(upbeat music) >> Welcome back, everyone, to our Cube special programming on "Securing Compute, Engineered for the Hybrid World." We got Cole Humphreys who's with HPE, global server security product manager, and Mike Ferron-Jones with Intel. He's the product manager for data security technology. Gentlemen, thank you for coming on this special presentation. >> All right, thanks for having us. >> So, securing compute, I mean, compute, everyone wants more compute. You can't have enough compute as far as we're concerned. You know, more bits are flying around the internet. Hardware's mattering more than ever. Performance markets hot right now for next-gen solutions. When you're talking about security, it's at the center of every single conversation. And Gen11 for the HPE has been big-time focus here. So let's get into the story. What's the market for Gen11, Cole, on the security piece? What's going on? How do you see this impacting the marketplace? >> Hey, you know, thanks. I think this is, again, just a moment in time where we're all working towards solving a problem that doesn't stop. You know, because we are looking at data protection. You know, in compute, you're looking out there, there's international impacts, there's federal impacts, there's state-level impacts, and even regulation to protect the data. So, you know, how do we do this stuff in an environment that keeps changing? >> And on the Intel side, you guys are a Tier 1 combination partner, Better Together. HPE has a deep bench on security, Intel, We know what your history is. You guys have a real root of trust with your code, down to the silicon level, continuing to be, and you're on the 4th Gen Xeon here. Mike, take us through the Intel's relationship with HPE. Super important. You guys have been working together for many, many years. Data security, chips, HPE, Gen11. Take us through the relationship. What's the update? >> Yeah, thanks and I mean, HPE and Intel have been partners in delivering technology and delivering security for decades. And when a customer invests in an HPE server, like at one of the new Gen11s, they're getting the benefit of the combined investment that these two great companies are putting into product security. On the Intel side, for example, we invest heavily in the way that we develop our products for security from the ground up, and also continue to support them once they're in the market. You know, launching a product isn't the end of our security investment. You know, our Intel Red Teams continue to hammer on Intel products looking for any kind of security vulnerability for a platform that's in the field. As well as we invest heavily in the external research community through our bug bounty programs to harness the entire creativity of the security community to find those vulnerabilities, because that allows us to patch them and make sure our customers are staying safe throughout that platform's deployed lifecycle. You know, in 2021, between Intel's internal red teams and our investments in external research, we found 93% of our own vulnerabilities. Only a small percentage were found by unaffiliated external entities. >> Cole, HPE has a great track record and long history serving customers around security, actually, with the solutions you guys had. With Gen11, it's more important than ever. Can you share your thoughts on the talent gap out there? People want to move faster, breaches are happening at a higher velocity. They need more protection now than ever before. Can you share your thoughts on why these breaches are happening, and what you guys are doing, and how you guys see this happening from a customer standpoint? What you guys fill in with Gen11 with solution? >> You bet, you know, because when you hear about the relentless pursuit of innovation from our partners, and we in our engineering organizations in India, and Taiwan, and the Americas all collaborating together years in advance, are about delivering solutions that help protect our customer's environments. But what you hear Mike talking about is it's also about keeping 'em safe. Because you look to the market, right? What you see in, at least from our data from 2021, we have that breaches are still happening, and lot of it has to do with the fact that there is just a lack of adequate security staff with the necessary skills to protect the customer's application and ultimately the workloads. And then that's how these breaches are happening. Because ultimately you need to see some sort of control and visibility of what's going on out there. And what we were talking about earlier is you see time. Time to seeing some incident happen, the blast radius can be tremendous in today's technical, advanced world. And so you have to identify it and then correct it quickly, and that's why this continued innovation and partnership is so important, to help work together to keep up. >> You guys have had a great track record with Intel-based platforms with HPE. Gen11's a really big part of the story. Where do you see that impacting customers? Can you explain the benefits of what's going on with Gen11? What's the key story? What's the most important thing we should be paying attention to here? >> I think there's probably three areas as we look into this generation. And again, this is a point in time, we will continue to evolve. But at this particular point it's about, you know, a fundamental approach to our security enablement, right? Partnering as a Tier 1 OEM with one of the best in the industry, right? We can deliver systems that help protect some of the most critical infrastructure on earth, right? I know of some things that are required to have a non-disclosure because it is some of the most important jobs that you would see out there. And working together with Intel to protect those specific compute workloads, that's a serious deal that protects not only state, and local, and federal interests, but, really, a global one. >> This is a really- >> And then there's another one- Oh sorry. >> No, go ahead. Finish your thought. >> And then there's another one that I would call our uncompromising focus. We work in the industry, we lead and partner with those in the, I would say, in the good side. And we want to focus on enablement through a specific capability set, let's call it our global operations, and that ability to protect our supply chain and deliver infrastructure that can be trusted and into an operating environment. You put all those together and you see very significant and meaningful solutions together. >> The operating benefits are significant. I just want to go back to something you just said before about the joint NDAs and kind of the relationship you kind of unpacked, that to me, you know, I heard you guys say from sand to server, I love that phrase, because, you know, silicone into the server. But this is a combination you guys have with HPE and Intel supply-chain security. I mean, it's not just like you're getting chips and sticking them into a machine. This is, like, there's an in-depth relationship on the supply chain that has a very intricate piece to it. Can you guys just double down on that and share that, how that works and why it's important? >> Sure, so why don't I go ahead and start on that one. So, you know, as you mentioned the, you know, the supply chain that ultimately results in an end user pulling, you know, a new Gen11 HPE server out of the box, you know, started, you know, way, way back in it. And we've been, you know, Intel, from our part are, you know, invest heavily in making sure that all of our entire supply chain to deliver all of the Intel components that are inside that HPE platform have been protected and monitored ever since, you know, their inception at one of any of our 14,000, you know, Intel vendors that we monitor as part of our supply-chain assurance program. I mean we, you know, Intel, you know, invests heavily in compliance with guidelines from places like NIST and ISO, as well as, you know, doing best practices under things like the Transported Asset Protection Alliance, TAPA. You know, we have been intensely invested in making sure that when a customer gets an Intel processor, or any other Intel silicone product, that it has not been tampered with or altered during its trip through the supply chain. HPE then is able to pick up that, those components that we deliver, and add onto that their own supply-chain assurance when it comes down to delivering, you know, the final product to the customer. >> Cole, do you want to- >> That's exactly right. Yeah, I feel like that integration point is a really good segue into why we're talking today, right? Because that then comes into a global operations network that is pulling together these servers and able to deploy 'em all over the world. And as part of the Gen11 launch, we have security services that allow 'em to be hardened from our factories to that next stage into that trusted partner ecosystem for system integration, or directly to customers, right? So that ability to have that chain of trust. And it's not only about attestation and knowing what, you know, came from whom, because, obviously, you want to trust and make sure you're get getting the parts from Intel to build your technical solutions. But it's also about some of the provisioning we're doing in our global operations where we're putting cryptographic identities and manifests of the server and its components and moving it through that supply chain. So you talked about this common challenge we have of assuring no tampering of that device through the supply chain, and that's why this partnering is so important. We deliver secure solutions, we move them, you're able to see and control that information to verify they've not been tampered with, and you move on to your next stage of this very complicated and necessary chain of trust to build, you know, what some people are calling zero-trust type ecosystems. >> Yeah, it's interesting. You know, a lot goes on under the covers. That's good though, right? You want to have greater security and platform integrity, if you can abstract the way the complexity, that's key. Now one of the things I like about this conversation is that you mentioned this idea of a hardware-root-of-trust set of technologies. Can you guys just quickly touch on that, because that's one of the major benefits we see from this combination of the partnership, is that it's not just one, each party doing something, it's the combination. But this notion of hardware-root-of-trust technologies, what is that? >> Yeah, well let me, why don't I go ahead and start on that, and then, you know, Cole can take it from there. Because we provide some of the foundational technologies that underlie a root of trust. Now the idea behind a root of trust, of course, is that you want your platform to, you know, from the moment that first electron hits it from the power supply, that it has a chain of trust that all of the software, firmware, BIOS is loading, to bring that platform up into an operational state is trusted. If you have a breach in one of those lower-level code bases, like in the BIOS or in the system firmware, that can be a huge problem. It can undermine every other software-based security protection that you may have implemented up the stack. So, you know, Intel and HPE work together to coordinate our trusted boot and root-of-trust technologies to make sure that when a customer, you know, boots that platform up, it boots up into a known good state so that it is ready for the customer's workload. So on the Intel side, we've got technologies like our trusted execution technology, or Intel Boot Guard, that then feed into the HPE iLO system to help, you know, create that chain of trust that's rooted in silicon to be able to deliver that known good state to the customer so it's ready for workloads. >> All right, Cole, I got to ask you, with Gen11 HPE platforms that has 4th Gen Intel Xeon, what are the customers really getting? >> So, you know, what a great setup. I'm smiling because it's, like, it has a good answer, because one, this, you know, to be clear, this isn't the first time we've worked on this root-of-trust problem. You know, we have a construct that we call the HPE Silicon Root of Trust. You know, there are, it's an industry standard construct, it's not a proprietary solution to HPE, but it does follow some differentiated steps that we like to say make a little difference in how it's best implemented. And where you see that is that tight, you know, Intel Trusted Execution exchange. The Intel Trusted Execution exchange is a very important step to assuring that route of trust in that HPE Silicon Root of Trust construct, right? So they're not different things, right? We just have an umbrella that we pull under our ProLiant, because there's ILO, our BIOS team, CPLDs, firmware, but I'll tell you this, Gen11, you know, while all that, keeping that moving forward would be good enough, we are not holding to that. We are moving forward. Our uncompromising focus, we want to drive more visibility into that Gen11 server, specifically into the PCIE lanes. And now you're going to be able to see, and measure, and make policies to have control and visibility of the PCI devices, like storage controllers, NICs, direct connect, NVME drives, et cetera. You know, if you follow the trends of where the industry would like to go, all the components in a server would be able to be seen and attested for full infrastructure integrity, right? So, but this is a meaningful step forward between not only the greatness we do together, but, I would say, a little uncompromising focus on this problem and doing a little bit more to make Gen11 Intel's server just a little better for the challenges of the future. >> Yeah, the Tier 1 partnership is really kind of highlighted there. Great, great point. I got to ask you, Mike, on the 4th Gen Xeon Scalable capabilities, what does it do for the customer with Gen11 now that they have these breaches? Does it eliminate stuff? What's in it for the customer? What are some of the new things coming out with the Xeon? You're at Gen4, Gen11 for HP, but you guys have new stuff. What does it do for the customer? Does it help eliminate breaches? Are there things that are inherent in the product that HP is jointly working with you on or you were contributing in to the relationship that we should know about? What's new? >> Yeah, well there's so much great new stuff in our new 4th Gen Xeon Scalable processor. This is the one that was codenamed Sapphire Rapids. I mean, you know, more cores, more performance, AI acceleration, crypto acceleration, it's all in there. But one of my favorite security features, and it is one that's called Intel Control-Flow Enforcement Technology, or Intel CET. And why I like CET is because I find the attack that it is designed to mitigate is just evil genius. This type of attack, which is called a return, a jump, or a call-oriented programming attack, is designed to not bring a whole bunch of new identifiable malware into the system, you know, which could be picked up by security software. What it is designed to do is to look for little bits of existing, little bits of existing code already on the server. So if you're running, say, a web server, it's looking for little bits of that web-server code that it can then execute in a particular order to achieve a malicious outcome, something like open a command prompt, or escalate its privileges. Now in order to get those little code bits to execute in an order, it has a control mechanism. And there are different, each of the different types of attacks uses a different control mechanism. But what CET does is it gets in there and it disrupts those control mechanisms, uses hardware to prevent those particular techniques from being able to dig in and take effect. So CET can, you know, disrupt it and make sure that software behaves safely and as the programmer intended, rather than picking off these little arbitrary bits in one of these return, or jump, or call-oriented programming attacks. Now it is a technology that is included in every single one of the new 4th Gen Xeon Scalable processors. And so it's going to be an inherent characteristic the customers can benefit from when they buy a new Gen11 HPE server. >> Cole, more goodness from Intel there impacting Gen11 on the HPE side. What's your reaction to that? >> I mean, I feel like this is exactly why you do business with the big Tier 1 partners, because you can put, you know, trust in from where it comes from, through the global operations, literally, having it hardened from the factory it's finished in, moving into your operating environment, and then now protecting against attacks in your web hosting services, right? I mean, this is great. I mean, you'll always have an attack on data, you know, as you're seeing in the data. But the more contained, the more information, and the more control and trust we can give to our customers, it's going to make their job a little easier in protecting whatever job they're trying to do. >> Yeah, and enterprise customers, as you know, they're always trying to keep up to date on the skills and battle the threats. Having that built in under the covers is a real good way to kind of help them free up their time, and also protect them is really killer. This is a big, big part of the Gen11 story here. Securing the data, securing compute, that's the topic here for this special cube conversation, engineering for a hybrid world. Cole, I'll give you the final word. What should people pay attention to, Gen11 from HPE, bottom line, what's the story? >> You know, it's, you know, it's not the first time, it's not the last time, but it's our fundamental security approach to just helping customers through their digital transformation defend in an uncompromising focus to help protect our infrastructure in these technical solutions. >> Cole Humphreys is the global server security product manager at HPE. He's got his finger on the pulse and keeping everyone secure in the platform integrity there. Mike Ferron-Jones is the Intel product manager for data security technology. Gentlemen, thank you for this great conversation, getting into the weeds a little bit with Gen11, which is great. Love the hardware route-of-trust technologies, Better Together. Congratulations on Gen11 and your 4th Gen Xeon Scalable. Thanks for coming on. >> All right, thanks, John. >> Thank you very much, guys, appreciate it. Okay, you're watching "theCube's" special presentation, "Securing Compute, Engineered for the Hybrid World." I'm John Furrier, your host. Thanks for watching. (upbeat music)

>> John Furrier: Hello, welcome back to theCUBE's coverage of Cloud Native Security Con 2023 North America the inaugural event. I'm John Furrier, host of theCUBE, along with Dave Alonte and Lisa Martin covering from the studio. But we have on location Emmy Eide, who is with Red Hat, director of Supply Chain Security. Emmy, great to have you on from location. Thanks for joining us. >> Emmy Eide: Yeah, thank you. >> So everyone wants to know this event is new, it's an aural event, cloud native con, coup con. Very successful. Was this event successful? They all want to know what's going on there. What's the vibe? What's the tracks like? Is it different? Why this event? Was it successful? What's different? >> Yeah, I've really enjoyed being here. The food is wonderful. There's also quite a few vendors here that are just some really cool emerging technologies coming out and a lot from open source, which is really cool to see as well. The talks are very interesting. It's really, they're very diverse in subject but still all security related which is really cool to see. And there's also a lot of different perspectives of how to approach security problems and the people behind them, which I love to see. And it's very nice to hear the different innovative ideas that we can go about doing security. >> We heard from some startups as well that they're very happy with the, with the decision to have a dedicated event. Red Hat is no stranger to open source. Obviously coup con, you guys are very successful there in cloud native con, Now the security con. Why do you think they did this? What's the vibe? What's the rationale? What's your take on this? And what's different from a topic standpoint? >> For non-security specific like events? Is that what you mean? >> What's different from coup con, cloud native con, and here at the cloud native security con? Obviously security's the focus. Is it just deeper dives? Is it more under the hood? Is it root problems or is this beyond Kubernetes? What's the focus, I guess. People want to know, you know, why the new event? >> I mean, there's a lot of focus on supply chain security, right? Like that's the hot topic in security right now. So that's been a huge focus. I can't speak to the differences of those other conferences. I haven't been able to attend them. But I will say that having a security specific conference, it really focuses on the open community and how technology is evolving, and how do you apply security. It's not just talking about tools which I think other conferences tend to focus on just the tools and you can really, I think, get lost in that as someone trying to learn about security or trying to even implement security, but they talk about what it takes to implement those tools, What's behind the people behind implementing those tools? >> Let's get into some of the key topics that we've identified and get your reaction. One, supply chain security, which I know you'll give a lot of commentary on 'cause that's your focus. Also we heard, like, Liz Rice talking about the extended Berkeley packet filtering. Okay, that's big. You know, your root kernel management, that's big. Developer productivity was kind of implied around removing the blockers of security, making it, you know, more aligned with developer first mentality. So that seems to be our takeaway. What's your reaction to those things? You see the same thing? >> I don't have a specific reaction to those things. >> Do you see the same thing happening on the ground there? Are they covering supply? >> Oh, yeah. >> Those three things are they the big focus? >> Yeah. Yeah, I think it's all of those things kind of like wrapped into one, right? But yeah, there's... I'm not sure how to answer your question. >> Well, let's jump into supply chain for instance. 'Cause that has come up a lot. >> Sure. >> What's the focus there on the supply chain security? Is it SBOMs? Is it the container security? What's the key conversations and topics being discussed around supply chain security? >> Well, I think there's a lot of laughter around SBOM right now because no one can really define it, specifically, and everyone's talking about it. So there's, there's a lot more than just the SBOM conversation. We're talking about like full end-to-end development process and that whole software supply chain that goes with it. So there's everything from infrastructure, security, all the way through to like signing transparency logs. Really the full gambit of supply chain, which is is really neat to see because it is such a broad topic. I think a lot of folks now are involved in supply chain security in some way. And so just kind of bringing that to the surface of what are the different people that are involved in this space, thinking about, what's on the top of their mind when it comes to supply chain security. >> How would you scope the order of magnitude of the uptick in supply chain attacks? Is it pretty heavy right now or is it, you know, people with the hair on fire or is it... What's the, give us the taste of the temperature in the room on the supply chain attacks? >> I think most of the folks who are involved in the space understand just that it's increasing. I mean, like, what is it? A 742% increase average annual year, year over year in supply chain attacks. So the amount of attacks increasing is a little daunting, right, for most of us. But it is what it is. So I think most of us right now are just trying to come together to say, "What are you doing that works? This is what I'm doing that works." And in all the different facets of that. 'cause I think we try to throw, we try to throw tools at a lot of problems and this problem is so big and broad reaching that we really are needing to share best practices as a community and as a security community. So this has been, this conference has been really great for that. >> Yeah, I've heard that a lot. You know, too many tools, not enough platform thinking, not enough architecture, needs some structure. Are you seeing any best practice around frameworks and structure around how to start getting in and and building out more of a better approach or posture? I mean, what's that, what's the, what's the state of the union for supply chain, how to handle that? >> Well, I talked about that a little bit in my my keynote that I gave, actually, which was about... And I've heard other other leaders talk about it too. And obviously it keyed my ear just because I'm so passionate about it, about partnership. So you know, empathetic security where the security team that's enforcing the policies, creating the policies, guidelines is working with the teams that are actually doing the production and the development, hand-in-hand, right? Like I can sit there and tell you, "Hey, you have all these problems and here's your security checklist or framework you need to follow." But that's not going to do them any good and it's going to create a ton of holes, right? So actually partnering with them helping them to understand the risks that are associated with their very specific need and use case, because every product has a different kind of quirk to it, right? Like how it's being developed. It might use a different tool and if I sit there and say, "Hey, you need to log on to this, you need to like make your tool work this platform over here and it's not compatible." I'm going to have to completely reframe how I'm doing productization. I need to know that as a security practitioner because me disrupting productization is not something that I should be doing. And I've heard a couple a couple of folks kind of talking about that, the people aspect behind how we implement these tools, the frameworks and the platforms, and how do we draw out risk, right? Like how do we talk about risk with these teams and really make them understand so it's part of their core culture in their understanding. So when they go back to their, when they go back and having to make decisions without me in the room they know they can make those business decisions with the risk as part of that decision. >> I love that empathetic angle because that's really going to, what needs to happen. It's not just, "Hey, that's your department, see you later." Or not even having a knowledge of the information. This idea of team construction, team management is a huge cultural shift. I'm sure the reaction was very positive. How do you explain that to an organization that's out there? Like how do you... what's the first three steps you got to take? Is there anything that you can share for advice people watch you saying, "Yeah we need to we need to change how our teams operate and interact with each other." >> Yeah, I think the first step is to take a good hard look at yourself. And if you are standing there on an ivory tower with a clipboard, you're probably doing it wrong. Check the box security is never going to be any way that works long term. It's going to take you a long time to implement any changes. At Red Hat, we did not look ourselves. You know, we've been doing a lot of great things in supply chain security for a while, but really taking that look and saying, "How can we be more empathetic leaders in the security space?" So we looked at that, then you say, "Okay, what is my my rate of change going to happen?" So if I need to make so many security changes explaining to these organizations, you're actually going to go faster. We improved our efficiency by 2000% just by doing that, just by creating this more empathetic. So why it seems like it's more hands-on, so it's going to be harder, it's easy to send out an email and say, "Hey, meet the security standard, right?" That might seem like the easy way 'cause you don't have time to engage. It's so much faster if you actually engage and share that message and have a a common understanding between the teams that like, "I'm here to deliver a product, so is the security team. The security team's here to deliver that same product and I want to help you do it in a trusted way." Right? >> Yeah. Dave Alonte, my co-host, was just on a session. We were talking together about security teams jumping on every team and putting a C on their jersey to be like the captain of the intramural team, and being involved, and it goes beyond just like the checklist, like you said, "Oh, I got the SBOM list of materials and I got a code scanning thing." That's not enough, is what we're hearing. >> No. >> Is there a framework or a methodology to go beyond that? You got the empathetic, that's really kind of team issue. You got to go beyond some of the tactical things. What's next beyond, you got the empathy and what's that framework structure when you say where you say anything there? >> So what do you do after you have the empathy, right? >> Yeah. >> I would say Salsa is a good place to start, the software levels. Supply chain levels for software artifacts. It's a mouthful. That's a really good maturity framework to start with. No matter what size organization you have, they're just going to be coming out here soon with version one. They release 0.1 a few months back. That's a really good place to give yourself a gut check of where you are in maturity and where you can go, what are best practices. And then there's the SSDF, which is the Secure Software Development framework. I think NIST wrote that one. But that is also a really, a really good framework and they map really well to each other, actually, When you work through Salsa, you're actually working through the SSDF requirements. >> Awesome. Well, great to have you on and great to get that that knowledge. I have to ask you like coup con, I remember when it started in Seattle, their first coup con events, right? Kind of small, similar to this one, but there's a lot of end user activities. Certainly the CNCF kind of was coming together like right after that. What's the end user activity like there this week? That seems to always been the driver of these events. It's a little bit organic. You got some of the key experts coming together, focus. Have you observed any end user activity in terms of contributions, participation? What's the story on the end user piece there? Is it heavy? Is it light? What's the... >> Um, yeah... It seems moderate. I guess somewhere in the middle. I would say largely heavy, but there's definitely participation. There is a lot of communing and networking happening between different organizations to partner together, which is important. But I haven't really paid attention much to like the Twitter side of this. >> Yeah, you've been busy doing the keynotes. How's Red Hat doing all this? You guys have been great positioned with the cloud native movement. Been following the Red Hat's moves since OpenStack days. Really good, good line of product, good open source, Mojo, of course. Good product mix, right, and relevant. Where's the security focus here? Obviously, you guys are clearly focused on security. How's the Red Hat story going on over there? >> There was yesterday a really good talk that explains that super well. It was given by a Red Hatter, connecting all of the open source projects we've been a part of and kind of explaining them. And obviously again, I'm keying in 'cause it's a supply chain kind of conversation, but I'd recommend that anyone who's going to go back and watch these on YouTube to check that one out just to see kind of how we're approaching the security space as well as how we contribute back to the community in that way. >> Awesome. Great to have you on. Final word, I'll give you the final word. What's the big buzz on supply chain? How would you peg the progress there? Feeling good about where things are? What's the current progress on supply chain security? >> I think that it has opened up a lot of doors for communication between security organizations that have tended to be closed. I'm in product security. Product securities, information securities tend to not speak externally about what we're doing. So you don't want to, you know, look bad or you don't want to expose any risk that we have, right? But it is, I think, necessary to open those lines of communication, to be able to start tackling this. It's a big problem throughout all of our industries, and if one supply chain is attacked and those products are used in someone else's supply chain, that can continue, right? So I think it's good. We have a lot of work to do as an industry and the advancements in technology is going to make that a little bit more complicated. But I'm excited for it. >> You can just throw AI at it. That's the big, everyone's doing AI. Just throw AI at it, it'll solve it. Isn't that the new thing? >> I do secure AI though. >> Super important. I love what you're doing there. Supply chain, open source needs, supply chain security. Open source needs this big time. It has to be there. Thank you for the work that you do. Really appreciate you coming on. Thank you. >> Yeah, thanks for having me. >> Yeah, good stuff. Supply chain, critical to open source growth. Open source is going to be the key to success in the future with automation and AI right around the corner. And that's important. This theCUBE covers from cloud native con, security con in North America, 2023. I'm John Furrier. Thanks for watching.

(bright music) >> Hello everyone. Welcome to theCUBE's coverage of AWS re:Invent 22. I'm John Furrier, host of theCUBE. Got some great coverage here talking about software supply chain and sustainability in the cloud. We've got a great conversation. Gunnar Hellekson, vice president and general manager at Red Hat Enterprise Linux and Business Unit of Red Hat. Thanks for coming on. And Adnan Ijaz, director of product management of commercial software services, AWS. Gentlemen, thanks for joining me today. >> It's a pleasure. (Adnan speaks indistinctly) >> You know, the hottest topic coming out of Cloud Native developer communities is slide chain software sustainability. This is a huge issue. As open source continues to power away and fund and grow this next generation modern development environment, you know, supply chain, you know, sustainability is a huge discussion because you got to check things out, what's in the code. Okay, open source is great, but now we got to commercialize it. This is the topic, Gunnar, let's get in with you. What are you seeing here and what's some of the things that you're seeing around the sustainability piece of it? Because, you know, containers, Kubernetes, we're seeing that that run time really dominate this new abstraction layer, cloud scale. What's your thoughts? >> Yeah, so I, it's interesting that the, you know, so Red Hat's been doing this for 20 years, right? Making open source safe to consume in the enterprise. And there was a time when in order to do that you needed to have a long term life cycle and you needed to be very good at remediating security vulnerabilities. And that was kind of, that was the bar that you had to climb over. Nowadays with the number of vulnerabilities coming through, what people are most worried about is, kind of, the providence of the software and making sure that it has been vetted and it's been safe, and that things that you get from your vendor should be more secure than things that you've just downloaded off of GitHub, for example. Right? And that's a place where Red Hat's very comfortable living, right? Because we've been doing it for 20 years. I think there's another aspect to this supply chain question as well, especially with the pandemic. You know, we've got these supply chains have been jammed up. The actual physical supply chains have been jammed up. And the two of these issues actually come together, right? Because as we go through the pandemic, we've got these digital transformation efforts, which are in large part, people creating software in order to manage better their physical supply chain problems. And so as part of that digital transformation, you have another supply chain problem, which is the software supply chain problem, right? And so these two things kind of merge on these as people are trying to improve the performance of transportation systems, logistics, et cetera. Ultimately, it all boils down to, both supply chain problems actually boil down to a software problem. It's very interesting. >> Well, that is interesting. I want to just follow up on that real quick if you don't mind. Because if you think about the convergence of the software and physical world, you know, that's, you know, IOT and also hybridcloud kind of plays into that at scale, this opens up more surface area for attacks, especially when you're under a lot of pressure. This is where, you know, you have a service area on the physical side and you have constraints there. And obviously the pandemic causes problems. But now you've got the software side. How are you guys handling that? Can you just share a little bit more of how you guys looking at that with Red Hat? What's the customer challenge? Obviously, you know, skills gaps is one, but, like, that's a convergence at the same time more security problems. >> Yeah, yeah, that's right. And certainly the volume of, if we just look at security vulnerabilities themselves, just the volume of security vulnerabilities has gone up considerably as more people begin using the software. And as the software becomes more important to, kind of, critical infrastructure. More eyeballs around it and so we're uncovering more problems, which is kind of, that's okay, that's how the world works. And so certainly the number of remediations required every year has gone up. But also the customer expectations, as I mentioned before, the customer expectations have changed, right? People want to be able to show to their auditors and to their regulators that no, in fact, I can show the providence of the software that I'm using. I didn't just download something random off the internet. I actually have like, you know, adults paying attention to how the software gets put together. And it's still, honestly, it's still very early days. I think as an industry, I think we're very good at managing, identifying remediating vulnerabilities in the aggregate. We're pretty good at that. I think things are less clear when we talk about, kind of, the management of that supply chain, proving the providence, and creating a resilient supply chain for software. We have lots of tools, but we don't really have lots of shared expectations. And so it's going to be interesting over the next few years, I think we're going to have more rules are going to come out. I see NIST has already published some of them. And as these new rules come out, the whole industry is going to have to kind of pull together and really rally around some of this shared understanding so we can all have shared expectations and we can all speak the same language when we're talking about this problem. >> That's awesome. Adnan, Amazon web service is obviously the largest cloud platform out there. You know, the pandemic, even post pandemic, some of these supply chain issues, whether it's physical or software, you're also an outlet for that. So if someone can't buy hardware or something physical, they can always get to the cloud. You guys have great network compute and whatnot and you got thousands of ISVs across the globe. How are you helping customers with this supply chain problem? Because whether it's, you know, I need to get in my networking gears and delay, I'm going to go to the cloud and get help there. Or whether it's knowing the workloads and what's going on inside them with respect to open source. 'Cause you've got open source, which is kind of an external forcing function. You've got AWS and you got, you know, physical compute stores, networking, et cetera. How are you guys helping customers with the supply chain challenge, which could be an opportunity? >> Yeah, thanks John. I think there are multiple layers to that. At the most basic level, we are helping customers by abstracting away all these data center constructs that they would have to worry about if they were running their own data centers. They would have to figure out how the networking gear, you talk about, you know, having the right compute, right physical hardware. So by moving to the cloud, at least they're delegating that problem to AWS and letting us manage and making sure that we have an instance available for them whenever they want it. And if they want to scale it, the capacity is there for them to use. Now then, so we kind of give them space to work on the second part of the problem, which is building their own supply chain solutions. And we work with all kinds of customers here at AWS from all different industry segments, automotive, retail, manufacturing. And you know, you see the complexity of the supply chain with all those moving pieces, like hundreds and thousands of moving pieces, it's very daunting. And then on the other hand, customers need more better services. So you need to move fast. So you need to build your agility in the supply chain itself. And that is where, you know, Red Hat and AWS come together. Where we can enable customers to build their supply chain solutions on platforms like Red Hat Enterprise Linux RHEL or Red Hat OpenShift on AWS, we call it ROSA. And the benefit there is that you can actually use the services that are relevant for the supply chain solutions like Amazon managed blockchain, you know, SageMaker. So you can actually build predictive analytics, you can improve forecasting, you can make sure that you have solutions that help you identify where you can cut costs. And so those are some of the ways we're helping customers, you know, figure out how they actually want to deal with the supply chain challenges that we're running into in today's world. >> Yeah, and you know, you mentioned sustainability outside of software sustainability, you know, as people move to the cloud, we've reported on SiliconANGLE here in theCUBE, that it's better to have the sustainability with the cloud because then the data centers aren't using all that energy too. So there's also all kinds of sustainability advantages. Gunnar, because this is kind of how your relationship with Amazon's expanded. You mentioned ROSA, which is Red Hat, you know, on OpenShift, on AWS. This is interesting because one of the biggest discussions is skills gap, but we were also talking about the fact that the humans are a huge part of the talent value. In other words, the humans still need to be involved. And having that relationship with managed services and Red Hat, this piece becomes one of those things that's not talked about much, which is the talent is increasing in value, the humans, and now you got managed services on the cloud. So we'll look at scale and human interaction. Can you share, you know, how you guys are working together on this piece? 'Cause this is interesting, 'cause this kind of brings up the relationship of that operator or developer. >> Yeah, yeah. So I think there's, so I think about this in a few dimensions. First is that it's difficult to find a customer who is not talking about automation at some level right now. And obviously you can automate the processes and the physical infrastructure that you already have, that's using tools like Ansible, right? But I think that combining it with the elasticity of a solution like AWS, so you combine the automation with kind of elastic and converting a lot of the capital expenses into operating expenses, that's a great way actually to save labor, right? So instead of like racking hard drives, you can have somebody do something a little more like, you know, more valuable work, right? And so, okay, but that gives you a platform. And then what do you do with that platform? You know, if you've got your systems automated and you've got this kind of elastic infrastructure underneath you, what you do on top of it is really interesting. So a great example of this is the collaboration that we had with running the RHEL workstation on AWS. So you might think, like, well why would anybody want to run a workstation on a cloud? That doesn't make a whole lot of sense. Unless you consider how complex it is to set up, if you have, the use case here is like industrial workstations, right? So it's animators, people doing computational fluid dynamics, things like this. So these are industries that are extremely data heavy. Workstations have very large hardware requirements, often with accelerated GPUs and things like this. That is an extremely expensive thing to install on-premise anywhere. And if the pandemic taught us anything, it's if you have a bunch of very expensive talent and they all have to work from home, it is very difficult to go provide them with, you know, several tens of thousands of dollars worth of workstation equipment. And so combine the RHEL workstation with the AWS infrastructure and now all that workstation computational infrastructure is available on demand and available right next to the considerable amount of data that they're analyzing or animating or working on. So it's a really interesting, it was actually, this is an idea that was actually born with the pandemic. >> Yeah. >> And it's kind of a combination of everything that we're talking about, right? It's the supply chain challenges of the customer, it's the lack of talent, making sure that people are being put to their best and highest use. And it's also having this kind of elastic, I think, OpEx heavy infrastructure as opposed to a CapEx heavy infrastructure. >> That's a great example. I think that illustrates to me what I love about cloud right now is that you can put stuff in the cloud and then flex what you need, when you need it, in the cloud rather than either ingress or egress of data. You just get more versatility around the workload needs, whether it's more compute or more storage or other high level services. This is kind of where this next gen cloud is going. This is where customers want to go once their workloads are up and running. How do you simplify all this and how do you guys look at this from a joint customer perspective? Because that example I think will be something that all companies will be working on, which is put it in the cloud and flex to whatever the workload needs and put it closer to the compute. I want to put it there. If I want to leverage more storage and networking, well, I'll do that too. It's not one thing, it's got to flex around. How are you guys simplifying this? >> Yeah, I think, so, I'll give my point of view and then I'm very curious to hear what Adnan has to say about it. But I think about it in a few dimensions, right? So there is a technically, like, any solution that Adnan's team and my team want to put together needs to be kind of technically coherent, right? Things need to work well together. But that's not even most of the job. Most of the job is actually ensuring an operational consistency and operational simplicity, so that everything is, the day-to-day operations of these things kind of work well together. And then also, all the way to things like support and even acquisition, right? Making sure that all the contracts work together, right? It's a really... So when Adnan and I think about places of working together, it's very rare that we're just looking at a technical collaboration. It's actually a holistic collaboration across support, acquisition, as well as all the engineering that we have to do. >> Adnan, your view on how you're simplifying it with Red Hat for your joint customers making collaborations? >> Yeah, Gunnar covered it well. I think the benefit here is that Red Hat has been the leading Linux distribution provider. So they have a lot of experience. AWS has been the leading cloud provider. So we have both our own points of view, our own learning from our respective set of customers. So the way we try to simplify and bring these things together is working closely. In fact, I sometimes joke internally that if you see Gunnar and my team talking to each other on a call, you cannot really tell who belongs to which team. Because we're always figuring out, okay, how do we simplify discount experience? How do we simplify programs? How do we simplify go to market? How do we simplify the product pieces? So it's really bringing our learning and share our perspective to the table and then really figure out how do we actually help customers make progress. ROSA that we talked about is a great example of that, you know, together we figured out, hey, there is a need for customers to have this capability in AWS and we went out and built it. So those are just some of the examples in how both teams are working together to simplify the experience, make it complete, make it more coherent. >> Great, that's awesome. Next question is really around how you help organizations with the sustainability piece, how to support them simplifying it. But first, before we get into that, what is the core problem around this sustainability discussion we're talking about here, supply chain sustainability, what is the core challenge? Can you both share your thoughts on what that problem is and what the solution looks like and then we can get into advice? >> Yeah. Well from my point of view, it's, I think, you know, one of the lessons of the last three years is every organization is kind of taking a careful look at how resilient it is, or I should say, every organization learned exactly how resilient it was, right? And that comes from both the physical challenges and the logistics challenges that everyone had, the talent challenges you mentioned earlier. And of course the software challenges, you know, as everyone kind of embarks on this digital transformation journey that we've all been talking about. And I think, so I really frame it as resilience, right? And resilience at bottom is really about ensuring that you have options and that you have choices. The more choices you have, the more options you have, the more resilient you and your organization is going to be. And so I know that's how I approach the market. I'm pretty sure that's how Adnan is approaching the market, is ensuring that we are providing as many options as possible to customers so that they can assemble the right pieces to create a solution that works for their particular set of challenges or their unique set of challenges and unique context. Adnan, does that sound about right to you? >> Yeah, I think you covered it well. I can speak to another aspect of sustainability, which is becoming increasingly top of mind for our customers. Like, how do they build products and services and solutions and whether it's supply chain or anything else which is sustainable, which is for the long term good of the planet. And I think that is where we have also been very intentional and focused in how we design our data center, how we actually build our cooling system so that those are energy efficient. You know, we are on track to power all our operations with renewable energy by 2025, which is five years ahead of our initial commitment. And perhaps the most obvious example of all of this is our work with ARM processors, Graviton3, where, you know, we are building our own chip to make sure that we are designing energy efficiency into the process. And you know, the ARM Graviton3 processor chips, they are about 60% more energy efficient compared to some of the CD6 comparable. So all those things that also we are working on in making sure that whatever our customers build on our platform is long term sustainable. So that's another dimension of how we are working that into our platform. >> That's awesome. This is a great conversation. You know, the supply chain is on both sides, physical and software. You're starting to see them come together in great conversations. And certainly moving workloads to the cloud and running them more efficiently will help on the sustainability side, in my opinion. Of course, you guys talked about that and we've covered it. But now you start getting into how to refactor, and this is a big conversation we've been having lately is as you not just lift and shift, but replatform it and refactor, customers are seeing great advantages on this. So I have to ask you guys, how are you helping customers and organizations support sustainability and simplify the complex environment that has a lot of potential integrations? Obviously API's help of course, but that's the kind of baseline. What's the advice that you give customers? 'Cause you know, it can look complex and it becomes complex, but there's an answer here. What's your thoughts? >> Yeah, I think, so whenever I get questions like this from customers, the first thing I guide them to is, we talked earlier about this notion of consistency and how important that is. One way to solve the problem is to create an entirely new operational model, an entirely new acquisition model, and an entirely new stack of technologies in order to be more sustainable. That is probably not in the cards for most folks. What they want to do is have their existing estate and they're trying to introduce sustainability into the work that they are already doing. They don't need to build another silo in order to create sustainability, right? And so there has to be some common threads, there has to be some common platforms across the existing estate and your more sustainable estate, right? And so things like Red Hat Enterprise Linux, which can provide this kind of common, not just a technical substrate, but a common operational substrate on which you can build these solutions. If you have a common platform on which you are building solutions, whether it's RHEL or whether it's OpenShift or any of our other platforms, that creates options for you underneath. So that in some cases maybe you need to run things on-premises, some things you need to run in the cloud, but you don't have to profoundly change how you work when you're moving from one place to another. >> Adnan, what's your thoughts on the simplification? >> Yeah, I mean, when you talk about replatforming and refactoring, it is a daunting undertaking, you know, especially in today's fast paced world. But the good news is you don't have to do it by yourself. Customers don't have to do it on their own. You know, together AWS and Red Hat, we have our rich partner ecosystem, you know, AWS has over 100,000 partners that can help you take that journey, the transformation journey. And within AWS and working with our partners like Red Hat, we make sure that we have- In my mind, there are really three big pillars that you have to have to make sure that customers can successfully re-platform, refactor their applications to the modern cloud architecture. You need to have the rich set of services and tools that meet their different scenarios, different use cases. Because no one size fits all. You have to have the right programs because sometimes customers need those incentives, they need those, you know, that help in the first step. And last but not least, they need training. So all of that, we try to cover that as we work with our customers, work with our partners. And that is where, you know, together we try to help customers take that step, which is a challenging step to take. >> Yeah, you know, it's great to talk to you guys, both leaders in your field. Obviously Red Hats, I remember the days back when I was provisioning and loading OSs on hardware with CDs, if you remember those days, Gunnar. But now with the high level services, if you look at this year's reinvent, and this is kind of my final question for the segment is, that we'll get your reaction to, last year we talked about higher level service. I sat down with Adam Saleski, we talked about that. If you look at what's happened this year, you're starting to see people talk about their environment as their cloud. So Amazon has the gift of the CapEx, all that investment and people can operate on top of it. They're calling that environment their cloud. Okay? For the first time we're seeing this new dynamic where it's like they have a cloud, but Amazon's the CapEx, they're operating. So, you're starting to see the operational visibility, Gunnar, around how to operate this environment. And it's not hybrid, this, that, it's just, it's cloud. This is kind of an inflection point. Do you guys agree with that or have a reaction to that statement? Because I think this is, kind of, the next gen supercloud-like capability. We're going, we're building the cloud. It's now an environment. It's not talking about private cloud, this cloud, it's all cloud. What's your reaction? >> Yeah, I think, well, I think it's very natural. I mean, we use words like hybridcloud, multicloud, I guess supercloud is what the kids are saying now, right? It's all describing the same phenomena, right? Which is being able to take advantage of lots of different infrastructure options, but still having something that creates some commonality among them so that you can manage them effectively, right? So that you can have, kind of, uniform compliance across your estate. So that you can have, kind of, you can make the best use of your talent across the estate. I mean this is, it's a very natural thing. >> John: They're calling it cloud, the estate is the cloud. >> Yeah. So yeah, so fine, if it means that we no longer have to argue about what's multicloud and what's hybridcloud, I think that's great. Let's just call it cloud. >> Adnan, what's your reaction, 'cause this is kind of the next gen benefits of higher level services combined with amazing, you know, compute and resource at the infrastructure level. What's your view on that? >> Yeah, I think the construct of a unified environment makes sense for customers who have all these use cases which require, like for instance, if you are doing some edge computing and you're running WS outpost or you know, wavelength and these things. So, and it is fair for customer to think that, hey, this is one environment, same set of tooling that they want to build that works across all their different environments. That is why we work with partners like Red Hat so that customers who are running Red Hat Enterprise Linux on-premises and who are running in AWS get the same level of support, get the same level of security features, all of that. So from that sense, it actually makes sense for us to build these capabilities in a way that customers don't have to worry about, okay, now I'm actually in the AWS data center versus I'm running outpost on-premises. It is all one. They just use the same set of CLI, command line APIs and all of that. So in that sense it actually helps customers have that unification so that consistency of experience helps their workforce and be more productive versus figuring out, okay, what do I do, which tool I use where? >> Adnan, you just nailed it. This is about supply chain sustainability, moving the workloads into a cloud environment. You mentioned wavelength, this conversation's going to continue. We haven't even talked about the edge yet. This is something that's going to be all about operating these workloads at scale and all with the cloud services. So thanks for sharing that and we'll pick up that edge piece later. But for re:Invent right now, this is really the key conversation. How to make the sustained supply chain work in a complex environment, making it simpler. And so thanks you for sharing your insights here on theCUBE. >> Thanks, thanks for having us. >> Okay, this is theCUBE's coverage of AWS re:Invent 22. I'm John Furrier, your host. Thanks for watching. (bright music)

(upbeat music) >> Hi everybody. Welcome back to theCUBE as to continue our coverage here at AWS re:Invent '22. We're in the Venetian. Out in Las Vegas, it is Wednesday. And the PaaS is still happening. I can guarantee you that. We continue our series of discussions as part of the "AWS Startup Showcase". This is the "Global Startup Program", a part of that showcase. And I'm joined by two gentlemen today who are going to talk about what CoreStack is up to. One of them is Ez Natarajan, who is the Founder and CEO. Good to have you- (simultaneous chatter) with us today. We appreciate it. Thanks, EZ. >> Nice to meet you, John. >> And Brad Winney who is the area Sales Leader for startups at AWS. Brad, good to see you. >> Good to see you, John. >> Thanks for joining us here on The Showcase. So Ez, first off, let's just talk about CoreStack a little bit for people at home who might not be familiar with what you do. It's all about obviously data, governance, giving people peace of mind, but much deeper than that. I'll let you take it from there. >> So CoreStack is a governance platform that helps customers maximize their cloud usage and get governance at scale. When we talk about governance, we instill confidence through three layers: solving the problems of the CIO, solving the problems of the CTO, solving the problems of the CFO, together with a single pin of class,- >> John: Mm-hmm. >> which helps them achieve continuous holistic automated outcomes at any given time. >> John: Mm-hmm. So, Brad, follow up on that a little bit- >> Yeah. because Ez touched on it there that he's got a lot of stakeholders- >> Right. >> with a lot of different needs and a lot of different demands- >> Mm-hmm. >> but the same overriding emotion, right? >> Yeah. >> They all want confidence. >> They all want confidence. And one of the trickiest parts of confidence is the governance issue, which is policy. It's how do we determine who has access to what, how we do that scale. And across not only start been a process. This is a huge concern, especially as we talked a lot about cutting costs as the overriding driver for 2023. >> John: Mm-hmm. >> The economic compression being what it is, you still have to do this in a secure way and as a riskless way as possible. And so companies like CoreStack really offer core, no pun intended, (Ez laughs) function there where you abstract out a lot of the complexity of governance and you make governance a much more simple process. And that's why we're big fans of what they do. >> So we think governance from a three dimensional standpoint, right? (speaks faintly) How do we help customers be more compliant, secure, achieve the best performance and operations with increased availability? >> Jaohn: Mm-hmm. >> At the same time do the right spend from a cost standpoint. >> Interviewer: Mm-hmm. So when all three dimensions are connected, the business velocity increases and the customer's ability to cater to their customers increase. So our governance tenants come from these three pillars of finance operations, security operations and air operations at cloud operations. >> Yeah. And... Yeah. Please, go ahead. >> Can I (indistinct)? >> Oh, I'm sorry. Just- >> No, that's fine. >> So part of what's going on here, which is critical for AWS, is if you notice a lot of (indistinct) language is at the business value with key stakeholders of the CTO, the CSO and so on. And we're doing a much better job of speaking business value on top of AWS services. But the AWS partners, again, like CoreStack have such great expertise- >> John: Mm-hmm. >> in that level of dialogue. That's why it's such a key part for us, why we're really interested partnering with them. >> How do you wrestle with this, wrestle may not be the right word, but because you do have, as we just went through these litany, these business parts of your business or a business that need access- >> Ez: Mm-hmm. >> and that you need to have policies in place, but they change, right? I mean, and somebody maybe from the financial side should have a window into data and other slices of their business. There's a lot of internal auditing. >> Man: Mm-hmm. >> Obviously, it's got to be done, right? And so just talk about that process a little bit. How you identify the appropriate avenues or the appropriate gateways for people to- >> Sure. >> access data so that you can have that confidence as a CTO or CSO, that it's all right. And we're not going to let too much- >> out to the wrong people. >> Sure. >> Yeah. So there are two dimensions that drive the businesses to look for that kind of confidence building exercise, right? One, there are regulatory external requirements that say that I know if I'm in the financial industry, I maybe need to following NIST, PCI, and sort of compliances. Or if I'm in the healthcare industry, maybe HIPAA and related compliance, I need to follow. >> John: Mm-hmm. >> That's an external pressure. Internally, the organizations based on their geographical presence and the kind of partners and customers they cater to, they may have their own standards. And when they start adopting cloud; A, for each service, how do I make sure the service is secure and it operates at the best level so that we don't violate any of the internal or external requirements. At the same time, we get the outcome that is needed. And that is driven into policies, that is driven into standards which are consumable easily, like AWS offers well-architected framework that helps customers make sure that I know I'm architecting my application workloads in a way that meets the business demands. >> John: Mm-hmm. >> And what CoreStack has done is taken that and automated it in such a way it helps the customers simplify that process to get that outcome measured easily so they get that confidence to consume more of the higher order services. >> John: Okay. And I'm wondering about your relationship as far with AWS goes, because, to me, it's like going deep sea fishing and all of a sudden you get this big 4, 500 pound fish. Like, now what? >> Mm-hmm. >> Now what do we do because we got what we wanted? So, talk about the "Now what?" with AWS in terms of that relationship, what they're helping you with, and the kind of services that you're seeking from them as well. >> Oh, thanks to Brad and the entire Global Startup Ecosystem team at AWS. And we have been part of AWS Ecosystem at various levels, starting from Marketplace to ISV Accelerate to APN Partners, Cloud Management Tools Competency Partner, Co-Sell programs. The team provides different leverages to connect to the entire ecosystem of how AWS gets consumed by the customers. Customers may come through channels and partners. And these channels and partners maybe from WAs to MSPs to SIs to how they really want to use each. >> John: Mm-hmm. >> And the ecosystem that AWS provides helps us feed into all these players and provide this higher order capability which instills confidence to the customers end of the day. >> Man: Absolutely. Right. >> And this can be taken through an MSP. This can be taken through a GSI. This can be taken to the customer through a WA. And that's how our play of expansion into larger AWS customer base. >> Brad: Yeah. >> Brad, from your side of the fence. >> Brad: No, its... This is where the commons of scale come to benefit our partners. And AWS has easily the largest ecosystem. >> John: Mm-hmm. >> Whether or not it's partners, customers, and the like. And so... And then, all the respective teams and programs bring all those resources to bear for startups. Your analogy of of catching a big fish off coast, I actually have a house in Florida. I spend a lot of time there. >> Interviewer: Okay. >> I've yet to catch a big 500 pound fish. But... (interviewer laughs) >> But they're out there. >> But they're definitely out there. >> Yeah. >> And so, in addition to the formalized programs like the Global Partner Network Program, the APN and Marketplace, we really break our activities down with the CoreStacks of the world into two major kind of processes: "Sell to" and "Sell with". And when we say "Sell to", what we're really doing is helping them architect for the future. And so, that plays dividends for their customers. So what do we mean by that? We mean helping them take advantage of all the latest serverless technologies: the latest chip sets like Graviton, thing like that. So that has the added benefit of just lowering the overall cost of deployment and expend. And that's... And we focus on that really extensively. So don't ever want to lose that part of the picture of what we do. >> Mm-hmm. >> And the "Sell with" is what he just mentioned, which is, our teams out in the field compliment these programs like APN and Marketplace with person-to-person in relationship development for core key opportunities in things like FinTech and Retail and so on. >> Interviewer: Mm-hmm. >> We have significant industry groups and business units- >> Interviewer: Mm-hmm. >> in the enterprise level that our teams work with day in and day out to help foster those relationships. And to help CoreStack continue to develop and grow that business. >> Yeah. We've talked a lot about cost, right? >> Yeah. >> But there's a difference between reducing costs or optimizing your spend, right? I mean there- >> Brad: Right. >> Right. There's a... They're very different prism. So in terms of optimizing and what you're doing in the data governance world, what kind of conversations discussions are you having with your clients? And how is that relationship with AWS allowing you to go with confidence into those discussions and be able to sell optimization of how they're going to spend maybe more money than they had planned on originally? >> So today, because of the extra external micro-market conditions, every single customer that we talk to wanting to take a foster status of, "Hey, where are we today? How are we using the cloud? Are we in an optimized state?" >> Interviewer: Mm-hmm. >> And when it comes to optimization, again, the larger customers that we talk to are really bothered about the business outcome and how their services and ability to cater to their customers, right? >> Interviewer: Mm-hmm. >> They don't want to compromise on that just because they want to optimize on the spend. That conversation trickled down to taking a poster assessment first, and then are you using the right set of services within AWS? Are the right set of services being optimized for various requirements? >> Interviewer: Mm-hmm. >> And AWS help in terms of catering to the segment of customers who need that kind of a play through the patent ecosystem. >> John: Mm-hmm. Yeah. We've talked a lot about confidence too, cloud with confidence. >> Brad: Yeah. Yeah. >> What does that mean to different people, you think? I mean, (Brad laughing) because don't you have to feel them out and say "Okay. What's kind of your tolerance level for certain, not risks, but certain measures that you might need to change"? >> I actually think it's flipped the other way around now. I think the risk factor- >> Okay. >> is more on your on-prem environment. And all that goes with that. 'Cause you... Because the development of the cloud in the last 15 years has been profound. It's gone from... That's been the risky proposition now. With all of the infrastructure, all the security and compliance guardrails we have built into the cloud, it's really more about transition and risk of transition. And that's what we see a lot of. And that's why, again, where governance comes into play here, which is how do I move my business from on-prem in a fairly insecure environment relatively speaking to the secure cloud? >> Interviewer: Sure. >> How do I do that without disrupting business? How do I do that without putting my business at risk? And that's a key piece. I want to come back, if I may, something on cost-cutting. >> Interviewer: Sure. >> We were talking about this on the way up here. Cost-cutting, it's the bonfire of the vanities in that in that everybody is talking about cost-cutting. And so we're in doing that perpetuating the very problem that we kind of want to avoid, which is our big cost-cutting. (laughs) So... And I say that because in the venture capital community, what's happening is two things: One is, everybody's being asked to extend their runways as much as possible, but they are not letting them off the hook on growth. And so what we're seeing a lot of is a more nuanced conversation of where you trim your costs, it's not essential, spend, but reinvest. Especially if you've got good strong product market fit, reinvest that for growth. And so that's... So if I think about our playbook for 2023, it's to help good strong startups. Either tune their market fit or now that they good have have good market fit, really run and develop their business. So growth is not off the hook for 2023. >> And then let me just hit on something- >> Yeah. >> before we say goodbye here that you just touched on too, Brad, about. How we see startups, right? AWS, I mean, obviously there's a company focus on nurturing this environment of innovation and of growth. And for people looking at maybe through different prisms and coming. >> Brad: Yeah. >> So if you would maybe from your side of the fence, Ez from CoreStack, about working as a startup with AWS, I mean, how would you characterize that relationship about the kind of partnership that you have? And I want to hear from Brad too about how he sees AWS in general in the startup world. But go ahead. >> It's kind of a mutually enriching relationship, right? The support that comes from AWS because our combined goal is help the customers maximize the potential of cloud. >> Interviewer: Mm-hmm. >> And we talked about confidence. And we talked about all the enablement that we provide. But the partnership helps us get to the reach, right? >> Interviewer: Mm-hmm. >> Reach at scale. >> Interviewer: Mm-hmm. We are talking about customers from different industry verticals having different set of problems. And how do we solve it together so that like the reimbursement that happens, in fact healthcare customers that we repeatedly talk to, even in the current market conditions, they don't want to save. They want to optimize and re-spend their savings using more cloud. >> Interviewer: Mm-hmm. >> So that's the partnership that is mutually enriching. >> Absolutely. >> Yeah. To me, this is easy. I think the reason why a lot of us are here at AWS, especially the startup world, is that our business interests are completely aligned. So I run a pretty significant business unit in a startup neighbor. But a good part of my job and my team's job is to go help cut costs. >> Interviewer: Mm-hmm. >> So tell me... Show me a revenue responsibility position where part of your job is to go cut cost. >> Interviewer: Right. >> It's so unique and we're not a non-profit. We just have a very good long-term view, right? Which is, if we help companies reduce costs and conserve capital and really make sure that that capital is being used the right way, then their long-term viability comes into play. And that's where we have a chance to win more of that business over time. >> Interviewer: Mm-hmm. >> And so because those business interests are very congruent and we come in, we earn so much trust in the process. But I think that... That's why I think we being AWS, are uniquely successful startups. Our business interests are completely aligned and there's a lot of trust for that. >> It's a great success story. It really is. And thank you for sharing your little slice of that and growing slice of that too- >> Yeah. Absolutely. >> from all appearances. Thank you both. >> Thank you, John. >> Thank you very much, John. >> Appreciate your time. >> This is part of the AWS Startup Showcase. And I'm John Walls. You're watching theCUBE here at AWS re:Invent '22. And theCUBE, of course, the leader in high tech coverage.

>>Prior to the pandemic, organizations were largely optimized for efficiency as the best path to bottom line profits. Many CIOs tell the cube privately that they were caught off guard by the degree to which their businesses required greater resiliency beyond their somewhat cumbersome disaster recovery processes. And the lack of that business resilience has actually cost firms because they were unable to respond to changing market forces. And certainly we've seen this dynamic with supply chain challenges and there's a little doubt. We're also seeing it in the area of cybersecurity generally, and data recovery. Specifically. Over the past 30 plus months, the rapid adoption of cloud to support remote workers and build in business resilience had the unintended consequences of expanding attack vectors, which brought an escalation of risk from cybercrime. Well, security in the public clouds is certainly world class. The result of multi-cloud has brought with it multiple shared responsibility models, multiple ways of implementing security policies across clouds and on-prem. >>And at the end of the day, more, not less complexity, but there's a positive side to this story. The good news is that public policy industry collaboration and technology innovation is moving fast to accelerate data protection and cybersecurity strategies with a focus on modernizing infrastructure, securing the digital supply chain, and very importantly, simplifying the integration of data protection and cybersecurity. Today there's heightened awareness that the world of data protection is not only an adjacency to, but it's becoming a fundamental component of cybersecurity strategies. In particular, in order to build more resilience into a business, data protection, people, technologies, and processes must be more tightly coordinated with security operations. Hello and welcome to the future of Multi-Cloud Data Protection Made Possible by Dell in collaboration with the Cube. My name is Dave Ante and I'll be your host today. In this segment, we welcome into the cube, two senior executives from Dell who will share details on new technology announcements that directly address these challenges. >>Jeff Boudreau is the president and general manager of Dell's Infrastructure Solutions Group, isg, and he's gonna share his perspectives on the market and the challenges he's hearing from customers. And we're gonna ask Jeff to double click on the messages that Dell is putting into the marketplace and give us his detailed point of view on what it means for customers. Now, Jeff is gonna be joined by Travis Vhi. Travis is the senior Vice President of product management for ISG at Dell Technologies, and he's gonna give us details on the products that are being announced today and go into the hard news. Now, we're also gonna challenge our guests to explain why Dell's approach is unique and different in the marketplace. Thanks for being with us. Let's get right into it. We're here with Jeff Padre and Travis Behill. We're gonna dig into the details about Dell's big data protection announcement. Guys, good to see you. Thanks >>For coming in. Good to see you. Thank you for having us. >>You're very welcome. Right. Let's start off, Jeff, with the high level, you know, I'd like to talk about the customer, what challenges they're facing. You're talking to customers all the time, What are they telling you? >>Sure. As you know, we do, we spend a lot of time with our customers, specifically listening, learning, understanding their use cases, their pain points within their specific environments. They tell us a lot. Notice no surprise to any of us, that data is a key theme that they talk about. It's one of their most important, important assets. They need to extract more value from that data to fuel their business models, their innovation engines, their competitive edge. So they need to make sure that that data is accessible, it's secure in its recoverable, especially in today's world with the increased cyber attacks. >>Okay. So maybe we could get into some of those, those challenges. I mean, when, when you talk about things like data sprawl, what do you mean by that? What should people know? Sure. >>So for those big three themes, I'd say, you know, you have data sprawl, which is the big one, which is all about the massive amounts of data. It's the growth of that data, which is growing at an unprecedented rates. It's the gravity of that data and the reality of the multi-cloud sprawl. So stuff is just everywhere, right? Which increases that service a tax base for cyber criminals. >>And by gravity you mean the data's there and people don't wanna move it. >>It's everywhere, right? And so when it lands someplace, I think edge, core or cloud, it's there and that's, it's something we have to help our customers with. >>Okay, so just it's nuanced cuz complexity has other layers. What are those >>Layers? Sure. When we talk to our customers, they tell us complexity is one of their big themes. And specifically it's around data complexity. We talked about that growth and gravity of the data. We talk about multi-cloud complexity and we talk about multi-cloud sprawl. So multiple vendors, multiple contracts, multiple tool chains, and none of those work together in this, you know, multi-cloud world. Then that drives their security complexity. So we talk about that increased attack surface, but this really drives a lot of operational complexity for their teams. Think about we're lack consistency through everything. So people, process, tools, all that stuff, which is really wasting time and money for our customers. >>So how does that affect the cyber strategies and the, I mean, I've often said the ciso now they have this shared responsibility model, they have to do that across multiple clouds. Every cloud has its own security policies and, and frameworks and syntax. So maybe you could double click on your perspective on that. >>Sure. I'd say the big, you know, the big challenge customers have seen, it's really inadequate cyber resiliency. And specifically they're feeling, feeling very exposed. And today as the world with cyber tax being more and more sophisticated, if something goes wrong, it is a real challenge for them to get back up and running quickly. And that's why this is such a, a big topic for CEOs and businesses around the world. >>You know, it's funny, I said this in my open, I, I think that prior to the pandemic businesses were optimized for efficiency and now they're like, wow, we have to actually put some headroom into the system to be more resilient. You know, I you hearing >>That? Yeah, we absolutely are. I mean, the customers really, they're asking us for help, right? It's one of the big things we're learning and hearing from them. And it's really about three things, one's about simplifying it, two, it is really helping them to extract more value from their data. And then the third big, big piece is ensuring their data is protected and recoverable regardless of where it is going back to that data gravity and that very, you know, the multi-cloud world just recently, I don't know if you've seen it, but the global data protected, excuse me, the global data protection index gdp. >>I, Yes. Jesus. Not to be confused with gdpr, >>Actually that was released today and confirms everything we just talked about around customer challenges, but also it highlights an importance of having a very cyber, a robust cyber resilient data protection strategy. >>Yeah, I haven't seen the latest, but I, I want to dig into it. I think this, you've done this many, many years in a row. I like to look at the, the, the time series and see how things have changed. All right. At, at a high level, Jeff, can you kind of address why Dell and from your point of view is best suited? >>Sure. So we believe there's a better way or a better approach on how to handle this. We think Dell is uniquely positioned to help our customers as a one stop shop, if you will, for that cyber resilient multi-cloud data protection solution and needs. We take a modern, a simple and resilient approach. >>What does that mean? What, what do you mean by modern? >>Sure. So modern, we talk about our software defined architecture, right? It's really designed to meet the needs not only of today, but really into the future. And we protect data across any cloud and any workload. So we have a proven track record doing this today. We have more than 1700 customers that trust us to protect them more than 14 exabytes of their data in the cloud today. >>Okay, so you said modern, simple and resilient. What, what do you mean by simple? Sure. >>We wanna provide simplicity everywhere, going back to helping with the complexity challenge, and that's from deployment to consumption to management and support. So our offers will deploy in minutes. They are easy to operate and use, and we support flexible consumption models for whatever customer may desire. So traditional subscription or as a service. >>And when you, when you talk about resilient, I mean, I, I put forth that premise, but it's hard because people say, Well, that's gonna gonna cost us more. Well, it may, but you're gonna also reduce your, your risk. So what's your point of view on resilience? >>Yeah, I think it's, it's something all customers need. So we're gonna be providing a comprehensive and resilient portfolio of cyber solutions that are secured by design. We have some ver some unique capabilities and a combination of things like built in amenability, physical and logical isolation. We have intelligence built in with AI par recovery. And just one, I guess fun fact for everybody is we have our cyber vault is the only solution in the industry that is endorsed by Sheltered Harbor that meets all the needs of the financial sector. >>So it's interesting when you think about the, the NIST framework for cybersecurity, it's all about about layers. You're sort of bringing that now to, to data protection, correct? Yeah. All right. In a minute we're gonna come back with Travis and dig into the news. We're gonna take a short break. Keep it right there. Okay. We're back with Jeff and Travis Vhi to dig deeper into the news. Guys, again, good to see you. Travis, if you could, maybe you, before we get into the news, can you set the business context for us? What's going on out there? >>Yeah, thanks for that question, Dave. To set a little bit of the context, when you look at the data protection market, Dell has been a leader in providing solutions to customers for going on nearly two decades now. We have tens of thousands of people using our appliances. We have multiple thousands of people using our latest modern simple power protect data managers software. And as Jeff mentioned, we have, you know, 1700 customers protecting 14 exabytes of data in the public clouds today. And that foundation gives us a unique vantage point. We talked to a lot of customers and they're really telling us three things. They want simple solutions, they want us to help them modernize and they want us to add as the highest priority, maintain that high degree of resiliency that they expect from our data protection solutions. So tho that's the backdrop to the news today. And, and as we go through the news, I think you'll, you'll agree that each of these announcements deliver on those pillars. And in particular today we're announcing the Power Protect data manager appliance. We are announcing power protect cyber recovery enhancements, and we are announcing enhancements to our Apex data storage >>Services. Okay, so three pieces. Let's, let's dig to that. It's interesting appliance, everybody wants software, but then you talk to customers and they're like, Well, we actually want appliances because we just wanna put it in and it works, right? It performs great. So, so what do we need to know about the appliance? What's the news there? Well, >>You know, part of the reason I gave you some of those stats to begin with is that we have this strong foundation of, of experience, but also intellectual property components that we've taken that have been battle tested in the market. And we've put them together in a new simple integrated appliance that really combines the best of the target appliance capabilities we have with that modern simple software. And we've integrated it from the, you know, sort of taking all of those pieces, putting them together in a simple, easy to use and easy to scale interface for customers. >>So the premise that I've been putting forth for, you know, months now, probably well, well over a year, is that, that that data protection is becoming an extension of your, your cybersecurity strategies. So I'm interested in your perspective on cyber recovery, you specific news that you have there. >>Yeah, you know, we, we are, in addition to simplifying things via the, the appliance, we are providing solutions for customers no matter where they're deploying. And cyber recovery, especially when it comes to cloud deployments, is an increasing area of interest and deployment that we see with our customers. So what we're announcing today is that we're expanding our cyber recovery services to be available in Google Cloud with this announcement. It means we're available in all three of the major clouds and it really provides customers the flexibility to secure their data no matter if they're running, you know, on premises in a colo at the edge in the public cloud. And the other nice thing about this, this announcement is that you have the ability to use Google Cloud as a cyber recovery vault that really allows customers to isolate critical data and they can recover that critical data from the vault back to on premises or from that vault back to running their cyber cyber protection or their data protection solutions in the public cloud. >>I always invoke my, my favorite Matt Baker here. It's not a zero sum game, but this is a perfect example where there's opportunities for a company like Dell to partner with the public cloud provider. You've got capabilities that don't exist there. You've got the on-prem capabilities. We can talk about edge all day, but that's a different topic. Okay, so my, my other question Travis, is how does this all fit into Apex? We hear a lot about Apex as a service, it's sort of the new hot thing. What's happening there? What's the news around Apex? >>Yeah, we, we've seen incredible momentum with our Apex solutions since we introduced data protection options into them earlier this year. And we're really building on that momentum with this announcement being, you know, providing solutions that allow customers to consume flexibly. And so what we're announcing specifically is that we're expanding Apex data storage services to include a data protection option. And it's like with all Apex offers, it's a pay as you go solution really streamlines the process of customers purchasing, deploying, maintaining and managing their backup software. All a customer really needs to do is, you know, specify their base capacity, they specify their performance tier, they tell us do they want a a one year term or a three year term and we take it from there. We, we get them up and running so they can start deploying and consuming flexibly. And it's, as with many of our Apex solutions, it's a simple user experience all exposed through a unified Apex console. >>Okay. So it's you keeping it simple, like I think large, medium, small, you know, we hear a lot about t-shirt sizes. I I'm a big fan of that cuz you guys should be smart enough to figure out, you know, based on my workload, what I, what I need, how different is this? I wonder if you guys could, could, could address this. Jeff, maybe you can, >>You can start. Sure. I'll start and then pitch me, you know, Travis, you you jump in when I screw up here. So, awesome. So first I'd say we offer innovative multi-cloud data protection solutions. We provide that deliver performance, efficiency and scale that our customers demand and require. We support as Travis and all the major public clouds. We have a broad ecosystem of workload support and I guess the, the great news is we're up to 80% more cost effective than any of the competition. >>80%. 80%, That's a big number, right? Travis, what's your point of view on this? Yeah, >>I, I think number one, end to end data protection. We, we are that one stop shop that I talked about. Whether it's a simplified appliance, whether it's deployed in the cloud, whether it's at the edge, whether it's integrated appliances, target appliances, software, we have solutions that span the gamut as a service. I mentioned the Apex solution as well. So really we can, we can provide solutions that help support customers and protect them, any workload, any cloud, anywhere that data lives edge core to cloud. The other thing that we hear as a, as a, a big differentiator for Dell and, and Jeff touched on on this a little bit earlier, is our intelligent cyber resiliency. We have a unique combination in, in the market where we can offer immutability or protection against deletion as, as sort of that first line of defense. But we can also offer a second level of defense, which is isolation, talking, talking about data vaults or cyber vaults and cyber recovery. And the, at more importantly, the intelligence that goes around that vault. It can look at detecting cyber attacks, it can help customers speed time to recovery and really provides AI and ML to help early diagnosis of a cyber attack and fast recovery should a cyber attack occur. And, and you know, if you look at customer adoption of that solution specifically in the clouds, we have over 1300 customers utilizing power protect cyber recovery. >>So I think it's fair to say that your, I mean your portfolio has obvious been a big differentiator whenever I talk to, you know, your finance team, Michael Dell, et cetera, that end to end capability that that, that your ability to manage throughout the supply chain. We actually just did a a, an event recently with you guys where you went into what you're doing to make infrastructure trusted. And so my take on that is you, in a lot of respects, you're shifting, you know, the client's burden to your r and d now they have a lot of work to do, so it's, it's not like they can go home and just relax, but, but that's a key part of the partnership that I see. Jeff, I wonder if you could give us the, the, the final thoughts. >>Sure. Dell has a long history of being a trusted partner with it, right? So we have unmatched capabilities. Going back to your point, we have the broadest portfolio, we have, you know, we're a leader in every category that we participate in. We have a broad deep breadth of portfolio. We have scale, we have innovation that is just unmatched within data protection itself. We have the trusted market leader, no, if and or buts, we're number one for both data protection software in appliances per idc and we would just name for the 17th consecutive time the leader in the, the Gartner Magic Quadrant. So bottom line is customers can count on Dell. >>Yeah, and I think again, we're seeing the evolution of, of data protection. It's not like the last 10 years, it's really becoming an adjacency and really a key component of your cyber strategy. I think those two parts of the organization are coming together. So guys, really appreciate your time. Thanks for Thank you sir. Thanks Travis. Good to see you. All right, in a moment I'm gonna come right back and summarize what we learned today, what actions you can take for your business. You're watching the future of multi-cloud data protection made possible by Dell and collaboration with the cube, your leader in enterprise and emerging tech coverage right back >>In our data driven world. Protecting data has never been more critical to guard against everything from cyber incidents to unplanned outages. You need a cyber resilient, multi-cloud data protection strategy. >>It's not a matter of if you're gonna get hacked, it's a matter of when. And I wanna know that I can recover and continue to recover each day. >>It is important to have a cyber security and a cyber resiliency plan in place because the threat of cyber attack are imminent. >>Power protects. Data manager from Dell Technologies helps deliver the data protection and security confidence you would expect from a trusted partner and market leader. >>We chose Power Protect Data Manager because we've been a strategic partner with Dell Technologies for roughly 20 years now. Our partnership with Dell Technologies has provided us with the ability to scale and grow as we've transitioned from 10 billion in assets to 20 billion. >>With Power Protect Data Manager, you can enjoy exceptional ease of use to increase your efficiency and reduce costs. >>Got installed it by myself, learned it by myself with very intuitive >>While restoring a machine with Power Protect Data Manager is fast. We can fully manage Power Protect through the center. We can recover a whole machine in seconds. >>Data Manager offers innovation such as Transparent snapshots to simplify virtual machine backups and it goes beyond backup and restore to provide valuable insights and to protected data workloads and VMs. >>In our previous environment, it would take anywhere from three to six hours at night to do a single backup of each vm. Now we're backing up hourly and it takes two to three seconds with the transparent snapshots. >>With Power Protects Data Manager, you get the peace of mind knowing that your data is safe and available whenever you need it. >>Data is extremely important. We can't afford to lose any data. We need things just to work. >>Start your journey to modern data protection with Dell Power Protect Data manager. Visit dell.com/power Protect Data Manager. >>We put forth the premise in our introduction that the worlds of data protection in cybersecurity must be more integrated. We said that data recovery strategies have to be built into security practices and procedures and by default this should include modern hardware and software. Now in addition to reviewing some of the challenges that customers face, which have been pretty well documented, we heard about new products that Dell Technologies is bringing to the marketplace that specifically address these customer concerns. There were three that we talked about today. First, the Power Protect Data Manager Appliance, which is an integrated system taking advantage of Dell's history in data protection, but adding new capabilities. And I want to come back to that in the moment. Second is Dell's Power Protect cyber recovery for Google Cloud platform. This rounds out the big three public cloud providers for Dell, which joins AWS and and Azure support. >>Now finally, Dell has made its target backup appliances available in Apex. You might recall earlier this year we saw the introduction from Dell of Apex backup services and then in May at Dell Technologies world, we heard about the introduction of Apex Cyber Recovery Services. And today Dell is making its most popular backup appliances available and Apex. Now I wanna come back to the Power Protect data manager appliance because it's a new integrated appliance. And I asked Dell off camera really what is so special about these new systems and what's really different from the competition because look, everyone offers some kind of integrated appliance. So I heard a number of items, Dell talked about simplicity and efficiency and containers and Kubernetes. So I kind of kept pushing and got to what I think is the heart of the matter in two really important areas. One is simplicity. >>Dell claims that customers can deploy the system in half the time relative to the competition. So we're talking minutes to deploy and of course that's gonna lead to much simpler management. And the second real difference I heard was backup and restore performance for VMware workloads. In particular, Dell has developed transparent snapshot capabilities to fundamentally change the way VMs are protected, which leads to faster backup and restores with less impact on virtual infrastructure. Dell believes this new development is unique in the market and claims that in its benchmarks the new appliance was able to back up 500 virtual machines in 47% less time compared to a leading competitor. Now this is based on Dell benchmarks, so hopefully these are things that you can explore in more detail with Dell to see if and how they apply to your business. So if you want more information, go to the data protectionPage@dell.com. You can find that at dell.com/data protection. And all the content here and other videos are available on demand@thecube.net. Check out our series on the blueprint for trusted infrastructure, it's related and has some additional information. And go to silicon angle.com for all the news and analysis related to these and other announcements. This is Dave Valante. Thanks for watching the future of multi-cloud protection made possible by Dell in collaboration with the Cube, your leader in enterprise and emerging tech coverage.

>>How do y'all and welcome back to the cube where we're live from Dallas at a Supercomputing 2022. My name is Savannah Peterson. Joined with L AED today, as well as some very exciting guests talking about one of my favorite and most complex topics out there, talking about quantum a bit today. Please welcome Ken and Matthew. Thank you so much for reading here. Matthew. Everyone's gonna be able to see your shirt. What's going on with hybrid quantum? I have >>To ask. Wait, what is hybrid quantum? Yeah, let's not pretend that. >>Let's not >>Pretend that everybody knows, Everyone already knows what quantum computing is if we goes straight to highway. Yeah. Okay. So with the brief tour detour took qu regular quantum computing. Yeah, >>No, no. Yeah. Let's start with quantum start before. >>So you know, like regular computers made of transistors gives us ones and zeros, right? Binary, like you were talking about just like half of the Cheerios, right? The joke, it turns out there's some problems that even if we could build a computer as big as the whole universe, which would be pretty expensive, >>That might not be a bad thing, but >>Yeah. Yeah. Good for Dell Got mill. >>Yeah. >>Yeah. We wouldn't be able to solve them cuz they scale exponentially. And it turns out some of those problems have efficient solutions in quantum computing where we take any two state quantum system, which I'll explain in a sec and turn it into what we call a quantum bit or qubit. And those qubits can actually solve some problems that are just infeasible on even these world's largest computers by offering exponential advantage. And it turns out that today's quantum computers are a little too small and a little too noisy to do that alone. So by pairing a quantum computer with a classical computer, hence the partnership between IQ and Dell, you allow each kind of compute to do what it's best at and thereby get answers you can't get with either one alone. >>Okay. So the concept of introducing hybridity, I love that word bridge. I dunno if I made it up, but it's it for it. Let's about it. Abri, ding ding. So does this include simulating the quantum world within the, what was the opposite? The classical quantum world? Classical. Classical, classical computer. Yeah. So does it include the concept of simulating quantum in classical compute? >>Absolutely. >>Okay. How, how, how do, how do you do that? >>So there's simulators and emulators that effectively are programmed in exactly the same way that a physical quantum machine is through circuits translated into chasm or quantum assembly language. And those are the exact same ways that you would program either a physical q p or a simulated >>Q p. So, so access to quantum computing today is scarce, right? I mean it's, it's, it's, it's limited. So having the ability to have the world at large or a greater segment of society be able to access this through simulation is probably a good idea. >>Fair. It's absolutely a wonderful one. And so I often talk to customers and I tell them about the journey, which is hands on keyboard, learning, experimentation, building proof of concepts, and then finally productization. And you could do much of that first two steps anyway very robustly with simulation. >>It's much like classical computing where if you imagine back in the fifties, if, if the cube was at some conference in 1955, you know, we wouldn't have possibly been able to predict what we'd be doing with computing 70 years later, right? Yeah. That teenagers be making apps on their phones that changed the world, right? And so by democratizing access this way, suddenly we can open up all sorts of new use cases. We sort of like to joke, there's only a couple hundred people in the world who really know how to program quantum computers today. And so how are we gonna make thousands, tens of thousands, millions of quantum programmers? The answer is access and simulators are an amazingly accessible way for everyone to start playing around with the >>Fields. Very powerful tool. >>Wow. Yeah. I'm just thinking about how many, there's, are there really only hundreds of people who can program quantum computing? >>I kind of generally throw it out there and I say, you know, if you looked at a matrix of a thousand operations with hundreds of qubits, there's probably, I don't know, 2000 people worldwide that could program that type of a circuit. I mean it's a fairly complex circuit at that point and >>I, I mean it's pretty phenomenal When you think about how early we are in adoption and, and the rollout of this technology as a whole, can you see quite a bit as, as you look across your customer portfolio, what are some of the other trends you're seeing? >>Well, non quantum related trends or just any type you give us >>Both. >>Yeah. So >>We're a thought leader. This is >>Your moment. Yeah, so we do quite a bit. We see quite a bit actually. There's a lot of work happening at the edge as you're probably well aware of. And we see a lot of autonomous mobile robots. I actually lead the, the research office. So I get to see all the cool stuff that's really kind of emerging before it really regrets >>What's coming next. >>Let's see, Oh, I can't tell you what's coming next, but we see edge applications. Yes, we see a lot of, of AI applications and artificial intelligence is morphing dramatically through the number of frameworks and through the, the types and places you would place ai, even places I, I personally never thought we would go like manufacturing environments. Some places that were traditionally not very early adopters. We're seeing AI move very quickly in some of those areas. One of the areas that I'm really excited about is digital twins and the ability to eventually do, let's come up on acceleration with quantum technologies on, on things like computational fluid dynamics. And I think it's gonna be a wonderful, wonderful area for us moving forward. >>So, So I can hear the people screaming at the screen right now. Wait a minute, You said it was hybrid, you're only talking the front half. That's, that's cat. What about the back half? That's dog. What about the quantum part of it? So I, on Q and, and I apologize. Ion Q >>Ion >>Q, Yeah Ion Q cuz you never know. You never never know. Yeah. Where does the actual quantum come in? >>That's a great >>Question. So you guys have one of these things. >>Yeah, we've built, we currently have the world's best quantum computer by, by sub measures I drop there. Yeah, no big deal. Give me some snaps for that. Yeah, Ken knows how to pick em. Yeah, so right. Our, our approach, which is actually based on technology that's 50 years old, so it's quite, quite has a long history. The way we build atomic clocks is the basis for trapped eye quantum computing. And in fact the first quantum logic gate ever made in 1995 was at NIST where they modified their atomic clock experiment to do quantum gates. And that launched really the hardware experimentalist quantum Peter Revolution. And that was by Chris Monroe, our co-founder. So you know that history has flown directly into us. So to simplify, we start with an ion trap. Imagine a gold block with a bunch of electrodes that allow you to make precisely shaped electromagnetic fields, sort of like a rotating saddle. >>Then take a source of atoms. Now obviously we're all sources of atoms. We have a highly purified source of metal atium. We heat it up, we get a nice hot plume of atoms, we ionize those atoms with an ionizing later laser. Now they're hot and heavy and charged. So we can trap them in one of these fields. And now our electromagnetic field that's spitting rapidly holds the, the ions like balls in a bowl if you can imagine them. And they line up in a nice straight line and we hold them in place with these fields and with cooling laser beams. And up to now, that's how an atomic clock works. Trap an item and shine it with a laser beam. Count the oscillations, that's your clock. Now if you got 32 of those and you can manipulate their energy states, in our case we use the hyper fine energy states of the atom. >>But you can basically think of your high school chemistry where you have like an unexcited electron, an excited electron. Take your unexcited state as a zero, your excited state as a one. And it turns out with commercially available lasers, you can drive anywhere between a zero, a one or a super position of zero and one. And so that is our quantum bit, the hyper fine energy state of the atrium atom. And we just line up a bunch of them and through there access the magical powers of supervision entanglement, as we were talking about before, they don't really make sense to us here in the regular world, but >>They do exist. But what you just described is one cubit. That's right. And the way that you do it isn't exactly the same way that others who are doing quantum computing do it. That's right. Is that okay? >>And there's a lot of advantages to the trapped iron approach. So for example, you can also build a super conducting qubit where you, where you basically cool a chip to 47 mil kelvin and coerce millions of atoms to work together as a single system. The problem is that's not naturally quantum. So it's inherently noisy and it wants to deco here does not want to be a quantum bit. Whereas an atom is very happy to be by itself a qubit because we don't have to do anything to it. It's naturally quantum, if that makes sense. And so atomic qubits, like we use feature a few things. One the longest coherence times in the industry, meaning you can run very deep circuits, the most accurate operations, very low noise operations. And we don't have any wires. Our atoms are connected by laser light. That means you can connect any pair. So with some other technologies, the qubits are connected by wires. That means you can only run operations between physically connected qubits. It's like programming. If you could only use, for example, bits that are adjacent with an i untrapped approach, you can connect any pair so that all to all connectivity means your compilation is much more efficient and you can do much wider and deeper circuits. >>So what's the, what is the closest thing to a practical application that we've been able to achieve at this point? Question. And when I say practical, it doesn't have to be super practical. I mean, what is the, what is the sort of demonstration, the least esoteric demonstration of this at this point? >>To tie into what Ken was saying earlier, I think there's at least two areas that are very exciting. One is chemistry. Chemistry. So for example, you know, we have water in our cup and we understand water pretty well, but there's lots of molecules that in order to study them, we actually have to make them in a lab and do lots of experiments. And to give you a sense of the order of magnitude, if you wanted to understand the ground state of the caffeine molecule, which we all know and has 200 electrons, you would need to build a computer bigger than the moon. So, which is, you know, again, would be good profit for Dell, but probably not gonna happen time soon. That's >>Kind of fun to think about though. Yeah, that's a great analogy. That >>Was, yeah. And in fact it'd be like 10 moons of compute. Okay. So build 10 moons of >>Computer. I >>Love the sci-fi issue. Exactly. And now you can calculate caffeine, it's crazy or it just fits in a quantum computer the size of this table. And so we're using hybrid quantum computing now to start proving out these algorithms not for molecules as complex as caffeine or what we want in the future. Like biologics, you know, new cancer medications, new materials and so forth. But we are able to show, for example, the ground state of smaller molecules and prove a path to where, you know, decision maker could see in a few years from now, Oh, we'll be able to actually simulate not molecules we already understand, but molecules we've never been able to study a prayer, if that makes sense. And then, >>Yeah, I think there's a key point underneath that, and I think goes back to the question that you asked earlier about the why hybrid applications inherently run on the classical infrastructure and algorithms are accelerated through qs, the quantum processing units. >>And so are you sort of time sharing in the sense that this environment that you set up starts with classical, with simulation and then you get to a point where you say, okay, we're ready, you pick up the bat phone and you say I wanna, >>I would say it's more like a partnership, really. Yeah, >>Yeah. And I think, I think it's kind of the, the way I normally describe it is, you know, we've taken a look at it it from a really kind of a software development life cycle type of perspective where again, if you follow that learn experiment, pro proof of concept, and then finally productize, we, we can cover and allow for a developer to start prototyping and proofing on simulators and when they're ready all they do is flip a switch and a manifest and they can automatically engage a qu a real quantum physical quantum system. And so we've made it super simple and very accessible in a democratizing access for developers. >>Yeah. Makes such big difference. Go ahead. >>A good analogy is to like GPUs, right? Where it's not really like, you know, you send it away, but rather the GPU accelerates certain operations. The q p. Yeah, because quantum mechanics, it turns out the universe runs on linear algebra. So one way to think about the q p is the most efficient way of doing linear algebra that exists. So lots of problems that can be expressed in that form. Combinatorial optimization problems in general, certain kinds of machine learning, et cetera, get an exponential speed up by running a section of the algorithm on the quantum computer. But of course you wouldn't like port Microsoft Word. Yeah, exactly. You know, you're not gonna do that in your product. It would be a waste of your quantum computer. >>Not just that you wanna know exactly how much money is in your bank account, not probabilistically how much might be ballpark. Yeah. Realm 10, moon ballpark, right? >>10 moon ballpark. Be using that for the rest of the show. Yeah. Oh, I love that. Ken, tell me a little bit about how you identify companies and like I n Q and and end up working with Matthew. What, what's that like, >>What's it like or how do you >>Find it's the process? Like, so, you know, let's say I've got the the >>We're not going there though. Yeah. We're not >>Personal relationship. >>Well, >>You can answer these questions however you want, you know. No, but, but what does that look like for Dell? How do you, how do you curate and figure out who you're gonna bring into this partnership nest? >>Yeah, you know, I, I think it was a, it's, it was a, a very long drawn out learning opportunity. We started actually our working quantum back in 2016. So we've been at it for a long time. And only >>In quantum would we say six years is a long time. I love >>That. Exactly. >>By the way, that was like, we've been doing this for age for a >>Long time. Yeah. Very long time before >>You were born. Yes. >>Feels like it actually, believe it or not. But, so we've been at it for a long time and you know, we went down some very specific learning paths. We took a lot of different time to, to learn about different types of qubits available, different companies, what their approaches were, et cetera. Yeah. And, and we ended up meeting up with, with I N Q and, and we also have other partners as well, like ibm, but I N q you know, we, there is a nice symbiotic relationship. We're actually doing some really cool technologies that are even much, much further ahead than the, you know, strict classical does this, quantum does that where there's significant amount of interplay between the simulation systems and between the real physical QS. And so it's, it's turning out to be a great relationship. They're, they're very easy to work with and, and a lot of fun too, as you could probably tell. Yeah. >>Clearly. So before we wrap, I've got it. Okay. Okay. So get it. Let's get, let's get, yeah, let's get deep. Let's get deep for a second or a little deeper than we've been. So our current, our current understanding of all this, of the universe, it's pretty limited. It's down to the point where we effectively have it assigned to witchcraft. It's all dark energy and dark matter. Right. What does that mean exactly? Nobody knows. But if you're in the quantum computing space and you're living this every day, do you believe that it represents the key to us understanding things that currently we just can't understand classical models, including classical computing, our brains as they're constructed aren't capable of understanding the real real that's out there. Yeah. If you're in the quantum computing space, do you possess that level of hubris? Do you think that you are gonna deliver the answers? >>I'm just like, I think the more you're in the space, the more mysterious and amazing it all seems. There's a, but there is a great quote by Richard Feinman that sort of kicked off the quantum exploration. So he gave a lecture in 1981, so, you know, long before any of this began, truly ages ago, right? Yeah. And in this lecture he said, you know, kind of wild at that time, right? We had to build these giant supercomputers to simulate just a couple atoms interacting, right? And it's kind of crazy that you need all this compute to simulate what nature does with just a handful >>Particles. Yeah. >>Really small. So, and, and famously he said, you know, nature just isn't classical. Damn it. And so you need to build a computer that works with nature to understand nature. I think, you know, the, the quantum revolution has only just begun. There's so many new things to learn, and I'm sure the quantum computers of 40 years from now are not gonna look like the, you know, the computers of today, just as the classical computers of 40 years ago look quite different to us now, >>And we're a bunch of apes. But you think we'll get there? >>I, yeah, I, I mean, I, I have, I think we have, I feel incredibly optimistic that this tool, quantum computing as a tool represents a sea change in what's possible for humans to compute. >>Yeah. I think it's that possibility. You know, I, when I tell people right now in the quantum era, we're in the inac stage of the quantum era, and so we have a long way to go, but the potential is absolutely enormous. In fact, incomprehensibly enormous, I >>Was just gonna say, I don't even think we could grasp >>In the, from the inac is they had no idea of computers inside of your hand, right? Yeah. >>They're calculating, you know, trajectories, right? Yeah. If you told them, like, we'd all be video chatting, you >>Know, >>Like, and kids would be doing synchronized dances, you know, you'd be like, What? >>I love that. Well, well, on that note, Ken Matthew, really great to have you both, everyone now will be pondering the scale and scope of the universe with their 10 moon computer, 10 moons. That's right. And, and you've given me my, my new favorite bumper sticker since we've been on a, on a roll here, David and I, which is just naturally quantum. Yeah, that's, that's, that's, that's one of my new favorite phrases from the show. Thank you both for being here. David, thank you for hanging out and thank all of you for tuning in to our cube footage live here in Dallas. We are at Supercomputing. This is our last show for the day, but we look forward to seeing you tomorrow morning. My name's Savannah Peterson. Y'all have a lovely night.

>> We're here with Jeff Boudreau and Travis Vigil, and we're going to dig into the details about Dell's big data protection announcement. Guys, good to see you. Thanks for coming in. >> Good to see you. Thank you for having us. >> You're very welcome. Let's start off, Jeff, with a high level, you know I'd like to talk about the customer, what challenges they're facing. You're talking to customers all the time, what are they telling you? >> Sure. As you know, we spend a lot of time with our customers, specifically listening, learning understanding their use cases their pain points within their specific environments. They tell us a lot, to no surprise to any of us that data is a key theme that they talk about. It's one of their most important assets. They need to extract more value from that data to fuel their business models their innovation engines, their competitive edge. So they need to make sure that that data is accessible it's secure, and it's recoverable, especially in today's world with the increased cyber attacks. >> Okay. So maybe we could get into some of those challenges. I mean, when you talk about things like data sprawl what do you mean by that? What should people know? >> Sure, so for those big three themes, I'd say, you know you have data sprawl, which is the big one which is all about the massive amounts of data. It's the growth of that data which is growing at an unprecedented rates. It's the gravity of that data and the reality of the multi-cloud sprawl. So stuff is just everywhere, right? Which increases that service, attack space for cyber criminals. >> And by gravity you mean the data's there and people don't want to move it. >> It's everywhere, right? And so when it lands someplace, think Edge, Core or Cloud, it's there. And it's something we have to help our customers with. >> Okay. So it's nuanced cause complexity has other layers. What are those layers? >> Sure. When we talk to our customers they tell us complexity is one of their big themes. And specifically it's around data complexity. We talked about that growth and gravity of the data. We talk about multi-cloud complexity and we talk about multi-cloud sprawl. So multiple vendors, multiple contracts multiple tool chains, and none of those work together in this, you know, multi-cloud world. Then that drives their security complexity. So we talk about that increased attack surface. But this really drives a lot of operational complexity for their teams. Think about, we're lack consistency through everything. So people, process, tools, all that stuff which is really wasting time and money for our customers. >> So how does that affect the cyber strategies and the, I've often said the CISO, now they have this shared responsibility model they have to do that across multiple clouds. Every cloud has its own security policies and frameworks and syntax. So maybe you could double click on your perspective on that. >> Sure. I'd say the big challenge customers have seen, it's really inadequate cyber resiliency. And specifically they're feeling very exposed. And today as the world with cyber attacks being more and more sophisticated, if something goes wrong it is a real challenge for them to get back up and running quickly. And that's why this is such a big topic for CEOs and businesses around the world. >> You know, it's funny, I said this in my open, I think that prior to the pandemic businesses were optimized for efficiency and now they're like, wow, we have to actually put some headroom into the system to be more resilient, you know? Are you hearing that? >> Yeah, we absolutely are. I mean, the customers really they're asking us for help, right? It's one of the big things we're learning and hearing from them. And it's really about three things one's about simplifying IT. Two, it's really helping them to extract more value from their data. And then the third big piece is ensuring their data is protected and recoverable regardless of where it is going back to that data gravity and that very, you know the multi-cloud world. Just recently, I don't know if you've seen it, but the global data protected, excuse me the global data protection index. >> GDPI. >> Yes. Jesus! >> Not to be confused with GDPR. >> Actually that was released today and confirms everything we just talked about around customer challenges but also it highlights an importance of having a very cyber, a robust cyber resilient data protection strategy. >> Yeah, I haven't seen the latest, but I want to dig into it. I think this, you've done this many, many years in a row. I like to look at the time series and see how things have changed. All right. At a high level, Jeff, can you kind of address why Dell and from your point of view is best suited? >> Sure. So we believe there's a better way or a better approach on how to handle this. We think Dell is uniquely positioned to help our customers as a one stop shop, if you will, for that cyber resilient multi-cloud data protection solution and needs. We take a modern, a simple and resilient approach. >> Well what does that mean? What do you mean by modern? >> Sure. So modern, we talk about our software defined architecture, right? It's really designed to meet the needs not only of today but really into the future. And we protect data across any cloud and any workload. So we have a proven track record doing this today. We have more than 1700 customers that trust us to protect more than 14 exabytes of their data in the cloud today. >> Okay. So you said modern, simple and resilient. What, what do you mean by simple? >> Sure. We want to provide simplicity everywhere, going back to helping with the complexity challenge, and that's from deployment to consumption to management and support. So our offers will deploy in minutes. They are easy to operate and use and we support flexible consumption models for whatever customer may desire. So traditional, subscription, or as a service. >> And when you talk about resilient, I mean I put forth that premise, but it's hard because people say, well, that's going to going to cost us more. Well, it may, but you're going to also reduce your risk. So what's your point of view on resilience? >> Yeah, I think it's something all customers need. So we're going to be providing a comprehensive and resilient portfolio of cyber solutions that are secured by design. We have some some unique capabilities in a combination of things like built in immuneability, physical and logical isolation. We have intelligence built in with AI parred recovery and just one, I guess fun fact for everybody is we have our cyber vault is the only solution in the industry that is endorsed by Sheltered Harbor that meets all the needs of the financial sector. >> So it's interesting when you think about the NIST framework for cybersecurity, it's all about layers. You're sort of bringing that now to data protection. >> Correct. >> Yeah. All right. In a minute we're going to come back with Travis and dig into the news. We're going to take a short break, keep it right there. (calming piano music)

>>Hello everyone. Welcome to the Cube's coverage of AWS Reinvent 22. I'm John Ferer, host of the Cube. Got some great coverage here talking about software supply chain and sustainability in the cloud. We've got a great conversation. Gunner Helickson, Vice President and general manager at Red Hat Enterprise Linux and Business Unit of Red Hat. Thanks for coming on. And Edon Eja Director, Product Management of commercial software services aws. Gentlemen, thanks for joining me today. >>Oh, it's a pleasure. >>You know, the hottest topic coming out of Cloudnative developer communities is slide chain software sustainability. This is a huge issue. As open source continues to power away and fund and grow this next generation modern development environment, you know, supply chain, you know, sustainability is a huge discussion because you gotta check things out where, what's in the code. Okay, open source is great, but now we gotta commercialize it. This is the topic, Gunner, let's get in, get with you. What, what are you seeing here and what's some of the things that you're seeing around the sustainability piece of it? Because, you know, containers, Kubernetes, we're seeing that that run time really dominate this new abstraction layer, cloud scale. What's your thoughts? >>Yeah, so I, it's interesting that the, you know, so Red Hat's been doing this for 20 years, right? Making open source safe to consume in the enterprise. And there was a time when in order to do that you needed to have a, a long term life cycle and you needed to be very good at remediating security vulnerabilities. And that was kind of, that was the bar that you had that you had to climb over. Nowadays with the number of vulnerabilities coming through, what people are most worried about is, is kind of the providence of the software and making sure that it has been vetted and it's been safe, and that that things that you get from your vendor should be more secure than things that you've just downloaded off of GitHub, for example. Right? And that's, that's a, that's a place where Red Hat's very comfortable living, right? >>Because we've been doing it for, for 20 years. I think there, there's another, there's another aspect to this, to this supply chain question as well, especially with the pandemic. You know, we've got these, these supply chains have been jammed up. The actual physical supply chains have been jammed up. And, and the two of these issues actually come together, right? Because as we've been go, as we go through the pandemic, we've had these digital transformation efforts, which are in large part people creating software in order to manage better their physical supply chain problems. And so as part of that digital transformation, you have another supply chain problem, which is the software supply chain problem, right? And so these two things kind of merge on these as people are trying to improve the performance of transportation systems, logistics, et cetera. Ultimately it all boils down to it all. Both supply chain problems actually boil down to a software problem. It's very >>Interesting that, Well, that is interesting. I wanna just follow up on that real quick if you don't mind. Because if you think about the convergence of the software and physical world, you know, that's, you know, IOT and also hybrid cloud kind of plays into that at scale, this opens up more surface area for attacks, especially when you're under a lot of pressure. This is where, you know, you can, you have a service area in the physical side and you have constraints there. And obviously the pandemic causes problems, but now you've got the software side. Can you, how are you guys handling that? Can you just share a little bit more of how you guys are looking at that with Red Hat? What's, what's the customer challenge? Obviously, you know, skills gaps is one, but like that's a convergence at the same time. More security problems. >>Yeah, yeah, that's right. And certainly the volume of, if we just look at security vulnerabilities themselves, just the volume of security vulnerabilities has gone up considerably as more people begin using the software. And as the software becomes more important to kind of critical infrastructure, more eyeballs are on it. And so we're uncovering more problems, which is kind of, that's, that's okay. That's how the world works. And so certainly the, the number of remediations required every year has gone up. But also the customer expectations, as I've mentioned before, the customer expectations have changed, right? People want to be able to show to their auditors and to their regulators that no, we, we, in fact, I can show the providence of the software that I'm using. I didn't just download something random off the internet. I actually have, like you, you know, adults paying attention to the, how the software gets put together. >>And it's still, honestly, it's still very early days. We can, I think the, in as an industry, I think we're very good at managing, identifying remediating vulnerabilities in the aggregate. We're pretty good at that. I think things are less clear when we talk about kind of the management of that supply chain, proving the provenance, proving the, and creating a resilient supply chain for software. We have lots of tools, but we don't really have lots of shared expectations. Yeah. And so it's gonna be interesting over the next few years, I think we're gonna have more rules are gonna come out. I see NIST has already, has already published some of them. And as these new rules come out, the whole industry is gonna have to kind of pull together and, and really and really rally around some of this shared understanding so we can all have shared expectations and we can all speak the same language when we're talking about this >>Problem. That's awesome. A and Amazon web service is obviously the largest cloud platform out there, you know, the pandemic, even post pandemic, some of these supply chain issues, whether it's physical or software, you're also an outlet for that. So if someone can't buy hardware or, or something physical, they can always get the cloud. You guys have great network compute and whatnot and you got thousands of ISVs across the globe. How are you helping customers with this supply chain problem? Because whether it's, you know, I need to get in my networking gears delayed, I'm gonna go to the cloud and get help there. Or whether it's knowing the workloads and, and what's going on inside them with respect open source. Cause you've got open source, which is kind of an external forcing function. You got AWS and you got, you know, physical compute stores, networking, et cetera. How are you guys helping customers with the supply chain challenge, which could be an opportunity? >>Yeah, thanks John. I think there, there are multiple layers to that. At, at the most basic level we are helping customers buy abstracting away all these data central constructs that they would have to worry about if they were running their own data centers. They would have to figure out how the networking gear, you talk about, you know, having the right compute, right physical hardware. So by moving to the cloud, at least they're delegating that problem to AWS and letting us manage and making sure that we have an instance available for them whenever they want it. And if they wanna scale it, the, the, the capacity is there for them to use now then that, so we kind of give them space to work on the second part of the problem, which is building their own supply chain solutions. And we work with all kinds of customers here at AWS from all different industry segments, automotive, retail, manufacturing. >>And you know, you see that the complexity of the supply chain with all those moving pieces, like hundreds and thousands of moving pieces, it's very daunting. So cus and then on the other hand, customers need more better services. So you need to move fast. So you need to build, build your agility in the supply chain itself. And that is where, you know, Red Hat and AWS come together where we can build, we can enable customers to build their supply chain solutions on platform like Red Hat Enterprise, Linux Rail or Red Hat OpenShift on, on aws. We call it Rosa. And the benefit there is that you can actually use the services that we, that are relevant for the supply chain solutions like Amazon managed blockchain, you know, SageMaker. So you can actually build predictive and s you can improve forecasting, you can make sure that you have solutions that help you identify where you can cut costs. And so those are some of the ways we are helping customers, you know, figure out how they actually wanna deal with the supply chain challenges that we're running into in today's world. >>Yeah, and you know, you mentioned sustainability outside of software su sustainability, you know, as people move to the cloud, we've reported on silicon angle here in the cube that it's better to have the sustainability with the cloud because then the data centers aren't using all that energy too. So there's also all kinds of sustainability advantages, Gunner, because this is, this is kind of how your relationship with Amazon's expanded. You mentioned Rosa, which is Red Hat on, you know, on OpenShift, on aws. This is interesting because one of the biggest discussions is skills gap, but we were also talking about the fact that the humans are huge part of the talent value. In other words, the, the humans still need to be involved and having that relationship with managed services and Red Hat, this piece becomes one of those things that's not talked about much, which is the talent is increasing in value the humans, and now you got managed services on the cloud, has got scale and human interactions. Can you share, you know, how you guys are working together on this piece? Cuz this is interesting cuz this kind of brings up the relationship of that operator or developer. >>Yeah, Yeah. So I think there's, so I think about this in a few dimensions. First is that the kind of the, I it's difficult to find a customer who is not talking about automation at some level right now. And obviously you can automate the processes and, and the physical infrastructure that you already have that's using tools like Ansible, right? But I think that the, combining it with the, the elasticity of a solution like aws, so you combine the automation with kind of elastic and, and converting a lot of the capital expenses into operating expenses, that's a great way actually to save labor, right? So instead of like racking hard drives, you can have somebody who's somebody do something a little more like, you know, more valuable work, right? And so, so okay, but that gives you a platform and then what do you do with that platform? >>And if you've got your systems automated and you've got this kind of elastic infrastructure underneath you, what you do on top of it is really interesting. So a great example of this is the collaboration that, that we had with running the rel workstation on aws. So you might think like, well why would anybody wanna run a workstation on, on a cloud? That doesn't make a whole lot of sense unless you consider how complex it is to set up, if you have the, the use case here is like industrial workstations, right? So it's animators, people doing computational fluid dynamics, things like this. So these are industries that are extremely data heavy. They have workstations have very large hardware requirements, often with accelerated GPUs and things like this. That is an extremely expensive thing to install on premise anywhere. And if the pandemic taught us anything, it's, if you have a bunch of very expensive talent and they all have to work from a home, it is very difficult to go provide them with, you know, several tens of thousands of dollars worth of worth of worth of workstation equipment. >>And so combine the rail workstation with the AWS infrastructure and now all that workstation computational infrastructure is available on demand and on and available right next to the considerable amount of data that they're analyzing or animating or, or, or working on. So it's a really interesting, it's, it was actually, this is an idea that I was actually born with the pandemic. Yeah. And, and it's kind of a combination of everything that we're talking about, right? It's the supply chain challenges of the customer, It's the lack of lack of talent, making sure that people are being put their best and highest use. And it's also having this kind of elastic, I think, opex heavy infrastructure as opposed to a CapEx heavy infrastructure. >>That's a great example. I think that's illustrates to me what I love about cloud right now is that you can put stuff in, in the cloud and then flex what you need when you need it at in the cloud rather than either ingress or egress data. You, you just more, you get more versatility around the workload needs, whether it's more compute or more storage or other high level services. This is kind of where this NextGen cloud is going. This is where, where, where customers want to go once their workloads are up and running. How do you simplify all this and how do you guys look at this from a joint customer perspective? Because that example I think will be something that all companies will be working on, which is put it in the cloud and flex to the, whatever the workload needs and put it closer to the work compute. I wanna put it there. If I wanna leverage more storage and networking, Well, I'll do that too. It's not one thing. It's gotta flex around what's, how are you guys simplifying this? >>Yeah, I think so for, I'll, I'll just give my point of view and then I'm, I'm very curious to hear what a not has to say about it, but the, I think and think about it in a few dimensions, right? So there's, there is a, technically like any solution that aan a nun's team and my team wanna put together needs to be kind of technically coherent, right? The things need to work well together, but that's not the, that's not even most of the job. Most of the job is actually the ensuring and operational consistency and operational simplicity so that everything is the day-to-day operations of these things kind of work well together. And then also all the way to things like support and even acquisition, right? Making sure that all the contracts work together, right? It's a really in what, So when Aon and I think about places of working together, it's very rare that we're just looking at a technical collaboration. It's actually a holistic collaboration across support acquisition as well as all the engineering that we have to do. >>And on your, your view on how you're simplifying it with Red Hat for your joint customers making Collabo >>Yeah. Gun, Yeah. Gunner covered it. Well I think the, the benefit here is that Red Hat has been the leading Linux distribution provider. So they have a lot of experience. AWS has been the leading cloud provider. So we have both our own point of views, our own learning from our respective set of customers. So the way we try to simplify and bring these things together is working closely. In fact, I sometimes joke internally that if you see Ghana and my team talking to each other on a call, you cannot really tell who who belongs to which team. Because we're always figuring out, okay, how do we simplify discount experience? How do we simplify programs? How do we simplify go to market? How do we simplify the product pieces? So it's really bringing our, our learning and share our perspective to the table and then really figure out how do we actually help customers make progress. Rosa that we talked about is a great example of that, you know, you know, we, together we figured out, hey, there is a need for customers to have this capability in AWS and we went out and built it. So those are just some of the examples in how both teams are working together to simplify the experience, make it complete, make it more coherent. >>Great. That's awesome. That next question is really around how you help organizations with the sustainability piece, how to support them, simplifying it. But first, before we get into that, what is the core problem around this sustainability discussion we're talking about here, supply chain sustainability, What is the core challenge? Can you both share your thoughts on what that problem is and what the solution looks like and then we can get into advice? >>Yeah. Well from my point of view, it's, I think, you know, one of the lessons of the last three years is every organization is kind of taking a careful look at how resilient it is. Or ever I should say, every organization learned exactly how resilient it was, right? And that comes from both the, the physical challenges and the logistics challenges that everyone had. The talent challenges you mentioned earlier. And of course the, the software challenges, you know, as everyone kind of embarks on this, this digital transformation journey that, that we've all been talking about. And I think, so I really frame it as, as resilience, right? And and resilience is at bottom is really about ensuring that you have options and that you have choices. The more choices you have, the more options you have, the more resilient you, you and your organization is going to be. And so I know that that's how, that's how I approach the market. I'm pretty sure that's exact, that's how AON is, has approaching the market, is ensuring that we are providing as many options as possible to customers so that they can assemble the right, assemble the right pieces to create a, a solution that works for their particular set of challenges or their unique set of challenges and and unique context. Aon, is that, does that sound about right to you? Yeah, >>I think you covered it well. I, I can speak to another aspect of sustainability, which is becoming increasingly top of mind for our customer is like how do they build products and services and solutions and whether it's supply chain or anything else which is sustainable, which is for the long term good of the, the planet. And I think that is where we have been also being very intentional and focused in how we design our data center. How we actually build our cooling system so that we, those are energy efficient. You know, we, we are on track to power all our operations with renewable energy by 2025, which is five years ahead of our initial commitment. And perhaps the most obvious example of all of this is our work with arm processors Graviton three, where, you know, we are building our own chip to make sure that we are designing energy efficiency into the process. And you know, we, there's the arm graviton, three arm processor chips, there are about 60% more energy efficient compared to some of the CD six comparable. So all those things that are also we are working on in making sure that whatever our customers build on our platform is long term sustainable. So that's another dimension of how we are working that into our >>Platform. That's awesome. This is a great conversation. You know, the supply chain is on both sides, physical and software. You're starting to see them come together in great conversations and certainly moving workloads to the cloud running in more efficiently will help on the sustainability side, in my opinion. Of course, you guys talked about that and we've covered it, but now you start getting into how to refactor, and this is a big conversation we've been having lately, is as you not just lift and ship but re-platform and refactor, customers are seeing great advantages on this. So I have to ask you guys, how are you helping customers and organizations support sustainability and, and simplify the complex environment that has a lot of potential integrations? Obviously API's help of course, but that's the kind of baseline, what's the, what's the advice that you give customers? Cause you know, it can look complex and it becomes complex, but there's an answer here. What's your thoughts? >>Yeah, I think so. Whenever, when, when I get questions like this from from customers, the, the first thing I guide them to is, we talked earlier about this notion of consistency and how important that is. It's one thing, it it, it is one way to solve the problem is to create an entirely new operational model, an entirely new acquisition model and an entirely new stack of technologies in order to be more sustainable. That is probably not in the cards for most folks. What they want to do is have their existing estate and they're trying to introduce sustainability into the work that they are already doing. They don't need to build another silo in order to create sustainability, right? And so there have to be, there has to be some common threads, there has to be some common platforms across the existing estate and your more sustainable estate, right? >>And, and so things like Red Hat enterprise Linux, which can provide this kind of common, not just a technical substrate, but a common operational substrate on which you can build these solutions if you have a common platform on which you are building solutions, whether it's RHEL or whether it's OpenShift or any of our other platforms that creates options for you underneath. So that in some cases maybe you need to run things on premise, some things you need to run in the cloud, but you don't have to profoundly change how you work when you're moving from one place to another. >>And that, what's your thoughts on, on the simplification? >>Yeah, I mean think that when you talk about replatforming and refactoring, it is a daunting undertaking, you know, in today's, in the, especially in today's fast paced work. So, but the good news is you don't have to do it by yourself. Customers don't have to do it on their own. You know, together AWS and Red Hat, we have our rich partner ecosystem, you know AWS over AWS has over a hundred thousand partners that can help you take that journey, the transformation journey. And within AWS and working with our partners like Red Hat, we make sure that we have all in, in my mind there are really three big pillars that you have to have to make sure that customers can successfully re-platform refactor their applications to the modern cloud architecture. You need to have the rich set of services and tools that meet their different scenarios, different use cases. Because no one size fits all. You have to have the right programs because sometimes customers need those incentives, they need those, you know, that help in the first step and last but no needs, they need training. So all of that, we try to cover that as we work with our customers, work with our partners and that is where, you know, together we try to help customers take that step, which is, which is a challenging step to take. >>Yeah. You know, it's great to talk to you guys, both leaders in your field. Obviously Red hats, well story history. I remember the days back when I was provisioning, loading OSS on hardware with, with CDs, if you remember, that was days gunner. But now with high level services, if you look at this year's reinvent, and this is like kind of my final question for the segment is then we'll get your reaction to is last year we talked about higher level services. I sat down with Adam Celski, we talked about that. If you look at what's happened this year, you're starting to see people talk about their environment as their cloud. So Amazon has the gift of the CapEx, the all that, all that investment and people can operate on top of it. They're calling that environment their cloud. Okay, For the first time we're seeing this new dynamic where it's like they have a cloud, but they're Amazon's the CapEx, they're operating. So you're starting to see the operational visibility gun around how to operate this environment. And it's not hybrid this, that it's just, it's cloud. This is kind of an inflection point. Do you guys agree with that or, or having a reaction to that statement? Because I, I think this is kind of the next gen super cloud-like capability. It's, it's, we're going, we're building the cloud. It's now an environment. It's not talking about private cloud, this cloud, it's, it's all cloud. What's your reaction? >>Yeah, I think, well I think it's a very natural, I mean we used words like hybrid cloud, multi-cloud, if, I guess super cloud is what the kids are saying now, right? It's, it's all, it's all describing the same phenomena, right? Which is, which is being able to take advantage of lots of different infrastructure options, but still having something that creates some commonality among them so that you can, so that you can manage them effectively, right? So that you can have kind of uniform compliance across your estate so that you can have kind of, you can make the best use of your talent across the estate. I mean this is a, this is, it's a very natural thing. >>They're calling it cloud, the estate is the cloud. >>Yeah. So yeah, so, so fine if it, if it means that we no longer have to argue about what's multi-cloud and what's hybrid cloud, I think that's great. Let's just call it cloud. >>And what's your reaction, cuz this is kind of the next gen benefits of, of higher level services combined with amazing, you know, compute and, and resource at the infrastructure level. What's your, what's your view on that? >>Yeah, I think the construct of a unified environment makes sense for customers who have all these use cases which require, like for instance, if you are doing some edge computing and you're running it WS outpost or you know, wave lent and these things. So, and, and it is, it is fear for customer to say, think that hey, this is one environment, same set of tooling that they wanna build that works across all their different environments. That is why we work with partners like Red Hat so that customers who are running Red Hat Enterprise Linux on premises and who are running in AWS get the same level of support, get the same level of security features, all of that. So from that sense, it actually makes sense for us to build these capabilities in a way that customers don't have to worry about, Okay, now I'm actually in the AWS data center versus I'm running outpost on premises. It is all one. They, they just use the same set of cli command line APIs and all of that. So in that sense, it's actually helps customers have that unification so that that consistency of experience helps their workforce and be more productive versus figuring out, okay, what do I do, which tool I use? Where >>And on you just nailed it. This is about supply chain sustainability, moving the workloads into a cloud environment. You mentioned wavelength, this conversation's gonna continue. We haven't even talked about the edge yet. This is something that's gonna be all about operating these workloads at scale and all the, with the cloud services. So thanks for sharing that and we'll pick up that edge piece later. But for reinvent right now, this is really the key conversation. How to bake the sustained supply chain work in a complex environment, making it simpler. And so thanks for sharing your insights here on the cube. >>Thanks. Thanks for having >>Us. Okay, this is the cube's coverage of ados Reinvent 22. I'm John Fur, your host. Thanks for watching.

>>Prior to the pandemic, organizations were largely optimized for efficiency as the best path to bottom line profits. Many CIOs tell the cube privately that they were caught off guard by the degree to which their businesses required greater resiliency beyond their somewhat cumbersome disaster recovery processes. And the lack of that business resilience has actually cost firms because they were unable to respond to changing market forces. And certainly we've seen this dynamic with supply chain challenges and there's a little doubt. We're also seeing it in the area of cybersecurity generally, and data recovery. Specifically. Over the past 30 plus months, the rapid adoption of cloud to support remote workers and build in business resilience had the unintended consequences of expanding attack vectors, which brought an escalation of risk from cyber crime. Well, security in the public clouds is certainly world class. The result of multi-cloud has brought with it multiple shared responsibility models, multiple ways of implementing security policies across clouds and on-prem. >>And at the end of the day, more, not less complexity, but there's a positive side to this story. The good news is that public policy industry collaboration and technology innovation is moving fast to accelerate data protection and cybersecurity strategies with a focus on modernizing infrastructure, securing the digital supply chain, and very importantly, simplifying the integration of data protection and cybersecurity. Today there's heightened awareness that the world of data protection is not only an adjacency to, but it's becoming a fundamental component of cybersecurity strategies. In particular, in order to build more resilience into a business, data protection, people, technologies, and processes must be more tightly coordinated with security operations. Hello and welcome to the future of Multi-Cloud Data Protection Made Possible by Dell in collaboration with the Cube. My name is Dave Valante and I'll be your host today. In this segment, we welcome into the Cube, two senior executives from Dell who will share details on new technology announcements that directly address these challenges. >>Jeff Boudreaux is the president and general manager of Dell's Infrastructure Solutions Group, isg, and he's gonna share his perspectives on the market and the challenges he's hearing from customers. And we're gonna ask Jeff to double click on the messages that Dell is putting into the marketplace and give us his detailed point of view on what it means for customers. Now Jeff is gonna be joined by Travis Vhi. Travis is the senior Vice President of product management for ISG at Dell Technologies, and he's gonna give us details on the products that are being announced today and go into the hard news. Now, we're also gonna challenge our guests to explain why Dell's approach is unique and different in the marketplace. Thanks for being with us. Let's get right into it. We're here with Jeff Padro and Travis Behill. We're gonna dig into the details about Dell's big data protection announcement. Guys, good to see you. Thanks >>For coming in. Good to see you. Thank you for having us. >>You're very welcome. Right. Let's start off, Jeff, with a high level, you know, I'd like to talk about the customer, what challenges they're facing. You're talking to customers all the time, What are they telling you? >>Sure. As you know, we do, we spend a lot of time with our customers, specifically listening, learning, understanding their use cases, their pain points within their specific environments. They tell us a lot. Notice no surprise to any of us, that data is a key theme that they talk about. It's one of their most important, important assets. They need to extract more value from that data to fuel their business models, their innovation engines, their competitive edge. So they need to make sure that that data is accessible, it's secure in its recoverable, especially in today's world with the increased cyber attacks. >>Okay. So maybe we could get into some of those, those challenges. I mean, when, when you talk about things like data sprawl, what do you mean by that? What should people know? Sure. >>So for those big three themes, I'd say, you know, you have data sprawl, which is the big one, which is all about the massive amounts of data. It's the growth of that data, which is growing at an unprecedented rates. It's the gravity of that data and the reality of the multi-cloud sprawl. So stuff is just everywhere, right? Which increases that service a tax base for cyber criminals. >>And and by gravity you mean the data's there and people don't wanna move it. >>It's everywhere, right? And so when it lands someplace, I think edge, core or cloud, it's there and that's, it's something we have to help our customers with. >>Okay, so just it's nuanced cuz complexity has other layers. What, what are those >>Layers? Sure. When we talk to our customers, they tell us complexity is one of their big themes. And specifically it's around data complexity. We talked about that growth and gravity of the data. We talk about multi-cloud complexity and we talk about multi-cloud sprawl. So multiple vendors, multiple contracts, multiple tool chains, and none of those work together in this, you know, multi-cloud world. Then that drives their security complexity. So we talk about that increased attack surface, but this really drives a lot of operational complexity for their teams. Think about we're a lack consistency through everything. So people, process, tools, all that stuff, which is really wasting time and money for our customers. >>So how does that affect the cyber strategies and the, I mean, I've often said the ciso now they have this shared responsibility model, they have to do that across multiple clouds. Every cloud has its own security policies and, and frameworks and syntax. So maybe you could double click on your perspective on that. >>Sure. I'd say the big, you know, the big challenge customers have seen, it's really inadequate cyber resiliency. And specifically they're feeling, feeling very exposed. And today as the world with cyber tax being more and more sophisticated, if something goes wrong, it is a real challenge for them to get back up and running quickly. And that's why this is such a, a big topic for CEOs and businesses around the world. >>You know, it's funny, I said this in my open, I, I think that prior to the pandemic businesses were optimized for efficiency and now they're like, Wow, we have to actually put some headroom into the system to be more resilient. You know, I you hearing >>That? Yeah, we absolutely are. I mean, the customers really, they're asking us for help, right? It's one of the big things we're learning and hearing from them. And it's really about three things, one's about simplifying it, two, it's really helping them to extract more value from their data. And then the third big, big piece is ensuring their data is protected and recoverable regardless of where it is going back to that data gravity and that very, you know, the multicloud world just recently, I don't know if you've seen it, but the global data protected, excuse me, the global data protection index gdp. >>I, Yes. Jesus. Not to be confused with gdpr, >>Actually that was released today and confirms everything we just talked about around customer challenges, but also it highlights an importance of having a very cyber, a robust cyber resilient data protection strategy. >>Yeah, I haven't seen the latest, but I, I want to dig into it. I think this is, you've done this many, many years in a row. I like to look at the, the, the time series and see how things have changed. All right. At, at a high level, Jeff, can you kind of address why Dell and from your point of view is best suited? >>Sure. So we believe there's a better way or a better approach on how to handle this. We think Dell is uniquely positioned to help our customers as a one stop shop, if you will, for that cyber resilient multi-cloud data protection solution in needs. We take a modern, a simple and resilient approach, >>But what does that mean? What, what do you mean by modern? >>Sure. So modern, we talk about our software defined architecture, right? It's really designed to meet the needs not only of today, but really into the future. And we protect data across any cloud in any workload. So we have a proven track record doing this today. We have more than 1700 customers that trust us to protect them more than 14 exabytes of their data in the cloud today. >>Okay, so you said modern, simple and resilient. What, what do you mean by simple? Sure. >>We wanna provide simplicity everywhere, going back to helping with the complexity challenge, and that's from deployment to consumption to management and support. So our offers will deploy in minutes. They are easy to operate and use, and we support flexible consumption models for whatever the customer may desire. So traditional subscription or as a service. >>And when you, when you talk about resilient, I mean, I, I put forth that premise, but it's hard because people say, Well, that's gonna gonna cost us more. Well, it may, but you're gonna also reduce your, your risk. So how, what's your point of view on resilience? >>Yeah, I think it's, it's something all customers need. So we're gonna be providing a comprehensive and resilient portfolio of cyber solutions that are secured by design. We have some ver some unique capabilities in a combination of things like built in amenability, physical and logical isolation. We have intelligence built in with AI par recovery and just one, I guess fun fact for everybody is we have our cyber vault is the only solution in the industry that is endorsed by Sheltered Harbor that meets all the needs of the financial sector. >>So it's interesting when you think about the, the NIST framework for cyber security, it's all about about layers. You're sort of bringing that now to, to data protection, correct? Yeah. All right. In a minute we're gonna come back with Travis and dig into the news. We're gonna take a short break. Keep it right there. Okay. We're back with Jeff and Travis Vehill to dig deeper into the news. Guys, again, good to see you. Travis, if you could, maybe you, before we get into the news, can you set the business context for us? What's going on out there? >>Yeah, thanks for that question, Dave. To set a little bit of the context, when you look at the data protection market, Dell has been a leader in providing solutions to customers for going on nearly two decades now. We have tens of thousands of people using our appliances. We have multiple thousands of people using our latest modern simple power protect data managers software. And as Jeff mentioned, we have, you know, 1700 customers protecting 14 exabytes of data in the public clouds today. And that foundation gives us a unique vantage point. We talked to a lot of customers and they're really telling us three things. They want simple solutions, they want us to help them modernize and they want us to add as the highest priority, maintain that high degree of resiliency that they expect from our data protection solutions. So tho that's the backdrop to the news today. And, and as we go through the news, I think you'll, you'll agree that each of these announcements deliver on those pillars. And in particular today we're announcing the Power Protect data manager appliance. We are announcing power protect cyber recovery enhancements, and we are announcing enhancements to our Apex data storage >>Services. Okay, so three pieces. Let's, let's dig to that. It's interesting appliance, everybody wants software, but then you talk to customers and they're like, Well, we actually want appliances because we just wanna put it in and it works, right? Performs great. So, so what do we need to know about the appliance? What's the news there? Well, >>You know, part of the reason I gave you some of those stats to begin with is that we have at this strong foundation of, of experience, but also intellectual property components that we've taken that have been battle tested in the market. And we've put them together in a new simple integrated appliance that really combines the best of the target appliance capabilities we have with that modern simple software. And we've integrated it from the, you know, sort of taking all of those pieces, putting them together in a simple, easy to use and easy to scale interface for customers. >>So the premise that I've been putting forth for, you know, months now, probably well, well over a year, is that, that that data protection is becoming an extension of your, your cybersecurity strategies. So I'm interested in your perspective on cyber recovery. You, you have specific news that you have there? >>Yeah, you know, we, we are, in addition to simplifying things via the, the appliance, we are providing solutions for customers no matter where they're deploying. And cyber recovery, especially when it comes to cloud deployments, is an increasing area of interest and deployment that we see with our customers. So what we're announcing today is that we're expanding our cyber recovery services to be available in Google Cloud with this announcement. It means we're available in all three of the major clouds and it really provides customers the flexibility to secure their data no matter if they're running, you know, on premises in a colo at the edge in the public cloud. And the other nice thing about this, this announcement is that you have the ability to use Google Cloud as a cyber recovery vault that really allows customers to isolate critical data and they can recover that critical data from the vault back to on-premises or from that vault back to running their cyber cyber protection or their data protection solutions in the public cloud. >>I always invoke my, my favorite Matt Baker here. It's not a zero sum game, but this is a perfect example where there's opportunities for a company like Dell to partner with the public cloud provider. You've got capabilities that don't exist there. You've got the on-prem capabilities. We could talk about edge all day, but that's a different topic. Okay, so Mike, my other question Travis, is how does this all fit into Apex? We hear a lot about Apex as a service, it's sort of the new hot thing. What's happening there? What's the news around Apex? >>Yeah, we, we've seen incredible momentum with our Apex solutions since we introduced data protection options into them earlier this year. And we're really building on that momentum with this announcement being, you know, providing solutions that allow customers to consume flexibly. And so what we're announcing specifically is that we're expanding Apex data storage services to include a data protection option. And it's like with all Apex offers, it's a pay as you go solution really streamlines the process of customers purchasing, deploying, maintaining and managing their backup software. All a customer really needs to do is, you know, specify their base capacity, they specify their performance tier, they tell us do they want a a one year term or a three year term and we take it from there. We, we get them up and running so they can start deploying and consuming flexibly. And it's, as with many of our Apex solutions, it's a simple user experience all exposed through a unified Apex console. >>Okay. So it's you keeping it simple, like I think large, medium, small, you know, we hear a lot about t-shirt sizes. I I'm a big fan of that cuz you guys should be smart enough to figure out, you know, based on my workload, what I, what I need, how different is this? I wonder if you guys could, could, could address this. Jeff, maybe you can, >>You can start. Sure. I'll start and then pitch me, you know, Travis, you you jump in when I screw up here. So, awesome. So first I'd say we offer innovative multi-cloud data protection solutions. We provide that deliver performance, efficiency and scale that our customers demand and require. We support as Travis at all the major public clouds. We have a broad ecosystem of workload support and I guess the, the great news is we're up to 80% more cost effective than any of the competition. >>80%. 80%, That's a big number, right. Travis, what's your point of view on this? Yeah, >>I, I think number one, end to end data protection. We, we are that one stop shop that I talked about. Whether it's a simplified appliance, whether it's deployed in the cloud, whether it's at the edge, whether it's integrated appliances, target appliances, software, we have solutions that span the gamut as a service. I mentioned the Apex solution as well. So really we can, we can provide solutions that help support customers and protect them, any workload, any cloud, anywhere that data lives edge core to cloud. The other thing that we hear as a, as a, a big differentiator for Dell and, and Jeff touched on on this a little bit earlier, is our intelligent cyber resiliency. We have a unique combination in, in the market where we can offer immutability or protection against deletion as, as sort of that first line of defense. But we can also offer a second level of defense, which is isolation, talking, talking about data vaults or cyber vaults and cyber recovery. And the, at more importantly, the intelligence that goes around that vault. It can look at detecting cyber attacks, it can help customers speed time to recovery and really provides AI and ML to help early diagnosis of a cyber re attack and fast recovery should a cyber attack occur. And, and you know, if you look at customer adoption of that solution specifically in the clouds, we have over 1300 customers utilizing power protect cyber recovery. >>So I think it's fair to say that your, I mean your portfolio has obvious been a big differentiator whenever I talk to, you know, your finance team, Michael Dell, et cetera, that end to end capability that that, that your ability to manage throughout the supply chain. We actually just did a a, an event recently with you guys where you went into what you're doing to make infrastructure trusted. And so my take on that is you, in a lot of respects, you're shifting, you know, the client's burden to your r and d now they have a lot of work to do, so it's, it's not like they can go home and just relax, but, but that's a key part of the partnership that I see. Jeff, I wonder if you could give us the, the, the final thoughts. >>Sure. Dell has a long history of being a trusted partner with it, right? So we have unmatched capabilities. Going back to your point, we have the broadest portfolio, we have, you know, we're a leader in every category that we participate in. We have a broad deep breadth of portfolio. We have scale, we have innovation that is just unmatched within data protection itself. We are the trusted market leader, no if and or bots, we're number one for both data protection software in appliances per idc. And we would just name for the 17th consecutive time the leader in the, the Gartner Magic Quadrant. So bottom line is customers can count on Dell. >>Yeah, and I think again, we're seeing the evolution of, of data protection. It's not like the last 10 years, it's really becoming an adjacency and really a key component of your cyber strategy. I think those two parts of the organization are coming together. So guys, really appreciate your time. Thanks for Thank you sir. Thanks Dave. Travis, good to see you. All right, in a moment I'm gonna come right back and summarize what we learned today, what actions you can take for your business. You're watching the future of multi-cloud data protection made possible by Dell and collaboration with the cube, your leader in enterprise and emerging tech coverage right back >>In our data driven world. Protecting data has never been more critical to guard against everything from cyber incidents to unplanned outages. You need a cyber resilient, multi-cloud data protection strategy. >>It's not a matter of if you're gonna get hacked, it's a matter of when. And I wanna know that I can recover and continue to recover each day. >>It is important to have a cyber security and a cyber resiliency plan in place because the threat of cyber attack are imminent. >>Power protects. Data manager from Dell Technologies helps deliver the data protection and security confidence you would expect from a trusted partner and market leader. >>We chose Power Protect Data Manager because we've been a strategic partner with Dell Technologies for roughly 20 years now. Our partnership with Dell Technologists has provided us with the ability to scale and grow as we've transitioned from 10 billion in assets to 20 billion. >>With Power Protect Data Manager, you can enjoy exceptional ease of use to increase your efficiency and reduce costs. >>Got installed it by myself, learned it by myself with very intuitive >>While restoring a machine with Power Protect Data Manager is fast. We can fully manage Power Protect through the center. We can recover a whole machine in seconds. >>Data Manager offers innovation such as Transparent snapshots to simplify virtual machine backups and it goes beyond backup and restore to provide valuable insights and to protected data workloads and VMs. >>In our previous environment, it would take anywhere from three to six hours at night to do a single backup of each vm. Now we're backing up hourly and it takes two to three seconds with the transparent snapshots. >>With Power Protects Data Manager, you get the peace of mind knowing that your data is safe and available whenever you need it. >>Data is extremely important. We can't afford to lose any data. We need things just to work. >>Start your journey to modern data protection with Dell Power Protect Data manager. Visit dell.com/power Protect Data Manager. >>We put forth the premise in our introduction that the world's of data protection in cybersecurity must be more integrated. We said that data recovery strategies have to be built into security practices and procedures and by default this should include modern hardware and software. Now in addition to reviewing some of the challenges that customers face, which have been pretty well documented, we heard about new products that Dell Technologies is bringing to the marketplace that specifically address these customer concerns. There were three that we talked about today. First, the Power Protect Data Manager Appliance, which is an integrated system taking advantage of Dell's history in data protection, but adding new capabilities. And I want to come back to that in the moment. Second is Dell's Power Protect cyber recovery for Google Cloud platform. This rounds out the big three public cloud providers for Dell, which joins AWS and and Azure support. >>Now finally, Dell has made its target backup appliances available in Apex. You might recall earlier this year we saw the introduction from Dell of Apex backup services and then in May at Dell Technologies world, we heard about the introduction of Apex Cyber Recovery Services. And today Dell is making its most popular backup appliances available and Apex. Now I wanna come back to the Power Protect data manager appliance because it's a new integrated appliance. And I asked Dell off camera really what is so special about these new systems and what's really different from the competition because look, everyone offers some kind of integrated appliance. So I heard a number of items, Dell talked about simplicity and efficiency and containers and Kubernetes. So I kind of kept pushing and got to what I think is the heart of the matter in two really important areas. One is simplicity. >>Dell claims that customers can deploy the system in half the time relative to the competition. So we're talking minutes to deploy and of course that's gonna lead to much simpler management. And the second real difference I heard was backup and restore performance for VMware workloads. In particular, Dell has developed transparent snapshot capabilities to fundamentally change the way VMs are protected, which leads to faster backup and restores with less impact on virtual infrastructure. Dell believes this new development is unique in the market and claims that in its benchmarks the new appliance was able to back up 500 virtual machines in 47% less time compared to a leading competitor. Now this is based on Dell benchmarks, so hopefully these are things that you can explore in more detail with Dell to see if and how they apply to your business. So if you want more information, go to the data protectionPage@dell.com. You can find that at dell.com/data protection. And all the content here and other videos are available on demand@thecube.net. Check out our series on the blueprint for trusted infrastructure, it's related and has some additional information. And go to silicon angle.com for all the news and analysis related to these and other announcements. This is Dave Valante. Thanks for watching the future of multi-cloud protection made possible by Dell in collaboration with the Cube, your leader in enterprise and emerging tech coverage.

>> Prior to the pandemic, organizations were largely optimized for efficiency as the best path to bottom line profits. Many CIOs tell theCUBE privately that they were caught off guard by the degree to which their businesses required greater resiliency beyond their somewhat cumbersome disaster recovery processes. And the lack of that business resilience has actually cost firms because they were unable to respond to changing market forces. And certainly, we've seen this dynamic with supply chain challenges. And there's a little doubt we're also seeing it in the area of cybersecurity generally, and data recovery specifically. Over the past 30 plus months, the rapid adoption of cloud to support remote workers and build in business resilience had the unintended consequences of expanding attack vectors, which brought an escalation of risk from cybercrime. While security in the public cloud is certainly world class, the result of multicloud has brought with it multiple shared responsibility models, multiple ways of implementing security policies across clouds and on-prem. And at the end of the day, more, not less, . But there's a positive side to this story. The good news is that public policy, industry collaboration and technology innovation is moving fast to accelerate data protection and cybersecurity strategies with a focus on modernizing infrastructure, securing the digital supply chain, and very importantly, simplifying the integration of data protection and cybersecurity. Today, there's heightened awareness that the world of data protection is not only an adjacency to, but is becoming a fundamental component of cybersecurity strategies. In particular, in order to build more resilience into a business, data protection people, technologies and processes must be more tightly coordinated with security operations. Hello, and welcome to "The Future of Multicloud Data Protection" made possible by Dell in collaboration with theCUBE. My name is Dave Vellante and I'll be your host today. In this segment, we welcome into theCUBE two senior executives from Dell who will share details on new technology announcements that directly address these challenges. Jeff Boudreau is the President and General Manager of Dell's Infrastructure Solutions Group, ISG, and he's going to share his perspectives on the market and the challenges he's hearing from customers. And we're going to ask Jeff to double click on the messages that Dell is putting into the marketplace and give us his detailed point of view on what it means for customers. Now, Jeff is going to be joined by Travis Vigil. Travis is the Senior Vice-President of Product Management for ISG at Dell Technologies, and he's going to give us details on the products that are being announced today and go into the hard news. Now, we're also going to challenge our guests to explain why Dell's approach is unique and different in the marketplace. Thanks for being with us. Let's get right into it. (upbeat music) We're here with Jeff Boudreau and Travis Vigil, and we're going to dig into the details about Dell's big data protection announcement. Guys, good to see you. Thanks for coming in. >> Good to see you. Thank you for having us. >> You're very welcome. Alright, let's start off Jeff, with the high level. You know, I'd like to talk about the customer, what challenges they're facing? You're talking to customers all the time. What are they telling you? >> Sure, as you know, we spend a lot of time with our customers, specifically listening, learning, understanding their use cases, their pain points within their specific environments. They tell us a lot. No surprise to any of us that data is a key theme that they talk about. It's one of their most important assets. They need to extract more value from that data to fuel their business models, their innovation engines, their competitive edge. So, they need to make sure that that data is accessible, it's secure and its recoverable, especially in today's world with the increased cyber attacks. >> Okay, so maybe we could get into some of those challenges. I mean, when you talk about things like data sprawl, what do you mean by that? What should people know? >> Sure, so for those big three themes, I'd say, you have data sprawl, which is the big one, which is all about the massive amounts of data. It's the growth of that data, which is growing at unprecedented rates. It's the gravity of that data and the reality of the multicloud sprawl. So stuff is just everywhere, right? Which increases that surface as attack space for cyber criminals. >> And by gravity, you mean the data's there and people don't want to move it. >> It's everywhere, right? And so when it lands someplace, think Edge, Core or Cloud, it's there. And it's something we have to help our customers with. >> Okay, so it's nuanced 'cause complexity has other layers. What are those layers? >> Sure. When we talk to our customers, they tell us complexity is one of their big themes. And specifically it's around data complexity. We talked about that growth and gravity of the data. We talk about multicloud complexity and we talk about multicloud sprawl. So multiple vendors, multiple contracts, multiple tool chains, and none of those work together in this multicloud world. Then that drives their security complexity. So, we talk about that increased attack surface. But this really drives a lot of operational complexity for their teams. Think about we're lacking consistency through everything. So people, process, tools, all that stuff, which is really wasting time and money for our customers. >> So, how does that affect the cyber strategies and the, I mean, I've often said the Cisco, now they have this shared responsibility model. They have to do that across multiple clouds. Every cloud has its own security policies and frameworks and syntax. So, maybe you could double click on your perspective on that. >> Sure. I'd say the big challenge customers have seen, it's really inadequate cyber resiliency and specifically, they're feeling very exposed. And today as the world with cyber attacks being more and more sophisticated, if something goes wrong, it is a real challenge for them to get back up and running quickly. And that's why this is such a big topic for CEOs and businesses around the world. You know, it's funny. I said this in my open. I think that prior to the pandemic businesses were optimized for efficiency, and now they're like, "Wow, we have to actually put some headroom into the system to be more resilient." You know, are you hearing that? >> Yeah, we absolutely are. I mean, the customers really, they're asking us for help, right? It's one of the big things we're learning and hearing from them. And it's really about three things. One's about simplifying IT. Two, it's really helping them to extract more value from their data. And then the third big piece is ensuring their data is protected and recoverable regardless of where it is going back to that data gravity and that very, you know, the multicloud world. Just recently, I don't know if you've seen it, but the Global Data Protected, excuse me, the Global Data Protection Index. >> GDPI. >> Yes. Jesus. >> Not to be confused with GDPR. >> Actually, that was released today and confirms everything we just talked about around customer challenges. But also it highlights at an importance of having a very cyber, a robust cyber resilient data protection strategy. >> Yeah, I haven't seen the latest, but I want to dig into it. I think this, I've done this many, many years in a row. I'd like to look at the time series and see how things have changed. All right. At a high level, Jeff, can you kind of address why Dell, from your point of view is best suited? >> Sure. So, we believe there's a better way or a better approach on how to handle this. We think Dell is uniquely positioned to help our customers as a one stop shop, if you will, for that cyber resilient multicloud data protection solution and needs. We take a modern, a simple and resilient approach. >> What does that mean? What do you mean by modern? >> Sure. So modern, we talk about our software defined architecture. Right? It's really designed to meet the needs not only of today, but really into the future. And we protect data across any cloud and any workload. So, we have a proven track record doing this today. We have more than 1,700 customers that trust us to protect more than 14 exabytes of their data in the cloud today. >> Okay, so you said modern, simple and resilient. What do you mean by simple? >> Sure. We want to provide simplicity everywhere, going back to helping with the complexity challenge. And that's from deployment to consumption, to management and support. So, our offers will deploy in minutes. They are easy to operate and use, and we support flexible consumption models for whatever the customer may desire. So, traditional subscription or as a service. >> And when you talk about resilient, I mean, I put forth that premise, but it's hard because people say, "Well, that's going to cost us more. Well, it may, but you're going to also reduce your risk." So, what's your point of view on resilience? >> Yeah, I think it's something all customers need. So, we're going to be providing a comprehensive and resilient portfolio of cyber solutions that are secure by design. And we have some unique capabilities and a combination of things like built in immutability, physical and logical isolation. We have intelligence built in with AI part recovery. And just one, I guess fun fact for everybody is we have, our cyber vault is the only solution in the industry that is endorsed by Sheltered Harbor that meets all the needs of the financial sector. >> So it's interesting when you think about the NIST framework for cybersecurity. It's all about about layers. You're sort of bringing that now to data protection. >> Jeff: Correct. Yeah. >> All right. In a minute, we're going to come back with Travis and dig into the news. We're going to take a short break. Keep it right there. (upbeat music) (upbeat adventurous music) Okay, we're back with Jeff and Travis Vigil to dig deeper into the news. Guys, again, good to see you. Travis, if you could, maybe you, before we get into the news, can you set the business context for us? What's going on out there? >> Yeah. Thanks for that question, Dave. To set a little bit of the context, when you look at the data protection market, Dell has been a leader in providing solutions to customers for going on nearly two decades now. We have tens of thousands of people using our appliances. We have multiple thousands of people using our latest modern, simple PowerProtect Data Manager Software. And as Jeff mentioned, we have, 1,700 customers protecting 14 exabytes of data in the public clouds today. And that foundation gives us a unique vantage point. We talked to a lot of customers and they're really telling us three things. They want simple solutions. They want us to help them modernize. And they want us to add as the highest priority, maintain that high degree of resiliency that they expect from our data protection solutions. So, that's the backdrop to the news today. And as we go through the news, I think you'll agree that each of these announcements deliver on those pillars. And in particular, today we're announcing the PowerProtect Data Manager Appliance. We are announcing PowerProtect Cyber Recovery Enhancements, and we are announcing enhancements to our APEX Data Storage Services. >> Okay, so three pieces. Let's dig to that. It's interesting, appliance, everybody wants software, but then you talk to customers and they're like, "Well, we actually want appliances because we just want to put it in and it works." >> Travis: (laughs) Right. >> It performs great. So, what do we need to know about the appliance? What's the news there? >> Well, you know, part of the reason I gave you some of those stats to begin with is that we have this strong foundation of experience, but also intellectual property components that we've taken that have been battle tested in the market. And we've put them together in a new simple, integrated appliance that really combines the best of the target appliance capabilities we have with that modern, simple software. And we've integrated it from the, you know, sort of taking all of those pieces, putting them together in a simple, easy to use and easy to scale interface for customers. >> So, the premise that I've been putting forth for months now, probably well over a year, is that data protection is becoming an extension of your cybersecurity strategies. So, I'm interested in your perspective on cyber recovery. Your specific news that you have there. >> Yeah, you know, we are in addition to simplifying things via the appliance, we are providing solutions for customers no matter where they're deploying. And cyber recovery, especially when it comes to cloud deployments, is an increasing area of interest and deployment that we see with our customers. So, what we're announcing today is that we're expanding our cyber recovery services to be available in Google Cloud. With this announcement, it means we're available in all three of the major clouds and it really provides customers the flexibility to secure their data no matter if they're running on-premises, in Acolo, at the Edge, in the public cloud. And the other nice thing about this announcement is that you have the ability to use Google Cloud as a cyber recovery vault that really allows customers to isolate critical data and they can recover that critical data from the vault back to on-premises or from that vault back to running their cyber protection or their data protection solutions in the public cloud. >> I always invoke my favorite Matt Baker here. "It's not a zero sum game", but this is a perfect example where there's opportunities for a company like Dell to partner with the public cloud provider. You've got capabilities that don't exist there. You've got the on-prem capabilities. We could talk about Edge all day, but that's a different topic. Okay, so my other question Travis, is how does this all fit into APEX? We hear a lot about APEX as a service. It's sort of the new hot thing. What's happening there? What's the news around APEX? >> Yeah, we've seen incredible momentum with our APEX solutions since we introduced data protection options into them earlier this year. And we're really building on that momentum with this announcement being providing solutions that allow customers to consume flexibly. And so, what we're announcing specifically is that we're expanding APEX Data Storage Services to include a data protection option. And it's like with all APEX offers, it's a pay-as-you-go solution. Really streamlines the process of customers purchasing, deploying, maintaining and managing their backup software. All a customer really needs to do is specify their base capacity. They specify their performance tier. They tell us do they want a one year term or a three year term and we take it from there. We get them up and running so they can start deploying and consuming flexibly. And as with many of our APEX solutions, it's a simple user experience all exposed through a unified APEX Console. >> Okay, so it's, you're keeping it simple, like I think large, medium, small. You know, we hear a lot about T-shirt sizes. I'm a big fan of that 'cause you guys should be smart enough to figure out, you know, based on my workload, what I need. How different is this? I wonder if you guys could address this. Jeff, maybe you can start. >> Sure, I'll start and then- >> Pitch me. >> You know, Travis, you jump in when I screw up here. >> Awesome. >> So, first I'd say we offer innovative multicloud data protection solutions. We provide that deliver performance, efficiency and scale that our customers demand and require. We support as Travis said, all the major public clouds. We have a broad ecosystem of workload support and I guess the great news is we're up to 80% more cost effective than any of the competition. >> Dave: 80%? >> 80% >> Hey, that's a big number. All right, Travis, what's your point of view on this? >> Yeah, I think number one, end-to-end data protection. We are that one stop shop that I talked about, whether it's a simplified appliance, whether it's deployed in the cloud, whether it's at the Edge, whether it's integrated appliances, target appliances, software. We have solutions that span the gamut as a service. I mentioned the APEX Solution as well. So really, we can provide solutions that help support customers and protect them, any workload, any cloud, anywhere that data lives. Edge, Core to Cloud. The other thing that we hear as a big differentiator for Dell, and Jeff touched on on this a little bit earlier, is our Intelligent Cyber Resiliency. We have a unique combination in the market where we can offer immutability or protection against deletion as sort of that first line of defense. But we can also offer a second level of defense, which is isolation, talking about data vaults or cyber vaults and cyber recovery. And more importantly, the intelligence that goes around that vault. It can look at detecting cyber attacks. It can help customers speed time to recovery. And really provides AI and ML to help early diagnosis of a cyber attack and fast recovery should a cyber attack occur. And if you look at customer adoption of that solution, specifically in the cloud, we have over 1300 customers utilizing PowerProtect Cyber Recovery. >> So, I think it's fair to say that your portfolio has obviously been a big differentiator. Whenever I talk to your finance team, Michael Dell, et cetera, that end-to-end capability, that your ability to manage throughout the supply chain. We actually just did an event recently with you guys where you went into what you're doing to make infrastructure trusted. And so my take on that is you, in a lot of respects, you're shifting the client's burden to your R&D. now they have a lot of work to do, so it's not like they can go home and just relax. But that's a key part of the partnership that I see. Jeff, I wonder if you could give us the final thoughts. >> Sure. Dell has a long history of being a trusted partner within IT, right? So, we have unmatched capabilities. Going back to your point, we have the broadest portfolio. We're a leader in every category that we participate in. We have a broad deep breadth of portfolio. We have scale. We have innovation that is just unmatched. Within data protection itself, we are the trusted market leader. No if, ands or buts. We're number one for both data protection software in appliances per IDC and we were just named for the 17th consecutive time the leader in the Gartner Magic Quadrant. So, bottom line is customers can count on Dell. >> Yeah, and I think again, we're seeing the evolution of data protection. It's not like the last 10 years. It's really becoming an adjacency and really, a key component of your cyber strategy. I think those two parts of the organization are coming together. So guys, really appreciate your time. Thanks for coming. >> Thank you, sir. >> Dave. >> Travis, good to see you. All right, in a moment I'm going to come right back and summarize what we learned today, what actions you can take for your business. You're watching "The Future of Multicloud Data Protection" made possible by Dell in collaboration with theCUBE, your leader in enterprise and emerging tech coverage. Right back. >> Advertiser: In our data-driven world, protecting data has never been more critical. To guard against everything from cyber incidents to unplanned outages, you need a cyber resilient multicloud data protection strategy. >> It's not a matter of if you're going to get hacked, it's a matter of when. And I want to know that I can recover and continue to recover each day. >> It is important to have a cyber security and a cyber resiliency plan in place because the threat of cyber attack are imminent. >> Advertiser: PowerProtect Data Manager from Dell Technologies helps deliver the data protection and security confidence you would expect from a trusted partner and market leader. >> We chose PowerProtect Data Manager because we've been a strategic partner with Dell Technologies for roughly 20 years now. Our partnership with Dell Technologies has provided us with the ability to scale and grow as we've transitioned from 10 billion in assets to 20 billion. >> Advertiser: With PowerProtect Data Manager, you can enjoy exceptional ease of use to increase your efficiency and reduce costs. >> I'd installed it by myself, learn it by myself. It was very intuitive. >> While restoring your machine with PowerProtect Data Manager is fast, we can fully manage PowerProtect through the center. We can recover a whole machine in seconds. >> Instructor: Data Manager offers innovation such as transparent snapshots to simplify virtual machine backups, and it goes beyond backup and restore to provide valuable insights into protected data, workloads and VMs. >> In our previous environment, it would take anywhere from three to six hours a night to do a single backup of each VM. Now, we're backing up hourly and it takes two to three seconds with the transparent snapshots. >> Advertiser: With PowerProtect's Data Manager, you get the peace of mind knowing that your data is safe and available whenever you need it. >> Data is extremely important. We can't afford to lose any data. We need things just to work. >> Advertiser: Start your journey to modern data protection with Dell PowerProtect's Data Manager. Visit dell.com/powerprotectdatamanager >> We put forth the premise in our introduction that the worlds of data protection in cybersecurity must be more integrated. We said that data recovery strategies have to be built into security practices and procedures and by default, this should include modern hardware and software. Now, in addition to reviewing some of the challenges that customers face, which have been pretty well documented, we heard about new products that Dell Technologies is bringing to the marketplace that specifically address these customer concerns. And there were three that we talked about today. First, the PowerProtect Data Manager Appliance, which is an integrated system taking advantage of Dell's history in data protection, but adding new capabilities. And I want to come back to that in a moment. Second is Dell's PowerProtect Cyber Recovery for Google Cloud platform. This rounds out the big three public cloud providers for Dell, which joins AWS and Azure support. Now finally, Dell has made its target backup appliances available in APEX. You might recall, earlier this year we saw the introduction from Dell of APEX Backup Services and then in May at Dell Technologies World, we heard about the introduction of APEX Cyber Recovery Services. And today, Dell is making its most popular backup appliances available in APEX. Now, I want to come back to the PowerProtect Data Manager Appliance because it's a new integrated appliance and I asked Dell off camera, "Really what is so special about these new systems and what's really different from the competition?" Because look, everyone offers some kind of integrated appliance. So, I heard a number of items. Dell talked about simplicity and efficiency and containers and Kubernetes. So, I kind of kept pushing and got to what I think is the heart of the matter in two really important areas. One is simplicity. Dell claims that customers can deploy the system in half the time relative to the competition. So, we're talking minutes to deploy, and of course that's going to lead to much simpler management. And the second real difference I heard was backup and restore performance for VMware workloads. In particular, Dell has developed transparent snapshot capabilities to fundamentally change the way VMs are protected, which leads to faster backup and restores with less impact on virtual infrastructure. Dell believes this new development is unique in the market and claims that in its benchmarks, the new appliance was able to back up 500 virtual machines in 47% less time compared to a leading competitor. Now, this is based on Dell benchmarks, so hopefully these are things that you can explore in more detail with Dell to see if and how they apply to your business. So if you want more information, go to the Data Protection Page at dell.com. You can find that at dell.com/dataprotection. And all the content here and other videos are available on demand at theCUBE.net. Check out our series on the blueprint for trusted infrastructure, it's related and has some additional information. And go to siliconangle.com for all the news and analysis related to these and other announcements. This is Dave Vellante. Thanks for watching "The Future of Multicloud Protection" made possible by Dell, in collaboration with theCUBE, your leader in enterprise and emerging tech coverage. (upbeat music)

hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

(bright music) >> Welcome back everyone. theCube's live coverage here. Day two, of two sets, three days of theCube coverage here at VMware Explore. This is our 12th year covering VMware's annual conference, formerly called VM World. I'm John Furrier, with Dave Vellante. We'd love seeing the progress and we've got great security comes Tom Gill, senior vices, president general manager, networking and advanced security business group at VMware. Great to see you. Thanks for coming on. >> Thanks. for having me. >> Yeah, really happy we could have you on. >> I think this is my sixth edition on the theCube. Do I get frequent flyer points or anything? >> Yeah. >> You first get the VIP badge. We'll make that happen. You can start getting credits. >> Okay, there we go. >> We won't interrupt you. Seriously, you got a great story in security here. The security story is kind of embedded everywhere, so it's not called out and blown up and talked specifically about on stage. It's kind of in all the narratives in the VM World for this year. But you guys have an amazing security story. So let's just step back and to set context. Tell us the security story for what's going on here at VMware and what that means to this supercloud, multi-cloud and ongoing innovation with VMware. >> Yeah, sure thing. So probably the first thing I'll point out is that security's not just built in at VMware. It's built differently. So, we're not just taking existing security controls and cut and pasting them into our software. But we can do things because of our platform, because of the virtualization layer that you really can't do with other security tools. And where we're very, very focused is what we call lateral security or East-West movement of an attacker. 'Cause frankly, that's the name of the game these days. Attackers, you've got to assume that they're already in your network. Already assume that they're there. Then how do we make it hard for them to get to the stuff that you really want? Which is the data that they're going after. And that's where we really should. >> All right. So we've been talking a lot, coming into VMware Explore, and here, the event. About two things. Security, as a state. >> Yeah. >> I'm secure right now. >> Yeah. >> Or I think I'm secure right now, even though someone might be in my network or in my environment. To the notion of being defensible. >> Yeah. >> Meaning I have to defend and be ready at a moment's notice to attack, fight, push back, red team, blue team. Whatever you're going to call it. But something's happening. I got to be able to defend. >> Yeah. So what you're talking about is the principle of Zero Trust. When I first started doing security, the model was we have a perimeter. And everything on one side of the perimeter is dirty, ugly, old internet. And everything on this side, known good, trusted. What could possibly go wrong. And I think we've seen that no matter how good you make that perimeter, bad guys find a way in. So Zero Trust says, you know what? Let's just assume they're already in. Let's assume they're there. How do we make it hard for them to move around within the infrastructure and get to the really valuable assets? 'Cause for example, if they bust into your laptop, you click on a link and they get code running on your machine. They might find some interesting things on your machine. But they're not going to find 250 million credit cards. >> Right. >> Or the script of a new movie or the super secret aircraft plans. That lives in a database somewhere. And so it's that movement from your laptop to that database. That's where the damage is done and that's where VMware shines. >> So if they don't have the right to get to that database, they're not in. >> And it's not even just the right. So they're so clever and so sneaky that they'll steal a credential off your machine, go to another machine, steal a credential off of that. So, it's like they have the key to unlock each one of these doors. And we've gotten good enough where we can look at that lateral movement, even though it has a credential and a key, we're like wait a minute. That's not a real CIS Admin making a change. That's ransomware. And that's where you. >> You have to earn your way in. >> That's right. That's right. Yeah. >> And we're all kinds of configuration errors. But also some user problems. I've heard one story where there's so many passwords and username and passwords and systems that the bad guys scour, the dark web for passwords that have been exposed. >> Correct. >> And go test them against different accounts. Oh one hit over here. >> Correct. >> And people don't change their passwords all the time. >> Correct. >> That's a known vector. >> Just the idea that users are going to be perfect and never make a mistake. How long have we been doing this? Humans are the weakest link. So people are going to make mistakes. Attackers are going to be in. Here's another way of thinking about it. Remember log4j? Remember that whole fiasco? Remember that was at Christmas time. That was nine months ago. And whoever came up with that vulnerability, they basically had a skeleton key that could access every network on the planet. I don't know if a single customer that said, "Oh yeah, I wasn't impacted by log4j." So here's some organized entity had access to every network on the planet. What was the big breach? What was that movie script that got stolen? So there wasn't one, right? We haven't heard anything. So the point is, the goal of attackers is to get in and stay in. Imagine someone breaks into your house, steals your laptop and runs. That's a breach. Imagine someone breaks into your house and stays for nine months. It's untenable, in the real world, right? >> Right. >> We don't know in there, hiding in the closet. >> They're still in. >> They're watching everything. >> Hiding in your closet, exactly. >> Moving around, nibbling on your cookies. >> Drinking your beer. >> Yeah. >> So let's talk about how this translates into the new reality of cloud-native. Because now you hear about automated pentesting is a new hot thing right now. You got antivirus on data is hot within APIs, for instance. >> Yeah. >> API security. So all kinds of new hot areas. Cloud-native is very iterative. You know, you can't do a pentest every week. >> Right. >> You got to do it every second. >> So this is where it's going. It's not so much simulation. It's actually real testing. >> Right. Right. >> How do you view that? How does that fit into this? 'cause that seems like a good direction to me. >> Yeah. If it's right in, and you were talking to my buddy, Ahjay, earlier about what VMware can do to help our customers build cloud native applications with Tanzu. My team is focused on how do we secure those applications? So where VMware wants to be the best in the world is securing these applications from within. Looking at the individual piece parts and how they talk to each other and figuring out, wait a minute, that should never happen. By almost having an x-ray machine on the innards of the application. So we do it for both for VMs and for container based applications. So traditional apps are VM based. Modern apps are container based. And we have a slightly different insertion mechanism. It's the same idea. So for VMs, we do it with a hypervisor with NSX. We see all the inner workings. In a container world we have this thing called a service mesh that lets us look at each little snippet of code and how they talk to each other. And once you can see that stuff, then you can actually apply. It's almost like common sense logic of like, wait a minute. This API is giving back credit card numbers and it gives five an hour. All of a sudden, it's now asking for 20,000 or a million credit cards. That doesn't make any sense. The anomalies stick out like a sore thumb. If you can see them. At VMware, our unique focus in the infrastructure is that we can see each one of these little transactions and understand the conversation. That's what makes us so good at that East-West or lateral security. >> You don't belong in this room, get out or that that's some weird call from an in memory database, something over here. >> Exactly. Where other security solutions won't even see that. It's not like there algorithms aren't as good as ours or better or worse. It's the access to the data. We see the inner plumbing of the app and therefore we can protect the app from. >> And there's another dimension that I want to get in the table here. 'Cause to my knowledge only AWS, Google, I believe Microsoft and Alibaba and VMware have this. >> Correct >> It's Nitro. The equivalent of a Nitro. >> Yes. >> Project Monterey. >> Yeah. >> That's unique. It's the future of computing architectures. Everybody needs a Nitro. I've written about this. >> Yeah. >> Right. So explain your version. >> Yeah. >> It's now real. >> Yeah. >> It's now in the market, right? >> Yeah. >> Or soon will be. >> Here's our mission. >> Salient aspects. >> Yeah. Here's our mission of VMware. Is that we want to make every one of our enterprise customers. We want their private cloud to be as nimble, as agile, as efficient as the public cloud. >> And secure. >> And secure. In fact, I'll argue, we can make it actually more secure because we're thinking about putting security everywhere in this infrastructure. Not just on the edges of it. Okay. How do we go on that journey? As you pointed out, the public cloud providers realized five years ago that the right way to build computers was not just a CPU and a graphics process unit, GPU. But there's this third thing that the industry's calling a DPU, data processing unit. And so there's kind of three pieces of a computer. And the DPU is sometimes called a Smartnic. It's the network interface card. It does all that network handling and analytics and it takes it off the CPU. So they've been building and deploying those systems themselves. That's what Nitro is. And so we have been working with the major Silicon vendors to bring that architecture to everybody. So with vSphere 8, we have the ability to take the network processing, that East-West inspection I talked about, take it off of the CPU and put it into this dedicated processing element called the DPU and free up the CPU to run the applications that Ahjay and team are building. >> So no performance degradation at all? >> Correct. To CPU offload. >> So even the opposite, right? I mean you're running it basically Bare Metal speeds. >> Yes, yes and yes. >> And you're also isolating the storage from the security, the management, and. >> There's an isolation angle to this, which is that firewall, that we're putting everywhere. Not just that the perimeter, but we put it in each little piece of the server is running when it runs on one of these DPUs it's a different memory space. So even if an attacker gets to root in the OS, they it's very, very, never say never, but it's very difficult. >> So who has access to that resource? >> Pretty much just the infrastructure layer, the cloud provider. So it's Amazon, Google, Microsoft, and the enterprise. >> Application can't get in. >> Can't get in there. Cause you would've to literally bridge from one memory space to another. Never say never, but it would be very. >> But it hasn't earned the trust to get. >> It's more than barbwire. It's multiple walls. >> Yes. And it's like an air gap. It puts an air gap in the server itself so that if the server is compromised, it's not going to get into the network. Really powerful. >> What's the big thing that you're seeing with this supercloud transition. We're seeing multi-cloud and this new, not just SaaS hosted on the cloud. >> Yeah. >> You're seeing a much different dynamic of, combination of large scale CapEx, cloud-native, and then now cloud-native drills on premises and edge. Kind of changing what a cloud looks like if the cloud's on a cloud. >> Yeah. >> So we're the customer, I'm building on a cloud and I have on premise stuff. So, I'm getting scale CapEx relief from the hyperscalers. >> I think there's an important nuance on what you're talking about. Which is in the early days of the cloud customers. Remember those first skepticism? Oh, it'll never work. Oh, that's consumer grade. Oh, that's not really going to work. Oh some people realize. >> It's not secure. >> Yeah. It's not secure. >> That one's like, no, no, no it's secure. It works. And it's good. So then there was this sort of over rush. Let's put everything on the cloud. And I had a lot of customers that took VM based applications said, I'm going to move those onto the cloud. You got to take them all apart, put them on the cloud and put them all back together again. And little tiny details like changing an IP address. It's actually much harder than it looks. So my argument is, for existing workloads for VM based workloads, we are VMware. We're so good at running VM based workloads. And now we run them on anybody's cloud. So whether it's your east coast data center, your west coast data center, Amazon, Google, Microsoft, Alibaba, IBM keep going. We pretty much every. >> And the benefit of the customer is what. >> You can literally VMotion and just pick it up and move it from private to public, public to private, private to public, Back and forth. >> Remember when we called Vmotion BS, years ago? >> Yeah. Yeah. >> VMotion is powerful. >> We were very skeptical. We're like, that'll never happen. I mean we were. This supposed to be pat ourselves on the back. >> Well because alchemy. It seems like what you can't possibly do that. And now we do it across clouds. So it's not quite VMotion, but it's the same idea. You can just move these things over. I have one customer that had a production data center in the Ukraine. Things got super tense, super fast and they had to go from their private cloud data center in the Ukraine, to a public cloud data center out of harm's way. They did it over a weekend. 48 hours. If you've ever migrated a data center, that's usually six months. Right. And a lot of heartburn and a lot of angst. Boop. They just drag and dropped and moved it on over. That's the power of what we call the cloud operating model. And you can only do this when all your infrastructures defined in software. If you're relying on hardware, load balancers, hardware, firewalls, you can't move those. They're like a boat anchor. You're stuck with them. And by the way, they're really, really expensive. And by the way, they eat a lot of power. So that was an architecture from the 90's. In the cloud operating model your data center. And this comes back to what you were talking about is just racks and racks of X86 with these magic DPUs, or smart nics, to make any individual node go blisteringly fast and do all the functions that you used to do in network appliances. >> We just had Ahjay taking us to school, and everyone else to school on applications, middleware, abstraction layer. And Kit Culbert was also talking about this across cloud. We're talking supercloud, super pass. If this continues to happen, which we would think it will happen. What does the security posture look like? It feels to me, and again, this is your wheelhouse. If supercloud happens with this kind of past layer where there's vMotioning going on. All kinds of spanning applications and data across environments. >> Yeah. Assume there's an operating system working on behind the scenes. >> Right. >> What's the security posture in all this? >> Yeah. So remember my narrative about the bad guys are getting in and they're moving around and they're so sneaky that they're using legitimate pathways. The only way to stop that stuff, is you've got to understand it at what we call Layer 7. At the application layer. Trying to do security to the infrastructure layer. It was interesting 20 years ago, kind of less interesting 10 years ago. And now it's becoming irrelevant because the infrastructure is oftentimes not even visible. It's buried in some cloud provider. So Layer 7 understanding, application awareness, understanding the APIs and reading the content. That's the name of the game in security. That's what we've been focused on. Nothing to do with the infrastructure. >> And where's the progress bar on that paradigm. One to ten. Ten being everyone's doing it. >> Right now. Well, okay. So we as a vendor can do this today. All the stuff I talked about, reading APIs, understanding the individual services looking at, Hey, wait a minute this credit card anomalies, that's all shipping production code. Where is it in customer adoption life cycle? Early days 10%. So there's a whole lot of headroom for people to understand, Hey, I can put these controls in place. They're software based. They don't require appliances. It's Layer 7, so it has contextual awareness and it's works on every single cloud. >> We talked about the pandemic being an accelerator. It really was a catalyst to really rethink. Remember we used to talk about Pat as a security do over. He's like, yes, if it's the last thing I do, I'm going to fix security. Well, he decided to go try to fix Intel instead. >> He's getting some help from the government. >> But it seems like CISOs have totally rethought their security strategy. And at least in part, as a function of the pandemic. >> When I started at VMware four years ago, Pat sat me down in his office and he said to me what he said to you, which is like, "Tom," he said, "I feel like we have fundamentally changed servers. We fundamentally change storage. We fundamentally change networking. The last piece of the puzzle of security. I want you to go fundamentally change it." And I'll argue that the work that we're doing with this horizontal security, understanding the lateral movement. East- West inspection. It fundamentally changes how security works. It's got nothing to do with firewalls. It's got nothing to do with Endpoint. It's a unique capability that VMware is uniquely suited to deliver on. And so Pat, thanks for the mission. We delivered it and it's available now. >> Those WET web applications firewall for instance are around, I mean. But to your point, the perimeter's gone. >> Exactly. >> And so you got to get, there's no perimeter. so it's a surface area problem. >> Correct. And access. And entry. >> Correct. >> They're entering here easy from some manual error, or misconfiguration or bad password that shouldn't be there. They're in. >> Think about it this way. You put the front door of your house, you put a big strong door and a big lock. That's a firewall. Bad guys come in the window. >> And then the windows open. With a ladder. >> Oh my God. Cause it's hot, bad user behavior trumps good security every time. >> And then they move around room to room. We're the room to room people. We see each little piece of the thing. Wait, that shouldn't happen. Right. >> I want to get you a question that we've been seeing and maybe we're early on this or it might be just a false data point. A lot of CSOs and we're talking to are, and people in industry in the customer environment are looking at CISOs and CSOs, two roles. Chief information security officer, and then chief security officer. Amazon, actually Steven Schmidt is now CSO at Reinforce. They actually called that out. And the interesting point that he made, we had some other situations that verified this, is that physical security is now tied to online, to your point about the service area. If I get a password, I still got the keys to the physical goods too. >> Right. So physical security, whether it's warehouse for them or store or retail. Digital is coming in there. >> Yeah. So is there a CISO anymore? Is it just CSO? What's the role? Or are there two roles you see that evolving? Or is that just circumstance. >> I think it's just one. And I think that the stakes are incredibly high in security. Just look at the impact that these security attacks are having on. Companies get taken down. Equifax market cap was cut 80% with a security breach. So security's gone from being sort of a nuisance to being something that can impact your whole kind of business operation. And then there's a whole nother domain where politics get involved. It determines the fate of nations. I know that sounds grand, but it's true. And so companies care so much about it they're looking for one leader, one throat to choke. One person that's going to lead security in the virtual domain, in the physical domain, in the cyber domain, in the actual. >> I mean, you mention that, but I mean, you look at Ukraine. I mean that cyber is a component of that war. I mean, it's very clear. I mean, that's new. We've never seen. this. >> And in my opinion, the stuff that we see happening in the Ukraine is small potatoes compared to what could happen. >> Yeah. >> So the US, we have a policy of strategic deterrence. Where we develop some of the most sophisticated cyber weapons in the world. We don't use them. And we hope never to use them. Because our adversaries, who could do stuff like, I don't know, wipe out every bank account in North America. Or turn off the lights in New York City. They know that if they were to do something like that, we could do something back. >> This is the red line conversation I want to go there. So, I had this discussion with Robert Gates in 2016 and he said, "We have a lot more to lose." Which is really your point. >> So this brand. >> I agree that there's to have freedom and liberty, you got to strike back with divorce. And that's been our way to balance things out. But with cyber, the red line, people are already in banks. So they're are operating below the red line line. Red line meaning before we know you're in there. So do we move the red line down because, hey, Sony got hacked. The movie. Because they don't have their own militia. >> Yeah. >> If their were physical troops on the shores of LA breaking into the file cabinets. The government would've intervened. >> I agree with you that it creates tension for us in the US because our adversaries don't have the clear delineation between public and private sector. Here you're very, very clear if you're working for the government. Or you work for an private entity. There's no ambiguity on that. >> Collaboration, Tom, and the vendor community. I mean, we've seen efforts to try to. >> That's a good question. >> Monetize private data and private reports. >> So at VMware, I'm very proud of the security capabilities we've built. But we also partner with people that I think of as direct competitors. We've got firewall vendors and Endpoint vendors that we work with and integrate. And so coopetition is something that exists. It's hard. Because when you have these kind of competing. So, could we do more? Of course we probably could. But I do think we've done a fair amount of cooperation, data sharing, product integration, et cetera. And as the threats get worse, you'll probably see us continue to do more. >> And the government is going to trying to force that too. >> And the government also drives standards. So let's talk about crypto. Okay. So there's a new form of encryption coming out called processing quantum. >> Quantum. Quantum computers have the potential to crack any crypto cipher we have today. That's bad. Okay. That's not good at all because our whole system is built around these private communications. So the industry is having conversations about crypto agility. How can we put in place the ability to rapidly iterate the ciphers in encryption. So, when the day quantum becomes available, we can change them and stay ahead of these quantum people. >> Well, didn't NIST just put out a quantum proof algo that's being tested right now by the community? >> There's a lot of work around that. Correct. And NIST is taking the lead on this, but Google's working on it. VMware's working on it. We're very, very active in how do we keep ahead of the attackers and the bad guys? Because this quantum thing is a, it's an x-ray machine. It's like a dilithium crystal that can power a whole ship. It's a really, really, really powerful tool. >> Bad things will happen. >> Bad things could happen. >> Well, Tom, great to have you on the theCube. Thanks for coming on. Take the last minute to just give a plug for what's going on for you here at VMWorld this year, just VMware Explore this year. >> Yeah. We announced a bunch of exciting things. We announced enhancements to our NSX family, with our advanced load balancer. With our edge firewall. And they're all in service of one thing, which is helping our customers make their private cloud like the public cloud. So I like to say 0, 0, 0. If you are in the cloud operating model, you have zero proprietary appliances. You have zero tickets to launch a workload. You have zero network taps and Zero Trust built into everything you do. And that's what we're working on. Pushing that further and further. >> Tom Gill, senior vices president, head of the networking at VMware. Thanks for coming on. We do appreciate it. >> Thanks for having us. >> Always getting the security data. That's killer data and security of the two ops that get the most conversations around DevOps and Cloud Native. This is The theCube bringing you all the action here in San Francisco for VMware Explore 2022. I'm John Furrier with Dave Vellante. Thanks for watching. (bright music)

(upbeat music) >> Welcome back everyone to theCUBEs live coverage in San Francisco for VMware Explorer. I'm John Furrier with my host, Dave Vellante. Two sets, three days of wall to wall coverage. This is day two. We got a great guest, Scott Baker, CMO at IBM, VP of Infrastructure at IBM. Great to see you. Thanks for coming on. >> Hey, good to see you guys as well. It's always a pleasure. >> ()Good time last night at your event? >> Great time last night. >> It was really well-attended. IBM always has the best food so that was good and great props, magicians, and it was really a lot of fun, comedians. Good job. >> Yeah, I'm really glad you came on. One of the things we were chatting, before we came on camera was, how much changed. We've been covering IBM storage days, back on the Edge days, and they had the event. Storage is the center of all the conversations, cyber security- >> ()Right? >> ... But it's not just pure cyber. It's still important there. And just data and the role of multi-cloud and hybrid cloud and data and security are the two hottest areas, that I won't say unresolved, but are resolving themselves. And people are talking. It's the most highly discussed topics. >> Right. >> ()Those two areas. And it's just all on storage. >> Yeah, it sure does. And in fact, what I would even go so far as to say is, people are beginning to realize the importance that storage plays, as the data custodian for the organization. Right? Certainly you have humans that are involved in setting strategies, but ultimately whatever those policies are that get applied, have to be applied to a device that must act as a responsible custodian for the data it holds. >> So what's your role at IBM and the infrastructure team? Storage is one only one of the areas. >> ()Right. >> You're here at VMware Explore. What's going on here with IBM? Take us through what you're doing there at IBM, and then here at VMware. What's the conversations? >> Sure thing. I have the distinct pleasure to run both product marketing and strategy for our storage line. That's my primary focus, but I also have responsibility for the mainframe software, so the Z System line, as well as our Power server line, and our technical support organization, or at least the services side of our technical support organization. >> And one of the things that's going on here, lot of noise going on- >> Is that a bird flying around? >> Yeah >> We got fire trucks. What's changed? 'Cause right now with VMware, you're seeing what they're doing. They got the Platform, Under the Hood, Developer focus. It's still an OPS game. What's the relationship with VMware? What are you guys talking about here? What are some of the conversations you're having here in San Francisco? >> Right. Well, IBM has been a partner with VMware for at least the last 20 years. And VMware does, I think, a really good job about trying to create a working space for everyone to be an equal partner with them. It can be challenging too, if you want to sort of throw out your unique value to a customer. So one of the things that we've really been working on is, how do we partner much stronger? When we look at the customers that we support today, what they're looking for isn't just a solid product. They're looking for a solid ecosystem partnership. So we really lean in on that 20 years of partnership experience that we have with IBM. So one of the things that we announced was actually being one of the first VMware partners to bring both a technical innovation delivery mechanism, as well as technical services, alongside VMware technologies. I would say that was one of the first things that we really leaned in on, as we looked out at what customers are expecting from us. >> So I want to zoom out a little bit and talk about the industry. I've been following IBM since the early 1980s. It's trained in the mainframe market, and so we've seen, a lot of things you see come back to the mainframe, but we won't go there. But prior to Arvind coming on, it seemed like, okay, storage, infrastructure, yeah it's good business, and we'll let it throw off some margin. That's fine. But it's all about services and software. Okay, great. With Arvind, and obviously Red Hat, the whole focus shift to hybrid. We were talking, I think yesterday, about okay, where did we first hear hybrid? Obviously we heard that a lot from VMware. I heard it actually first, early on anyway, from IBM, talking hybrid. Some of the storage guys at the time. Okay, so now all of a sudden there's the realization that to make hybrid work, you need software and hardware working together. >> () Right. So it's now a much more fundamental part of the conversation. So when you look out, Scott, at the trends you're seeing in the market, when you talk to customers, what are you seeing and how is that informing your strategy, and how are you bringing together all the pieces? >> That's a really awesome question because it always depends on who, within the organization, you're speaking to. When you're inside the data center, when you're talking to the architects and the administrators, they understand the value in the necessity for a hybrid-cloud architecture. Something that's consistent. On The Edge, On-Prem, in the cloud. Something that allows them to expand the level of control that they have, without having to specialize on equipment and having to redo things as you move from one medium to the next. As you go upstack in that conversation, what I find really interesting is how leaders are beginning to realize that private cloud or on-prem, multi cloud, super cloud, whatever you call it, whatever's in the middle, those are just deployment mechanisms. What they're coming to understand is it's the applications and the data that's hybrid. And so what they're looking for IBM to deliver, and something that we've really invested in on the infrastructure side is, how do we create bidirectional application mobility? Making it easy for organizations, whether they're using containers, virtual machines, just bare metal, how do they move that data back and forth as they need to, and not just back and forth from on-prem to the cloud, but effectively, how do they go from cloud to cloud? >> Yeah. One of the things I noticed is your pin, says I love AI, with the I next to IBM and get all these (indistinct) in there. AI, remember the quote from IBM is, "You can't have AI without IA." Information architect. >> () Right. >> () Rob Thomas. >> Rob Thomas (indistinct) the sound bites. But that brings up the point about machine learning and some of these things that are coming down the like, how is your area devolving the smarts and the brains around leveraging the AI in the systems itself? We're hearing more and more softwares being coded into the hardware. You see Silicon advances. All this is kind of, not changing it, but bringing back the urgency of, hardware matters. >> That's right. >> () At the same time, it's still software too. >> That's right. So let's connect a couple of dots here. We talked a little bit about the importance of cyber resiliency, and let's talk about a little bit on how we use AI in that matter. So, if you look at the direct flash modules that are in the market today, or the SSDs that are in the market today, just standard-capacity drives. If you look at the flash core modules that IBM produces, we actually treat that as a computational storage offering, where you store the data, but it's got intelligence built into the processor, to offload some of the responsibilities of the controller head. The ability to do compression, single (indistinct), deduplication, you name it. But what if you can apply AI at the controller level, so that signals that are being derived by the flash core module itself, that look anomalous, can be handed up to an intelligence to say, "Hey, I'm all of a sudden getting encrypted rights from a host that I've never gotten encrypted rights for. Maybe this could be a problem." And then imagine if you connect that inferencing engine to the rest of the IBM portfolio, "Hey, Qradar. Hey IBM Guardian. What's going on on the network? Can we see some correlation here?" So what you're going to see IBM infrastructure continue to do is invest heavily into entropy and the ability to measure IO characteristics with respect to anomalous behavior and be able to report against that. And the trick here, because the array technically doesn't know if it's under attack or if the host just decided to turn on encryption, the trick here is using the IBM product relationships, and ecosystem relationships, to do correlation of data to determine what's actually happening, to reduce your false positives. >> And have that pattern of data too. It's all access to data too. Big time. >> That's right. >> And that innovation comes out of IBM R&D? Does it come out of the product group? Is it IBM research that then trickles its way in? Is it the storage innovation? Where's that come from? Where's that bubble up? That partnership? >> Well, I got to tell you, it doesn't take very long in this industry before your counterpart, your competitor, has a similar feature. Right? So we're always looking for, what's the next leg? What's the next advancement that we can make? We knew going into this process, that we had plenty of computational power that was untapped on the FPGA, the processor running on the flash core module. Right? So we thought, okay, well, what should we do next? And we thought, "Hey, why not just set this thing up to start watching IO patterns, do calculations, do trending, and report that back?" And what's great about what you brought up too, John, is that it doesn't stay on the box. We push that upstack through the AIOPS architecture. So if you're using Turbonomic, and you want to look applications stack down, to know if you've got threat potential, or your attack surface is open, you can make some changes there. If you want to look at it across your infrastructure landscape with a storage insight, you could do that. But our goal here is to begin to make the machine smarter and aware of impacts on the data, not just on the data they hold onto, but usage, to move it into the appropriate tier, different write activities or read activities or delete activities that could indicate malicious efforts that are underway, and then begin to start making more autonomous, how about managed autonomous responses? I don't want to turn this into a, oh, it's smart, just turn it on and walk away and it's good. I don't know that we'll ever get there just yet, but the important thing here is, what we're looking at is, how do we continually safeguard and protect that data? And how do we drive features in the box that remove more and more of the day to day responsibility from the administrative staff, who are technically hired really, to service and solve for bigger problems in the enterprise, not to be a specialist and have to manage one box at a time. >> Dave mentioned Arvind coming on, the new CEO of IBM, and the Red Hat acquisition and that change, I'd like to get your personal perspective, or industry perspective, so take your IBM-hat off for a second and put the Scott-experience-in-the-industry hat on, the transformation at the customer level right now is more robust, to use that word. I don't want to say chaotic, but it is chaotic. They say chaos in the cloud here at VM, a big part of their messaging, but it's changing the business model, how things are consumed. You're seeing new business models emerge. So IBM has this lot of storage old systems, you're transforming, the company's transforming. Customers are also transforming, so that's going to change how people market products. >> () Right. >> For example, we know that developers and DevOps love self-service. Why? Because they don't want to install it. Let me go faster. And they want to get rid of it, doesn't work. Storage is infrastructure and still software, so how do you see, in your mind's eye, with all your experience, the vision of how to market products that are super important, that are infrastructure products, that have to be put into play, for really new architectures that are going to transform businesses? It's not as easy as saying, "Oh, we're going to go to market and sell something." The old way. >> () Right. >> This shifting happening is, I don't think there's an answer yet, but I want to get your perspective on that. Customers want to hear the storage message, but it might not be speeds and fees. Maybe it is. Maybe it's not. Maybe it's solutions. Maybe it's security. There's multiple touch points now, that you're dealing with at IBM for the customer, without becoming just a storage thing or just- >> () Right. >> ... or just hardware. I mean, hardware does matter, but what's- >> Yeah, no, you're absolutely right, and I think what complicates that too is, if you look at the buying centers around a purchase decision, that's expanded as well, and so as you engage with a customer, you have to be sensitive to the message that you're telling, so that it touches the needs or the desires of the people that are all sitting around the table. Generally what we like to do when we step in and we engage, isn't so much to talk about the product. At some point, maybe later in the engagements, the importance of speeds, feeds, interconnectivity, et cetera, those do come up. Those are a part of the final decision, but early on it's really about outcomes. What outcomes are you delivering? This idea of being able to deliver, if you use the term zero trust or cyber-resilient storage capability as a part of a broader security architecture that you're putting into place, to help that organization, that certainly comes up. We also hear conversations with customers about, or requests from customers about, how do the parts of IBM themselves work together? Right? And I think a lot of that, again, continues to speak to what kind of outcome are you going to give to me? Here's a challenge that I have. How are you helping me overcome it? And that's a combination of IBM hardware, software, and the services side, where we really have an opportunity to stand out. But the thing that I would tell you, that's probably most important is, the engagement that we have up and down the stack in the market perspective, always starts with, what's the outcome that you're going to deliver for me? And then that drags with it the story that would be specific to the gear. >> Okay, so let's say I'm a customer, and I'm buying it to zero trust architecture, but it's going to be somewhat of a long term plan, but I have a tactical need. I'm really nervous about Ransomware, and I don't feel as though I'm prepared, and I want an outcome that protects me. What are you seeing? Are you seeing any patterns? I know it's going to vary, but are you seeing any patterns, in terms of best practice to protect me? >> Man, the first thing that we wanted to do at IBM is divorce ourselves from the company as we thought through this. And what I mean by that is, we wanted to do what's right, on day zero, for the customer. So we set back using the experience that we've been able to amass, going through various recovery operations, and helping customers get through a Ransomware attack. And we realized, "Hey. What we should offer is a free cyber resilience assessment." So we like to, from the storage side, we'd like to look at what we offer to the customer as following the NIST framework. And most vendors will really lean in hard on the response and the recovery side of that, as you should. But that means that there's four other steps that need to be addressed, and that free cyber-resilience assessment, it's a consultative engagement that we offer. What we're really looking at doing is helping you assess how vulnerable you are, how big is that attack surface? And coming out of that, we're going to give you a Vendor Agnostic Report that says here's your situation, here's your grade or your level of risk and vulnerability, and then here's a prioritized roadmap of where we would recommend that you go off and start solving to close up whatever the gaps or the risks are. Now you could say, "Hey, thanks, IBM. I appreciate that. I'm good with my storage vendor today. I'm going to go off and use it." Now, we may not get some kind of commission check. We may not sell the box. But what I do know is that you're going to walk away knowing the risks that you're in, and we're going to give you the recommendations to get started on closing those up. And that helps me sleep at night. >> That's a nice freebie. >> Yeah. >> Yeah, it really is, 'cause you guys got deep expertise in that area. So take advantage of that. >> Scott, great to have you on. Thanks for spending time out of your busy day. Final question, put a plug in for your group. What are you communicating to customers? Share with the audience here. You're here at VMware Explorer, the new rebranded- >> () Right? >> ... multi-cloud, hybrid cloud, steady state. There are three levels of transformation, virtualization, hybrid cloud, DevOps, now- >> Right? >> ... multi-cloud, so they're in chapter three of their journey- >> That's right. >> Really innovative company, like IBM, so put the plugin. What's going on in your world? Take a minute to explain what you want. >> Right on. So here we are at VMware Explorer, really excited to be here. We're showcasing two aspects of the IBM portfolio, all of the releases and announcements that we're making around the IBM cloud. In fact, you should come check out the product demonstration for the IBM Cloud Satellite. And I don't think they've coined it this, but I like to call it the VMware edition, because it has all of the VMware services and tools built into it, to make it easier to move your workloads around. We certainly have the infrastructure side on the storage, talking about how we can help organizations, not only accelerate their deployments in, let's say Tanzu or Containers, but even how we help them transform the application stack that's running on top of their virtualized environment in the most consistent and secure way possible. >> Multiple years of relationships with VMware. IBM, VMware together. Congratulations. >> () That's right. >> () Thanks for coming on. >> Hey, thanks (indistinct). Thank you very much. >> A lot more live coverage here at Moscone west. This is theCUBE. I'm John Furrier with Dave Vellante. Thanks for watching. Two more days of wall-to-wall coverage continuing here. Stay tuned. (soothing music)

>> From theCUBE studios in Palo Alto in Boston bringing you data driven insights from theCUBE and ETR. This is breaking analysis with Dave Vellante. >> The term Supercloud is somewhat new, but the concepts behind it have been bubbling for years, early last decade when NIST put forth a definition of cloud computing it said services had to be accessible over a public network essentially cutting the on-prem crowd out of the cloud conversation. Now a guy named Chuck Hollis, who was a field CTO at EMC at the time and a prolific blogger objected to that criterion and laid out his vision for what he termed a private cloud. Now, in that post, he showed a workload running both on premises and in a public cloud sharing the underlying resources in an automated and seamless manner. What later became known more broadly as hybrid cloud that vision as we now know, really never materialized, and we were left with multi-cloud sets of largely incompatible and disconnected cloud services running in separate silos. The point is what Hollis laid out, IE the ability to abstract underlying infrastructure complexity and run workloads across multiple heterogeneous estates with an identical experience is what super cloud is all about. Hello and welcome to this week's Wikibon cube insights powered by ETR and this breaking analysis. We share what we hope to learn from super cloud 22 next week, next Tuesday at 9:00 AM Pacific. The community is gathering for Supercloud 22 an inclusive pilot symposium hosted by theCUBE and made possible by VMware and other founding partners. It's a one day single track event with more than 25 speakers digging into the architectural, the technical, structural and business aspects of Supercloud. This is a hybrid event with a live program in the morning running out of our Palo Alto studio and pre-recorded content in the afternoon featuring industry leaders, technologists, analysts and investors up and down the technology stack. Now, as I said up front the seeds of super cloud were sewn early last decade. After the very first reinvent we published our Amazon gorilla post, that scene in the upper right corner here. And we talked about how to differentiate from Amazon and form ecosystems around industries and data and how the cloud would change IT permanently. And then up in the upper left we put up a post on the old Wikibon Wiki. Yeah, it used to be a Wiki. Check out my hair by the way way no gray, that's how long ago this was. And we talked about in that post how to compete in the Amazon economy. And we showed a graph of how IT economics were changing. And cloud services had marginal economics that looked more like software than hardware at scale. And this would reset, we said opportunities for both technology sellers and buyers for the next 20 years. And this came into sharper focus in the ensuing years culminating in a milestone post by Greylock's Jerry Chen called Castles in the Cloud. It was an inspiration and catalyst for us using the term Supercloud in John Furrier's post prior to reinvent 2021. So we started to flesh out this idea of Supercloud where companies of all types build services on top of hyperscale infrastructure and across multiple clouds, going beyond multicloud 1.0, if you will, which was really a symptom, as we said, many times of multi-vendor at least that's what we argued. And despite its fuzzy definition, it resonated with people because they knew something was brewing, Keith Townsend the CTO advisor, even though he frankly, wasn't a big fan of the buzzy nature of the term Supercloud posted this awesome Blackboard on Twitter take a listen to how he framed it. Please play the clip. >> Is VMware the right company to make the super cloud work, term that Wikibon came up with to describe the taking of discreet services. So it says RDS from AWS, cloud compute engines from GCP and authentication from Azure to build SaaS applications or enterprise applications that connect back to your data center, is VMware's cross cloud vision 'cause it is just a vision today, the right approach. Or should you be looking towards companies like HashiCorp to provide this overall capability that we all agree, or maybe you don't that we need in an enterprise comment below your thoughts. >> So I really like that Keith has deep practitioner knowledge and lays out a couple of options. I especially like the examples he uses of cloud services. He recognizes the need for cross cloud services and he notes this capability is aspirational today. Remember this was eight or nine months ago and he brings HashiCorp into the conversation as they're one of the speakers at Supercloud 22 and he asks the community, what they think, the thing is we're trying to really test out this concept and people like Keith are instrumental as collaborators. Now I'm sure you're not surprised to hear that mot everyone is on board with the Supercloud meme, in particular Charles Fitzgerald has been a wonderful collaborator just by his hilarious criticisms of the concept. After a couple of super cloud posts, Charles put up his second rendition of "Supercloudifragilisticexpialidoucious". I mean, it's just beautiful, but to boot, he put up this picture of Baghdad Bob asking us to just stop, Bob's real name is Mohamed Said al-Sahaf. He was the minister of propaganda for Sadam Husein during the 2003 invasion of Iraq. And he made these outrageous claims of, you know US troops running in fear and putting down their arms and so forth. So anyway, Charles laid out several frankly very helpful critiques of Supercloud which has led us to really advance the definition and catalyze the community's thinking on the topic. Now, one of his issues and there are many is we said a prerequisite of super cloud was a super PaaS layer. Gartner's Lydia Leong chimed in saying there were many examples of successful PaaS vendors built on top of a hyperscaler some having the option to run in more than one cloud provider. But the key point we're trying to explore is the degree to which that PaaS layer is purpose built for a specific super cloud function. And not only runs in more than one cloud provider, Lydia but runs across multiple clouds simultaneously creating an identical developer experience irrespective of a state. Now, maybe that's what Lydia meant. It's hard to say from just a tweet and she's a sharp lady, so, and knows more about that market, that PaaS market, than I do. But to the former point at Supercloud 22, we have several examples. We're going to test. One is Oracle and Microsoft's recent announcement to run database services on OCI and Azure, making them appear as one rather than use an off the shelf platform. Oracle claims to have developed a capability for developers specifically built to ensure high performance low latency, and a common experience for developers across clouds. Another example we're going to test is Snowflake. I'll be interviewing Benoit Dageville co-founder of Snowflake to understand the degree to which Snowflake's recent announcement of an application development platform is perfect built, purpose built for the Snowflake data cloud. Is it just a plain old pass, big whoop as Lydia claims or is it something new and innovative, by the way we invited Charles Fitz to participate in Supercloud 22 and he decline saying in addition to a few other somewhat insulting things there's definitely interesting new stuff brewing that isn't traditional cloud or SaaS but branding at all super cloud doesn't help either. Well, indeed, we agree with part of that and we'll see if it helps advanced thinking and helps customers really plan for the future. And that's why Supercloud 22 has going to feature some of the best analysts in the business in The Great Supercloud Debate. In addition to Keith Townsend and Maribel Lopez of Lopez research and Sanjeev Mohan from former Gartner analyst and principal at SanjMo participated in this session. Now we don't want to mislead you. We don't want to imply that these analysts are hopping on the super cloud bandwagon but they're more than willing to go through the thought experiment and mental exercise. And, we had a great conversation that you don't want to miss. Maribel Lopez had what I thought was a really excellent way to think about this. She used TCP/IP as an historical example, listen to what she said. >> And Sanjeev Mohan has some excellent thoughts on the feasibility of an open versus de facto standard getting us to the vision of Supercloud, what's possible and what's likely now, again, I don't want to imply that these analysts are out banging the Supercloud drum. They're not necessarily doing that, but they do I think it's fair to say believe that something new is bubbling and whether it's called Supercloud or multicloud 2.0 or cross cloud services or whatever name you choose it's not multicloud of the 2010s and we chose Supercloud. So our goal here is to advance the discussion on what's next in cloud and Supercloud is meant to be a term to describe that future of cloud and specifically the cloud opportunities that can be built on top of hyperscale, compute, storage, networking machine learning, and other services at scale. And that is why we posted this piece on Answering the top 10 questions about Supercloud. Many of which were floated by Charles Fitzgerald and others in the community. Why does the industry need another term what's really new and different? And what is hype? What specific problems does Supercloud solve? What are the salient characteristics of Supercloud? What's different beyond multicloud? What is a super pass? Is it necessary to have a Supercloud? How will applications evolve on superclouds? What workloads will run? All these questions will be addressed in detail as a way to advance the discussion and help practitioners and business people understand what's real today. And what's possible with cloud in the near future. And one other question we'll address is who will build super clouds? And what new entrance we can expect. This is an ETR graphic that we showed in a previous episode of breaking analysis, and it lays out some of the companies we think are building super clouds or in a position to do so, by the way the Y axis shows net score or spending velocity and the X axis depicts presence in the ETR survey of more than 1200 respondents. But the key callouts to this slide in addition to some of the smaller firms that aren't yet showing up in the ETR data like Chaossearch and Starburst and Aviatrix and Clumio but the really interesting additions are industry players Walmart with Azure, Capital one and Goldman Sachs with AWS, Oracle, with Cerner. These we think are early examples, bubbling up of industry clouds that will eventually become super clouds. So we'll explore these and other trends to get the community's input on how this will all play out. These are the things we hope you'll take away from Supercloud 22. And we have an amazing lineup of experts to answer your question. Technologists like Kit Colbert, Adrian Cockcroft, Mariana Tessel, Chris Hoff, Will DeForest, Ali Ghodsi, Benoit Dageville, Muddu Sudhakar and many other tech athletes, investors like Jerry Chen and In Sik Rhee the analyst we featured earlier, Paula Hansen talking about go to market in a multi-cloud world Gee Rittenhouse talking about cloud security, David McJannet, Bhaskar Gorti of Platform9 and many, many more. And of course you, so please go to theCUBE.net and register for Supercloud 22, really lightweight reg. We're not doing this for lead gen. We're doing it for collaboration. If you sign in you can get the chat and ask questions in real time. So don't miss this inaugural event Supercloud 22 on August 9th at 9:00 AM Pacific. We'll see you there. Okay. That's it for today. Thanks for watching. Thank you to Alex Myerson who's on production and manages the podcast. Kristen Martin and Cheryl Knight. They help get the word out on social media and in our newsletters. And Rob Hof is our editor in chief over at SiliconANGLE. Does some really wonderful editing. Thank you to all. Remember these episodes are all available as podcasts wherever you listen, just search breaking analysis podcast. I publish each week on wikibon.com and Siliconangle.com. And you can email me at David.Vellantesiliconangle.com or DM me at Dvellante, comment on my LinkedIn post. Please do check out ETR.AI for the best survey data in the enterprise tech business. This is Dave Vellante for theCUBE insights powered by ETR. Thanks for watching. And we'll see you next week in Palo Alto at Supercloud 22 or next time on breaking analysis. (calm music)

(upbeat music) >> Okay, welcome back everyone. CUBE's coverage here in Boston, Massachusetts, AWS re:inforce 22, security conference. It's AWS' big security conference. Of course, theCUBE's here, all the reinvent, reese, remars, reinforced. We cover 'em all now and the summits. I'm John Furrier, my host Dave Vellante. We have IDC weighing in here with their analysts. We've got some great guests here, Jay Bretzmann research VP at IDC and Philip Bues research manager for Cloud security. Gentlemen, thanks for coming on. >> Thank you. >> Appreciate it. Great to be here. >> Appreciate coming. >> Got a full circle, right? (all laughing) Security's more interesting than storage, isn't it? (all laughing) >> Dave and Jay worked together. This is a great segment. I'm psyched that you guys are here. We had Crawford and Matt Eastwood on at HPE Discover a while back and really the data you guys are getting and the insights are fantastic. So congratulations to IDC. You guys doing great work. We appreciate your time. I want to get your reaction to the event and the keynotes. AWS has got some posture and they're very aggressive on some tones. Some things that we didn't hear. What's your reaction to the keynote? Share your assessment. >> So, you know, I manage two different research services at IDC right now. They are both Cloud security and identity and digital security, right? And what was really interesting is the intersection between the two this morning, because every one of those speakers that came on had something to say about identity or least privileged access, or enable MFA, or make sure that you control who gets access to what and deny explicitly. And it's always been a challenge a little bit in the identity world because a lot of people don't use MFA. And in RSA, that was another big theme at the RSA conference, MFA everywhere. Why don't they use it? Because it introduces friction and all of a sudden people can't get their jobs done. And the whole point of a network is letting people on to get that data they want to get to. So that was kind of interesting, but as we have in the industry, this shared responsibility model for Cloud computing, we've got shared responsibility for between Philip and I. (Philip laughing) I have done in the past more security of the Cloud and Philip is more security in the Cloud. >> So yeah. >> And now with Cloud operation Super Cloud, as we call it, you have on premises, private Cloud coming back, or hasn't really gone anywhere, all that on premises, Cloud operations, public Cloud, and now edge exploding with new requirements. It's really an ops challenge right now. Not so much dev. So the sec and op side is hot right now. >> Yeah, well, we've made this move from monolithic to microservices based applications. And so during the keynote this morning, the announcement around the GuardDuty Malware Protection component, and that being built into the pricing of current GuardDuty, I thought was really key. And there was also a lot of talk about partnering in security certifications, which is also so very important. So we're seeing this move towards filling in that talent gap, which I think we're all aware of in the security industry. >> So Jake, square the circle for me. So Kirk Coofell talked about Amazon AWS identity, where does AWS leave off, and companies like Okta or Ping identity or Cybertruck pickup, how are they working together? Does it just create more confusion and more tools for customers? We know the overused word of seamless. >> Yeah, yeah. >> It's never seamless, so how should we think about that? >> So, identity has been around for 35 years or something like that. Started with the mainframes and all that. And if you understand the history of it, you make more sense to the current market. You have to know where people came from and the baggage they're carrying, 'cause they're still carrying a lot of that baggage. Now, when it comes to the Cloud Service providers, they're more an accommodation from the identity standpoint. Let's make it easy inside of AWS to let you single sign on to anything in the Cloud that they have, right? Let's also introduce an additional MFA capability to keep people safer whenever we can and provide people with tools, to get into those applications somewhat easily, while leveraging identities that may live somewhere else. So there's a whole lot of the world that is still active, directory-centric, right? There's another portion of companies that were born in the Cloud that were able to jump on things like Okta and some of the other providers of these universal identities in the Cloud. So, like I said, if you understand where people came from in the beginning, you start to say, "Yeah, this makes sense." >> It's interesting you talk about mainframe. I always think about Rack F, you know. And I say, "Okay, who did what, when, where?" And you hear about a lot of those themes. So what's the best practice for MFA, that's non-SMS-based? Is it you got to wear something around your neck, is it to have sort of a third party authenticator? What are people doing that you guys would recommend? >> Yeah, one quick comment about adoption of MFA. If you ask different suppliers, what percent of your base that does SSO also does MFA, one of the biggest suppliers out there, Microsoft will tell you it's under 25%. That's pretty shocking. All the messaging that's come out about it. So another big player in the market was called Duo, Cisco bought them. >> Yep. >> And because they provide networks, a lot of people buy their MFA. They have probably the most prevalent type of MFA, it's called Push. And Push can be a red X and a green check mark to your phone, it can be a QR code, somewhere, it can be an email push as well. So that is the next easiest thing to adopt after SMS. And as you know, SMS has been denigrated by NIST and others saying, it's susceptible to man and middle attacks. It's built on a telephony protocol called SS7. Predates anything, there's no certification either side. The other real dynamic and identity is the whole adoption of PKI infrastructure. As you know, certificates are used for all kinds of things, network sessions, data encryption, well, identity increasingly. And a lot of the consumers and especially the work from anywhere, people these days have access through smart devices. And what you can do there, is you can have an agent on that smart device, generate your private key and then push out a public key and so the private key never leaves your device. That's one of the most secure ways to- >> So if our SIM card gets hacked, you're not going to be as vulnerable? >> Yeah, well, the SIM card is another challenge associated with the older ways, but yeah. >> So what do you guys think about the open source connection and they mentioned it up top. Don't bolt on security, implying shift left, which is embedding it in like sneak companies, like sneak do that. Very container oriented, a lot of Kubernetes kind of Cloud native services. So I want to get your reaction to that. And then also this reasoning angle they brought up. Kind of a higher level AI reasoning decisions. So open source, and this notion of AI reasoning. or AI reason. >> And you see more open source discussion happening, so you have your building maintaining and vetting of the upstream open source code, which is critical. And so I think AWS talking about that today, they're certainly hitting on a nerve, as you know, open source continues to proliferate. Around the automated reasoning, I think that makes sense. You want to provide guide rails and you want to provide roadmaps and you want to have sort of that guidance as to, okay, what's a correlation analysis of different tools and products? And so I think that's going to go over really well, yeah. >> One of the other key points about open source is, everybody's in a multi-cloud world, right? >> Yeah. >> And so they're worried about vendor lock in. They want an open source code base, so that they don't experience that. >> Yeah, and they can move the code around, and make sure it works well on each system. Dave and I were just talking about some of the dynamics around data control planes. So they mentioned encrypt everything which is great and I message by the way, I love that one. But oh, and he mentioned data at rest. I'm like, "What about data in flight? "Didn't hear that one." So one of the things we're seeing with SuperCloud, and now multi-cloud kind of as destinations of that, is that in digital transformation, customers are leaning into owning their data flows. >> Yeah. >> Independent of say the control plane aspects of what could come in. This is huge implications for security, where sharing data is huge, even Schmidt on stage said, we have billions and billions of things happening that we see things that no one else sees. So that implies, they're sharing- >> Quad trillion. >> Trillion, 15 zeros. (Jay laughs) >> 15 zeros. >> So that implies they're sharing that or using that pushing that into something. So sharing is huge with cyber security. So that implies open data, data flows. How do you guys see this evolving? I know it's kind of emerging, but it's becoming a nuanced point, that's critical to the architecture. >> Well, yeah, I think another way to look at that is the sharing of intelligence and some of the recent directives, from the executive branch, making it easier for private companies to share data and intelligence, which I think strengthens the cyber community overall. >> Depending upon the supplier, it's either an aggregate level of intelligence that has been anonymized or it's specific intelligence for your environment that everybody's got a threat feed, maybe two or three, right? (John laughs) But back to the encryption point, I mean, I was working for an encryption startup for a little while after I left IBM, and the thing is that people are scared of it. They're scared of key management and rotation. And so when you provide- >> Because they might lose the key. >> Exactly. >> Yeah. >> It's like shooting yourself in the foot, right? So that's when you have things like, KMS services from Amazon and stuff that really help out a lot. And help people understand, okay, I'm not alone in this. >> Yeah, crypto owners- >> They call that hybrid, the hybrid key, they don't know how they call the data, they call it the hybrid. What was that? >> Key management service? >> The hybrid- >> Oh, hybrid HSM, correct? >> Yeah, what is that? What is that? I didn't get that. I didn't understand what he meant by the hybrid post quantum key agreement. >> Hybrid post quantum key exchange. >> AWS never made a product name that didn't have four words in it. (John laughs) >> But he did reference the new NIST algos. And I think I inferred that they were quantum proof or they claim to be, and AWS was testing those. >> Correct, yeah. >> So that was kind of interesting, but I want to come back to identity for a second. So, this idea of bringing traditional IAM and Privileged Access Management together, is that a pipe dream, is that something that is actually going to happen? What's the timeframe, what's your take on that? >> So, there are aspects of privilege in every sort of identity. Back when it was only the back office that used computers for calculations, right? Then you were able to control how many people had access. There were two types of users, admins and users. These days, everybody has some aspect of- >> It's a real spectrum, really. >> Yeah. >> Granular. >> You got the C-suite, the finance people, the DevOps people, even partners and whatever. They all need some sort of privileged access, and the term you hear so much is least-privileged access, right? Shut it down, control it. So, in some of my research, I've been saying that vendors who are in the PAM space, Privilege Access Management space, will probably be growing their suites, playing a bigger role, building out a stack, because they have the expertise and the perspective that says, "We should control this better." How do we do that, right? And we've been seeing that recently. >> Is that a combination of old kind of antiquated systems meets for proprietary hyper scale, or kind of like build your own? 'Cause I mean, Amazon, these guys, Facebook, they all build their own stuff. >> Yes, they do. >> Then enterprises buy services from general purpose identity management systems. >> So as we were talking about knowing the past and whatever, Privileged Access Management used to be about compliance reporting. Just making sure that I knew who accessed what? And could prove it, so I didn't fail at all. >> It wasn't a critical infrastructure item. >> No, and now these days, what it's transitioning into, is much more risk management, okay. I know what our risk is, I'm ahead of it. And the other thing in the PAM space, was really session monitor. Everybody wanted to watch every keystroke, every screen's scrape, all that kind of stuff. A lot of the new Privileged Access Management, doesn't really require that. It's a nice to have feature. You kind of need it on the list, but is anybody really going to implement it? That's the question, right. And then if you do all that session monitoring, does anybody ever go back and look at it? There's only so many hours in the day. >> How about passwordless access? (Jay laughs) I've heard people talk about that. I mean, that's as a user, I can't wait but- >> Well, it's somewhere we want to all go. We all want identity security to just disappear and be recognized when we log in. So the thing with passwordless is, there's always a password somewhere. And it's usually part of a registration action. I'm going to register my device with a username password, and then beyond that I can use my biometrics, right? I want to register my device and get a private key, that I can put in my enclave, and I'll use that in the future. Maybe it's got to touch ID, maybe it doesn't, right? So even though there's been a lot of progress made, it's not quote, unquote, truly passwordless. There's a group, industry standards group called Fido. Which is Fast Identity Online. And what they realized was, these whole registration passwords, that's really a single point of failure. 'Cause if I can't recover my device, I'm in trouble. So they just did new extension to sort of what they were doing, which provides you with much more of like an iCloud vault that you can register that device in and other devices associated with that same identity. >> Get you to it if you have to. >> Exactly. >> I'm all over the place here, but I want to ask about ransomware. It may not be your wheelhouse. But back in the day, Jay, remember you used to cover tape. All the backup guys now are talking about ransomware. AWS mentioned it today and they showed a bunch of best practices and things you can do. Air gaps wasn't one of them. I was really surprised 'cause that's all every anybody ever talks about is air gaps and a lot of times that air gap could be a guess to the Cloud, I guess, I'm not sure. What are you guys seeing on ransomware apps? >> We've done a lot of great research around ransomware as a service and ransomware, and we just had some data come out recently, that I think in terms of spending and spend, and as a result of the Ukraine-Russia war, that ransomware assessments rate number one. And so it's something that we encourage, when we talk to vendors and in our services, in our publications that we write about taking advantage of those free strategic ransomware assessments, vulnerability assessments, as well and then security and training ranked very highly as well. So, we want to make sure that all of these areas are being funded well to try and stay ahead of the curve. >> Yeah, I was surprised to not see air gaps on the list, that's all everybody talks about. >> Well, the old model for air gaping in the land days, the novel days, you took your tapes home and put them in the sock drawer. (all laughing) >> Well, it's a form of air gap. (all laughing) >> Security and no one's going to go there and clean out. >> And then the internet came around and ruined it. >> Guys, final question we want to ask you, guys, we kind of zoom out, great commentary by the way. Appreciate it. We've seen this in many markets, a collection of tools emerge and then there's its tool sprawl. So cyber we're seeing the trend now where mon goes up on stage of all the ecosystems, probably other vendors doing the same thing where they're organizing a platform on top of AWS to be this super platform, for super Cloud capability by building a more platform thing. So we're saying there's a platform war going on, 'cause customers don't want the complexity. I got a tool but it's actually making it more complex if I buy the other tool. So the tool sprawl becomes a problem. How do you guys see this? Do you guys see this platform emerging? I mean tools won't go away, but they have to be easier. >> Yeah, we do see a consolidation of functionality and services. And we've been seeing that, I think through a 2020 Cloud security survey that we released that was definitely a trend. And that certainly happened for many companies over the last six to 24 months, I would say. And then platformization absolutely is something we talk and write about all the time so... >> Couple of years ago, I called the Amazon tool set an erector set because it really required assembly. And you see the emphasis on training here too, right? You definitely need to go to AWS University to be competent. >> It wasn't Lego blocks yet. >> No. >> It was erector set. >> Yeah. >> Very good distinction. >> Loose. >> And you lose a few. (chuckles) >> But still too many tools, right? You see, we need more consolidation. It's getting interesting because a lot of these companies have runway and you look at sale point at stock prices held up 'cause of the Thoma Bravo acquisition, but all the rest of the cyber stocks have been crushed especially the high flyers, like a Sentinel-1 one or a CrowdStrike, but just still M and A opportunity. >> So platform wars. Okay, final thoughts. What do you, think is happening next? What's your outlook for the next year or so? >> So, in the identity space, I'll talk about, Philip can cover Cloud for us. It really is more consolidation and more adoption of things that are beyond simple SSO. It was, just getting on the systems and now we really need to control what you're able to get to and who you are. And do it as transparently as we possibly can, because otherwise, people are going to lose productivity. They're not going to be able to get to what they want. And that's what causes the C-suite to say, "Wait a minute," DevOps, they want to update the product every day. Make it better. Can they do that or did security get in the way? People, every once in a while call security, the Department of No, right? >> They ditch it on stage. They want to be the Department of Yes. >> Exactly. >> Yeah. >> And the department that creates additional value. If you look at what's going on with B2C or CIAM, consumer oriented identity, that is all about opening up new direct channels and treating people like their old friends, not like you don't know them, you have to challenge them. >> We always say, you want to be in the boat together, it sinks or not. >> Yeah. Exactly. >> Philip I'm glad- >> Okay, what's your take? What's your outlook for the year? >> Yeah, I think, something that we've been seeing as consolidation and integration, and so companies looking at from built time to run time, investing in shift left infrastructure is code. And then also in the runtime detection, makes perfect sense to have both the agent and agent lists so that you're covering any of the gaps that might exist. >> Awesome, Jay Phillip, thanks for coming on "theCUBE" with IDC and sharing your- >> Oh, our pleasure- >> Perspective, commentary and insights and outlook. Appreciate it. >> You bet. >> Thank you. >> Okay, we've got the great direction here from IDC analyst here on the queue. I'm John Furrier, Dave Vellante. Be back more after this short break. (bright upbeat music)

(upbeat music) >> Hello everyone, welcome back to the manager risk across the extended attack surface with Armis. I'm John Furrier, your host of theCUBE. Got the demo. Got here, Bryan Inman sales engineer at Armis. Bryan, thanks for coming on. We're looking forward to the demo. How you doing? >> I'm doing well, John, thanks for having me. >> We heard from Nadir describing Armis' platform, lot of intelligence. It's like a search engine meets data at scale, intelligent platform around laying out the asset map, if you will, the new vulnerability module among other things that really solves CISCO's problems. A lot of great customer testimonials and we got the demo here that you're going to give us. What's the demo about? What are we going to see? >> Well, John, thanks. Great question. And truthfully, I think as Nadir has pointed out what Armis as a baseline is giving you is great visibility into every asset that's communicating within your environment. And from there, what we've done is we've layered on known vulnerabilities associated with not just the device, but also what else is on the device. Is there certain applications running on that device, the versions of those applications, and what are the vulnerabilities known with that? So that's really gives you great visibility in terms of the devices that folks aren't necessarily have visibility into now, unmanaged devices, IoT devices, OT, and critical infrastructure, medical devices things that you're not necessarily able to actively scan or put an agent on. So not only is Armis telling you about these devices but we're also layering on those vulnerabilities all passively and in real time. >> A lot of great feedback we've heard and I've talked to some of your customers. Rhe agentless is a huge deal. The discoveries are awesome. You can see everything and just getting real time information. It's really, really cool. So I'm looking forward to the demo for our guests. Take us on that tour. Let's go with the demo for the guests today. >> All right. Sounds good. So what we're looking at here is within the Armis console is just a clean representation of the passive reporting of what Armis has discovered. So we see a lot of different types of devices from your virtual machines and personal computers, things that are relatively easy to manage. But working our way down, you're able to see a lot of different types of devices that are not necessarily easy to get visibility into, things like your up systems, IT cameras, dash cams, et cetera, lighting systems. And today's day and age where everything is moving to that smart feature, it's great to have that visibility into what's communicating on my network and getting that, being able to layer on the risk factors associated with it as well as the vulnerabilities. So let's pivot over to our vulnerabilities tab and talk about the the AVM portion, the asset vulnerability management. So what we're looking at is the dashboard where we're reporting another clean representation with customizable dashlets that gives you visuals and reporting and things like new vulnerabilities as they come in. What are the most critical vulnerabilities, the newest as they roll in the vulnerabilities by type? We have hardware. We have application. We have operating systems. As we scroll down, we can see things to break it down by vulnerabilities, by the operating system, Windows, Linux, et cetera. We can create dashlets that show you views of the number of devices that are impacted by these CVEs. And scrolling down, we can see how long have these vulnerabilities been sitting within my environment? So what are the oldest vulnerabilities we have here? And then also of course, vulnerabilities by applications. So things like Google Chrome, Microsoft Office. So we're able to give a good representation of the amount of vulnerabilities as they're associated to the hardware and applications as well. So we're going to dig in and take a a deeper look at one of these vulnerabilities here. So I'm excited to talk today about of where Armis AVM is, but also where it's going as well. So we're not just reporting on things like the CVSS score from NIST NVD. We're also able to report on things like the exploitability of that. How actively is this CVE being exploited in the wild? We're reporting EPSS scores. For example, we're able to take open source information as well as a lot of our partnerships that we have with other vendors that are giving us a lot of great value of known vulnerabilities associated with the applications and with hardware, et cetera. But where we're going with this is in very near future releases, we're going to be able to take an algorithm approach of, what are the most critical CVSS that we see? How exploitable are those? What are common threat actors doing with these CVEs? Have they weaponized these CVEs? Are they actively using those weaponized tools to exploit these within other folks' environments? And who's reporting on these? So we're going to take all of these and then really add that Armis flavor of we already know what that device is and we can explain and so can the users of it, the business criticality of that device. So we're able to pivot over to the matches as we see the CVEs. We're able to very cleanly view, what exactly are the devices that the CVE resides on. And as you can see, we're giving you more than just an IP address or a lot more context and we're able to click in and dive into what exactly are these devices. And more importantly, how critical are these devices to my environment? If one of these devices were to go down if it were to be a server, whatever it may be, I would want to focus on those particular devices and ensuring that that CVE, especially if it's an exploitable CVE were to be addressed earlier than say the others and really be able to manage and prioritize these. Another great feature about it is, for example, we're looking at a particular CVE in terms of its patch and build number from Windows 10. So the auto result feature that we have, for example, we've passively detected what this particular personal computer is running Windows 10 and the build and revision numbers on it. And then once Armis passively discovers an update to that firmware and patch level, we can automatically resolve that, giving you a confidence that that has been addressed from that particular device. We're also able to customize and look through and potentially select a few of these, say, these particular devices reside on your guest network or an employee wifi network where we don't necessarily, I don't want to say care, but we don't necessarily value that as much as something internally that holds significantly, more business criticality. So we can select some of these and potentially ignore or resolve for determining reasons as you see here. Be able to really truly manage and prioritize these CVEs. As I scroll up, I can pivot over to the remediation tab and open up each one of these. So what this is doing is essentially Armis says, through our knowledge base been able to work with the vendors and pull down the patches associated with these. And within the remediation portion, we're able to view, for example, if we were to pull down the patch from this particular vendor and apply it to these 60 devices that you see here, right now we're able to view which patches are going to gimme the most impact as I prioritize these and take care of these affected devices. And lastly, as I pivot back over. Again, where we're at now is we're able to allow the users to customize the organizational priority of this particular CVE to where in terms of, this has given us a high CVSS score but maybe for whatever reasons it may be, maybe this CVE in terms of this particular logical segment of my network, I'm going to give it a low priority for whatever the use case may be. We have compensating controls set in place that render this CVE not impactful to this particular segment of my environment. So we're able to add that organizational priority to that CVE and where we're going as you can see that popped up here but where we're going is we're going to start to be able to apply the organizational priority in terms of the actual device level. So what we'll see is we'll see a column added to here to where we'll see the the business impact of that device based on the importance of that particular segment of your environment or the device type, be it critical networking device or maybe a critical infrastructure device, PLCs, controllers, et cetera, but really giving you that passive reporting on the CVEs in terms of what the device is within your network. And then finally, we do integrate with your vulnerability management and scanners as well. So if you have a scanner actively scanning these, but potentially they're missing segments of your net network, or they're not able to actively scan certain devices on your network, that's the power of Armis being able to come back in and give you that visibility of not only what those devices are for visibility into them, but also what vulnerabilities are associated with those passive devices that aren't being scanned by your network today. So with that, that concludes my demo. So I'll kick it back over to you, John. >> Awesome. Great walk through there. Take me through what you think the most important part of that. Is it the discovery piece? Is it the interaction? What's your favorite? >> Honestly, I think my favorite part about that is in terms of being able to have the visibility into the devices that a lot of folks don't see currently. So those IoT devices, those OT devices, things that you're not able to run a scan on or put an agent on. Armis is not only giving you visibility into them, but also layering in, as I said before, those vulnerabilities on top of that, that's just visibility that a lot of folks today don't have. So Armis does a great job of giving you visibility and vulnerabilities and risks associated with those devices. >> So I have to ask you, when you give this demo to customers and prospects, what's the reaction? Falling out of their chair moment? Are they more skeptical? It's almost too good to be true and end to end vulnerability management is a tough nut to crack in terms of solution. >> Honestly, a lot of clients that we've had, especially within the OT and the medical side, they're blown away because at the end of the day when we can give them that visibility, as I've said, Hey, I didn't even know that those devices resided in that portion, but not only we showing them what they are and where they are and enrichment on risk factors, et cetera, but then we show them, Hey, we've worked with that vendor, whatever it may be and Rockwell, et cetera, and we know that there's vulnerabilities associated with those devices. So they just seem to be blown away by the fact that we can show them so much about those devices from behind one single console. >> It reminds me of the old days. I'm going to date myself here. Remember the old Google Maps mashup days. Customers talk about this as the Google Maps for their assets. And when you have the Google Maps and you have the Ubers out there, you can look at the trails, you can look at what's happening inside the enterprise. So there's got to be a lot of interest in once you get the assets, what's going on those networks or those roads, if you will, 'cause you got in packet movement. You got things happening. You got upgrades. You got changing devices. It's always on kind of living thing. >> Absolutely. Yeah, it's what's on my network. And more importantly at times, what's on those devices? What are the risks associated with the the applications running on those? How are those devices communicating? And then as we've seen here, what are the vulnerabilities associated with those and how can I take action with them? >> Real quick, put a plug in for where I can find the demo. Is it online? Is it on YouTube? On the website? Where does someone see this demo? >> Yeah, the Armis website has a lot of demo content loaded. Get you in touch with folks like engineers like myself to provide demos whenever needed. >> All right, Bryan, thanks for coming on this show. Appreciate, Sales Engineer at Armis, Bryan Inman. Given the demo God award out to him. Good job. Thanks for the demo. >> Thanks, thanks for having me. >> Okay. In a moment, we're going to have my closing thoughts on this event and really the impact to the business operations side, in a moment. I'm John Furrier of theCUBE. Thanks for watching. (upbeat music)