so much easier. Next thing you know, it's being used to attack. >> Yeah. >> So that's why, as you go around the world are you discerning, I know you were just in Japan are you discerning significant differences in sort of attitudes toward, towards cyber? Whether it's public policy, you know things like regulation where you, they don't want you sharing data, but as as a cyber company, you want to share that data with you know, public and private? >> Look it, I, I think around the world we see incredible government activity first of all. And I think given the position we're in we get to have some unique conversations there. I would say worldwide security is an imperative. I, no matter where I go, you know it's in front of everybody's mind. The, on the, the governance side, it's really what do we need to adapt to make sure we meet local regulations. And I, and I would just tell you Dave there's ways when you do that, and we talk with governments that because of how they want to do it reduce our ability to give them full insight into all the threats and how we can help them. And I do think over time governments understand that we can anonymize the data. There's, but that, that's a work in process. Definitely there is a balance. We need to have privacy, we need to have, you know personal security for people. But there's ways to collect that data in an anonymous way and give better security insight back into the architectures that are out there. >> All right. A little shift the gears here. A little sports question. We've had some great Boston's sports guests on theCUBE right? I mean, Randy Seidel, we were talking about him. Peter McKay, Snyk, I guess he's a competitor now but you know, there's no question got >> He got a little funding today. I saw that. >> Down round. But they still got a lot of money. Not of a down round, but they were, but yeah, but actually, you know, he was on several years ago and it was around the time they were talking about trading Brady. He said Never trade Brady. And he got that right. We, I think we can agree Brady's the goat. >> Yes. >> The big question I have for you is, Belichick. Do you ever question Has your belief in him as the greatest coach of all time wavered, you know, now that- No. Okay. >> Never. >> Weigh in on that. >> Never, he says >> Still the Goat. >> I'll give you my best. You know, never In Bill we trust. >> Okay. Still. >> All right >> I, you know, the NFL is a unique property that's designed for parody and is designed, I mean actively designed to not let Mr. Craft and Bill Belichick do what they do every year. I feel privileged as a Boston sports fan that in our worst years we're in the seventh playoff spot. And I have a lot of family in Chicago who would kill for that position, by the way. And you know, they're in perpetual rebuilding. And so look, and I think he, you know the way he's been able to manage the cap and the skill levels, I think we have a top five defense. There's different ways to win titles. And if I, you know, remember in Brady's last title with Boston, the defense won us that Super Bowl. >> Well thanks for weighing in on that because there's a lot of crazy talk going on. Like, 'Hey, if he doesn't beat Arizona, he's got to go.' I'm like, what? So, okay, I'm sometimes it takes a good good loyal fan who's maybe, you know, has >> The good news in Boston is we're emotional fans too so I understand you got to keep the long term long term in mind. And we're, we're in a privileged position in Boston. We've got Celtics, we've got Bruins we've got the Patriots right on the edge of the playoffs and we need the Red Sox to get to work. >> Yeah, no, you know they were last, last year so maybe they're going to win it all like they usually do. So >> Fingers crossed. >> Crazy worst to first. >> Exactly. Well you said, in Bill we trust it sounds like from our conversation in BJ we trust from the customers, the partners. >> I hope so. >> Thank you so much BJ, for coming back on theCUBE giving us the lay of the land, what's new, the voice of the customer and how Palo Alto was really differentiated in the market. We always appreciate your, coming on the show you >> Honor and privilege seeing you here. Thanks. >> You may be thinking that you were watching ESPN just now but you know, we call ourselves the ESPN at Tech News. This is Lisa Martin for Dave Vellante and our guest. You're watching theCUBE, the Leader and live emerging in enterprise tech coverage. (upbeat music)

>> Presenter: theCUBE presents Ignite '22, brought to you by Palo Alto Networks. >> Hey guys and girls. Welcome back to theCube's live coverage at Palo Alto Ignite '22. We're live at the MGM Grand Hotel in beautiful Las Vegas. Lisa Martin here with Dave Vellante. This is day one of our coverage. We've been talking with execs from Palo Alto, Partners, but one of our most exciting things is talking with Founders day. We get to do that next. >> The thing is, it's like I wrote this weekend in my breaking analysis. Understanding the problem in cybersecurity is really easy, but figuring out how to fix it ain't so much. >> It definitely isn't. >> So I'm excited to have Nir here. >> Very excited. Nir Zuk joins us, the founder and CTO of Palo Alto Networks. Welcome, Nir. Great to have you on the program. >> Thank you. >> So Palo Alto Networks, you founded it back in 2005. It's hard to believe that's been 18 years, almost. You did something different, which I want to get into. But tell us, what was it back then? Why did you found this company? >> I thought the world needed another cybersecurity company. I thought it's because there were so many cybersecurity vendors in the world, and just didn't make any sense. This industry has evolved in a very weird way, where every time there was a new challenge, rather than existing vendors dealing with a challenge, you had new vendors dealing with it, and I thought I could put a stop to it, and I think I did. >> You did something differently back in 2005, looking at where you are now, the leader, what was different in your mind back then? >> Yeah. When you found a new company, you have really two good options. There's also a bad option, but we'll skip that. You can either disrupt an existing market, or you can create a new market. So first, I decided to disrupt an existing market, go into an existing market first, network security, then cyber security, and change it. Change the way it works. And like I said, the challenges that every problem had a new vendor, and nobody just stepped back and said, "I think I can solve it with the platform." Meaning, I think I can spend some time not solving a specific problem, but building a platform that then can be used to solve many different problems. And that's what I've done, and that's what Palo Alto Networks has done, and that's where we are today. >> So you look back, you call it now, I think you call it a next gen firewall, but nothing in 2005, can it be next gen? Do you know the Silicon Valley Show? Do you know the show Silicon Valley? >> Oh! Yeah. >> Yeah, of course. >> You got to have a box. But it was a different kind of box- >> Actually. >> Explain that. >> Actually, it's exactly the same thing. You got to have a box. So I actually wanted to call it a necessary evil. Marketing wouldn't go for that. >> No. >> And the reason I wanted to call it a necessary evil, because one of the things that we've done in order to platform our cyber security, again, first network security now, also cloud security, and security operations, is to turn it into a SaaS delivered industry. Today every cyber security professional knows that, when they buy cyber security, they buy usually a SaaS delivered service. Back then, people thought I was crazy to think that customers are going to send their data to their vendor in order to process, and they wanted everything on premise and so on, but I said, "No, customers are going to send information to us for processing, because we have much more processing power than they have." And we needed something in the infrastructure to send us the information. So that's why I wanted to call it the necessary evil. We ended up calling it next generation firewall, which was probably a better term. >> Well, even Veritas. Remember Veritas? They had the no hardware agenda. Even they have a box. So it is like you say, you got to have it. >> It's necessary. >> Okay. You did this, you started this on your own cloud, kind of like Salesforce, ServiceNow. >> Correct. >> Similar now- >> Build your own data centers. >> Build your own data center. Okay, I call it a cloud, but no. >> No, it's the same. There's no cloud, it's just someone else's computer. >> According to Larry Ellison, he was actually probably right about that. But over time, you've had this closer partnership with the public clouds. >> Correct. >> What does that bring you and your customers, and how hard was that to navigate? >> It wasn't that hard for us, because we didn't have that many services. Usually it's harder. Of course, we didn't do a lift and shift, which is their own thing to do with the cloud. We rebuild things for the cloud, and the benefits, of course, are time to market, scale, agility, and in some cases also, cost. >> Yeah, some cases. >> In some cases. >> So you have a sort of a hybrid model today. You still run your own data centers, do you not? >> Very few. >> Really? >> There are very, very few things that we have to do on hardware, like simulating malware and things that cannot be done in a virtual machine, which is pretty much the only option you have in the cloud. They provide bare metal, but doesn't serve our needs. I think that we don't view cloud, and your viewers should not be viewing cloud, as a place where they're going to save money. It's a place where they're going to make money. >> I like that. >> You make much more money, because you're more agile. >> And that's why this conversation is all about, your cost of goods sold they're going to be so high, you're going to have to come back to your own data centers. That's not on your mind right now. What's on your mind is advancing the unit, right? >> Look, my own data center would limit me in scale, would limit my agility. If you want to build something new, you don't have all the PaaS services, the platform as a service, services like database, and AI, and so on. I have to build them myself. It takes time. So yeah, it's going to be cheaper, but I'm not going to be delivering the same thing. So my revenues will be much lower. >> Less top line. What can humans do better than machines? You were talking about your keynote... I'm just going to chat a little bit. You were talking about your keynote. Basically, if you guys didn't see the keynote, that AI is going to run every soc within five years, that was a great prediction that you made. >> Correct. >> And they're going to do things that you can't do today, and then in the future, they're going to do things that you can't... Better than you can do. >> And you just have to be comfortable with that. >> So what do you think humans can do today and in the future better than machines? >> Look, humans can always do better than machines. The human mind can do things that machines cannot do. We are conscious, I don't think machines will be conscious. And you can do things... My point was not that machines can do things that humans cannot do. They can just do it better. The things that humans do today, machines can do better, once machines do that, humans will be free to do things that they don't do today, that machines cannot do. >> Like what? >> Like finding the most difficult, most covert attacks, dealing with the most difficult incidents, things that machines just can't do. Just that today, humans are consumed by finding attacks that machines can find, by dealing with incidents that machines can deal with. It's a waste of time. We leave it to the machines and go and focus on the most difficult problems, and then have the machines learn from you, so that next time or a hundred or a thousand times from now, they can do it themselves, and you focus on the even more difficult. >> Yeah, just like after 9/11, they said that we lack the creativity. That's what humans have, that machines don't, at least today. >> Machines don't. Yeah, look, every airplane has two pilots, even though airplanes have been flying themselves for 30 years now, why do you have two pilots, to do the things that machines cannot do? Like land on the Hudson, right? You always need humans to do the things that machines cannot do. But to leave the things that machines can do to the machines, they'll do it better. >> And autonomous vehicles need breaks. (indistinct) >> In your customer conversations, are customers really grappling with that, are they going, "Yeah, you're right?" >> It depends. It's hard for customers to let go of old habits. First, the habit of buying a hundred different solutions from a hundred different vendors, and you know what? Why would I trust one vendor to do everything, put all my eggs in the same basket? They have all kind of slogans as to why not to do that, even though it's been proven again and again that, doing everything in one system with one brain, versus a hundred systems with a hundred brains, work much better. So that's one thing. The second thing is, we always have the same issue that we've had, I think, since the industrial revolution, of what machines are going to take away my job. No, they're just going to make your job better. So I think that some of our customers are also grappling with that, like, "What do I do if the machines take over?" And of course, like we've said, the machines aren't taking over. They're going to do the benign work, you're going to do the interesting work. You should embrace it. >> When I think about your history as a technology pro, from Check Point, a couple of startups, one of the things that always frustrated you, is when when a larger company bought you out, you ended up getting sucked into the bureaucratic vortex. How do you avoid that at Palo Alto Networks? >> So first, you mean when we acquire company? >> Yes. >> The first thing is that, when we acquire companies, we always acquire for integration. Meaning, we don't just buy something and then leave it on the side, and try to sell it here and there. We integrate it into the core of our products. So that's very important, so that the technology lives, thrives and continues to grow as part of our bigger platform. And I think that the second thing that is very important, from past experience what we've learned, is to put the people that we acquire in key positions. Meaning, you don't buy a company and then put the leader of that company five levels below the CEO. You always put them in very senior positions. Almost always, we have the leaders of the companies that we acquire, be two levels below the CEO, so very senior in the company, so they can influence and make changes. >> So two questions related to that. One is, as you grow your team, can you be both integrated? And second part of the question, can you be both integrated and best of breed? Second part of the question is, do you even have to be? >> So I'll answer it in the third way, which is, I don't think you can be best of breed without being integrated in cybersecurity. And the reason is, again, this split brain that I've mentioned twice. When you have different products do a part of cybersecurity and they don't talk to each other, and they don't share a single brain, you always compromise. You start looking for things the wrong way. I can be a little bit technical here, but please. Take the example of, traditionally you would buy an IDS/IPS, separately from your filtering, separately from DNS security. One of the most important things we do in network security is to find combining control connections. Combining control connections where the adversaries controlling something behind your firewall and is now going around your network, is usually the key heel of the attack. That's why attacks like ransomware, that don't have a commanding control connection, are so difficult to deal with, by the way. So commanding control connections are a key seal of the attacks, and there are three different technologies that deal with it. Neural filtering for neural based commanding control, DNS security for DNS based commanding control, and IDS/IPS for general commanding control. If those are three different products, they'll be doing the wrong things. The oral filter will try to find things that it's not really good at, that the IPS really need to find, and the DN... It doesn't work. It works much better when it's one product doing everything. So I think the choice is not between best of breed and integrated. I think the only choice is integrated, because that's the only way to be best of breed. >> And behind that technology is some kind of realtime data store, I'll call it data lake, database. >> Yeah. >> Whatever. >> It's all driven by the same data. All the URLs, all the domain graph. Everything goes to one big data lake. We collect about... I think we collect about, a few petabytes per day. I don't write the exact number of data. It's all going to the same data lake, and all the intelligence is driven by that. >> So you mentioned in a cheeky comment about, why you founded the company, there weren't enough cybersecurity companies. >> Yeah. >> Clearly the term expansion strategy that Palo Alto Networks has done has been very successful. You've been, as you talked about, very focused on integration, not just from the technology perspective, but from the people perspective as well. >> Correct. >> So why are there still so many cybersecurity companies, and what are you thinking Palo Alto Networks can do to change that? >> So first, I think that there are a lot of cybersecurity companies out there, because there's a lot of money going into cybersecurity. If you look at the number of companies that have been really successful, it's a very small percentage of those cybersecurity companies. And also look, we're not going to be responsible for all the innovation in cybersecurity. We need other people to innovate. It's also... Look, always the question is, "Do you buy something or do you build it yourself?" Now we think we're the smartest people in the world. Of course, we can build everything, but it's not always true that we can build everything. Know that we're the smartest people in the world, for sure. You see, when you are a startup, you live and die by the thing that you build. Meaning if it's good, it works. If it's not good, you die. You run out of money, you shut down, and you just lost four years of your life to this, at least. >> At least. >> When you're a large company, yeah, I can go and find a hundred engineers and hire them. And especially nowadays, it becomes easier, as it became easier, and give them money, and have them go and build the same thing that the startup is building, but they're part of a bigger company, and they'll have more coffee breaks, and they'll be less incentive to go and do that, because the company will survive with or without them. So that's why startups can do things much better, sometimes than larger companies. We can do things better than startups, when it comes to being data driven because we have the data, and nobody can compete against the amount of data that we have. So we have a good combination of finding the right startups that have already built something, already proven that it works with some customers, and of course, building a lot of things internally that we cannot do outside. >> I heard you say in one of the, I dunno, dozens of videos I've listened to you talked to. The industry doesn't need or doesn't want another IoT stovepipe. Okay, I agree. So you got on-prem, AWS, Azure, Google, maybe Alibaba, IoT is going to be all over the place. So can you build, I call it the security super cloud, in other words, a consistent experience with the same policies and edicts across all my estates, irrespective of physical location? Is that technically feasible? Is it what you are trying to do? >> Certainly, what we're trying to do with Prisma Cloud, with our cloud security product, it works across all the clouds that you mentioned, and Oracle as well. It's almost entirely possible. >> Almost. >> Almost. Well, the things that... What you do is you normalize the language that the different cloud scale providers use, into one language. This cloud calls it a S3, and so, AWS calls it S3, and (indistinct) calls it GCS, and so on. So you normalize their terminology, and then build policy using a common terminology that your customers have to get used to. Of course, there are things that are different between the different cloud providers that cannot be normalized, and there, it has to be cloud specific. >> In that instance. So is that, in part, your strategy, is to actually build that? >> Of course. >> And does that necessitate running on all the major clouds? >> Of course. It's not just part of our strategy, it's a major part of our strategy. >> Compulsory. >> Look, as a standalone vendor that is not a cloud provider, we have two advantages. The first one is we're security product, security focused. So we can do much better than them when it comes to security. If you are a AWS, GCP, Azure, and so on, you're not going to put your best people on security, you're going to put them on the core business that you have. So we can do much better. Hey, that's interesting. >> Well, that's not how they talk. >> I don't care how they talk. >> Now that's interesting. >> When something is 4% of your business, you're not going to put it... You're not going to put your best people there. It's just, why would you? You put your best people on 96%. >> That's not driving their revenue. >> Look, it's simple. It's not what we- >> With all due respect. With all due respect. >> So I think we do security much better than them, and they become the good enough, and we become the premium. But certainly, the second thing that give us an advantage and the right to be a standalone security provider, is that we're multicloud, private cloud and all the major cloud providers. >> But they also have a different role. I mean, your role is not the security, the Nitro card or the Graviton chip, or is it? >> They are responsible for securing up to the operating system. We secure everything. >> They do a pretty good job of that. >> No, they do, certainly they have to. If they get bridged at that level, it's not just that one customer is going to suffer, the entire customer base. They have to spend a lot of time and money on it, and frankly, that's where they put their best security people. Securing the infrastructure, not building some cloud security feature. >> Absolutely. >> So Palo Alto Networks is, as we wrap here, on track to nearly double its revenues to nearly seven billion in FY '23, just compared to 2020, you were quoted in the press by saying, "We will be the first $100 billion cyber company." What is next for Palo Alto to achieve that? >> Yeah, so it was Nikesh, our CEO and chairman, that was quoted saying that, "We will double to a hundred billion." I don't think he gave it a timeframe, but what it takes is to double the sales, right? We're at 50 billion market cap right now, so we need to double sales. But in reality, you mentioned that we're growing the turn by doing more and more cybersecurity functions, and taking away pieces. Still, we have a relatively small, even though we're the largest cybersecurity vendor in the world, we have a very low market share that shows you how fragmented the market is. I would also like to point out something that is less known. Part of what we do with AI, is really take the part of the cybersecurity industry, which are service oriented, and that's about 50% of the cybersecurity industry services, and turn it into products. I mean, not all of it. But a good portion of what's provided today by people, and tens of billions of dollars are spent on that, can be done with products. And being one of the very, very few vendors that do that, I think we have a huge opportunity at turning those tens of billions of dollars in human services to AI. >> It's always been a good business taking human labor and translating into R and D, vendor R and D. >> Especially- >> It never fails if you do it well. >> Especially in difficult times, difficult economical times like we are probably experiencing right now around the world. We, not we, but we the world. >> Right, right. Well, congratulations. Coming up on the 18th anniversary. Tremendous amount of success. >> Thank you. >> Great vision, clear vision, STEM expansion strategy, really well underway. We are definitely going to continue to keep our eyes. >> Big company, a hundred billion, that's market capital, so that's a big company. You said you didn't want to work for a big company unless you founded it, is that... >> Unless it acts like a small company. >> There's the caveat. We'll keep our eye on that. >> Thank you very much. >> It's such a pleasure having you on. >> Thank you. >> Same here, thank you. >> All right, for our guests and for Dave Vellante, I'm Lisa Martin. You're watching theCUBE, the leader in live emerging and enterprise tech coverage. (upbeat music)

>>The Cube presents Ignite 22, brought to you by Palo Alto Networks. >>Hey guys, welcome back to the Cube, the leader in live enterprise and emerging tech coverage. We are live in Las Vegas at MGM Grand Hotel, Lisa Martin with Dave Valante, covering our first time covering Palo Alto Ignite. 22 in person. Dave, we've had some great conversations so far. We've got two days of wall to wall coverage. We're gonna be talking with Palo Alto execs, leaders, customers, partners, and we're gonna be talking about the partner ecosystem >>Next. Wow. Super important. You know, it's funny you talk about for a minute, you didn't know where we were. I, I came to Vegas in May. I feel like I never left two weeks ago reinvent, which was I, I thought the most awesome reinvent ever. And it was really all about the ecosystem and the marketplace. So super excited to have that >>Conversation. Yeah, we've got Wet Whit Krump joining us, director of America's business development worldwide channels and customer programs at AWS marketplace. Wet, welcome to the Cube. Great to have >>You. Thanks for having me. Give >>Us a, you got a big title there. Give us a little bit of flavor of your scope of work at aws. >>Yeah, sure. So I, I've been with the marketplace team now almost eight years and originally founded our channel programs. And my scope has expanded to not just cover channels, but all things related to customers. So if you think about marketplace having sort of two sides, one being very focused on the isv, I tend to manage all things related to our in customer and our, our channel partners. >>What are some of the feedback that you're getting from customers and channel partners as the marketplace has has evolved so much? >>Yeah. You know, it's, it's, it's been interesting to watch over the course of the years, getting to see it start its infancy and grow up. One of the things that we hear often from customers and from our channel partners, and maybe not so directly, is it's not about finding the things they necessarily want to buy, although that's important, but it's the actual act of how they're able to purchase things and making that a much more streamlined process, especially in large enterprises where there's a lot of complexity. We wanna make that a lot simple, simpler for our customers. >>I mean, vendor management is such a hassle, right? But, so when I come into the marketplace, it's all there. I gotta console, it's integrated, I choose what I want. The billing is simplified. How has that capability evolved since the time that you've been at aws and where do you, where do you want to take it? >>Yeah, so when we, we first started Marketplace, it was really a pay as you go model customer come, they buy whatever, you know, whatever the, the whatever the solution was. And then it was, you know, charged by the hour and then the year. And one of the things that we discovered through customer and partner feedback was especially when they're dealing with large enterprise purchases, you know, they want to be able to instantiate those custom price and terms, you know, into that contract while enjoying the benefits of, of marketplace. And that's been, I think the biggest evolution started in 2017 with private offers, 2018 with consulting partner private offers. And then we've added things on over time to streamline procurement for, for >>Customers. So one of the hottest topics right now, everybody wants to talk about the macro and the headwinds and everything else, but when you talk to customers like, look, I gotta do more with less, less, that's the big theme. Yeah. And, and I wanna optimize my spend. Cloud allows me to do that because I can dial down, I can push storage to, to lower tiers. There's a lot of different things that I can do. Yeah. What are the techniques that people are using in the ecosystem Yeah. To bring in the partner cost optimization. Yeah. >>And so one of the key things that, that partners are, are, are doing for customers, they act as that trusted advisor. And, you know, when using marketplace either directly or through a partner, you know, customers are able to really save money through a licensing flexibility. They're also able to streamline their procurement. And then if there's an at-risk spin situation, they're able to, to manage that at-risk spend by combining marketplace and AWS spin into into one, you know, basically draws down their commitments to, to the company. >>And we talk about ask at-risk spend, you might talk about user or lose IT type of spend, right? Yeah. And so you, you increase the optionality in terms of where you can get value from your cloud spend. That's >>All right. Customers are thinking about their, their IT spend more strategically now more than ever. And so they're not just thinking about how do I buy infrastructure here and then software here, data services, they wanna combine this into one place. It's a lot less to keep up with a lot, a lot less overhead for them. But also just the simplification that you alluded to earlier around, you know, all the billing and vendor management is, and now in one, one streamlined, one streamlined process. Talk >>About that as a facilitator of organizations being able to reduce their risk profile. >>Yeah, so, you know, one of the things that, that came out earlier this year with Forrester was a to were total economic impact studies for both an ISV and for the end customer. But there was also a thought leadership study done where they surveyed over 700 customers worldwide to sort of get their thoughts on procurement and risk profile management. And, and one of the things that was really, you know, really surprising was is was that, you know, I guess it was like over 78% of of respondents DEF stated that they didn't feel like their, their companies had a really well-defined governance model and that over half of software and data purchases actually went outside of procurement. And so the companies aren't really able to, don't, they don't really have eyes on all of this spin and it's substantial >>And that's a, a huge risk for the organization. >>Yeah. Huge risk for the organization. And, and you know, half of the respondents stated outright that like they viewed marketplaces a way for them to reduce their risk profile because they, they were able to have a better governance model around that. >>So what's the business case can take us through that. How, how should a customer think about that? So, okay, I get that the procurement department likes it and the CFO probably likes it, but how, what, what's the dynamic around the business? So if I'm a, let's say I'm, I'm a bus, I'm a business person, I'm a, and running the process, I got my little, I get my procurement reach around. Yeah. What does the data suggest that what's in it from me, right? From a company wide standpoint, you know, what are the, maybe the Forester guys address this. So yeah, that overall business case I think is important. >>Yeah, I think, I think one of the big headlines for the end customer is because of license flexibility is that is is about a 10% cost savings in, in license cost. They're able to right size their purchases to buy the things they actually need. They're not gonna have these big overarching ELAs. There's gonna be a lot of other things in there that, that they don't, they don't really aren't gonna really directly use. You're talking about shelfware, you know, that sort of the classic term buy something, it never gets used, you know, also from just a, a getting things done perspective, big piece of feedback from customers is the contracting process takes a long time. It takes several months, especially for a large purchase. And a lot of those discussions are very repetitive. You know, you're talking about the same things over and over again. And we actually built a feature called standardized contract where we talked to a number of customers and ISVs distilled a contract down into a, a largely a set of terms that both sides already agreed to. And it cuts that, that contract time down by 90%. So if you're a legal team in a company, there's only so many of you and you have a lot of things to get done. If you can shave 90% off your time, that that's, that's now you can now work on a lot of other things for the, the corporation. Right. >>A lot of business impact there. You think faster time to value, faster time to market workforce optimization. >>Yeah. Yeah. I mean, it, it, you know, from an ISV standpoint, the measurement is they're, they're able to close deals about 40% faster, which is great for the isv. I mean obviously they love that. But if you're a customer, you're actually getting the innovative technologies you need 40% faster. So you can actually do the work you want to take it to your customers and drive the business. >>You guys recently launched, what is it, vendor Insights? Yeah. Talk a little bit about that, the value. What are some of the things that you're seeing with that? >>Yeah, so that goes into the, the onboarding value add of marketplaces. The number of things that go into, to cutting that time according to Forrester by 75%. But Vendor Insights was based on a key piece, offa impact from customers. So, you know, marketplace is used for, one of the reasons is discoverability by customers, Hey, what is the broader landscape? Look for example of security or storage partners, you know, trying to, trying to understand what is even available. And then the double click is, alright, well how does that company, or how does that vendor fit into my risk profile? You know, understanding what their compliance metrics are, things of that nature. And so historically they would have to, a customer would've to go to an ISV and say, all right, I want you to fill out this form, you know that my questionnaire. And so they would trade this back and forth as they have questions. Now with vendor insights, a customer can actually subscribe to this and they're able to actually see the risk profile of that vendor from the inside out, you know, from the inside of their SaaS application, what does it look like on a real time basis? And they can go back and look at that whenever they want. And you know, the, the, the feedback since the launch has been fantastic. And that, and I think that helps us double down on the already the, the onboarding benefits that we are providing customers. >>This, this, I wanna come back to this idea of cost optimization and, and try to tie it into predictability. You know, a lot of people, you know, complain, oh, I got surprised at the end of the month. So if I understand it wit by, by leveraging the marketplace and the breadth that you have in the marketplace, I can say, okay, look, I'm gonna spend X amount on tech. Yeah. And, and this approach allows me to say, all right, because right now procurement or historically procurement's been a bunch of stove pipes, I can't take from here and easily put it over there. Right. You're saying that this not only addresses the sort of cost optimization, does it also address the predictability challenge? >>Yeah, and I, I think another way to describe that is, is around cost controls. And you know, just from a reporting perspective, you know, we, we have what are called cost utilization reports or curve files. And we provide those to customers anytime they want and they can load those into Tableau, use whatever analysis tools that they want to be able to use. And so, and then you can actually tag usage in those reports. And what we're really talking about is helping customers adopt thin op practices. So, you know, develop directly for the cloud customers are able to understand, okay, who's using what, when and where. So everyone's informed that creates a really collaborative environment. It also holds people accountable for their spin. So that, you know, again, talking about shelfware, we bought things we're not gonna use or we're overusing people are using software that they probably don't really need to. And so that's, that adds to that predictable is everyone has great visibility into what's happening. And there's >>Another, I mean, of course saving money is, is, is in vogue right now because you know, the headwinds and the economics, et cetera. But there's also another side of the equation, which is, I mean, I see this a lot. You know, the CFO says financial people, why is our cloud bill so high? Well it's because we're actually driving all this revenue. And so, you know, you've seen it so many so often in companies, you know, the, the spreadsheet analysis says, oh, cut that. Well, what happens to revenue if you cut that? Right? Yeah. So with that visibility, the answer may be, well actually if we double down on that, yeah, we're actually gonna make more money cuz we actually have a margin on this and it's, it's got operating leverage. So if we double that, you know, we could, so that kind of cross organization communication to make better decisions, I think is another key factor. Yeah. >>Huge impact there. Talk ultimately about how the buyer's journey seems to have been really transformed >>The >>Correct. Right? So if you're, if you're a buyer, you know, initially to your point is, you know, I'm just looking for a point solution, right? And then you move on to the next one and the next one. And now, you know, working with our teams and using the platform, you know, and frankly customers are thinking more strategically about their IT spend holistically. The conversations that we're having with us is, it's not about how do I find the solution today, but here's my forward looking software spend, or I'm going through a migration, I wanna rationalize the software portfolio I have today as I'm gonna lift and shift it to aws. You know, what is going to make the trip? What are we gonna discard entirely because it's not really optimized for the cloud. Or there's that shelf wheel component, which is, hey, you know, maybe 15 to 25% of my portfolio, it's just not even getting utilized. And that, and that's a sunk cost to your point, which is, you know, that's, that's money I could be using on something that really impacts the bottom line in various areas of the business. Right. >>What would you say is the number one request you get or feedback you get from the end customers? And how is that different from what you hear from the channel partners? How aligned or Yeah. Are those >>Vectors? I would say from a customer perspective, one of the key things I hear about is around visibility of spin, right? And I was just talking about these reports and you know, using cost optimization tools, being able to use features like identity and access management, managing entitlements, private marketplaces. Basically them being able to have a stronger governance model in the cloud. For one thing, it's, it's, you know, keeping everybody on track like some of the points I was talking about earlier, but also cost, cost optimization around, you know, limiting vendor sprawl. Are we actually really using all the things that we need? And then from a channel partner perspective, you know, some of the things I talked about earlier about that 40% faster sales cycle, you know, that that TEI or the total economic impact study that was done by Forrester was, was built for the isv. >>But if you're a channel partner sitting between the customer and the isv, you kind of get to, you get a little bit of the best of both worlds, right? You're acting as that, you're acting as that that advisor. And so if you're a channel partner, the procurement streamlining is a huge benefit because the, you know, like you said, saving money is in vogue right now. You're trying to do more with less. So if you're thinking about 20, 27% faster win rates, 40% faster time to close, and you're the customer who's trying to impact the bottom line by, by innovating more, more quickly, those two pieces of feedback are really coming together and meeting in, in the middle >>Throughout 2021, or sorry, 2022, our survey partner, etr Enterprise Technology Research has asked their panel a question is what's your strategy for, you know, doing more with less? By far the number one response has been consolidating redundant vendors. Yes. And then optimizing cloud was, you know, second, but, but way, way lower than that. The number from last survey went from 34%. It's now up to 44% in the January survey, which is in the field, which they gave me a glimpse to last night. So you're seeing dramatic uptick Yeah. In that point. Yeah. And then you guys are helping, >>We, we definitely are. I mean, it, there's the reporting piece so they have a better visibility of what they're doing. And then you think about a, a feature like private marketplace and manage entitlements. So private marketplace enables a customer to create their own private marketplace as the name states where they can limit access to it for certain types of software to the actual in customer who needs to use that software. And so, you know, not everybody needs a license to software X, right? And so that helps with the sprawl comment to your point, that's, that's on the increase, right? Am I actually spending money on things that we need to use? >>But also on the consolidation front, you, we, we talked with nikesh an hour or so ago, he was mentioning on stage, if you, if you just think of this number of security tools or cybersecurity tools that an organization has on its network, 30 to 50. And we were talking about, well, how does Palo Alto Networks what's realistic in terms of consolidation? But it sounds like what you're doing in the marketplace is giving organizations the visibility, correct, for sure. Into what they're running, usage spend, et cetera, to help facilitate ultimately at some point facilitate a strategic consolidation. >>It's, that's exactly right. And if you, you think about cost optimization, our procurement features, you know, the, the practice that we're trying to help customers around, around finops, it's all about helping customers build a, a modern procurement practice and supply chain. And so that helps with, with that point exactly. The keynotes >>Point. Exactly. So last question for you. What, what's next? What can we expect? >>Oh, so what's next for me is, you know, I, I really want to, you know, my channel business for example, you know, I want to think about enabling new types of partners. So if we've worked really heavily with resellers, we worked very heavily with Palo Alto on the reseller community, how are we bringing in more services partners of various types? You know, the gsi, the distributors, cloud service providers, managed security service providers was in a keynote yesterday listening to Palo Alto talk about their five routes to market. And, you know, they had these bubbles. And so I was like, gosh, that's exactly how I'm thinking about the business is how am I expanding my own footprint to customers that have deeper, I mean, excuse me, to partners that have deeper levels of cloud knowledge, can be more of that advisor, help customers really understand how to maximize their business on aws. And, and you know, my job is to really help facilitate that, that innovative technology through those partners. >>So sounds like powerful force, that ecosystem. Exactly. Great alignment. AWS and Palo Alto, thank you so much for joining us with, we >>Appreciate, thanks for having >>With what's going on at aws, the partner network, the mp, and all that good stuff. That's really the value in it for customers, ISVs and channel partners. I like. We appreciate your insights. >>Thank you. Thanks for having me. Thank you. >>Our guests and Dave Valante. I'm Lisa Martin. You're watching the Cube Lee Leer in live enterprise and emerging tech coverage.

>> Narrator: "TheCUBE" presents Ignite 22. Brought to you by Palo Alto Networks. >> Hey everyone. Welcome back to "TheCUBE's" live coverage of Palo Alto Network's Ignite 22 from the MGM Grand in beautiful Las Vegas. I am Lisa Martin here with Dave Vellante. Dave, we just had a great conversa- First of all, we got to hear the keynote, most of it. We also just had a great conversation with the CEO and chairman of Palo Alto Networks, Nikesh Arora. You know, this is a company that was founded back in 2005, he's been there four years, a lot has happened. A lot of growth, a lot of momentum in his tenure. You were saying in your breaking analysis, that they are on track to nearly double revenues from FY 20 to 23. Lots of momentum in this cloud security company. >> Yeah, I'd never met him before. I mean, I've been following a little bit. It's interesting, he came in as, sort of, a security outsider. You know, he joked today that he, the host, I forget the guy's name on the stage, what was his name? Hassan. Hassan, he said "He's the only guy in the room that knows less about security than I do." Because, normally, this is an industry that's steeped in deep expertise. He came in and I think is given a good compliment to the hardcore techies at Palo Alto Network. The company, it's really interesting. The company started out building their own data centers, they called it. Now they look back and call it cloud, but it was their own data centers, kind of like Salesforce did, it's kind of like ServiceNow. Because at the time, you really couldn't do it in the public cloud. The public cloud was a little too unknown. And so they needed that type of control. But Palo Alto's been amazing story since 2020, we wrote about this during the pandemic. So what they did, is they began to pivot to the the true cloud native public cloud, which is kind of immature still. They don't tell you that, but it's kind of still a little bit immature, but it's working. And when they were pivoting, it was around the same time, at Fortinet, who's a competitor there's like, I call 'em a poor man's Palo Alto, and Fortinet probably hates that, but it's kind of true. It's like a value play on a comprehensive platform, and you know Fortinet a little bit. And so, but what was happening is Fortinet was executing on its cloud strategy better than Palo Alto. And there was a real divergence in the valuations of these stocks. And we said at the time, we felt like Palo Alto, being the gold standard, would get through it. And they did. And what's happened is interesting, I wrote about this two weeks ago. If you go back to the pandemic, peak of the pandemic, or just before the peak, kind of in that tech bubble, if you will. Splunk's down 44% from that peak, Okta's down, sorry, not down 44%. 44% of the peak. Okta's 22% of their peak. CrowdStrike, 41%, Zscaler, 36%, Fortinet, 71%. Not so bad. Palo Altos maintained 93% of its peak value, right? So it's a combination of two things. One is, they didn't run up as much during the pandemic, and they're executing through their cloud strategy. And that's provided a sort of softer landing. And I think it's going to be interesting to see where they go from here. And you heard Nikesh, we're going to double, and then double again. So that's 7 billion, 14 billion, heading to 30 billion. >> Lisa: Yeah, yeah. He also talked about one of the things that he's done in his tenure here, as really a workforce transformation. And we talk all the time, it's not just technology and processes, it's people. They've also seemed to have done a pretty good job from a cultural transformation perspective, which is benefiting their customers. And they're also growing- The ecosystem, we talked a little bit about the ecosystem with Nikesh. We've got Google Cloud on, we've got AWS on the program today alone, talking about the partnerships. The ecosystem is expanding, as well. >> Have you ever met Nir Zuk? >> I have not, not yet. >> He's the founder and CTO. I haven't, we've never been on "theCUBE." He was supposed to come on one day down in New York City. Stu and I were going to interview him, and he cut out of the conference early, so we didn't interview him. But he's a very opinionated dude. And you're going to see, he's basically going to come on, and I mean, I hope he is as opinionated on "TheCUBE," but he'll talk about how the industry has screwed it up. And Nikesh sort of talked about that, it's a shiny new toy strategy. Oh, there's another one, here's another one. It's the best in that category. Okay, let's get, and that's how we've gotten to this point. I always use that Optive graphic, which shows the taxonomy, and shows hundreds and hundreds of suppliers in the industry. And again, it's true. Customers have 20, 30, sometimes 40 different tool sets. And so now it's going to be interesting to see. So I guess my point is, it starts at the top. The founder, he's an outspoken, smart, tough Israeli, who's like, "We're going to take this on." We're not afraid to be ambitious. And so, so to your point about people and the culture, it starts there. >> Absolutely. You know, one of the things that you've written about in your breaking analysis over the weekend, Nikesh talked about it, they want to be the consolidator. You see this as they're building out the security supercloud. Talk to me about that. What do you think? What is a security supercloud in your opinion? >> Yeah, so let me start with the consolidator. So Palo Alto obviously is executing on that strategy. CrowdStrike as well, wants to be a consolidator. I would say Zscaler wants to be a consolidator. I would say that Microsoft wants to be a consolidator, so does Cisco. So they're all coming at it from different angles. Cisco coming at it from network security, which is Palo Alto's wheelhouse, with their next gen firewalls, network security. What Palo Alto did was interesting, was they started out with kind of a hardware based firewall, but they didn't try to shove everything into it. They put the other function in there, their cloud. Zscaler. Zscaler is the one running around saying you don't need firewalls anymore. Just run everything through our cloud, our security cloud. I would think that as Zscaler expands its TAM, it's going to start to acquire, and do similar types of things. We'll see how that integrates. CrowdStrike is clearly executing on a similar portfolio strategy, but they're coming at it from endpoint, okay? They have to partner for network security. Cisco is this big and legacy, but they've done a really good job of acquiring and using services to hide some of that complexity. Microsoft is, you know, they probably hate me saying this, but it's the just good enough strategy. And that may have hurt CrowdStrike last quarter, because the SMB was a soft, we'll see. But to specifically answer your question, the opportunity, we think, is to build the security supercloud. What does that mean? That means to have a common security platform across all clouds. So irrespective of whether you're running an Amazon, whether you're running an on-prem, Google, or Azure, the security policies, and the edicts, and the way you secure your enterprise, look the same. There's a PaaS layer, super PaaS layer for developers, so that that the developers can secure their code in a common framework across cloud. So that essentially, Nikesh sort of balked at it, said, "No, no, no, we're not, we're not really building a super cloud." But essentially they kind of are headed in that direction, I think. Although, what I don't know, like CrowdStrike and Microsoft are big competitors. He mentioned AWS and Google. We run on AWS, Google, and in their own data centers. That sounds like they don't currently run a Microsoft. 'Cause Microsoft is much more competitive with the security ecosystem. They got Identity, so they compete with Okta. They got Endpoint, so they compete with CrowdStrike, and Palo Alto. So Microsoft's at war with everybody. So can you build a super cloud on top of the clouds, the hyperscalers, and not do Microsoft? I would say no. >> Right. >> But there's nothing stopping Palo Alto from running in the Microsoft cloud. I don't know if that's a strategy, we should ask them. >> Yeah. They've done a great job in our last few minutes, of really expanding their TAM in the last few years, particularly under Nikesh's leadership. What are some of the things that you heard this morning that you think, really they've done a great job of expanding that TAM. He talked a little bit about, I didn't write the number down, but he talked a little bit about the market opportunity there. What do you see them doing as being best of breed for organizations that have 30 to 50 tools and need to consolidate that? >> Well the market opportunity's enormous. >> Lisa: It is. >> I mean, we're talking about, well north of a hundred billion dollars, I mean 150, 180, depending on whose numerator you use. Gartner, IDC. Dave's, whatever, it's big. Okay, and they've got... Okay, they're headed towards 7 billion out of 180 billion, whatever, again, number you use. So they started with network security, they put most of the network function in the cloud. They moved to Endpoint, Sassy for the edge. They've done acquisitions, the Cortex acquisition, to really bring automated threat intelligence. They just bought Cider Security, which is sort of the shift left, code security, developer, assistance, if you will. That whole shift left, protect right. And so I think a lot of opportunities to continue to acquire best of breed. I liked what Nikesh said. Keep the founders on board, sell them on the mission. Let them help with that integration and putting forth the cultural aspects. And then, sort of, integrate in. So big opportunities, do they get into Endpoint and compete with Okta? I think Okta's probably the one sort of outlier. They want to be the consolidator of identity, right? And they'll probably partner with Okta, just like Okta partners with CrowdStrike. So I think that's part of the challenge of being the consolidator. You're probably not going to be the consolidator for everything, but maybe someday you'll see some kind of mega merger of these companies. CrowdStrike and Okta, or Palo Alto and Okta, or to take on Microsoft, which would be kind of cool to watch. >> That would be. We have a great lineup, Dave. Today and tomorrow, full days, two full days of cube coverage. You mentioned Nir Zuk, we already had the CEO on, founder and CTO. We've got the chief product officer coming on next. We've got chief transformation officer of customers, partners. We're going to have great conversations, and really understand how this organization is helping customers ultimately achieve their SecOps transformation, their digital transformation. And really moved the needle forward to becoming secure data companies. So I'm looking forward to the next two days. >> Yeah, and Wendy Whitmore is coming on. She heads Unit 42, which is, from what I could tell, it's pretty much the competitor to Mandiant, which Google just bought. We had Kevin Mandia on at September at the CrowdStrike event. So that's interesting. That's who I was poking Nikesh a little bit on industry collaboration. You're tight with Google, and then he had an interesting answer. He said "Hey, you start sharing data, you don't know where it's going to go." I think Snowflake could help with that problem, actually. >> Interesting. >> Yeah, little Snowflake and some of the announcements ar Reinvent with the data clean rooms. Data sharing, you know, trusted data. That's one of the other things we didn't talk about, is the real tension in between security and regulation. So the regulators in public policy saying you can't move the data out of the country. And you have to prove to me that you have a chain of custody. That when you say you deleted something, you have to show me that you not only deleted the file, then the data, but also the metadata. That's a really hard problem. So to my point, something that Palo Alto might be able to solve. >> It might be. It'll be an interesting conversation with Unit 42. And like we said, we have a great lineup of guests today and tomorrow with you, so stick around. Lisa Martin and Dave Vellante are covering Palo Alto Networks Ignite 22 for you. We look forward to seeing you in our next segment. Stick around. (light music)