>> Narrator: theCUBE's live coverage is made possible by funding from Dell Technologies. Creating technologies that drive human progress. (upbeat music) >> Welcome back to Barcelona, Spain, everyone. It's theCUBE live at MWC '23, day three of four days of CUBE coverage. It's like a cannon of CUBE content coming right at you. I'm Lisa Martin with Dave Nicholson. We've got Dell and VMware here. Going to be talking about the ecosystem partnerships and what they're doing to further organizations in the telco industry. Please welcome Jared Woodrey, Director of Partner Engineering Open Telecom Ecosystem Lab, OTEL. Odded Solomon is here as well, Director of Product Management, VMware Service Provider and Edge Business Unit at VMware. Guys, great to have you on the program. >> Thank you for having me. >> Welcome to theCUBE. So Jared, first question for you. Talk about OTEL. I know there's a big announcement this week, but give the audience context and understanding of what OTEL is and how it works. >> Sure. So the Open Telecom Ecosystem Lab is physically located at Round Rock, Texas, it's the heart and soul of it. But this week we also just announced opening up the Cork, Ireland extension of OTEL. The reason for our existence is to to try and make it as easy as possible for both partners and customers to come together and to re-aggregate this disaggregated ecosystem. So that comes with a number of automation tools and basically just giving a known good testing environment so that tests that happen in our lab are as close to real world as they possibly can be and make it as transparent and open as possible for both partners like VMware as well as customers. >> Odded, talk about what you're doing with Dell and OTEL and give us a customer example of maybe one that you're working with or even even mentioning it by a high level descriptor if you have to. >> Yeah. So we provide a telco cloud platform, which is essentially a vertical in VMware. The telco cloud platform is serving network function vendors, such as Ericsson, Nokia, Mavenir, and so on. What we do with Dell as part of this partnership is essentially complementing the platform with some additional functionality that is not coming out of the box. We used to have a data protection in the past, but this is no longer our main business focus. So we do provide APIs that we can expose and work together with Dell PPDM solution so customer can benefit from this and leverage the partnership and have overall solution that is not coming out of the box from VMware. >> I'm curious, from a VMware perspective. VMware is associated often with the V in VMware, virtualization, and we've seen a transition over time between sort of flavors of virtualization and what is the mix currently today in the telecom space between environments that are leveraging what we would think of as more traditional virtualization with full blown Linux, Windows operating systems in a VM versus the world of containerized microservices? What does that mix look like today? Where do you see it going? >> Yeah, so the VMware telco cloud platform exists for about eight years. And the V started around that time. You might heard about open stack in addition to VMware. So this has definitely helped the network equipment providers with virtualizing their network functions. Those are typically VNF, virtualized network functions, inside the VMs. Essentially we have 4G applications, so core applications, EPC, we have IMS. Those are typically, I would say maybe 80 or 90% of the ecosystem right now. 5G is associated with cloud native network functions. So 5G is getting started now, getting deployed. There is an exponential growth on the core side. Now, when we expand towards the edge of the network we see more potential growth. This is 5G ran, we see the vRAN, we see the open RAN, we see early POCs, we see field trials that are starting. We obviously has production customer now. You just spoke to one. So this is really starting, cloud native is really starting I would say about 10 to 20% of the network functions these days are cloud native. >> Jared, question for you. You mentioned data protection, a huge topic there obviously from a security perspective. Data protection used to be the responsibility of the CSPs. You guys are changing that. Can you talk a little bit about how you're doing that and what Dell's play there is? >> Yeah, so PowerProtect Data Management is a product, but it's produced by Dell. So what this does is it enables data protection over virtual cloud as well as the physical infrastructure of specifically in this case of a telecoms ecosystem. So what this does is enables an ability to rapidly redeploy and back up existing configurations all the way up to the TCP and TCA that pulls the basis of our work here with VMware. >> So you've offloaded that responsibility from the CSPs. You freed them from that. >> So the work that we did, honestly was to make sure that we have a very clear and concise and accurate procedures for how to conduct this as well. And to put this through a realistic and real world as if it was in a telecoms own production network, what did that would actually look like, and what it would take to bring it back up as well. So our responsibility is to make sure that when we when we provide these products to the customers that not only do they work exactly as their intended to, but there is also documentation to help support them and to enable them to have their exact specifications met by as well. >> Got it. So talk about a little bit about OTEL expansion into Cork. What you guys are doing together to enable CSPs here in EMEA? >> Yeah, so the reason why we opened up a facility in Cork Island was to give, for an EMEA audience, for an EMEA CSPs and ability to look and feel and touch some of the products that we're working on. It also just facilitates and ease especially for European-based partners to have a chance to very easily come to a lab environment. The difference though, honestly, is the between Round Rock, Texas and Cork Island is that it's virtually an extension of the same thing. Like the physical locations can make it easier to provide access and obviously to showcase the products that we've developed with partners. But the reality is that it's more than just the physical location. It's more about the ability and ease by which customers and partners can access the labs. >> So we should be expecting a lot of Tito's vodka to be consumed in Cork at some point. Might change the national beverage. >> We do need to have some international exchange. >> Yeah, no, that's good to know. Odded, on the VMware side of things. There's a large group of folks who have VMware skillsets. >> Odded: Correct. >> The telecom industry is moving into this world of the kind of agility that those folks are familiar with. How do people come out of the traditional VMware virtualization world and move into that world of cloud native applications and serve the telecom space? What would your recommendation be? If you were speaking at a VMUG, a VMware Users Group meeting with all of your telecom background, what would you share with them that's critical to understand about how telecom is different, or how telecom's spot in its evolution might be different than the traditional IT space? >> So we're talking about the people with the knowledge and the background of. >> Yeah, I'm a V expert, let's say. And I'm looking into the future and I hear that there are 80,000 people in Barcelona at this event, and I hear that Dell is building optimized infrastructure specifically for telecom, and that VMware is involved. And I'm an expert in VMware and I want to be involved. What do I need to do? I know it's a little bit outside of the box question, but especially against the backdrop of economic headwinds globally, there are a lot of people facing transitions. What are your thoughts there? >> So, first of all, we understand the telco requirements, we understand the telco needs, and we make sure that what we learn from the customers, what we learn from the partners is being built into the VMware products. And simplicity is number one thing that is important for us. We want the customer experience, we want the user experience to be the same as they know even though we are transitioning into cloud native networks that require more frequent upgrades and they have more complexity to be honest. And what we do in our vertical inside VMware we are focusing on automation, telco cloud automation, telco cloud service assurance. Think of it as a wrapper around the SDDC stack that we have from VMware that really simplifies the operations for the telcos because it's really a challenge about skillset. You need to be a DevOps, SRE in order to operate these networks. And things are becoming really complex. We simplify it for them with the same VMware experience. We have a very good ability to do that. We sell products in VMware. Unlike our competition that is mostly selling professional services and support, we try to focus more on the products and delivering the value. Of course, we have services offering because telcos requires some customizations, but we do focus on automation simplicity throughout our staff. >> So just follow up. So in other words the investment in education in this VMware ecosystem absolutely can be extended and applied into the telecom world. I think it's an important thing. >> I was going to add to that. Our engagement in OTEL was also something that we created a solutions brief whether we released from Mobile World Congress this week. But in conjunction with that, we also have a white paper coming out that has a much more expansive explanation and documentation of what it was that we accomplished in the work that we've done together. And that's not something that is going to be a one-off thing. This is something that will stay evergreen that we'll continue to expand both the testing scope as well as the documentation for what this solution looks like and how it can be used as well as documentation on for the V experts for how they can then leverage and realize the the potential for what we're creating together. >> Jared, does Dell look at OTEL as having the potential to facilitate the continued evolution of the actual telco industry? And if so, how? >> Well, I mean, it would be a horrible answer if I were to say no to that. >> Right. >> I think, I honestly believe that one of the most difficult things about this idea of having desired ecosystem is not just trying to put it back together, but then also how to give yourself choice. So each time that you build one of those solution sets like that exists as an island out of all the other possibilities that comes with it. And OTEL seeks to not just be able to facilitate building that first solution set. Like that's what solutions engineering can do. And that's generally done relatively protected and internally. The Open Telecom Ecosystem seeks to build that then to also provide the ability to very easily change specific components of that whether that's a hardware component, a NIC, whether a security pass just came out or a change in either TCP or TCA or we talked a little bit about for this specific engagement that it was done on TCP 2.5. >> Odded: Correct. >> Obviously there's already a 2.7 and 3.0 is coming out. It's not like we're going to sit around and write our coattails of what 2.7 has happened. So this isn't intended to be a one and done thing. So when we talk about trying to make that easier and simpler and de-risk all of the risk that comes from trying to put all these things together, it's not just the the one single solution that you built in the lab. It's what's the next one? And how do I optimize this? And I have specific requirements as a CSP, how can I take something you built that doesn't quite match it, but how do I make that adjustment? So that's what we see to do and make it as easy and as painless as possible. >> What's the engagement model with CSPs? Is it led by Dell only, VMware partner? How does that work? >> Yeah, I can take that. So that depends on the customer, but typically customers they want to choose the cloud vendor. So they come to VMware, we want VMware. Typically, they come from the IT side. They said, "Oh, we want to manage the network side of the house the same way as we manage the IT. We don't want to have special skill sets, special teams." So they move from the IT to the network side and they want VMware there. And then obviously they have an RSP process and they have hardware choices. They can go with Dell, they can go with others. We leverage vSphere, other compatibility. So we can be flexible with the customer choice. And then depending on which customer, how large they are, they select the network equipment provider that the runs on top. We position our platform as multi-vendor. So many of them choose multiple network functions providers. So we work with Dell. So assuming that the customer is choosing Dell. We work very closely with them, offering the best solution for the customer. We work with them sometimes to even design the boxes to make sure that it fits their use cases and to make sure that it works properly. So we have a partnership validation certification end-to-end from the applications all the way down to the hardware. >> It's a fascinating place in history to be right now with 5G. Something that a lot of consumers sort of assume. It's like, "Oh, hey, yeah, we're already there. What's the 6G thing going to look like?" Well, wait a minute, we're just at the beginning stages. And so you talk about disaggregation, re-aggregation, or reintegration, the importance of that. Folks like Dell have experience in that space. Folks at VMware have a lot of experience in the virtualization space, but I heard that VMware is being acquired by Broadcom, if it all goes through, of course. You don't need to comment on it. But you mentioned something, SDDC, software-defined data center. That stack is sometimes misunderstood by the public at large and maybe the folks in the EU, I will editorialize for a moment here. It is eliminating capture in a way by larger hyperscale cloud providers. It absolutely introduces more competition into the market space. So it's interesting to hear Broadcom acknowledging that this is part of the future of VMware, no matter what else happens. These capabilities that spill into the telecom space are something that they say they're going to embrace and extend. I think that's important for anyone who's evaluating this if they're concern. Well, wait a minute. Yeah, when I reintegrate, do I want VMware as part of this mix? Is that an unknown? It's pretty clear that that's something that is part of the future of VMware moving forward. That's my personal opinion based on analysis. But you brought up SDDC, so I wanted to mention that. Again, I'm not going to ask you to get into trouble on that at all. What should we be, from a broad perspective, are there any services, outcomes that are going to come out of all of this work? The agility that's being built by you folks and folks in the open world. Are there any specific things that you personally are excited about? Or when we think about consumer devices, getting data, what are the other kinds of things that this facilitates? Anything cool, either one of you. >> So specific use cases? >> Yeah, anything. It's got to be cool though. If it's not cool we're going to ask you to leave. >> All right. I'll take that challenge. (laughs) I think one of the things that is interesting for something like OTEL as an exist, as being an Open Telecom Ecosystem, there are going to be some CSPs that it's very difficult for them to have this optionality existing for themselves. Especially when you start talking about tailoring it for specific CSPs and their needs. One of the things that becomes much more available to some of the smaller CSPs is the ability to leverage OTEL and basically act as one of their pre-production labs. So this would be something that would be very specific to a customer and we would obviously make sure that it's completely isolated but the intention there would be that it would open up the ability for what would normally take a much longer time period for them to receive some of the benefits of some of the changes that are happening within the industry. But they would have immediate benefit by leveraging specifically looking OTEL to provide them some of their solutions. And I know that you were also looking for specific use cases out of it, but like that's a huge deal for a lot of CSPs around the world that don't have the ability to lay out all the different permutations that they are most interested in and start to put each one of those through a test cycle. A specific use cases for what this looks like is honestly the most exciting that I've seen for right now is on the private 5G networks. Specifically within mining industry, we have a, sorry for the audience, but we have a demo at our booth that starts to lay out exactly how it was deployed and kind of the AB of what this looked like before the world of private 5G for this mining company and what it looks like afterwards. And the ability for both safety, as well as operational costs, as well as their ability to obviously do their job better is night and day. It completely opened up a very analog system and opened up to a very digitalized system. And I would be remiss, I didn't also mention OpenBrew, which is also an example in our booth. >> We saw it last night in action. >> We saw it. >> I hope you did. So OpenBrew is small brewery in Northeast America and we basically took a very manual process of checking temperature and pressure on multiple different tanks along the entire brewing process and digitized everything for them. All of that was enabled by a private 5G deployment that's built on Dell hardware. >> You asked for cool. I think we got it. >> Yeah, it's cool. >> Jared: I think beer. >> Cool brew, yes. >> Root beer, I think is trump card there. >> At least for folks from North America, we like our brew cool. >> Exactly. Guys, thank you so much for joining Dave and me talking about what Dell, OTEL, and VMware are doing together, what you're enabling CSPs to do and achieve. We appreciate your time and your insights. >> Absolutely. >> Thank you. >> All right, our pleasure. For our guests and for Dave Nicholson, I'm Lisa Martin. You watching theCUBE live from MWC '23. Day three of our coverage continues right after a short break. (upbeat music)

>>Hello everyone. Welcome to the Super Cloud Event preview. I'm John Forry, host of the Cube, and with Dave Valante, host of the popular Super cloud events. This is Super Cloud two preview. I'm joined by industry leader and Cube alumni, Victoria Vigo, vice president of klos Cross Cloud Services at VMware. Vittorio. Great to see you. We're here for the preview of Super Cloud two on January 17th, virtual event, live stage performance, but streamed out to the audience virtually. We're gonna do a preview. Thanks for coming in. >>My pleasure. Always glad to be here. >>It's holiday time. We had the first super cloud on in August prior to VMware, explore North America prior to VMware, explore Europe prior to reinvent. We've been through that, but right now, super Cloud has got momentum. Super Cloud two has got some success. Before we dig into it, let's take a step back and set the table. What is Super Cloud and why is important? Why are people buzzing about it? Why is it a thing? >>Look, we have been in the cloud now for like 10, 15 years and the cloud is going strong and I, I would say that going cloud first was deliberate and strategic in most cases. In some cases the, the developer was going for the path of risk resistance, but in any sizable company, this caused the companies to end up in a multi-cloud world where 85% of the companies out there use two or multiple clouds. And with that comes what we call cloud chaos, because each cloud brings their own management tools, development tools, security. And so that increase the complexity and cost. And so we believe that it's time to usher a new era in cloud computing, which we, you call the super cloud. We call it cross cloud services, which allows our customers to have a single way to build, manage, secure, and access any application across any cloud. Lowering the cost and simplifying the environment. Since >>Dave Ante and I introduced and rift on the concept of Supercloud, as we talked about at reinvent last year, a lot has happened. Supercloud one, it was in August, but prior to that, great momentum in the industry. Great conversation. People are loving it, they're hating it, which means it's got some traction. Berkeley has come on board as with a position paper. They're kind of endorsing it. They call it something different. You call it cross cloud services, whatever it is. It's kind of the same theme we're seeing. And so the industry has recognized something is happening that's different than what Cloud one was or the first generation of cloud. Now we have something different. This Super Cloud two in January. This event has traction with practitioners, customers, big name brands, Sachs, fifth Avenue, Warner, media Financial, mercury Financial, other big names are here. They're leaning in. They're excited. Why the traction in the customer's industry converts over to, to the customer traction. Why is it happening? You, you get a lot of data. >>Well, in, in Super Cloud one, it was a vendor fest, right? But these vendors are smart people that get their vision from where, from the customers. This, this stuff doesn't happen in a vacuum. We all talk to customers and we tend to lean on the early adopters and the early adopters of the cloud are the ones that are telling us, we now are in a place where the complexity is too much. The cost is ballooning. We're going towards slow down potentially in the economy. We need to get better economics out of, of our cloud. And so every single customers I talked to today, or any sizable company as this problem, the developers have gone off, built all these applications, and now the business is coming to the operators and asking, where are my applications? Are they performing? What is the security posture? And how do we do compliance? And so now they're realizing we need to do something about this or it is gonna be unmanageable. >>I wanna go to a clip I pulled out from the, our video data lake and the cube. If we can go to that clip, it's Chuck Whitten Dell at a keynote. He was talking about what he calls multi-cloud by default, not by design. This is a state of the, of the industry. If we're gonna roll that clip, and I wanna get your reaction to that. >>Well, look, customers have woken up with multiple clouds, you know, multiple public clouds. On-premise clouds increasingly as the edge becomes much more a reality for customers clouds at the edge. And so that's what we mean by multi-cloud by default. It's not yet been designed strategically. I think our argument yesterday was it can be, and it should be, it is a very logical place for architecture to land because ultimately customers want the innovation across all of the hyperscale public clouds. They will see workloads and use cases where they wanna maintain an on-premise cloud. On-premise clouds are not going away. I mentioned edge Cloud, so it should be strategic. It's just not today. It doesn't work particularly well today. So when we say multi-cloud, by default we mean that's the state of the world. Today, our goal is to bring multi-cloud by design, as you heard. Yeah, I >>Mean, I, okay, Vittorio, that's, that's the head of Dell Technologies president. He obvious he runs it. Michael Dell's still around, but you know, he's the leader. This is a interesting observation. You know, he's not a customer. We have some customer equips we'll go to as well, but by default it kind of happened not by design. So we're now kind of in a zoom out issue where, okay, I got this environment just landed on me. What, what is the, what's your reaction to that clip of how multi-cloud has become present in, in everyone's on everyone's plate right now to deal with? Yeah, >>I it is, it is multi-cloud by default, I would call it by accident. We, we really got there by accident. I think now it's time to make it a strategic asset because look, we're using multiple cloud for a reason, because all these hyperscaler bring tremendous innovation that we want to leverage. But I strongly believe that in it, especially history repeat itself, right? And so if you look at the history of it, as was always when a new level of obstruction that simplify things, that we got the next level of innovation at the lower cost, you know, from going from c plus plus to Visual basic, going from integrating application at the bits of by layer to SOA and then web services. It's, it's only when we simplify the environment that we can go faster and lower cost. And the multi-cloud is ready for that level of obstruction today. >>You know, you've made some good points. You know, developers went crazy building great apps. Now they got, they gotta roll it out and operationalize it globally. A lot of compliance issues going on. The costs are going up. We got an economic challenge, but also agility with the cloud. So using cloud and or hybrid, you can get better agility. And also moving to the cloud, it's kind of still slow. Okay, so I get that at reinvent this year and at VMware explorer we were observing and we reported that you're seeing a transition to a new kind of ecosystem partner. Ones that aren't just ISVs anymore. You have ISVs, independent software vendors, but you got the emergence of bigger players that just, they got platforms, they have their own ecosystems. So you're seeing ecosystems on top of ecosystems where, you know, MongoDB CEO and the Databricks CEO both told me, we're not an isv, we're a platform built on a cloud. So this new kind of super cloudlike thing is going on. Why should someone pay attention to the super cloud movement? We're on two, we're gonna continue to do these out in the open. Anyone can participate. Why should people pay attention to this? Why should they come to the event? Why is this important? Is this truly an inflection point? And if they do pay attention, what should they pay attention to? >>I would pay attention to two things. If you are customers that are now starting to realize that you have a multi-cloud problem and the costs are getting outta control, look at what the leading vendors are saying, connect the dots with the early adopters and some of the customers that we are gonna have at Super Cloud two, and use those learning to not fall into the same trap. So I, I'll give you an example. I was talking to a Fortune 50 in Europe in my latest trip, and this is an a CIO that is telling me >>We build all these applications and now for compliance reason, the business is coming to me, I don't even know where they are, right? And so what I was telling him, so look, there are other customers that are already there. What did they do? They built a platform engineering team. What is the platform? Engineering team is a, is an operation team that understands how developers build modern applications and lays down the foundation across multiple clouds. So the developers can be developers and do their thing, which is writing code. But now you as a cio, as a, as a, as a governing body, as a security team can have the guardrail. So do you know that these applications are performing at a lower cost and are secure and compliant? >>Patura, you know, it's really encouraging and, and love to get your thoughts on this is one is the general consensus of industry leaders. I talked to like yourself in the round is the old way was soft complexity with more complexity. The cloud demand simplicity, you mentioned abstraction layer. This is our next inflection point. It's gotta be simpler and it's gotta be easy and it's gotta be performant. That's the table stakes of the cloud. What's your thoughts on this next wave of simplicity versus complexity? Because again, abstraction layers take away complexity, they should make it simpler. What's your thoughts? >>Yeah, so I'll give you few examples. One, on the development side and runtime. You, you one would think that Kubernetes will solve all the problems you have Kubernetes everywhere, just look at, but every cloud has a different distribution of Kubernetes, right? So for example, at VMware with tansu, we create a single place that allows you to deploy that any Kubernetes environment. But now you have one place to set your policies. We take care of the differences between this, this system. The second area is management, right? So once you have all everything deployed, how do you get a single object model that tells you where your stuff is and how it's performing, and then apply policies to it as well. So these are two areas and security and so on and so forth. So the idea is that figure out what you can abstract and make common across cloud. Make that simple and put it in one place while always allowing the developers to go underneath and use the differentiated features for innovation. >>Yeah, one of the areas I'm excited, I want to get your thoughts of too is, we haven't talked about this in the past, but it, I'll throw it out there. I think the, the new AI coming out chat, G P T and other things like lens, you see it and see new kinds of AI coming that's gonna be right in the heavy lifting opportunity to make things easier with AI and automation. I think AI will be a big factor in super cloud and, and cross cloud. What's your thoughts? >>Well, the one way to look at AI is, is one of the main, main services that you would want out of a multi-cloud, right? You want eventually, right now Google seems to have an edge, but you know, the competition creates, you know, innovation. So later on you wanna use something from Azure or from or from Oracle or something that, so you want at some point that is gonna be prone every single service in in the cloud is gonna be prone to obstruction and simplification. And I, I'm just excited about to see >>What book, I can't wait for the chat services to write code automatically for us. Well, >>They >>Do, they do. They're doing it now. They do. >>Oh, the other day, somebody, you know that I do this song par this for. So for fun sometimes. And somebody the other day said, ask the AI to write a parody song for multi-cloud. And so I have the lyrics stay >>Tuned. I should do that from my blog post. Hey, write a blog post on this January 17th, Victoria, thanks for coming in, sharing the preview bottom line. Why should people come? Why is it important? What's your final kind of takeaway? Billboard message >>History is repeat itself. It goes to three major inflection points, right? We had the inflection point with the cloud and the people that got left behind, they were not as competitive as the people that got on top o of this wave. The new wave is the super cloud, what we call cross cloud services. So if you are a customer that is experiencing this problem today, tune in to to hear from other customers in, in your same space. If you are behind, tune in to avoid the, the, the, the mistakes and the, the shortfalls of this new wave. And so that you can use multi-cloud to accelerate your business and kick butt in the future. >>All right. Kicking kick your names and kicking butt. Okay, we're here on J January 17th. Super Cloud two. Momentum continues. We'll be super cloud three. There'll be super cloud floor. More and more open conversations. Join the community, join the conversation. It's open. We want more voices. We want more, more industry. We want more customers. It's happening. A lot of momentum. Victoria, thank you for your time. Thank you. Okay. I'm John Farer, host of the Cube. Thanks for watching.

the cube presents ignite 22. brought to you by Palo Alto Networks hey guys and girls welcome back to Las Vegas it's thecube we are live at Palo Alto networks ignite 22. this is day one of two days of cube coverage Lisa Martin here with Dave vellante Dave we've had great conversations today talking with Executives the partner ecosystem is evolving it's growing at Palo Alto networks going to be digging into that next well we heard a lot of talk about you know Palo Alto you know the goal 100 billion dollar you know market cap company and to me a way and I think a critical way in which you get there is partner with the ecosystem because you can't do it alone the power of many versus the resources of one agree completely agree we've got Carl Sutherland with us SVP of North America ecosystem sales at Palo Alto networks welcome to the cube thanks so much for having me it's great being here so here we are the first full day of the conference actually started yesterday with the partner Summit give the audience a flavor of the partner Summit who was there what was talked about what's the current voice of the partner these days yeah great questions so we had a 150 Partners from around the globe representing all of our different routes to Market and for us our partner Community is expanding we work with system integrators we work with gsis we work with service providers Distributors traditional value-added resellers so it was a whole host of partners that were there it was a c-level audience and we really talked about the direction of where we're going as a company how they can continue to invest with us and have greater success long term and so from a voice of the partner standpoint what they're here to do is share with us where they want to engage more how we can enable them to be successful you talked about the Power of One Versus a community we're really looking at a segment of the marketplace right now for us to scale and hit our aspirational goals we can't do it with Palo Alto Network employees we have an employee base of 12 000 people if you take our ecosystem it's over a hundred thousand employees so if we can get them aligned and selling and motivated it's going to be a good day for all of us what so what are they telling you where do they want to spend their time where do they want to add value where are they winning yeah that's a great question so there's a transformation that's going on right now in the partner Community what's happening is a lot of Partners going that are transitioning from what would be traditional transactional Partners or resale Partners to being services-led and the Market's driving them there and what I mean by that is that customers are in a desperate dire State needing assistance figuring out and solving these very complex security problems so if there is a subset of Partners out there that have the skill set and capabilities that can come in from a consultative standpoint help them to develop the structure through deployment a full-blown management and do life cycle management that's a tremendous value I mean the numbers you hear thrown around in the industry right now is up to seven million uh security I.T jobs right now that are out there the open head count is tremendous people can't hire people fast enough all of us in the industry are going through and trying to find early in career or college graduates so we can train quickly or cross-train from other segments to get them into cyber security so if our part of the community can continue to get skilled and expand it's only going to help and the cloud is obviously where does the cloud fit in Carl because you know a lot of the partners when the clouds really start on the Steep part of the s-curve are like we have an opportunity here and by the way if we don't transition our business we could get commoditized yes so that you know that but you were talking about the transactional we can help people move to the cloud and a big part of that has got to be we can secure them in the cloud because it's a more in a lot of ways you know Cloud security is great but in a lot of ways it adds complexity what are you hearing from the party yeah so we are fortunate at Palo Alto networks when you look across the three loud largest cloud service provider from a Google AWS and Microsoft Azure we're either their number one isv or absolutely their number one security ISP so we've got a great uh relationships with them now our partners are coming along and saying how do we transact how do we add value a lot of times that value to your question is wrapping services around it to make sure it's a successful deployment because exactly what you stated the complexity is an all-time high so how do we make sure that we can solve a complex problem in a short term while increasing their security posture and that's really the goal and so where there there's sometimes complexity and mystery there's opportunity and partners can be profitable in doing that I wrote a piece once chaos is cash I have a security you know the criminals and vendors as well yes yes where there is is challenge and complexity there is great opportunity yeah talk about some of the partner program Evolution and some of the things that were announced with respect to the next wave program just yesterday yeah so at next wave um the program's been around for 12 years we constantly are looking to make enhancements and how we make those enhancements are by going out and speaking with these partners and listening to what they need so I have the honor to get to represent what their needs are and how we bring it to market for them so a couple interesting announcements that we made yesterday first of all we announced a new structural format for the program which is really going to allow our different route to markets to have a program that's fit for them because in the past when we were just traditionally a firewall company when the ecosystem just meant resale it was an easy model to have it's complex right now sometimes it's resale sometimes it's influence sometimes its services only we really need to be flexible and credible so we announced a Services only path so if you are a consulting company if you are a insurance company and you want to bring opportunities and leads to Palo Alto Network and you want to provide the services if you're not interested in the transaction you don't want to get involved in that we now have a pathway for you to support you to enable you and Kennedy to give you recognition within Palo Alto networks from an alignment standpoint so we're super excited about that uh as I know you guys speak quite a bit about the managed Services industry so it's a red hot area within Palo Alto networks one of the needs out there was that all not all managed Service Partners are created equally and so some have fantastic capabilities some have gaps we were calling it a P2P part of the partner program within managed services so our two managed Services Partners can actually work together to solve the problem that the end user has and give them a better outcome and fill each other's gaps so candidly it's been going on for a while the partnering but we've never really recognized it so we really built a program around it and now are sponsoring and supporting it versus people doing it on a sidebar so those guys were here in force yesterday yes sir right and and so obviously a lot of energy I'm sure do you see a day where they're here in force on the show floor yeah and and how do you see that evolving so they are here enforcement just right here you see a few of them I'm looking at AWS who's our you know we are their largest isv I'm looking at CDW we had them on the floor is our if not largest second largest partner globally right now and continuing to grow at a rate well they will probably be our first billion dollar partner to think about the size and scale of that relationship and where we've come from um their name CDW don't they never really thought of CDW right as a as a security firm wow what a transformation but please carry on and think about that let's talk about CDW saying think about reach that CDW has it's a 23 billion dollar organization and in a way an inside out sales model meaning there's a tremendous reach they have from their inside sales team and the relationships that they have traditionally historically they were procurement relationships in a way and I said this to the CDW team they were the easy button in the past now what they're doing is they made Seven Acquisitions over the last two years all of them Services oriented so now they're coming in as a consultative Viewpoint and solving a lot of complex problems and I see Google Cloud right here another great partner for us that we continue to invest in we have a great amount of integration and Technology integration with them and so and those are the three that I'm seeing just looking over my left shoulder right if I turn around I'll probably name five more so the majority of this room are the partners that fall within our ecosystem today fantastic so okay so what's your vision for where you want to take this ecosystem because as I said at the top I mean ecosystems are sort of the Hallmark of a I guess you're not a cloud company see I think you of you as a cloud company and so okay good so and I know you don't own your own public cloud and you know your history is you had your own data centers but yeah but you're the security Cloud yeah and so a security Cloud any Cloud needs a great ecosystem so what's your vision for the ecosystem let's go you know five plus years out sure you we start with the end in mind and what I mean by that is we always start with the end user what's the end user's needs the end user today needs flexibility with how they consume the technology they need help in how they support and deploy the technology they need guidance in how they plan out for their future and what their growth is so what we're doing is building a very diverse set of Partners in our ecosystem that all have special skills that they bring to the table so when nikesh sits up here and talks about being a 10 billion or a 20 billion or a 50 billion dollar company we absolutely cannot do it without our ecosystem and without having a very diverse ecosystem that all has different skills that can help us scale because again Palo Alto does not want to be a services company right let's work with the people who are the best at that when we think about the deloittees and accentures and the value they have within the end user base and our joint customer base what a fantastic time to to partner together and solve those boardroom challenges and that's where I really see the vision is that at the boardroom we're building out a plan that's three to five years that's going to continue to increase their security posture because we're not thinking if we're not forward thinking like that will be left behind because the Bad actors are thinking about how they find the different areas to penetrate they're getting so sophisticated the badocracy adversaries they are well funded they're motivated Grant the ransomware attack numbers in terms of the Velocity the complexity yes no longer are we going to get if it's when yeah uh big challenge for organizations Acro across I mean really across an organization regardless of Industry are you guys having any conversations with boards in the partner organization to help align the board with the executive level and really not just have security as a board level initiative but actually being able to execute a strategy yeah and you you nailed it it's not an initiative the initiative to me means there's a beginning and an end right a strategy means there's going to be a comprehensive approach how you continue to improve and we are very fortunate that a lot of our largest Partners around the globe have that position within the boards where they are the trusted advisor so what we're doing now is enabling them and giving them the skills so they can have a more comprehensive conversation around our platform approach around the challenges you know BJ I knew who was with you earlier today likes to say that the average customer he goes and sees has 50 to 70 disparate Technologies within their environment how do you manage that how do you maintain it how do you do renewals oh and by the way most likely the people who actually initially procured that aren't with you anymore they're in a different company so the need for a platform approach is there more so than ever but the decision for the platform quite often has to come from the most senior levels within the organization because again I'm going to go back to your what was your chaos line that you said chaos is Cash chaos is Cash well also chaos is job security so if you're at at the lower level within an organization that chaos and that magic gives you a little job security but that's a short term long term you really need to think about how you're protecting the environment holistically so it is a boardroom decision down that we need to have and you know that chaos the the motivation for that piece that I wrote was from the criminals standpoint right and then I was like okay but there's great opportunities for the technology industry but but I think that you know where we're headed I wonder if I get your thoughts on thoughts on this Carlos we always talk about the Board Room I think we're going now Beyond it here I am you know I'm hypersensitive about my security I got password managers two-factor authentication I don't want SMS based two-factor authentication I want my own authenticator and that's still not enough yeah I got air gaps yeah you know for my crypto you know and I'm super paranoid my point is I think the the individuals are getting much more Savvy about security why because we've all been hacked you know it's like when you lost your data in the because you weren't backed up you know that never happens anymore it's in the cloud or you know some people have multiple backups so it's it's becoming a cultural Trend beyond the board and it's because of the board lord said hey this is really important and so I think it's not only top down I think you're going to see bottom up and middle out and the exciting part for Palo Alto networks is and maybe for you as well is there any more exciting environment to talk about that's rapidly changing and constantly changing you could come back next week and our conversation is going to change as far as what we're doing we constantly need to be thinking three steps ahead of where we're going to move and be flexible and dynamic enough to change and that's what's going to keep us ahead of the economy yeah there's no segment as Dynamic I mean data is dynamic but not as fast changing as cyber I mean because of the adversary as you mentioned I mean so smart so now now they have open adversary ecosystems I mean the adversaries are building ecosystems right absolutely insane I've got peers that are bad guys yeah right right chaos is Cash what's your favorite partner story that you think really demonstrates the value of the ecosystem that Palo Alto networks has built yeah so without sharing names I'll talk about a large U.S national partner that was very uh that was founded on a networking business and partnered with a very large networking company and built that business and was successful doing that they wanted to Pivot into the security space and very early on they made a commitment to Paulo and Ulta networks to say we're going to learn we're going to invest we're going to align with your sales force and we're going to work together and right now they are our largest partner globally and they grew 70 year over year wow so think about that this is not on a small base we're talking about a half a billion dollars in Revenue growing at 70 year over year because to your point earlier it wasn't an initiative it was a strategy and they're executing on the strategy so I tell a lot of we call War Stories like that to other partners that are looking to invest from different markets it could be a large service provider that's you know trying to transform themselves into a security player and talk about the potential of what it could be in for their Marketplace and by the way I say publicly quite often Palo Alto networks will be your most profitable relationship that you have because of the total addressable Market that we're going after because of the solutions that we bring to Market and because of the opportunity within the end users right now and we're excited I want to come back to the mssp in that in its context so we've seen the rise of the mssp and particularly you know we were talking earlier I think it was with Wendy that uh no it was with CDW like 50 of the organizations in North America don't even have a sock yeah right so they need a service provider to come out so you said we you don't want to be in the services business right you're a product company right and that's from a financial standpoint that's phenomenal you're roughly 50 billion dollar market cap company let's let's call it six billion in Revenue so that's a nice Revenue multiple 8X you know and and and the Market's down so you're a 10x Revenue multiple company typically services companies are a 1x or a 2X are you seeing a change there where technology is giving these service providers operating leverage where they're able to scale whether it's because of the cloud because of the Partnerships the Eco would you call it before the the peer-to-peer ecosystem yes like the Gap fillers yes are you do you see the economics of services changing yeah from a baseline economic standpoint not looking at the valuations but let's look at it from a an opportunity to be profitable with Palo Alto networks we know if you are just doing the transaction you have a certain range of margin that you're going to make in the opportunity we know if you wrap services around it you're going to get 3x to 4X that margin we know that if it's managed services and there's life cycle management you're talking 5x to 8X that initial transaction and by the way it's recurring revenue for them so when you think about it if you just do a transaction you're only recurring revenue is a renewal that's predictable but it's not extremely profitable now we're saying the operating leverage you get is if you wrap that services and you're going to have an increased opportunity for a greater margin and it's sticky it's hard to replace a partner who's adding value to your team and A lot of times you walk in the end user you can't tell who the partner is and who the end user is because they are one team that's value yes and that's going to drive ebit yep for your partners and that's going to drive valuation you know you know I want to come back to valuation not that I'm not you can do that okay but because I was I predicted I do my prediction post every year and I predicted last year that we're going to see you know a Spate of MSS mssps I predicted you're going to see someone go public nobody's going public these days but I still think it's a great business yeah that's an untapped opportunity it's not an 8X or it's not a software marginal economics or but it's really sticky super high value yeah and I think it has you know long-term potential yeah to your point if you want to talk valuations for a second let's look at what's happened to the marketplace over the last 12 to 18 months the large majority of the non-public partners that we work with have taken on Capital from private Equity the private Equity that has come in has challenged them to go through a transformation that transformation is you we need you to be Services LED and that service is value because they believe there's going to is going to be a great greater evaluation from that end and they'll be able to scale and grow and stay ahead of the market doing that so when we have conversations when I have conversations yes I'm talking about the technology and the direction of the company but I'm also in there as a consultant saying where's the direction of your company and how do we have this great platform and how do we build it into your business and you wrap services around it and those are the conversations that CEOs want to have when I'm sitting down with our partner CEOs I bet they don't want to talk about our product being better than someone else's product they want to talk about the direction and health of their business yeah it's their business that's a business discussion business decision and they're thinking about okay what's my five-year strategic plan because they got to make bets yeah they're going to bet on a platform that they can add value to that creates that flywheel effect and they get a bet on your ecosystem as well correct oh correct absolutely good to be the leader it's good to be a leader and you know I'm sure as you've heard a few times we believe that economic headwinds are going to favor the market leaders and economic headwinds are going to favor the platform approach so we're going in more aggressive with our partner Community than ever before and there's just so much energy and excitement I feel like I keep on using that term over and over again but that's really what we walk away with last question for you is we have about 30 seconds left a lot of momentum in the partner ecosystem as you've described eloquently what's next what's next what's next yeah so when I I rolled out the strategy for what's next and what it is is a foundational platform that is going to allow flexibility for the partners and for them to decide where they want to invest and it can be in new areas it can be I went online closer with the cloud service providers it could be I want to build a managed Services business can you help us do this it could be I want to go through and I want to drive greater penetration into geographical areas we haven't been before so again we're almost acting as a consultant looking at what they're going from the direction and building a program and a platform where we can grow and work with them it's exciting it's fun it's great highly collaborative highly collaborative highly collaborative thank you for joining us on the program on the partner program the ecosystem Better Together what you guys are doing and ultimately how it benefits the end user customer we really appreciate your insights excellent thank you thank you so much appreciate it all right our pleasure for our guests and Dave vellante I'm Lisa Martin you're watching the cube the leader in live Enterprise and emerging Tech coverage [Music]

(upbeat techno music) >> Hello, everyone. Welcome to theCUBE here live in Detroit for KubeCon + CloudNativeCon 2022. I'm John Furrier, host of theCUBE. This is our seventh consecutive KubeCon + CloudNativeCon. Since inception, theCube's been there every year. And of course, theCUBE continues to grow. So does the community as well as our host roster. I'm here with my co-host, Lisa Martin. Lisa, great to see you. And our new theCube host, Savannah Peterson. Savannah, welcome to theCUBE. >> Thanks, John. >> Welcome. >> Welcome to the team. >> Thanks, team. It's so wonderful to be here. I met you all last KubeCon and to be sitting on this stage in your company is honestly an honor. >> Well, great to have you. Lisa and I have done a lot of shows together and it's great to have more cadence around. You know, more fluid around the content, and also the people. And I would like you to take a minute to tell people your background. You know the community here. What's the roots? You know the Cloud Native world pretty well. >> I know it as well as someone my age can. As we know, the tools and the tech is always changing. So hello, everyone. I'm Savannah Peterson. You can find me on the internet @SavIsSavvy. Would love to hear from you during the show. Big fan of this space and very passionate about DevOps. I've been working in the Silicon Valley and the Silicon Alley for a long time, helping companies scale internationally as a community builder as well as a international public speaker. And honestly, this is just such a fun evolution for my career and I'm grateful to be here with you both. >> We're looking forward to having you on theCUBE. Appreciate it. Lisa? >> Yes. >> KubeCon. Amazing again this year. Just keeps growing bigger and bigger. >> Yes. >> Keynote review, you were in there. >> Yup. >> I had a chance to peek in a little bit, but you were there and got most of the news. What was the action? >> You know, the action was really a big focus around the maintainers, what they're doing, giving them the props and the kudos and the support that they deserve. Not just physically, but mentally as well. That was a really big focus. It was also a big focus on mentoring and really encouraging more people- >> Love that. >> I did, too. I thought that was fantastic to get involved to help others. And then they showed some folks that had great experiences, really kind of growing up within the community. Probably half of the keynote focus this morning was on that. And then looking at some of the other projects that have graduated from CNCF, some of these successful projects, what they're doing, what folks are doing. Cruise, one of the ones that was featured. You've probably seen their driverless cars around San Francisco. So it was great to see that, the successes that they've had and where that's going. >> Yeah. Lisa, we've done how many shows? Hundreds of shows together. When you see a show like this grow and continue to mature, what's your observation? You've seen many shows we've hosted together. What jumps out this year? Is it just that level of maturization? What's your take on this? >> The maturization of the community and the collaboration of the community. I think those two things jumped out at me even more than last year. Last year, obviously a little bit smaller event in North America. It was Los Angeles. This year you got a much stronger sense of the community, the support that they have for each other. There were a lot of standing ovations particularly when the community came out and talked about what they were doing in Ukraine to support fellow community members in Ukraine and also to support other Ukrainians in terms of getting in to tech. Lot of standing ovations. Lot of- >> Savannah: Love that, yeah. >> Real authenticity around the community. >> Yeah, Savannah, we talked on our intro prior to the event about how inclusive this community is. They are really all in on inclusivity. And the Ukraine highlight, this community is together and they're open. They're open to everybody. >> Absolutely. >> And they're also focused on growing the educational knowledge. >> Yeah, I think there's a real celebration of curiosity within this community that we don't find in certain other sectors. And we saw it at dinner last night. I mean, I was struck just like you Lisa walking in today. The energy in that room is palpably different from last year. I saw on Twitter this morning, people are very excited. Many people, their first KubeCon. And I'm sure we're going to be feeding off of that, that kind of energy and that... Just a general enthusiasm and excitement to be here in Detroit all week. It's a treat. >> Yeah, I even saw Stu Miniman earlier, former theCube host. He's at Red Hat. We were talking on the way in and he made an observation I thought was interesting I'll bring up because this show, it's a lot "What is this show? What isn't this show?" And I think this show is about developers. What it isn't is not a business show. It's not about business. It's not about industry kind of posturing or marketing. All the heavy hitters on the dev side are here and you don't see the big execs. I mean, you got the CEOs of startups here but not the CEOs of the big public companies. We see the doers. So, I mean, I think my take is this show's about creating products for builders and creating products that people can consume. And I think that is the Cloud Native lanes that are starting to form. You're either creating something for builders to build stuff with or you're creating stuff that could be consumed. And that seems for applications. So the whole app side and services seem to be huge. >> They also did a great job this morning of showcasing some of the big companies that we all know and love. Spotify. Obviously, I don't think a day goes by where I don't turn on Spotify. And what it's done- >> Me neither. >> What it's done for the community... Same with Intuit, I'm a user of both. Intuit was given an End User Award this morning during the keynote for their contributions, what they're doing. But it was nice to see some just everyday companies, Cloud Native companies that we all know and love, and to understand their contributions to the community and how those contributions are affecting all of us as end users. >> Yeah, and I think those companies like Intuit... Argo's been popular, Arlo now new, seeing those services, and even enterprises are contributing. You know, Lyft is always here, popular with Envoy. The community isn't just vendors and that's the interesting thing. >> I think that's why it works. To me, this event is really about the celebration of developer relations. I mean, every DevRel from every single one of these companies is here. Like you said, in lieu of the executive, that's essentially who we're attracting. And if you look out over the show floor here, I mean, we've probably got, I don't know, three to four extra vendors that we had last year. It totally is a different tone. This community doesn't like to be sold to. This community likes to be collaborative. They like to learn and they like to help. And I think we see that within the ecosystem inside the room today. >> It's not a top down sales pitch. It's really consensus. >> No. >> Do it out in the open transparency. Don't sell me stuff. And I think the other thing I like about this community is that we're starting to see that... And then we've said this in theCube before. We'll say it again. Maybe be more controversial. Digital transformation is about the developer, right? And I think the power is going to shift in every company to the developer because if you take digital transformation to completion, everything happens the way it's happening, the company is the application. It's not IT who serves the organization- >> I love thinking about it like that. That's a great point, John. >> The old phase was IT was a department that served the business. Well, the business is IT now. So that means developer community is going to grow like crazy and they're going to be in the front lines driving all the change. In my opinion, you going to see this developer community grow like crazy and then the business side on industry will match up with that. I think that's what's going to happen. >> So, the developers are becoming the influencers? >> Developers are the power source for all companies. They're in charge. They're going to dictate terms to how businesses will run because that's going to be natural 'cause digital transformation's about the app and the business is the app. So that mean it has to be coded. So I think you're going to see a lot of innovation around app server-like experiences where the the apps are just being developed faster than the infrastructures enabling that completely invisible. And I think you're going to see this kind of architecture-less, I'll put it out there that term architecture-less, environment where you don't need an architecture. It's just you code away. >> Yeah, yeah. We saw GitHub's mentioned in the keynote this morning. And I mean, low code, no code. I think your fingers right on the pulse there. >> Yeah. What did you guys see? Anything else you see? >> I think just the overall... To your point, Savannah, the energy. Definitely higher than last year. When I saw those standing ovations, people really come in together around the sense of community and what they've accomplished especially in the last two plus years of being remote. They did a great job of involving a lot of folks, some of whom are going to be on the program with us this week that did remote parts of the keynote. One of our guests on today from Vitess was talking about the successes and the graduation of their program so that the sense of community, but also not just the sense of it, the actual demonstration of it was also quite palpable this morning, and I think that's something that I'm excited for us to hear about with our guests on the program this week. >> Yeah, and I think the big story coming out so far as the show starts is the developers are in charge. They're going to set the pace for all the ops, data ops, security ops, all operations. And then the co-located events that were held Monday and Tuesday prior to kickoff today. You saw WebAssembly's come out of the woodwork as it got a lot of attention. Two startups got funded heavily on Series A. You're starting to see that project really work well. That's going to be an additional to the container market. So, interesting to see how Docker reacts to that. Red Hat's doing great. ServiceMeshCon was phenomenal. I saw Solo.iOS got massive traction with those guys. So like Service Mesh, WebAssembly, you can start to see the dots connecting. You're starting to see this layer below Kubernetes and then a layer above Kubernetes developing. So I think it's going to be great for applications and great for the infrastructure. I think we'll see how it comes out and all these companies we have on here are all about faster, more integrated, some very, very interesting to see. So far, so good. >> You guys talked about in your highlight session last week or so. Excited to hear about the end users, the customer stories. That's what I'm interested in understanding as well. It's why it resonates with me when I see brands that I recognize. Well, I use it every day. How are they using containers and Kubernetes? How are they actually not just using it to deploy their app, their technologies, that we all expect are going to be up 24/7, but how are they also contributing to the development of it? So I'm really excited to hear those end users. >> We're going to have Lockheed Martin. And we wrote a story on SiliconANGLE, the Red Hat, Lockheed Martin, real innovation on the edge. You're starting to see educate with the edge. It's really the industrial edge coming to be big. It'd be very interesting to see. >> Absolutely, we got Ford Motor Company coming on as well. I always loved stories, Savannah, that are history of companies. Ford's been around since 1903. How is a company that- >> Well, we're in the home of Ford- as well here. >> We are. How they evolved digitally? What are they doing to enable the developers to be those influencers that John says? It's going to be them. >> They're a great example of a company that's always been on the forefront, too. I mean, they had a head of VRs 25 years ago when most people didn't even know what VR was going to stand for. So, I can't wait for that one. You tease the Docker interview coming up very well, John. I'm excited for that one. One last thing I want to bring up that I think is really refreshing and it's reflected right here on this stage is you talked about the inclusion. I think there's a real commitment to diversity here. You can see the diversity stats on CNCF's website. It's right there on KubeCon. At the bottom, there's a link in every email I've gotten highlighting that. We've got two women on this stage all week which is very exciting. And the opening keynote was a woman. So quite frankly, I am happy as a female in this industry to see a bit more representation. And I do appreciate just on the note of being inclusive, it's not just about gender or age, it's also about the way that CNCF thinks about your experience since we're in this kind of pandemic transitional period. They've got little pins. Last year, we had bracelets depending on your level of comfort. Equivocally like a stoplight which is... I just think it's really nice and sensitive and that attention to detail makes people feel comfortable. Which is why we have the community energy that we have. >> Yeah, and being 12 years in the business... With theCUBE, we've been 12 years in the business, seven years with KubeCon and Cloud Native, I really appreciate the Linux Foundation including me as I get older. (Lisa and Savannah laugh) >> Savannah: That's a good point. >> Ageism were, "Hey!" Thank you. >> There was a lot of representation. You talked about females and so often we go to shows and there's very few females. Some companies are excellent at it. But from an optics perspective, to me it stands out. There was great representation across. There was disabled people on stage, people of color, women, men of all ages. It was very well-orchestrated. >> On the demographic- >> And sincere. >> Yeah, yeah. >> And the demographics, too. On the age side, it's lower too. You're starting to see younger... I mean, high school, college representation. I saw a lot of college students last night. I saw on the agenda sessions targeting universities. I mean, I'm telling you this is reaching down. Open source now is so great. It's growing so fast. It's continuing to thunder away. And with success, it's just getting better and better. In fact, we were talking last night about at some point we might not have to write code. Just glue it together. And that's why I think the supply chain and security thing is an issue. But this is why it's so great. Anyone can code and I think there's a lot of learning to have. So, I think we'll continue to do our job to extract the signal from the noise. So, thanks for the kickoff. Good commentary. Thank you. All right. >> Of course. >> Let's get started. Day one of three days of live coverage here at KubeCon + CloudNativeCon. I'm John Furrier with Lisa Martin, and Savannah Peterson. Be back with more coverage starting right now. (gentle upbeat music)

(upbeat music) >> Hey guys, welcome back to the show floor of KubeCon + CloudNativeCon '22 North America from Detroit, Michigan. Lisa Martin here with John Furrier. This is day one, John at theCUBE's coverage. >> CUBE's coverage. >> theCUBE's coverage of KubeCon. Try saying that five times fast. Day one, we have three wall-to-wall days. We've been talking about Kubernetes, containers, adoption, cloud adoption, app modernization all morning. We can't talk about those things without addressing security. >> Yeah, this segment we're going to hear container and Kubernetes security for modern application 'cause the enterprise are moving there. And this segment with Red Hat's going to be important because they are the leader in the enterprise when it comes to open source in Linux. So this is going to be a very fun segment. >> Very fun segment. Two guests from Red Hat join us. Please welcome Doron Caspin, Senior Principal Product Manager at Red Hat. Michael Foster joins us as well, Principal Product Marketing Manager and StackRox Community Lead at Red Hat. Guys, great to have you on the program. >> Thanks for having us. >> Thank you for having us. >> It's awesome. So Michael StackRox acquisition's been about a year. You got some news? >> Yeah, 18 months. >> Unpack that for us. >> It's been 18 months, yeah. So StackRox in 2017, originally we shifted to be the Kubernetes-native security platform. That was our goal, that was our vision. Red Hat obviously saw a lot of powerful, let's say, mission statement in that, and they bought us in 2021. Pre-acquisition we were looking to create a cloud service. Originally we ran on Kubernetes platforms, we had an operator and things like that. Now we are looking to basically bring customers in into our service preview for ACS as a cloud service. That's very exciting. Security conversation is top notch right now. It's an all time high. You can't go with anywhere without talking about security. And specifically in the code, we were talking before we came on camera, the software supply chain is real. It's not just about verification. Where do you guys see the challenges right now? Containers having, even scanning them is not good enough. First of all, you got to scan them and that may not be good enough. Where's the security challenges and where's the opportunity? >> I think a little bit of it is a new way of thinking. The speed of security is actually does make you secure. We want to keep our images up and fresh and updated and we also want to make sure that we're keeping the open source and the different images that we're bringing in secure. Doron, I know you have some things to say about that too. He's been working tirelessly on the cloud service. >> Yeah, I think that one thing, you need to trust your sources. Even if in the open source world, you don't want to copy paste libraries from the web. And most of our customers using third party vendors and getting images from different location, we need to trust our sources and we have a really good, even if you have really good scanning solution, you not always can trust it. You need to have a good solution for that. >> And you guys are having news, you're announcing the Red Hat Advanced Cluster Security Cloud Service. >> Yes. >> What is that? >> So we took StackRox and we took the opportunity to make it as a cloud services so customer can consume the product as a cloud services as a start offering and customer can buy it through for Amazon Marketplace and in the future Azure Marketplace. So customer can use it for the AKS and EKS and AKS and also of course OpenShift. So we are not specifically for OpenShift. We're not just OpenShift. We also provide support for EKS and AKS. So we provided the capability to secure the whole cloud posture. We know customer are not only OpenShift or not only EKS. We have both. We have free cloud or full cloud. So we have open. >> So it's not just OpenShift, it's Kubernetes, environments, all together. >> Doron: All together, yeah. >> Lisa: Meeting customers where they are. >> Yeah, exactly. And we focus on, we are not trying to boil the ocean or solve the whole cloud security posture. We try to solve the Kubernetes security cluster. It's very unique and very need unique solution for that. It's not just added value in our cloud security solution. We think it's something special for Kubernetes and this is what Red that is aiming to. To solve this issue. >> And the ACS platform really doesn't change at all. It's just how they're consuming it. It's a lot quicker in the cloud. Time to value is right there. As soon as you start up a Kubernetes cluster, you can get started with ACS cloud service and get going really quickly. >> I'm going to ask you guys a very simple question, but I heard it in the bar in the lobby last night. Practitioners talking and they were excited about the Red Hat opportunity. They actually asked a question, where do I go and get some free Red Hat to test some Kubernetes out and run helm or whatever. They want to play around. And do you guys have a program for someone to get start for free? >> Yeah, so the cloud service specifically, we're going to service preview. So if people sign up, they'll be able to test it out and give us feedback. That's what we're looking for. >> John: Is that a Sandbox or is that going to be in the cloud? >> They can run it in their own environment. So they can sign up. >> John: Free. >> Doron: Yeah, free. >> For the service preview. All we're asking for is for customer feedback. And I know it's actually getting busy there. It's starting December. So the quicker people are, the better. >> So my friend at the lobby I was talking to, I told you it was free. I gave you the sandbox, but check out your cloud too. >> And we also have the open source version so you can download it and use it. >> Yeah, people want to know how to get involved. I'm getting a lot more folks coming to Red Hat from the open source side that want to get their feet wet. That's been a lot of people rarely interested. That's a real testament to the product leadership. Congratulations. >> Yeah, thank you. >> So what are the key challenges that you have on your roadmap right now? You got the products out there, what's the current stake? Can you scope the adoption? Can you share where we're at? What people are doing specifically and the real challenges? >> I think one of the biggest challenges is talking with customers with a slightly, I don't want to say outdated, but an older approach to security. You hear things like malware pop up and it's like, well, really what we should be doing is keeping things into low and medium vulnerabilities, looking at the configuration, managing risk accordingly. Having disparate security tools or different teams doing various things, it's really hard to get a security picture of what's going on in the cluster. That's some of the biggest challenges that we talk with customers about. >> And in terms of resolving those challenges, you mentioned malware, we talk about ransomware. It's a household word these days. It's no longer, are we going to get hit? It's when? It's what's the severity? It's how often? How are you guys helping customers to dial down some of the risk that's inherent and only growing these days? >> Yeah, risk, it's a tough word to generalize, but our whole goal is to give you as much security information in a way that's consumable so that you can evaluate your risk, set policies, and then enforce them early on in the cluster or early on in the development pipeline so that your developers get the security information they need, hopefully asynchronously. That's the best way to do it. It's nice and quick, but yeah. I don't know if Doron you want to add to that? >> Yeah, so I think, yeah, we know that ransomware, again, it's a big world for everyone and we understand the area of the boundaries where we want to, what we want to protect. And we think it's about policies and where we enforce it. So, and if you can enforce it on, we know that as we discussed before that you can scan the image, but we never know what is in it until you really run it. So one of the thing that we we provide is runtime scanning. So you can scan and you can have policy in runtime. So enforce things in runtime. But even if one image got in a way and get to your cluster and run on somewhere, we can stop it in runtime. >> Yeah. And even with the runtime enforcement, the biggest thing we have to educate customers on is that's the last-ditch effort. We want to get these security controls as early as possible. That's where the value's going to be. So we don't want to be blocking things from getting to staging six weeks after developers have been working on a project. >> I want to get you guys thoughts on developer productivity. Had Docker CEO on earlier and since then I had a couple people messaging me. Love the vision of Docker, but Docker Hub has some legacy and it might not, has does something kind of adoption that some people think it does. Are people moving 'cause there times they want to have these their own places? No one place or maybe there is, or how do you guys see the movement of say Docker Hub to just using containers? I don't need to be Docker Hub. What's the vis-a-vis competition? >> I mean working with open source with Red Hat, you have to meet the developers where they are. If your tool isn't cutting it for developers, they're going to find a new tool and really they're the engine, the growth engine of a lot of these technologies. So again, if Docker, I don't want to speak about Docker or what they're doing specifically, but I know that they pretty much kicked off the container revolution and got this whole thing started. >> A lot of people are using your environment too. We're hearing a lot of uptake on the Red Hat side too. So, this is open source help, it all sorts stuff out in the end, like you said, but you guys are getting a lot of traction there. Can you share what's happening there? >> I think one of the biggest things from a developer experience that I've seen is the universal base image that people are using. I can speak from a security standpoint, it's awesome that you have a base image where you can make one change or one issue and it can impact a lot of different applications. That's one of the big benefits that I see in adoption. >> What are some of the business, I'm curious what some of the business outcomes are. You talked about faster time to value obviously being able to get security shifted left and from a control perspective. but what are some of the, if I'm a business, if I'm a telco or a healthcare organization or a financial organization, what are some of the top line benefits that this can bubble up to impact? >> I mean for me, with those two providers, compliance is a massive one. And just having an overall look at what's going on in your clusters, in your environments so that when audit time comes, you're prepared. You can get through that extremely quickly. And then as well, when something inevitably does happen, you can get a good image of all of like, let's say a Log4Shell happens, you know exactly what clusters are affected. The triage time is a lot quicker. Developers can get back to developing and then yeah, you can get through it. >> One thing that we see that customers compliance is huge. >> Yes. And we don't want to, the old way was that, okay, I will provision a cluster and I will do scans and find things, but I need to do for PCI DSS for example. Today the customer want to provision in advance a PCI DSS cluster. So you need to do the compliance before you provision the cluster and make all the configuration already baked for PCI DSS or HIPAA compliance or FedRAMP. And this is where we try to use our compliance, we have tools for compliance today on OpenShift and other clusters and other distribution, but you can do this in advance before you even provision the cluster. And we also have tools to enforce it after that, after your provision, but you have to do it again before and after to make it more feasible. >> Advanced cluster management and the compliance operator really help with that. That's why OpenShift Platform Plus as a bundle is so popular. Just being able to know that when a cluster gets provision, it's going to be in compliance with whatever the healthcare provider is using. And then you can automatically have ACS as well pop up so you know exactly what applications are running, you know it's in compliance. I mean that's the speed. >> You mentioned the word operator, I get triggering word now for me because operator role is changing significantly on this next wave coming because of the automation. They're operating, but they're also devs too. They're developing and composing. It's almost like a dashboard, Lego blocks. The operator's not just manually racking and stacking like the old days, I'm oversimplifying it, but the new operators running stuff, they got observability, they got coding, their servicing policy. There's a lot going on. There's a lot of knobs. Is it going to get simpler? How do you guys see the org structures changing to fill the gap on what should be a very simple, turn some knobs, operate at scale? >> Well, when StackRox originally got acquired, one of the first things we did was put ACS into an operator and it actually made the application life cycle so much easier. It was very easy in the console to go and say, Hey yeah, I want ACS my cluster, click it. It would get provisioned. New clusters would get provisioned automatically. So underneath it might get more complicated. But in terms of the application lifecycle, operators make things so much easier. >> And of course I saw, I was lucky enough with Lisa to see Project Wisdom in AnsibleFest. You going to say, Hey, Red Hat, spin up the clusters and just magically will be voice activated. Starting to see AI come in. So again, operations operator is got to dev vibe and an SRE vibe, but it's not that direct. Something's happening there. We're trying to put our finger on. What do you guys think is happening? What's the real? What's the action? What's transforming? >> That's a good question. I think in general, things just move to the developers all the time. I mean, we talk about shift left security, everything's always going that way. Developers how they're handing everything. I'm not sure exactly. Doron, do you have any thoughts on that. >> Doron, what's your reaction? You can just, it's okay, say what you want. >> So I spoke with one of our customers yesterday and they say that in the last years, we developed tons of code just to operate their infrastructure. That if developers, so five or six years ago when a developer wanted VM, it will take him a week to get a VM because they need all their approval and someone need to actually provision this VM on VMware. And today they automate all the way end-to-end and it take two minutes to get a VM for developer. So operators are becoming developers as you said, and they develop code and they make the infrastructure as code and infrastructure as operator to make it more easy for the business to run. >> And then also if you add in DataOps, AIOps, DataOps, Security Ops, that's the new IT. It seems to be the new IT is the stuff that's scaling, a lot of data's coming in, you got security. So all that's got to be brought in. How do you guys view that into the equation? >> Oh, I mean you become big generalists. I think there's a reason why those cloud security or cloud professional certificates are becoming so popular. You have to know a lot about all the different applications, be able to code it, automate it, like you said, hopefully everything as code. And then it also makes it easy for security tools to come in and look and examine where the vulnerabilities are when those things are as code. So because you're going and developing all this automation, you do become, let's say a generalist. >> We've been hearing on theCUBE here and we've been hearing the industry, burnout, associated with security professionals and some DataOps because the tsunami of data, tsunami of breaches, a lot of engineers getting called in the middle of the night. So that's not automated. So this got to get solved quickly, scaled up quickly. >> Yes. There's two part question there. I think in terms of the burnout aspect, you better send some love to your security team because they only get called when things get broken and when they're doing a great job you never hear about them. So I think that's one of the things, it's a thankless profession. From the second part, if you have the right tools in place so that when something does hit the fan and does break, then you can make an automated or a specific decision upstream to change that, then things become easy. It's when the tools aren't in place and you have desperate environments so that when a Log4Shell or something like that comes in, you're scrambling trying to figure out what clusters are where and where you're impacted. >> Point of attack, remediate fast. That seems to be the new move. >> Yeah. And you do need to know exactly what's going on in your clusters and how to remediate it quickly, how to get the most impact with one change. >> And that makes sense. The service area is expanding. More things are being pushed. So things will, whether it's a zero day vulnerability or just attack. >> Just mix, yeah. Customer automate their all of things, but it's good and bad. Some customer told us they, I think Spotify lost the whole a full zone because of one mistake of a customer because they automate everything and you make one mistake. >> It scale the failure really. >> Exactly. Scaled the failure really fast. >> That was actually few contact I think four years ago. They talked about it. It was a great learning experience. >> It worked double edge sword there. >> Yeah. So definitely we need to, again, scale automation, test automation way too, you need to hold the drills around data. >> Yeah, you have to know the impact. There's a lot of talk in the security space about what you can and can't automate. And by default when you install ACS, everything is non-enforced. You have to have an admission control. >> How are you guys seeing your customers? Obviously Red Hat's got a great customer base. How are they adopting to the managed service wave that's coming? People are liking the managed services now because they maybe have skills gap issues. So managed service is becoming a big part of the portfolio. What's your guys' take on the managed services piece? >> It's just time to value. You're developing a new application, you need to get it out there quick. If somebody, your competitor gets out there a month before you do, that's a huge market advantage. >> So you care how you got there. >> Exactly. And so we've had so much Kubernetes expertise over the last 10 or so, 10 plus year or well, Kubernetes for seven plus years at Red Hat, that why wouldn't you leverage that knowledge internally so you can get your application. >> Why change your toolchain and your workflows go faster and take advantage of the managed service because it's just about getting from point A to point B. >> Exactly. >> Well, in time to value is, you mentioned that it's not a trivial term, it's not a marketing term. There's a lot of impact that can be made. Organizations that can move faster, that can iterate faster, develop what their customers are looking for so that they have that competitive advantage. It's definitely not something that's trivial. >> Yeah. And working in marketing, whenever you get that new feature out and I can go and chat about it online, it's always awesome. You always get customers interests. >> Pushing new code, being secure. What's next for you guys? What's on the agenda? What's around the corner? We'll see a lot of Red Hat at re:Invent. Obviously your relationship with AWS as strong as a company. Multi-cloud is here. Supercloud as we've been saying. Supercloud is a thing. What's next for you guys? >> So we launch the cloud services and the idea that we will get feedback from customers. We are not going GA. We're not going to sell it for now. We want to get customers, we want to get feedback to make the product as best what we can sell and best we can give for our customers and get feedback. And when we go GA and we start selling this product, we will get the best product in the market. So this is our goal. We want to get the customer in the loop and get as much as feedback as we can. And also we working very closely with our customers, our existing customers to announce the product to add more and more features what the customer needs. It's all about supply chain. I don't like it, but we have to say, it's all about making things more automated and make things more easy for our customer to use to have security in the Kubernetes environment. >> So where can your customers go? Clearly, you've made a big impact on our viewers with your conversation today. Where are they going to be able to go to get their hands on the release? >> So you can find it on online. We have a website to sign up for this program. It's on my blog. We have a blog out there for ACS cloud services. You can just go there, sign up, and we will contact the customer. >> Yeah. And there's another way, if you ever want to get your hands on it and you can do it for free, Open Source StackRox. The product is open source completely. And I would love feedback in Slack channel. It's one of the, we also get a ton of feedback from people who aren't actually paying customers and they contribute upstream. So that's an awesome way to get started. But like you said, you go to, if you search ACS cloud service and service preview. Don't have to be a Red Hat customer. Just if you're running a CNCF compliant Kubernetes version. we'd love to hear from you. >> All open source, all out in the open. >> Yep. >> Getting it available to the customers, the non-customers, they hopefully pending customers. Guys, thank you so much for joining John and me talking about the new release, the evolution of StackRox in the last season of 18 months. Lot of good stuff here. I think you've done a great job of getting the audience excited about what you're releasing. Thank you for your time. >> Thank you. >> Thank you. >> For our guest and for John Furrier, Lisa Martin here in Detroit, KubeCon + CloudNativeCon North America. Coming to you live, we'll be back with our next guest in just a minute. (gentle music)

hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

(upbeat music) >> Welcome back to Supercloud22. This is an open community event, and it's dedicated to tracking the future of cloud in the 2020s. Supercloud is a term that we use to describe an architectural abstraction layer that hides the underlying complexities of the individual cloud primitives and APIs and creates a common experience for developers and users irrespective of where data is physically stored or on which cloud platform it lives. We're now going to explore the nuances of going to market in a world where data architectures span on premises across multiple clouds and are increasingly stretching out to the edge. Paula Hansen is the President and Chief Revenue Officer at Alteryx. And the reason we asked her to join us for Supercloud22 is because first of all, Alteryx is a company that is building a form of Supercloud in our view. If you have data in a bunch of different places and you need to pull in different data sets together, you might want to filter it or blend it, cleanse it, shape it, enrich it with other data, analyze it, report it out to your colleagues. Alteryx allows you to do that and automate that life cycle. And in our view is working to break down the data silos across clouds, hence Supercloud. Now, the other reason we invited Paula to the program is because she's a rockstar female in tech, and since day one at theCube, we've celebrated great women in tech, and in this case, a woman of data, Paula Hansen, welcome to the program. >> Thank you, Dave. I am absolutely thrilled to be here. >> Okay, we're going to focus on customers, their challenges and going to market in this cross cloud, multi-cloud, Supercloud world. First, Paula, what's changing in your view in the way that customers are innovating with data in the 2020s? >> Well, I think we've all learned very clearly over these last two years that the global pandemic has altered life and business as we know it. And now we're in an interesting time from a macroeconomic perspective as well. And so what we've seen is that every company in every industry has had to pivot and think about how they meet redefined customer expectations and an ever evolving competitive landscape. There really isn't an industry that wasn't reshaped in some way over the last couple of years. And we've been fortunate to work with companies in all industries that have adapted to this ever changing environment by leveraging Alteryx to help accelerate their digital transformations. Companies know that they need to unlock the full potential of their data to be able to move quickly to pivot and to respond to their customer's needs, as well as manage their businesses most efficiently. So I think nothing tells that story better than sharing a customer example with you, Dave. We love to share stories of our very innovative customers. And so the one that I'll share with you today in regards to this is Delta Airlines, who we're all very familiar with. And of course Delta's goal is to always keep their airplanes in the air flying passengers and getting people to their destinations efficiently. So they focus on the maintenance of their aircraft as a necessary part of running their business and they need to manage their maintenance stops and the maintenance of their aircraft very efficiently and effectively. So we work with them. They leverage our platform to automate all the processes for their aircraft maintenance centers. And so they've built out a fully automated reporting system on our platform leveraging tons of data. And this gives their service managers and their aircraft technicians foresight into what's happening with their scheduling and their maintenance processes. So this ensures that they've got the right technicians in the service center when the aircrafts land and that everything across that process is fully in place. And previously because of data silos and just complexity of data, this process would've taken them many many hours in each independent service center, and now leveraging Alteryx and the power of analytics and bringing all the data together. Those centers can do this process in just minutes and get their planes back in the air efficiently and delivering on their promises to their customers. So that's just one of many examples that we have in terms of the way the Alteryx analytics automation helps customers in this new age and helping to really unlock the power of their data. >> You know, Paul, that's an interesting example. Because in a previous life I worked with some airlines and people maybe don't realize this but, aircraft maintenance is the mission critical application for carriers. It's not the booking system. Because we've been there before, we show you there's a problem when you're booking or sometimes it's unfortunate, but people they get de booked. But the aircraft maintenance is the one that matters the most and that keeps planes in the air. So we hear all the time, you just mention it. About data silos and how problematic they are. So, specifically how are you seeing customers thinking about busting the data silos? >> Yeah, that's right, it's a big topic right now. Because companies realize that business processes that they run their business with, is very cross-functional in nature and requires data across every department in the enterprise. And you can't keep data locked in one department. So if you think of business processes like pay to procure or quote to cash, these are business processes that companies in every industry run their business. And that requires them to get data from multiple departments and bring all of that data together seamlessly to make the best business decisions that they can make. So what our platform does is, and is really well known for, is being very easy for users number one, and then number two, being really great at getting access to data quickly and easily from all those data silos, really, regardless of where it is. We talk about being everywhere. And when we say that we mean, whether it's on-prem, in your legacy applications and databases, or whether it's in the cloud with of course, all the multiple cloud platforms and modern cloud data warehouses. Regardless of where it is, we have the ability to bring that data together across hundreds of different data sources, bring it together to help drive insights and ultimately help our customers make better decisions, take action, and deliver on the business outcomes that they all are trying to drive within their respective industries. And what's- >> You know- >> Go ahead. >> Please carry on. >> Well, I was just going to say that what I do think has really sort of a tipping point in the last six months in particular is that executives themselves are really demanding of their organizations, this democratization of data. And the breaking down of the silos and empowering all of the employees across their enterprise regardless of how sophisticated they are with analytics to participate in the analytic opportunity. So we've seen some really cool things of late where executives, CEOs, chief financial officers, chief data officers are sponsoring events within their organizations to break down these silos and encourage their employees to come together on this democratization opportunity of democratization of data and analytics. And there's a shortage of data scientists on top of this. So there's no way that you're going to be able to hire enough data scientists to make sense of all this data running around your enterprise. So we believe with our platform we empower people regardless of their skillset. And so we see executives sponsoring these hackathons within their environments to bring together people to brainstorm and ideate on use cases, to share examples of how they leverage our platform and leverage the data within their organization to make better decisions. And it's really quite cool. Companies like Stanley Black & Decker, Ingersoll Rand, Inchcape PLC, these are all companies that the executive team has sponsored these hackathon events and seen really powerful things come out of it. As an example Ingersoll Rand sponsored their Alteryx hackathon with all of their data workers across various different functions where the data exists. And they focused on both top line revenue use cases as well as bottom line efficiency cases. And one of the outcomes was a use case that helped with their distribution center in north America and bringing all the data together across their various applications to reduce the amount of over ordering and under ordering of parts and more effectively manage their inventory within that distribution center. So, really cool to see this is now an executive level board level conversation. >> Very cool, a hackathon bringing people together for collaboration. A couple things that you said I want to comment on. Again, one of the reasons why we invited you guys to come on is, when you think about on-prem data and anybody who follows theCube and my breaking analysis program, knows we're big fans of Zhamak Dehghani's concept of data mesh. And data mesh is supposed to be inclusive. It doesn't matter if it's an S3 bucket, Oracle data base, or data warehouse, or data lake, that's just a note on the data mesh. And so it should be inclusive and Supercloud should include on-prem data to the extent that you can make that experience consistent. We have a lot of technical sessions here at Supercloud22, we're focusing now and go to market and the ecosystem. And we live in a world of multiple partners exploding ecosystems. And a lot of times it's co-opetition. So Paula, when you joined Alteryx you brought a proven go to market discipline to the company. Alignment with the customer, playbooks, best practice of sales, et cetera. And we've seen the results. It's a big reason why Mark Anderson and the board promoted you to president just after 10 months. Summarize how you approached the situation at Alteryx when you joined last spring. >> Yeah, I think first we were really intentional about what part of the market, what type of enterprises get the most benefit from the innovation that we deliver? And it's really clear that it's large enterprises. That the more complex a company is, most likely the more data they have and oftentimes the more decentralized that data is. And they're also really all trying to figure out how to remain competitive by leveraging that data. So, the first thing we did was be very intentional that we're focused on the enterprise and building out all of the capability required to be able to serve the enterprise. Of course, essential to all of that is having a platform capability because enterprises require that. So, with Suresh Vittal our Chief Product Officer, he's been fantastic in building out an end to end analytic platform that serves a wide range of analytic capabilities to a wide range of users. And then of course has this flexibility to operate both on-prem and in the cloud which is very important. Because we see this hybrid environment in this multicloud environment being something that is important to our customers. The second thing that I was really focused on was understanding how do you have those conversations with customers when they all are in maybe different types of backgrounds? So the way that you work with a business analyst in the office of finance or supply chain or sales and marketing, is different than the way that you serve a data scientist or a data engineer in IT. The way that you talk to a business owner who wants not to really understand the workflow level of data but wants to understand the insights of data, that's a different conversation. When you want to have a conversation of analytics for all or democratization of analytics at the executive level with the chief data officer or a CIO, that's a whole different conversation. And so we've built very specific sales plays to be able to have those conversations bring the relevant information to the relevant person so that we're really making sure that we explain the value proposition of the platform. Fully understand their world, their language and can work with them to deliver the value to them. And then the third thing that we did, was really heavily invest in our partnerships and you referenced this day. It's a a broad ecosystem out there. And we know that we have to integrate into that broad data ecosystem. and be a good partner to serve our customers. So, we've invested both in technology integration as well as go to market strategies with cloud data warehouse companies like Snowflake and Databricks, or RPA companies like UiPath and Blue Prism, as well as a wide range of other application and all of the cloud platforms because that's what our customers expect from us. So that's been a really important sort of third pillar of our strategy in making sure that from a go to market perspective, we understand where we fit in the ecosystem and how we collectively deliver on value to our joint customers. >> So that's super helpful. What I'm taking away from this is you didn't come to it with a generic playbook. Frank Lyman always talks about situation leadership. You assess the situation and applied that and a great example of partners is Snowflake and Databricks, these sort of opposites, but trying to solve similar problems. So you've got to be inclusive of all that. So we're trying to sort of squint through this Paula and say, okay, are there nuances and best practices beyond some of the the things that you just described that are unique to what we call Supercloud? Are there observations you can make with respect to what's different in this post isolation economy? Specifically in managing remote employees and of course remote partners, working with these complex ecosystems and the rise of this multi-cloud world, is it different or is it same wine new bottle? >> Well, I think it's both common from the on-prem or pre-cloud world, but there's also some differences as well. So what's common is that companies still expect innovation from us and still want us to be able to serve a wide range of skill sets. So our belief is that regardless of the skill set that you have, you can participate in the analytics opportunity for your company and unlocking the potential of your data. So we've been very focused since our inception to build out a platform that really serves this wide range of capabilities across the enterprise space. What's perhaps changed more or continues to evolve in this cloud world is just the flexibility that's required. You have to be everywhere. You have to be able to serve users wherever they are and be able to live in a multi-cloud or super cloud world. So when I think of cloud, I think it just unlocks a whole bigger opportunity for Alteryx and for companies that want to become analytic leaders. Because now you have users all over the globe, many of them looking for web-based analytic solutions. And of course these enterprises are all in various places on their journey to cloud and they want a partner and a platform that operates in all of those environments, which is what we do at Alteryx. So, I think it's an exciting time. I think that it's still very early in the analytic market and what companies are going to do to leverage their data to drive their transformation. And we're really excited to be a part of it. >> So last question is, I said up front we always like to celebrate women in tech. How'd you get into tech.? You've got a background, you've got somewhat of a technical background of being technical sales. And then of course rose up throughout your career and now have a leadership position. I called you a woman of data. How'd you get into it? Where'd you find the love of data? Give us the background and help us inspire some of the young women out there. >> Oh, well, but I'm super passionate about inspiring young women and thinking about the future next generation of women that can participate in technology and in data specifically. I grew up loving math and science. I went to school and got an electrical engineering degree but my passion around technology hasn't been just around technology for technology's sake, my passion around technology is what can it enable? What can it do? What are the outcomes that technology makes possible? And that's why data is so attractive because data makes amazing things possible. I shared some of those examples with you earlier but it not only can we have effect with data in businesses and enterprise, but governments globally now are realizing the ability for data to really have broad societal impact. And so I think that that speaks to women many times. Is that what does technology enable? What are the outcomes? What are the stories and examples that we can all share and be inspired by and feel good and and inspired to be a part of a broader opportunity that technology and data specifically enables? So that's what drives me. And those are the conversations that I have with the women that I speak with in all ages all the way down to K through 12 to inspire them to have a career in technology. >> Awesome, the more people in STEM the better, and the more women in our industry the better. Paula Hansen, thanks so much for coming in the program. Appreciate it. >> Thank you, Dave. >> Okay, keep it right there for more coverage from Supercloud 22, you're watching theCube. (upbeat music)

(upbeat music) >> Hi, I'm Joe Rodriguez, Managing Director of Financial Services at Cloudera. Welcome to the Fight Fraud with Data session. At Cloudera we believe that fighting fraud begins with data. So financial services is Cloudera's largest industry vertical. We have approximately 425 global financial services customers, which consists of 82 out of a hundred of the largest global banks of which we have 27 that are globally systemic banks. Four out of the five top stock exchanges, eight out of the top 10 wealth management firms and all four of the top credit card networks. So as you can see, most financial services institutions utilize Cloudera for data analytics and machine learning. We also have over 20 central banks and a dozen or so financial regulators. So it's an incredible footprint which gives Cloudera lots of insight into the many innovations that our customers are coming up with. Criminals can steal thousands of dollars before a fraudulent transaction is detected. So the cost to purchase your account data is well worth the price to fraudsters. According to Experian, credit and a debit card account information sells on the dark web for a mere $5 with the CVV number and up to $110 if it comes with all the bank information, including your name, social security number, date of birth, complete account numbers, and other personal data. Our customers have several key data and analytics challenges when it comes to fighting financial crime. The volume of data that they need to deal with is huge and growing exponentially. All this data needs to be evaluated in real time. There are new sources of streaming data that need to be integrated with existing legacy data sources. This includes biometrics data and enhanced authentication video surveillance, call center data, and of course all that needs to be integrated with existing legacy data sources. There is an analytics Arms Race between the banks and the criminals, and the criminal networks never stop innovating. They also have to deal with disjointed security and governance. Security and governance policies are often set per data source or application requiring redundant work across workloads. And they have to deal with siloed environments. The specialized nature of platforms and people results in disparate data sources and data management processes. This duplicates efforts and divides the business risk and crime teams, limiting collaboration opportunities between them. CDP enhances financial crime solutions to be holistic by eliminating data gaps between siloed solutions, with an enterprise data approach, advanced data analytics and machine learning. By deploying an enterprise wide data platform, you reduce siloed divisions between business risk and crime teams and enable better collaboration through industrialized machine learning, you tighten up the loop between detection and new fraud patterns. Cloudera provides the data platform on which a best of breed applications can run and leverage integrated machine learning. Cloudera stands rather than replaces your existing fraud modeling applications. So Oracle, SAS, Actimize, to name a few, integrate with an enterprise data hub to scale the data, increase speed and flexibility and improve efficacy of your entire fraud system. It also centralizes the fraud workload on data that can be used for other use cases in applications like Enhanced KYC and Customer 360 for example. I just wanted to highlight a couple of our partners in financial crime prevention, Simudyne and Quantexa. So Simudyne provides fraud simulation using agent-based modeling machine learning techniques to generate synthetic transaction data. This data simulates potential fraud scenarios in a cost-effective GDPR-compliant virtual environment to significantly improve financial crime detection systems. Simudyne identifies future fraud topologies for millions of simulations that can be used to dynamically train new machine learning algorithms for enhanced identification. And Quantexa connects the dots within your data using dynamic entity resolution, and advanced network analytics to create context around your customers. This enables you to see the bigger picture and automatically assesses potential criminal behavior. Now let's go over some of our customers and how they're using Cloudera. First, we'll talk about United Overseas Bank or UOB. UOB is a leading full service bank in Asia with a network of more than 500 offices in 19 countries and territories, in Asia Pacific, Western Europe and North America. UOB built a modern data platform on Cloudera that gives it the flexibility and speed to develop new AI and machine learning solutions and to create a data-driven enterprise. UOB set up it's big data analytics center in 2017. It was Singapore's first centralized big data unit within a bank to deepen the bank's data analytic capabilities and to use data insights to enhance the bank's performance. Essential to this work was implementing a platform that could cost efficiently bring together data from dozens of separate systems and incorporate a range of unstructured data, including voice and text. Using Cloudera CDP and machine learning, UOB gained a richer understanding of its customer preferences to help make their banking experience simpler, safer, and more reliable. Working with Cloudera, UOB has a big data platform that gives business staff and data scientists, faster access to relevant and quality data for self-service analytics, machine learning and emerging artificial intelligence solutions. With new self-service analytics and machine learning driven insights, UOB has realized improvements in digital banking, asset management, compliance, AML, and more. Advanced AML detection capabilities, help analysts detect suspicious transactions either based on hidden relationships of shell companies and high risk individuals with Cloudera and machine learning technologies, UOB was able to enhance AML detection and reduce the time to identify new links from months to three weeks. Next, let's speak about MasterCard. So MasterCard's principle business is to process payments between banks and merchants and the credit issuing banks and credit unions of the purchasers who use the MasterCard brand debit and credit cards to make purchases. MasterCard chose Cloudera Enterprise for fraud detection and to optimize their DW infrastructure, delivering deep insights and best practices and big data security and compliance. Next, let's speak about Bank Rakyat in Indonesia or BRI. BRI is one of the largest and oldest banks in Indonesia and engages in the provision of general banking services. It's headquartered in Jakarta, Indonesia. BRI is well-known for its focus on microfinancing initiatives and serves over 75 million customers through its more than 11,000 offices and rural service outposts. BRI required better insight to understand customer activity and identify fraudulent transactions. The bank needed a solid foundation that allowed it to leverage the power of advanced analytics, artificial intelligence, and machine learning to gain better understanding of customers and the market. BRI used Cloudera Enterprise data platform to build an agile and reliable, predictive augmented intelligence solution to enhance its credit scoring system. And to address the rising concern around data security from regulators and customers, BRI developed a real-time fraud detection service powered by Cloudera and Kafka, BRI's data scientists developed a machine learning model for fraud detection by creating a behavioral scoring model based on customer savings, loan transactions, deposits, payroll and other financial real-time data. This led to improvements in its fraud detection and credit scoring capabilities, as well as the development of a new digital microfinancing product. With the enablement of real-time fraud detection, BRI was able to reduce the rate of fraud by 40%. It improved relationship manager productivity by two and a half fold. It improved the credit scoring system to cut down on micro-financing loan processing times from two weeks to two days to now two minutes. So fraud prevention is a good area to start with data focus if you haven't already. It offers a quick return on investment and it's a focused area that's not too entrenched across the company. To learn more about fraud prevention, go to www.cloudera.com, and you should schedule a meeting with Cloudera to learn even more. And with that, thank you for listening and thank you for your time. (upbeat music)

>>Hi today, I'm going to talk about network analytics and what that means for, for telecommunications as we go forward. Um, thinking about, uh, 5g, what the impact that's likely to have on, on network analytics and the data requirement, not just to run the network and to understand the network a little bit better. Um, but also to, to inform the rest of the operation of the telecommunications business. Um, so as we think about where we are in terms of network analytics and what that is over the last 20 years, the telecommunications industry has evolved its management infrastructure, uh, to abstract away from some of the specific technologies in the network. So what do we mean by that? Well, uh, in the, in the initial, uh, telecommunications networks were designed, there were management systems that were built in, um, eventually fault management systems, uh, assurance systems, provisioning systems, and so on were abstracted away. >>So it didn't matter what network technology had, whether it was a Nokia technology or Erickson technology or Huawei technology or whatever it happened to be. You could just look at your fault management system, understand where false, what happened as we got into the last sort of 10, 15 years or so. Telecommunication service providers become became more sophisticated in terms of their approach to data analytics and specifically network analytics, and started asking questions about why and what if in relation to their network performance and network behavior. And so network analytics as a, as a bit of an independent function was born and over time, more and more data began to get loaded into the network analytics function. So today just about every carrier in the world has a network analytics function that deals with vast quantities of data in big data environments that are now being migrated to the cloud. >>As all telecommunications carriers are migrating as many it workloads as possible, um, to the cloud. So what are the things that are happening as we migrate to the cloud that drive, uh, uh, enhancements in use cases and enhancements and scale, uh, in telecommunications network analytics? Well, 5g is the big thing, right? So 5g, uh, it's not just another G in that sense. I mean, in some cases, in some senses, it is 5g means greater bandwidth, lower latency and all those good things. So, you know, we can watch YouTube videos with less interference and, and less sluggish bandwidth and so on and so forth. But 5g is really about the enterprise and enterprise services. Transformation, 5g is more secure, kind of a network, but 5g is also a more pervasive network 5g, a fundamentally different network topology than previous generations. So there's going to be more masts and that means that you can have more pervasive connectivity. >>Uh, so things like IOT and edge applications, autonomous cars, smart cities, these kinds of things, um, are all much better served because you've got more masks that of course means that you're going to have a lot more data as well. And we'll get to that. The second piece is immersive digital services. So with more masks, with more connectivity, with lower latency with higher man, the potential, uh, is, is, is, is immense for services innovation. And we don't know what those services are going to be. We know that technologies like augmented reality, virtual reality, things like this have great potential. Um, but we, we have yet to see where those commercial applications are going to be, but the innovation and the innovation potential for 5g is phenomenal. Um, it certainly means that we're going to have a lot more, uh, edge devices, um, uh, and that again is going to lead to an increase in the amount of data that we have available. >>And then the idea of pervasive connectivity when it comes to smart, smart cities, uh, autonomous, autonomous currents, um, uh, integrated traffic management systems, um, all of this kind of stuff, those of those kind of smart environments thrive where you've got this kind of pervasive connectivity, this persistent, uh, connection to the network. Um, again, that's going to drive, um, um, uh, more innovation. And again, because you've got these new connected devices, you're going to get even more data. So this rise, this exponential rise in data is really what's driving the change in, in network analytics. And there are four major vectors that are driving this increase in data in terms of both volume and in terms of speed. So the first is more physical elements. So we said already that 5g networks are going to have a different apology. 5g networks will have more devices, more and more masks. >>Um, and so with more physical elements in the network, you're going to get more physical data coming off those physical networks. And so that needs to be aggregated and collected and managed and stored and analyzed and understood when, so that we can, um, have a better understanding as to why things happened the way they do, why the network behaves in which they do in, in, in, in ways that it does and why devices that are connected to the network. And ultimately of course, consumers, whether they be enterprises or retail customers, um, behave in the way they do in relation to their interaction within our edge nodes and devices, we're going to have a, uh, an explosion in terms of the number of devices. We've already seen IOT devices with your different kinds of trackers and, uh, and, and sensors that are hanging off the edge of the network, whether it's to make buildings smarter car smarter, or people smarter, um, in, in terms of having the, the, the measurements and the connectivity and all that sort of stuff. >>So the numbers of devices on the agent beyond the age, um, are going to be phenomenal. One of the things that we've been trying to with as an industry over the last few years is where does the telco network end, and where does the enterprise, or even the consumer network begin. You used to be very clear that, you know, the telco network ended at the router. Um, but now it's not, it's not that clear anymore because in the enterprise space, particularly with virtualized networking, which we're going to talk about in a second, um, you start to see end to end network services being deployed. Um, uh, and so are they being those services in some instances are being managed by the service provider themselves, and in some cases by the enterprise client, um, again, the line between where the telco network ends and where the enterprise or the consumer network begins, uh, is not clear. >>Uh, so, so those edge, the, the, the proliferation of devices at the age, um, uh, in terms of, um, you know, what those devices are, what the data yield is and what the policies are, their need to govern those devices, um, in terms of security and privacy, things like that, um, that's all going to be really, really important virtualized services. We just touched on that briefly. One of the big, big trends that's happening right now is not just the shift of it operations onto the cloud, but the shift of the network onto the cloud, the virtualization of network infrastructure, and that has two major impacts. First of all, it means that you've got the agility and all of the scale, um, uh, benefits that you get from migrating workloads to the cloud, the elasticity and the growth and all that sort of stuff. But arguably more importantly for the telco, it means that with a virtualized network infrastructure, you can offer entire networks to enterprise clients. >>So if you're selling to a government department, for example, is looking to stand up a system for certification of, of, you know, export certification, something like that. Um, you can not just sell them the connectivity, but you can sell them the networking and the infrastructure in order to serve that entire end to end application. You could sentence, you could offer them in theory, an entire end-to-end communications network, um, and with 5g network slicing, they can even have their own little piece of the 5g bandwidth that's been allocated against the carrier, um, uh, and, and have a complete end to end environment. So the kinds of services that can be offered by telcos, um, given virtualize network infrastructure, uh, are, are many and varied. And it's a, it's a, it's a, um, uh, an outstanding opportunity. But what it also means is that the number of network elements virtualized in this case is also exploding. >>That means the amount of data that we're getting on, uh, informing us as to how those network elements are behaving, how they're performing, um, uh, is, is, is going to go up as well. And then finally, AI complexity. So on the demand side, um, while historically, uh, um, network analytics, big data, uh, has been, has been driven by, um, returns in terms of data monetization, uh, whether that's through cost avoidance, um, or service assurance, uh, or even revenue generation through data monetization and things like that. AI is transforming telecommunications and every other industry, the potential for autonomous operations, uh, is extremely attractive. And so understanding how the end-to-end telecommunication service delivering delivery infrastructure works, uh, is essential, uh, as a training ground for AI models that can help to automate a huge amount of telecommunications operating, um, processes. So the AI demand for data is just going through the roof. >>And so all of these things combined to mean big data is getting explosive. It is absolutely going through the roof. So that's a huge thing that's happening. So as telecommunications companies around the world are looking at their network analytics infrastructure, which was initially designed for service insurance primarily, um, and how they migrate that to the cloud. These things are impacting on those decisions because you're not just looking at migrating a workload to operate in the cloud that used to work in the, in the data center. Now you're looking at, um, uh, migrating a workload, but also expanding the use cases in that work and bear in mind, many of those, those are going to need to remain on prem. So they'll need to be within a private cloud or at best a hybrid cloud environment in order to satisfy a regulatory jurisdictional requirements. So let's talk about an example. >>So LGU plus is a Finastra fantastic service provider in Korea. Um, huge growth in that business over the last, uh, over the last 10, 15 years or so. Um, and obviously most people will be familiar with LG, the electronics brand, maybe less so with, uh, with LG plus, but they've been doing phenomenal work. And we're the first, uh, business in the world who launch commercial 5g in 2019. And so a huge milestone that they achieved. And at the same time they deploy the network real-time analytics platform or in rep, uh, from a combination of Cloudera and our partner calmer. Now, um, there were a number of things that were driving, uh, the requirement for it, for the, for the analytics platform at the time. Um, clearly the 5g launch was that was the big thing that they had in mind, but there were other things that re so within the 5g launch, um, uh, they were looking for, for visibility of services, um, and service assurance and service quality. >>So, you know, what services have been launched? How are they being taken up? What are the issues that are arising, where are the faults happening? Um, where are the problems? Because clearly when you launch a new service, but then you want to understand and be on top of the issues as they arise. Um, so that was really, really important. The second piece was, and, you know, this is not a new story to any telco in the world, right. But there are silos in operation. Uh, and so, um, taking advantage of, um, or eliminating redundancies through the process, um, of, of digital transformation, it was really important. And so particular, the two silos between wired and the wireless sides of the business come together so that there would be an integrated network management system, um, for, uh, for LGU plus, as they rolled out 5g. So eliminating redundancy and driving cost savings through the, the integration of the silos is really, really important. >>And that's a process and the people thing every bit, as much as it is a systems and a data thing. So, um, another big driver and the fourth one, you know, we've talked a little bit about some of these things, right? 5g brings huge opportunity for enterprise services, innovation. So industry 4.0 digital experience, these kinds of use cases, um, are very important in the south Korean marketing and in the, um, in the business of LGU plus. And so, uh, um, looking at AI and how can you apply AI to network management? Uh, again, there's a number of use cases, really, really exciting use cases that have gone live now, um, in LG plus since, uh, since we did this initial deployment and they're making fantastic strides there, um, big data analytics for users across LGU plus, right? So it's not just for, um, uh, it's not just for the immediate application of 5g or the support or the 5g network. >>Um, but also for other data analysts and data scientists across the LGU plus business network analytics, while primarily it's primary it's primary use case is around network management, um, LGU plus, or, or network analytics, um, has applications across the entire business, right? So, um, you know, for customer churn or next best offer for understanding customer experience and customer behavior really important there for digital advertising, for product innovation, all sorts of different use cases and departments within the business needed access to this information. So collaboration sharing across the network, the real-time network analytics platform, um, it was very important. And then finally, as I mentioned, LG group is much bigger than just LG plus it's because the electronics and other pieces, and they had launched a major group wide digital transformation program in 2019, and still being a part of that was, well, some of them, the problems that they were looking to address. >>Um, so first of all, the integration of wired and wireless data service data sources, and so getting your assurance data sources, your network, data sources, uh, and so on integrated with is really, really important scale was massive for them. Um, you know, they're talking about billions of transactions in under a minute, uh, being processed, um, and hundreds of terabytes per day. So, uh, you know, phenomenal scale, uh, that needed to be available out of the box as it were, um, real time indicators and alarms. And there was lots of KPIs and thresholds set that, you know, w to make, make it to meet certain criteria, certain standards, um, customer specific, real time analysis of 5g, particularly for the launch root cause analysis, an AI based prediction on service, uh, anomalies and service service issues was, was, was a core use case. Um, as I talked about already the provision of service of data services across the organization, and then support for 5g, uh, served the business service, uh, impact, uh, was extremely important. >>So it's not just understand well, you know, that you have an outage in a particular network element, but what is the impact on the business of LGU plus, but also what is the impact on the business of the customer, uh, from an outage or an anomaly or a problem on, on, on the network. So being able to answer those kinds of questions really, really important, too. And as I said, between Cloudera and Kamarck, uh, uh, and LGU plus, uh, really themselves an intrinsic part of the solution, um, uh, this is, this is what we, we ended up building. So a big complicated architecture space. I really don't want to go into too much detail here. Um, uh, you can see these things for yourself, but let me skip through it really quickly. So, first of all, the key data sources, um, you have all of your wireless network information, other data sources. >>This is really important because sometimes you kind of skip over this. There are other systems that are in place like the enterprise data warehouse that needed to be integrated as well, southbound and northbound interfaces. So we get our data from the network and so on, um, and network management applications through file interfaces. CAFCA no fire important technologies. And also the RDBMS systems that, uh, you know, like the enterprise data warehouse that we're able to feed that into the system. And then northbound, um, you know, we spoke already about me making network analytics services available across the enterprise. Um, so, uh, you know, uh, having both the file and the API interface available, um, for other systems and other consumers across the enterprise is very important. Um, lots of stuff going on then in the platform itself to petabytes and persistent storage, um, Cloudera HDFS, 300 nodes for the, the raw data storage, um, uh, and then, uh, could do for real time storage for real-time indicator analysis, alarm generation, um, uh, and other real time, um, processes. >>Uh, so there, that was the, the core of the solution, uh, spark processes for ETL key quality indicators and alarming, um, and also a bunch of work done around, um, data preparation, data generation for transferal to, to third party systems, um, through the northbound interfaces, um, uh, Impala, API queries, um, for real-time systems, uh, there on the right hand side, and then, um, a whole bunch of clustering classification, prediction jobs, um, through the, uh, the, the, the, the ML processes, the machine learning processes, uh, again, another key use case, and we've done a bunch of work on that. And, um, I encourage you to have a look at the Cloudera website for more detail on some of the work that we did here. Um, so this is some pretty cool stuff. Um, and then finally, just the upstream services, some of these there's lots more than, than, than simply these ones, but service assurance is really, really important. So SQM cm and SED grade. So the service quality management customer experience, autonomous controllers, uh, really, really important consumers of, of the, of the real-time analytics platform, uh, and your conventional service assurance, um, functions like faulted performance management. Uh, these things are as much consumers of the information and the network analytics platform as they are providers of data to the network, uh, analytics >>Platform. >>Um, so some of the specific use cases, uh, that, uh, have been, have been stood up and that are delivering value to this day and lots of more episodes, but these are just three that we pulled out. Um, so first of all, um, uh, sort of specific monitoring and customer quality analysis, Karen response. So again, growing from the initial 5g launch and then broadening into broader services, um, understanding where there are the, where there are issues so that when people complaining, when people have an issue, um, that, um, uh, that we can answer the, the concerns of the client, um, in a substantive way, um, uh, AI functions around root cause analysis or understanding why things went wrong when they went wrong. Um, uh, and also making recommendations as to how to avoid those occurrences in the future. Uh, so we know what preventative measures can be taken. Um, and then finally the, uh, the collaboration function across LGU plus extremely important and continues to be important to this day where data is shared throughout the enterprise, through the API Lira through file interfaces and other things, and through interface integrations with, uh, with upstream systems. >>So, um, that's kind of the, the, uh, real quick run through of LGU plus the numbers are just stave staggering. Um, you know, we've seen, uh, upwards of a billion transactions in under 40 seconds being, um, uh, being tested. Um, and, and we've gone beyond those thresholds now, already, um, and we're started and, and, and, and this isn't just a theoretical sort of a benchmarking test or something like that. We're seeing these kinds of volumes of data and not too far down the track. So, um, with those things that I mentioned earlier with the proliferation of, of, um, of network infrastructure, uh, in the 5g context with virtualized elements, with all of these other bits and pieces are driving massive volumes of data towards the, uh, the, the, the network analytics platform. So phenomenal scale. Um, this is just one example we work with, with service providers all over the world is over 80% of the top 100 telecommunication service providers run on Cloudera. >>They use Cloudera in the network, and we're seeing those customers, all migrating legacy cloud platforms now onto CDP onto the Cloudera data platform. Um, they're increasing the, the, the jobs that they do. So it's not just warehousing, not just ingestion ETL, and moving into things like machine learning. Um, and also looking at new data sources from places like NWTF the network data analytics function in 5g, or the management and orchestration layer in, in software defined networks, network, function, virtualization. So, you know, new use cases coming in all the time, new data sources coming in all the time growth in, in, in, in the application scope from, as we say, from edge to AI. Um, and so it's, it's really exciting to see how the, the, the, the footprint is growing and how, uh, the applications in telecommunications are really making a difference in, in facilitating, um, network transformation. And that's covering that. That's me covered for today. I hope you found that helpful, um, by all means, please reach out, uh, there's a couple of links here. You can follow me on Twitter. You can connect to the telecommunications page, reach out to me directly at Cloudera. I'd love to answer your questions, um, uh, and, uh, and talk to you about how big data is transforming networks, uh, and how network transformation is, is accelerating telcos, uh, throughout >>Jamie Sharath with Liga data, I'm primarily on the delivery side of the house, but I also support our new business teams. I'd like to spend a minute really just kind of telling you about the legal data, where basically a Silicon valley startup, uh, started in 2014, and, uh, our lead iron, our executive team, basically where the data officers at Yahoo before this, uh, we provide managed data services, and we provide products that are focused on telcos. So we have some experience in non telco industry, but our focus for the last seven years or so is specifically on telco. So again, something over 200 employees, we have a global presence in north America, middle east Africa, Asia, and Europe. And we have folks in all of those places, uh, I'd like to call your attention to the, uh, the middle really of the screen there. So here is where we have done some partnership with Cloudera. >>So if you look at that and you can see we're in Holland and Jamaica, and then a lot to throughout Africa as well. Now, the data fabric is the product that we're talking about. And the data fabric is basically a big data type of data warehouse with a lot of additional functionality involved. The data fabric is comprised of, uh, some something called a flare, which we'll talk about in a minute below there, and then the Cloudera data platform underneath. So this is how we're partnering together. We, uh, we, we have this tool and it's, uh, it's functioning and delivering in something over 10 up. So flare now, flare is a piece of that legal data IP. The rest is there. And what flare does is that basically pulls in data, integrates it to an event streaming platform. It's, uh, it is the engine behind the data fabric. >>Uh, it's also a decisioning platform. So in real time, we're able to pull in data. We're able to run analytics on it, and we're able to alert are, do whatever is needed in a real-time basis. Of course, a lot of clients at this point are still sending data in batch. So it handles that as well, but we call that a CA picture Sanchez. Now Sacho is a very interesting app. It's an AI analytics app for executives. What it is is it runs on your mobile phone. It ties into your data. Now this could be the data fabric, but it couldn't be a standalone product. And basically it allows you to ask, you know, human type questions to say, how are my gross ads last week? How are they comparing against same time last week before that? And even the same time 60 days ago. So as an executive or as an analyst, I can pull it up and I can look at it instantly in a meeting or anywhere else without having to think about queries or anything like that. >>So that's pretty much for us at legal data, not really to set the context of where we are. So this is a traditional telco environments. So you see the systems of record, you see the cloud, you see OSS and BSS data. So one of the things that the next step above which calls we call the system of intelligence of the data fabric does, is it mergers that BSS and OSS data. So the longer we have any silos or anything that's separated, it's all coming into one area to allow business, to go in or allow data scientists go in and do that. So if you look at the bottom line, excuse me, of the, uh, of the system of intelligence, you can see that flare is the tools that pulls in the data. So it provides even streaming capabilities. It preserves entity states, so that you can go back and look at it state at any time. >>It does stream analytics that is as the data is coming in, it can perform analytics on it. And it also allows real-time decisioning. So that's something that, uh, that's something that business users can go in and create a system of, uh, if them's, it looks very much like the graph database, where you can create a product that will allow the user to be notified if a certain condition happens. So for instance, a bundle, so a real-time offer or user is succinct to run out of is ongoing, and an offer can be sent to him right on the fly. And that's set up by the business user as opposed to programmers, uh, data infrastructure. So the fabric has really three areas. That data is persistent, obviously there's the data lake. So the data lake stores that level of granularity that is very deep years and years of history, data, scientists like that, uh, and, uh, you know, for a historical record keeping and requirements from the government, that data would be stored there. >>Then there's also something we call the business semantics layer and the business semantics layer contains something over 650 specific telco KPIs. These are initially from PM forum, but they also are included in, uh, various, uh, uh, mobile operators that we've delivered at. And we've, we've grown that. So that's there for business data lake is there for data scientists, analytical stores, uh, they can be used for many different reasons. There are a lot of times RDBMS is, are still there. So these, this, this basically platform, this cloud they're a platform can tie into analytical data stores as well via flair access and reporting. So graphic visualizations, API APIs are a very key part of it. A third-party query tools, any kind of grid tools can be used. And those are the, of course, the, uh, the ones that are highly optimized and allow, you know, search of billions of records. >>And then if you look at the top, it's the systems of engagement, then you might vote this use cases. So teleco reporting, hundreds of KPIs that are, that are generated for users, segmentation, basically micro to macro segmentation, segmentation will play a key role in a use case. We talked about in a minute monetization. So this helps teleco providers monetize their specific data, but monetize it in. Okay, how to, how do they make money off of it, but also how might you leverage this data to engage with another client? So for instance, in some where it's allowed a DPI is used, and the fabric tracks exactly where each person goes each, uh, we call it a subscriber, goes within his, uh, um, uh, internet browsing on the, on the four or 5g. And, uh, the, all that data is stored. Uh, whereas you can tell a lot of things where the segment, the profile that's being used and, you know, what are they propensity to buy? Do they spend a lot of time on the Coca-Cola page? There are buyers out there that find that information very valuable, and then there's signs of, and we spoke briefly about Sanchez before that sits on top of the fabric or it's it's alone. >>So, so the story really that we want to tell is, is one, this is, this is one case out of it. This is a CVM type of case. So there was a mobile operator out there that was really offering, you know, packages, whether it's a bundle or whether it's a particular tool to subscribers, they, they were offering kind of an abroad approach that it was not very focused. It was not depending on the segments that were created around the profiling earlier, uh, the subscriber usage was somewhat dated and this was causing a lot of those. A lot of those offers to be just basically not taken and, and not, not, uh, audited. Uh, there was limited segmentation capabilities really before the, uh, before the, uh, fabric came in. Now, one of the key things about the fabric is when you start building segments, you can build that history. >>So all of that data stored in the data lake can be used in terms of segmentation. So what did we do about that? The, the, the envy and, oh, the challenge this, uh, we basically put the data fabric in and the data fabric was running Cloudera data platform and that, uh, and that's how we team up. Uh, we facilitated the ability to personalize campaign. So what that means is, uh, the segments that were built and that user fell within that segment, we knew exactly what his behavior most likely was. So those recommendations, those offers could be created then, and we enable this in real time. So real-time ability to even go out to the CRM system and gather further information about that. All of these tools, again, we're running on top of the Cloudera data platform, uh, what was the outcome? Willie, uh, outcome was that there was a much more precise offer given to the client that is, that was accepted, no increase in cross sell and upsell subscriber retention. >>Uh, our clients came back to us and pointed out that, uh, it was 183% year on year revenue increase. Uh, so this is a, this is probably one of the key use cases. Now, one thing to really mention is there are hundreds and hundreds of use cases running on the fabric. And I would even say thousands. A lot of those have been migrated. So when the fabric is deployed, when they bring the Cloudera and the legal data solution in there's generally a legacy system that has many use cases. So many of those were, were migrated virtually all of them in pen, on put on the cloud. Uh, another issue is that new use cases are enabled again. So when you get this level of granularity and when you have campaigns that can now base their offers on years of history, as opposed to 30 days of history, the campaigns campaign management response systems, uh, are, are, uh, are enabled quite a bit to do all, uh, to be precise in their offers. Okay. >>Okay. So this is a technical slide. Uh, one of the things that we normally do when we're, when we're out there talking to folks, is we talk and give an overview and that last little while, and then we give a deep technical dive on all aspects of it. So sometimes that deep dive can go a couple of hours. I'm going to do this slide and a couple of minutes. So if you look at it, you can see over on the left, this is the, uh, the sources of the data. And they go through this tool called flare that runs on the cloud. They're a data platform, uh, that can either be via cues or real-time cues, or it can be via a landing zone, or it can be a data extraction. You can take a look at the data quality that's there. So those are built in one of the things that flare does is it has out of the box ability to ingest data sources and to apply the data quality and validation for telco type sources. >>But one of the reasons this is fast to market is because throughout those 10 or 12, uh, opcos that we've done with Cloudera, where we have already built models, so models for CCN, for air for, for most mediation systems. So there's not going to be a type of, uh, input that we haven't already seen are very rarely. So that actually speeds up deployment very quickly. Then a player does the transformations, the, uh, the metrics, continuous learning, we call it continuous decisioning, uh, API access. Uh, we, uh, you know, for, for faster response, we use distributed cash. I'm not going to go too deeply in there, but the layer in the business semantics layer again, are, are sitting on top of the Cloudera data platform. You see the Kafka CLU, uh, Q1, the right as well. >>And all of that, we're calling the fabric. So the fabric is Cloudera data platform and the cloud and flair and all of this runs together. And, and by the way, there've been many, many, many, many hundreds of hours testing flare with Cloudera and, uh, and the whole process, the results, what are the results? Well, uh, there are, there are four I'm going to talk about, uh, we saw the one for the, it was called my pocket pocket, but it's a CDM type, a use case. Uh, the subscribers of that mobile operator were 14 million plus there was a use case for 24 million plus that a year on year revenue was 130%, uh, 32 million plus for 38%. These are, um, these are different CVM pipe, uh, use cases, as well as network use cases. And then there were 44%, uh, telco with 76 million subscribers. So I think that there are a lot more use cases that we could talk about, but, but in this case, this is the ones we're looking at, uh, again, 183%. This is something that we find consistently. And these figures come from our, uh, our actual end client. How do we unlock the full potential of this? Well, I think to start is to arrange a meeting and, uh, it would be great to, to, uh, for you to reach out to me or to Anthony. Uh, we're working at the junction on this, and we can set up a, uh, we can set up a meeting and we can go through this initial meeting. And, uh, I think that's the very beginning. Uh, again, you can get additional information from Cloudera website and from the league of data website, Anthony, that's the story. Thank you. >>No, that's great. Jeremy, thank you so much. It's a, it's, it's wonderful to go deep. And I know that there are hundreds of use cases being deployed in MTN, um, but great to go deep on one. And like you said, it can, once you get that sort of architecture in place, you can do so many different things. The power of data is tremendous, but it's great to be able to see how you can, how you can track it end to end from collecting the data, processing it, understanding it, and then applying it in a commercial context and bringing actual revenue back into the business. So there is your ROI straight away. Now you've got a platform that you can transform your business on. That's, that's, it's a tremendous story, Jamie, and thank you for your part. Sure. Um, that's a, that's, that's our story for today. Like Jamie says, um, please do flee, uh, feel free to reach out to us. Um, the, the website addresses are there and our contact details, and we'd be delighted to talk to you a little bit more about some of the other use cases, perhaps, um, and maybe about your own business and, uh, and how we might be able to make it, make it perform a little better. So thank you.

>> Narrator: From around the globe, it's theCUBE with digital coverage of AWS re:Invent 2020 sponsored by Intel, AWS and our community partners. >> Hello, welcome back to theCUBE's Virtual Coverage of AWS re:Invent 2020 virtual. Normally we're in person. This year because of the pandemic, we're doing it remote. We're Cube Virtual covering AWS re:Invent Virtual. I'm John for your host. We are theCUBE Virtual, two great guests here Linda Tong a general manager, AppDynamics and Dave McCann vice-president of AWS migration, marketplace and control services. Welcome to theCUBE. >> Thanks so much for having us. >> Good to see you again John. >> Linda we were talking to some AppDynamics folks and some of your customers, obviously we've been following the growth of the marketplace for many years. The confluence of the tailwinds of the innovation going on with COVID and post COVID strategies is about helping customers where they are and they're not in the office anymore. They got to get the job done. This is really important on this cloud migration of getting software in the hands of people to write these modern apps. It's a big theme. What's your perspective on this right now, because you guys are partnered with Amazon, share your vision. >> Yeah, absolutely. And you nailed it. It's with COVID-19 our customers like IT organizations are finding this need to accelerate their migration to the cloud. And what's more important is they're finding that more and more of their customers are engaging through digital experiences and with the influx of people leaning on those digital experiences during COVID, performance issues are becoming more and more apparent. And so we're helping our customers as they migrate to the cloud. And specifically to AWS, it's a big partnership for us because we need to understand how our customers and how they manage performance through these transitions can stay flawless so that they can manage those experiences for their end users. >> Yeah, Dave, I've been watching this discovery observation space, observability, service meshes, Kubernetes, cloud native higher level services have really gotten popularity have gone mainstream. So there's more and more demand for I won't call it point products. That's an old term, but in the cloud, these are just higher level services that people are adopting more of. You're seeing huge pickup in the marketplace of companies who are selling through there and engaging but it's not just selling, you're integrating. What's your vision for all of this? >> So, John, you're absolutely right. Our customers as they migrate more and more applications to the cloud and in some regulated industries they still have applications running on premise. They're really actually standing up a new operating model where they not only want observability of what's going on but I feel what we would call service management framework or a set of tools to manage the application portfolio. And companies around the world are putting together new common instance of AWS native services, such as CloudWatch CloudTrail, Service Catalog, AWS Config, Control Tower with best in class vendors like Cisco AppDynamics. And each company is building their own collection of tools into management framework that allows them to optimally modernize and manage their application portfolio. And it's a rising topic around the world. >> Linda, I want to get back to you on AppDynamics you're the leader of the team as general manager, congratulations. You know a little bit about software in the cloud and CloudScale and your career going back to Google now at AppDynamics you've seen a lot of the changes. What specifically value do you see AppDynamics and Amazon bringing to the market today? Because the world's changed. It's still large scale, there's faster speed but you can't just buy things like anymore, I've got to go in send a ticket request, go to procurement, developers want to integrate immediately. They need to integrate when they see a problem they got to integrate technology. This seems to be a trend. What's your, where is AppDynamics bringing the value of AWS to the market? >> Absolutely I think it's threefold. One it's for a lot of these developers, as they start to migrate their applications and modernize them with AWS and all the great services that are available we can partner to help them with that modernization effort while giving them visibility into the performance of those applications to make sure that they don't miss a beat as they deploy those on these new sets of services over AWS. The second thing is, for those customers that are leveraging AWS for that migration, we have a seamless integration between AppDynamics and AWS. So you can buy our service directly through AWS marketplace. So that becomes a really easy procurement. And then on top of that, as, a lot of developers have to manage hybrid employments, so new modern applications has done AWS as well as some of their traditional applications that are talking to each other. They can get that full end to end visibility leveraging AppDynamics so that they can understand what's going on across the entirety of their business as they start to lead these transformations across our organization. >> Dave, just comment on if you can, 'cause I know a little bit about some of the things you put in place, the enterprise I forget development or sales program where at the prices can be more friendly. I think this is kind of a use case where this is proving enterprises can get what they need in the marketplace that not only is it successful but you have traction with this. What's you take on... >> There's a number of motions that we're doing there John, to help large companies around the world who may have, dozens, hundreds and in comes cases with fortune 100 they're thousands of applications. And so you actually have to solve multiple challenges that the company has. On the procurement side, we're obviously working with AppDynamics to publish as a service right in AWS marketplace. And we have over 300,000 customers worldwide only AWS marketplace who are subscribing to software and provisioning out to hundreds and thousands of developers, all of whom are using their own AWS accounts. So on that provisioning and subscription experience we work deeply with the AppDynamics team to meet that a really seamless experience from discovery to provision to meter and billing. On the interoperability front, as Linda mentioned, our customers want these best in class tools like AppDynamics to work well with the other AWS services so that they can really have a very modern DevOps pipeline for those applications that are moving to more of a CICD model. And for people who are still running in a bit more of an Intel, ITSM model, they've still got to manage and monitor applications that haven't quite got there in the full modernization stack. So this is actually happening not just with the customer, the enterprise or with the ISV AppDynamics, this transitions' also working with all the consulting firms. And a lot of the large software resellers around the world, the computer centers of Europe the right spaces, the presidios of North America. The DXEs of Asia Pacific. These consulting partners are also using tools such as AppDynamics so to become a managed service provider. And in some cases on that journey to the cloud no join the customer saying I'm really busy I'm modernizing applications. Hey consulting partner, can you manage some part of my infrastructure, some part of my stack? And tools like AppDynamics and Kubernetes and AWS become really central tool kits to the new emerging managed service providers that are all around the world. >> Yeah, and I talked about this years ago with Andy Jassy and I think we were riffing on this run this new set of category creations of services and companies. Linda this appears to be one of those cases where, there's a category with existing spend and existing customers. So what he just said is interesting. And I want to get your thoughts because these are these points of these new areas where AppDynamics can potentially help enterprises. What are some of the areas that you see AppDynamics helping enterprises in their cloud adoption journey 'cause they want some cloud native we see Hybrid and all the announcements, Outpost, now Edge it's a distributed computer. You need to have software at every piece of the puzzle. So what's your, what areas can you share specifically? >> Absolutely and so, like Dave was just saying it's, as these organizations start to make these major cloud migrations, one, their applications are getting actually significantly more complex than they've ever been. And they're now spanning a much broader ecosystem than they've ever spanned before. So that the kind of coverage that IT organizations and DevOps needs to cover not only is seeing this explosion of data but it's also now spanning areas of control that some of these folks have never had to think about before. And so the value of AppDynamics is our ability to be able to ingest data from your cloud native applications your traditional applications, all different sources of domain data that you want to get including things like security data. So we can start to correlate that in a meaningful way and then tie that back to business insights. And so the way that AppDynamics is actually bringing value to the table is not only helping our customers get visibility across the entire stack, but actually only surfacing the most meaningful insights to help them act on that those performance issues that they might see and more meaningfully manage their businesses. >> Linda I think you guys are onto something really big not just on the wave and just the positioning but one of the trends that we're reporting and we're going to be teasing out all week three weeks here is automation is great but that's just baseline. Everything is a service really speaks to some of the things that you guys have to put in place 'cause the mandate is everything should be a service. Now, I mean, I'm overgeneralizing but that's generally the ivory tower C suite message. Make it as a service cloud scale is beautiful, but then you when you pass it down to the teams, that's like that's not easy boss. It's not easy to do. That's really kind of what you're getting at here. It's not just automation and DevOps. It's the business model. >> Absolutely it's the intelligence it's once you create thousands and thousands of services, how do you manage them effectively and know what matters and what doesn't? >> Dave your final word here on on this point is when you think about that if you believe that to be true, then I'm just going to be downloading services whenever I need them. So it's almost like quasi self service managed services kind of coming together in real time or with my off base there. What's your take on that? >> No, we're actually working together with that dynamic and so all these kinds of things. So as we proliferate services, John and, AWS has got over 175 services and application is made up of many components. So how do you actually correlate an associate all the resources that make up that application? And if you think about dynamics name is the application and dynamics what's going on with the application. So we actually just launched today service catalog application registry, which is a new API surface for the AWS service catalog that allows you to define NGS on all the AWS resources from a cloud formation stack set all the way down into an easy to instance and associate that's an application known. And so the higher level of abstraction is what we talked about is management of the application. And what customers want to do, CIO's want to manage the application all the resources associated through the application whether the application is running well, is it secure? Is it on budget? Whether it's actually running? So application management is kind of where people are going even though their application is made up of dozens of associated services. So this is the next frontier. >> Well you guys are just great to have on world-class partnership two leaders, AppDynamics, story history they continue to do well. And even now with the world going on, Dave congratulations on your success. Final question for both of you is, where's the partnership go from here? I think it's a great success story. What's in the store for the future? >> Linda. >> Yeah to the moon. It's look AWS is an amazing partner. And Dave is a great guy to work with and where we are going is to help our customers build world-class applications and be able to manage them and modernize those effectively. And there's no way we could do that without partners at AWS. So it's a, there's a long-term relationship here. >> Well, congratulations, Linda Tong general manager AppDynamics. Thanks for coming on, and virtually at least we'll see you on the Interwebs during the next couple of weeks here, Virtual re:Invent Dave McCann. Of course, we'll see you again and great to watch you continue to grow. Is there any new title is going to add to your thing marketplace now it's migration, control services come on. >> With innovation culture we keep innovating. >> Great to have you guys on. Thanks for, thanks for sharing, appreciate it. >> John, Linda thank you very much. >> Thanks. >> Thanks for that great insight. Really appreciate it. I'm John from theCUBE you're watching coverage of re:Invent 2020. This is theCUBE virtual. (upbeat music)

>> Narrator: From around the globe. It's theCUBE with digital coverage of AWS re;Invent 2020 special coverage sponsored by AWS global partner network. >> Welcome to theCUBE. This is our coverage of AWS reinvent 2020 with special coverage of the APN partner experience. I'm Lisa Martin I've got a couple of gentlemen from BMC software joining me. Please welcome Greg Bukowski, the technology solutions director and Simon Blanks, area vice president Gentlemen it's great to have you on theCUBE virtual. >> Great to be here Lisa. >> Representing social distancing from across the country here. So guys, I'd like to just start Greg with you give our audience an understanding of your role technology solutions director your role and responsibilities at BMC. >> Sure I play the role of a field CTO. So I actually am aligned with our strategic CTO office and I bring their message to our customers all of our strategic customers within North America. >> And Simon, tell us a little bit about your role as area vice president. >> Well first of all, thanks for having us I have responsibility for our channels and our partners in the Americas. So I get to work both within our organization with our customers and with our partners to help them grow, to help us grow and deliver value to our customers. >> Speaking of your customers Simon the last year has been incredibly challenging and brought on a lot of challenges but opportunities. Talk to me about how that has impacted BMCs customers. >> That's a great question. You know, I think our customers are wanting to simplify that they're wanting to focus on what makes them win, right and get away from the things that, you know are not the competitive advantage. We see a lot of customers wanting to get out of the day-to-day operation of the data centers and migrate to the world of AWS but it's not as easy as we would all like it there's lots of challenges. AWS consulting partners are there to help them. One of the largest areas of challenges we see that they are having to address is manage these millions of IT assets that are constantly changing and some of them they don't even know exist and moving those to AWS, but moving them quickly, securely and of course, in a cost-effective manner. >> Talk to me a little bit about some of the speed like in the last nine months, have you seen an acceleration of those customers wanting to move workloads to AWS as we think of way back when the pandemic started and every business had to suddenly send workforces home no access to a data center or very limited. Is that something that you've seen speed up the last few months? >> Yeah we believe it's not only gained in velocity but will continue. We don't think that some of these changes to how a business is conducted are going to stop once the vaccine comes out. So yeah and you know the complexity of making this happen, you know it's difficult, especially in some of the very large organizations be it banks or telecoms or manufacturers or retailers you know it's not an easy chore and you know we've experienced some great wins in that area and helping some of our most strategic customers make that happen. >> So talk to me a little bit about Simon, what's your elevator pitch when you're going and i know you talk with customers, you talk with partners how do you describe BMC and what you guys deliver? >> Well BMC is a 40 year old company with 6,000 employees. we help 93% of the global 1000 manage their IT infrastructure right. In addition to that we help thousands of other customers with the same problems. So, you know what I tell organizations is we're there to help them be successful and to make things tick. >> Awesome thank you. So Greg, talk to me about more about the BMC solutions. You said in your role, you're also field CTO. What are some of the BMC solutions that you recommended AWS consulting partners consider to help customers, especially in this time as you're seeing more and more migrations AWS? >> Yeah I think that's a great point, Lisa. I mean, with the pandemic coming in, you know there was an initial pullback right that we saw from our customers and now as that trend, you know as the summer came on, not that it's gotten less, right. I mean obviously it's a big concern for customers but the realization of how they're going to operationalize themselves and still be a tech driven company and tech driven organization has really accelerated their digital transformation and it's driven more than anything the adoption of cloud technologies and to move into that cloud space it's brought about understanding customers how did they become more digital and to do that they have to connect their services. So underlying that challenge is really what we wanted to bring today to talk about is that BMC has an industry leading solution it's called a BMC discovery solution and it automatically goes within an organization's footprint and understands the dependencies between their infrastructure and their applications. That's really difficult, right? Typically we can just find assets, right? A lot of solutions out there can do that. What BMC does or what our solution does. That's unique in this space is that it understands relationships so that you understand from an application viewpoint which ultimately ties back to a business service into the software that runs on those assets into the applications that are supporting that as well as the platforms and infrastructure and that becomes more and more complex to date. What we see with our customers as they have cloud services they've got containers, they've got on-premise stuff. So we're working with customers today, right? We are the largest retailers in the US working with them to actually transform how they're doing business continuity. So it becomes not only an acceleration but a risk aversion program for them as well as a cost savings effort of trying to adopt that understanding those services from both within their data center, through the mainframe back into their cloud, right and understanding all those interdependencies so that they can run their business more efficiently. >> So Greg have you automated what used to be a traditionally manual lengthy process of that discovery. >> I think that is the key point Lisa. I mean when partners look to us for what value we can bring to them it's about accelerating that time all about reducing the time through automation what used to be a manual effort of understanding how these things connect and being able to having go talk to the application teams. We worked with a large bank as well. They were using other solutions in the marketplace and were taking six to nine months to map a single business service which is complex right it's got about a dozen applications that support it. We brought in our solution and they did it in three hours with one piece of information from an application team. It was unbelievable, right and these are the stories we hear all the time from our customers and this is a great solution that we have that runs in AWS. That's part of our AWS migration competency that we have and you know this is why we're here today on theCUBE. >> Well that speed improvement is massive as you just talked about Greg you know, when you think of organizations now that there is no time, there is no six to nine months to figure things out anymore right. Especially because we've all learned, I think a lot in the last nine months, professionally and personally but there's competition out there. That's ready to come and be nimble and faster and maybe with less legacy than any type of whether it's a retailer or a financial institution. So being able to get in there and discover and align this business and IT services folks to discover what they have, where they should move it that fast is really something that sounds to me like not just a survival mechanism, keeping the lights on during a strange time, but something that may even set apart the winners and the losers of tomorrow. >> Absolutely right. I mean you have to be able to tie into your existing infrastructure for print that traditional legacy or heritage as we call it for print that you have, that still runs your core business. Right, if you're a retailer it's probably some kind of supply chain rate If you're a bank it's all the financial transaction stuff that you do but then also adopt the technology and innovation that exists within the fintech space for a financial services customer and bringing that together and when you're doing that at the native integration point a lot of it comes into the cloud services, right and that's really where they're going to get the acceleration to attack new markets grow their margin in that space and that's where they need partners to help them. To adopt and learn those technologies and integrate those additionally, right we have other advanced capabilities that we offer from an AWS migration competency standpoint around cloud optimization. So when those services are running in there we also do a cost optimization that doesn't look at it from the infrastructure standpoint but actually it takes the same discovery data and lines it back to the lines of business. So the line of business now has visibility into if they're going to change what their operating model is how that's going to affect the cost in the backend services they can optimize their resources. >> So Simon looking at the capabilities that BMC is delivering. Talk to me about the BMC partner program. Why become a BMC partner? I think there's a couple of answers to that. First of all, what Greg was talking about in terms of this you know massive I'll call it reinvention of the amount of time it takes to perform some of these tasks. Some of these tasks that are done in every migration from you know months to days or hours that in and of itself can help the AWS consulting partners massively you know in their efforts. So that's one but I think more importantly than that is the culture of BMC and the importance of partners and the focus that it's getting whether or not it be from our board or CEO or down the management rank. So the channel has become massively important to our success and we're committed to helping our partners be successful right, we're committing to help them make money, right. We're actually, as a part of AWS re;Invent here were going to offer an incentive to partners to come and join our family. Traditionally there's enablement and costs associated with that and we're going to refund that cost. Plus we're going to invest our monies and refund any costs associated with the first co-marketing effort together that we can go out to the market and help them. So I think you know, it's sort of the three legs of the stool. The technology itself is you know, impressive the commitment of our leadership and we're also willing to make it you know, very economically attractive so that would be the reasons >> Everybody likes that, especially economically attractive. So in terms of what you're offering you said that around re;Invent with respect to interested perspective partners, how do they move forward with BMC to become an AWS consulting partner? What's that process like? >> Well, we have you know an onboarding team that Susan DuRoff she reports in to me and helps me with that process. But the best way to do it would be to contact me directly. My email address is simon_blanks@bmc.com and if you reach out to me directly, I'll make sure we get back to you promptly. We can have further discussions and you know, facilitate it and we really look forward to making that happen. >> That's pretty excellent personal service I like that. So Greg talk to me as we get towards the wrap here as field CTO, looking forward into 2021 which we all hope is going to be trim significantly better than 2020. What are some of the opportunities that you see that this time has uncovered for the IT folks and the business folks to get even stronger alignment? >> Yeah, I think this is a great opportunity for customers to realize that bringing together the IT organizations in alignment with their business organizations is a great opportunity from the Revolut to accelerate their adoption of technology accelerate their migrations into adoption of cloud services. But then also look for the opportunities to take advantage of, to grow revenue streams. Right I mean, challenges present opportunities and opportunities present growth, right? That's how customers grow when they recognize those opportunities and become agile enough to adopt them and go after them. >> That's a great mindset because it's absolutely true. It's not matter of how we look at it and look at what's being uncovered to then kind of exploit for good new products, new services, competitive differentiators all sorts of things going on. Well gentlemen, it's been a pleasure having you on theCUBE virtual today. Thank you for joining me. >> Thank you so much appreciate the time and thank you. >> All right. For my guests. I'm Lisa Martin. You're watching theCUBE. (upbeat music)

>>from around the globe. It's the Cube with coverage of Yukon and Cloud. Native Con North America 2020 Virtual brought to you by Red Hat The Cloud, Native Computing Foundation and Ecosystem Partners. Hello, everyone. And welcome back to the cubes Ongoing coverage of Cuba con North America. Joe Fernandez is here. He's with Stephanie, Cheras and Joe's, the V, P and GM for core cloud platforms. That red hat and Stephanie is this s VP and GM of the Red Hat Enterprise. Lennox bu. Two great friends of the Cube. Awesome seeing you guys. How you doing? >>It's great to be here, Dave. Yeah, thanks >>for the opportunity. >>Hey, so we all talked, you know, recently, uh, answerable fest Seems like a while ago, but But we talked about what's new? Red hat really coming at it from an automation perspective. But I wonder if we could take a view from open shift and what's new from the standpoint of you really focus on helping customers, you know, change their operations and operationalize. And Stephanie, Maybe you could start, and then, you know, Joe, you could bring in some added color. >>No, that's great. And I think you know one of the things we try and do it. Red hat clearly building off of open source. We have been focused on this open hybrid cloud strategy for, you know, really years. Now the beauty of it is that hybrid cloud and open hybrid cloud continues to evolve right with bringing in things like speed and stability and scale and now adding in other footprints, like manage services as well as edge and pulling that all together across the whole red hat portfolio from the platforms, right? Certainly with Lennox and roll into open shift in the platform with open shift and then adding automation, which certainly you need for scale. But it's ah, it's continues to evolve as the as the definition of open hybrid cloud evolves. >>Great. So thank you, Stephanie jokes. You guys got hard news here that you could maybe talk about 46? >>Yeah. Eso eso open shift is our enterprise kubernetes platform. With this announcement, we announced the release of open ship 4.6 Eso eso We're doing releases every quarter tracking the upstream kubernetes release cycle. So this brings communities 1.19, which is, um but itself brings a number of new innovations, some specific things to call out. We have this new automated installer for open shift on bare metal, and that's definitely a trend that we're seeing is more customers not only looking at containers but looking at running containers directly on bare metal environments. Open shift provides an abstraction, you know, which combines Cuban. And he's, uh, on top of Lennox with RL. I really across all environments, from bare metal to virtualization platforms to the various public clouds and out to the edge. But we're seeing a lot of interest in bare metal. This is basically increasing the really three automation to install seamlessly and manage upgrades in those environments. We're also seeing a number of other enhancements open shifts service mesh, which is our SDO based solution for managing, uh, the interactions between micro services being able to manage traffic against those services. Being able to do tracing. We have a new release of that on open shift Ford out six on then, um, some work specific to the public cloud that we started extending into the government clouds. So we already supported AWS and Azure. With this release, we added support for the A W s government cloud as well. Azaz Acela's Microsoft Azure government on dso again This is really important to like our public sector customers who are looking to move to the public cloud leveraging open shift as an abstraction but wanted thio support it on the specialized clouds that they need to use with azure gonna meet us Cup. >>So, joke, we stay there for a minute. So so bare metal talking performance there because, you know, you know what? You really want to run fast, right? So that's the attractiveness there. And then the point about SDO in the open, open shift service measure that makes things simpler. Maybe talk a little bit about sort of business impact and what customers should expect to get out of >>these two things. So So let me take them one at a time, right? So so running on bare metal certainly performances a consideration. You know, I think a lot of fixed today are still running containers, and Cuban is on top of some form of virtualization. Either a platform like this fear or open stack, or maybe VMS in the in one of the public clouds. But, you know containers don't depend on a virtualization layer. Containers only depend on Lennox and Lennox runs great on bare metal. So as we see customers moving more towards performance and Leighton see sensitive workloads, they want to get that Barry mental performance on running open shift on bare metal and their containerized applications on that, uh, platform certainly gives them that advantage. Others just want to reduce the cost right. They want to reduce their VM sprawl, the infrastructure and operational cost of managing avert layer beneath their careers clusters. And that's another benefit. So we see a lot of uptake in open shift on bare metal on the service match side. This is really about You know how we see applications evolving, right? Uh, customers are moving more towards these distributed architectures, taking, you know, formally monolithic or enter applications and splitting them out into ah, lots of different services. The challenge there becomes. Then how do you manage all those connections? Right, Because something that was a single stack is now comprised of tens or hundreds of services on DSO. You wanna be able to manage traffic to those services, so if the service goes down, you can redirect that those requests thio to an alternative or fail over service. Also tracing. If you're looking at performance issues, you need to know where in your architecture, er you're having those degradations and so forth. And, you know, those are some of the challenges that people can sort of overcome or get help with by using service mash, which is powered by SDO. >>And then I'm sorry, Stephanie ever get to in a minute. But which is 11 follow up on that Joe is so the rial differentiation between what you bring in what I can just if I'm in a mono cloud, for instance is you're gonna you're gonna bring this across clouds. I'm gonna You're gonna bring it on, Prem And we're gonna talk about the edge in in a minute. Is that right? From a differentiation standpoint, >>Yeah, that That's one of the key >>differentiations. You know, Read has been talking about the hybrid cloud for a long time. We've we've been articulating are open hybrid cloud strategy, Andi, >>even if that's >>not a strategy that you may be thinking about, it is ultimately where folks end up right, because all of our enterprise customers still have applications running in the data center. But they're also all starting to move applications out to the public cloud. As they expand their usage of public cloud, you start seeing them adopted multi cloud strategies because they don't want to put all their eggs in one basket. And then for certain classes of applications, they need to move those applications closer to the data. And and so you start to see EJ becoming part of that hybrid cloud picture on DSO. What we do is basically provide a consistency across all those environments, right? We want run great on Amazon, but also great on Azure on Google on bare metal in the data center during medal out at the edge on top of your favorite virtualization platform. And yeah, that that consistency to take a set of applications and run them the same way across all those environments. That is just one of the key benefits of going with red hat as your provider for open hybrid cloud solutions. >>All right, thank you. Stephanie would come back to you here, so I mean, we talk about rail a lot because your business unit that you manage, but we're starting to see red hats edge strategy unfolded. Kind of real is really the linchpin I wanna You could talk about how you're thinking about the edge and and particularly interested in how you're handling scale and why you feel like you're in a good position toe handle that massive scale on the requirements of the edge and versus hey, we need a new OS for the edge. >>Yeah, I think. And Joe did a great job of said and up it does come back to our view around this open hybrid cloud story has always been about consistency. It's about that language that you speak, no matter where you want to run your applications in between rela on on my side and Joe with open shift and and of course, you know we run the same Lennox underneath. So real core os is part of open shift that consistently see leads to a lot of flexibility, whether it's through a broad ecosystem or it's across footprints. And so now is we have been talking with customers about how they want to move their applications closer to data, you know, further out and away from their data center. So some of it is about distributing your data center, getting that compute closer to the data or closer to your customers. It drives, drives some different requirements right around. How you do updates, how you do over the air updates. And so we have been working in typical red hat fashion, right? We've been looking at what's being done in the upstream. So in the fedora upstream community, there is a lot of working that has been done in what's called the I. O. T Special Interest group. They have been really investigating what the requirements are for this use case and edge. So now we're really pleased in, um, in our most recent release of really aid relate 00.3. We have put in some key capabilities that we're seeing being driven by these edge use cases. So things like How do you do quick image generation? And that's important because, as you distribute, want that consistency created tailored image, be able to deploy that in a consistent way, allow that to address scale, meet security requirements that you may have also right updates become very important when you start to spread this out. So we put in things in order to allow remote device mirroring so that you can put code into production and then you can schedule it on those remote devices toe happen with the minimal disruption. Things like things like we all know now, right with all this virtual stuff, we often run into things like not ideal bandwidth and sometimes intermittent connectivity with all of those devices out there. So we put in, um, capabilities around, being able to use something called rpm Austria, Um, in order to be able to deliver efficient over the air updates. And then, of course, you got to do intelligent rollbacks for per chance that something goes wrong. How do you come back to a previous state? So it's all about being able to deploy at scale in a distributed way, be ready for that use case and have some predictability and consistency. And again, that's what we build our platforms for. It's all about predictability and consistency, and that gives you flexibility to add your innovation on top. >>I'm glad you mentioned intelligent rollbacks I learned a long time ago. You always ask the question. What happens when something goes wrong? You learn a lot from the answer to that, but You know, we talk a lot about cloud native. Sounds like you're adapting well to become edge native. >>Yeah. I mean, I mean, we're finding whether it's inthe e verticals, right in the very specific use cases or whether it's in sort of an enterprise edge use case. Having consistency brings a ton of flexibility. It was funny, one of our talking with a customer not too long ago. And they said, you know, agility is the new version of efficiency. So it's that having that sort of language be spoken everywhere from your core data center all the way out to the edge that allows you a lot of flexibility going forward. >>So what if you could talk? I mentioned just mentioned Cloud Native. I mean, I think people sometimes just underestimate the effort. It takes tow, make all this stuff run in all the different clouds the engineering efforts required. And I'm wondering what kind of engineering you do with if any with the cloud providers and and, of course, the balance of the ecosystem. But But maybe you could describe that a little bit. >>Yeah, so? So Red Hat works closely with all the major cloud providers you know, whether that's Amazon, Azure, Google or IBM Cloud. Obviously, Andi, we're you know, we're very keen on sort of making sure that we're providing the best environment to run enterprise applications across all those environments, whether you're running it directly just with Lennox on Ralph or whether you're running it in a containerized environment with Open Chef, which which includes route eso eso, our partnership includes work we do upstream, for example. You know, Red Hat help. Google launched the Cuban community, and I've been, you know, with Google. You know, we've been the top two contributors driving that product that project since inception, um, but then also extends into sort of our hosted services. So we run a jointly developed and jointly managed service called the Azure Red Hat Open Shift Service. Together with Microsoft were our joint customers can get access to open shift in an azure environment as a native azure service, meaning it's, you know, it's fully integrated, just like any other. As your service you can tied into as you're building and so forth. It's sold by by Azure Microsoft's sales reps. Um, but you know, we get the benefit of working together with our Microsoft counterparts and developing that service in managing that service and then in supporting our joint customers. We over the summer announced sort of a similar partnership with Amazon and we'll be launching are already doing pilots on the Amazon Red Hat Open ship service, which is which is, you know, the same concept now applied to the AWS cloud. So that will be coming out g a later this year, right? But again, whether it's working upstream or whether it's, you know, partnering on managed services. I know Stephanie team also do a lot of work with Microsoft, for example, on sequel server on Lenox dot net on Lenox. Whoever thought be running that applications on Linux. But that's, you know, a couple of years old now, a few years old, So eso again. It's been a great partnership, not just with Microsoft, but with all the cloud providers. >>So I think you just shared a little little He showed a little leg there, Joe, what's what's coming g A. Later this year. I want to circle back to >>that. Yeah, eso we way announced a preview earlier this year of of the Amazon Red Hat Open ships service. It's not generally available yet. We're you know, we're taking customers. We want toe, sort of be early access, get access to pilots and then that'll be generally available later this year. Although Red Hat does manage our own service Open ship dedicated that's available on AWS today. But that's a service that's, you know, solely, uh, operated by Red Hat. This new service will be jointly operated by Red Hat and Amazon together Idea. That would be sort of a service that we are delivering together as partners >>as a managed service and and okay, so that's in beta now. I presume if it's gonna be g a little, it's >>like, Yeah, that's yeah, >>that's probably running on bare metal. I would imagine that >>one is running >>on E. C. Two. That's running an A W C C T V exactly, and >>run again. You know, all of our all of >>our I mean, we you know, that open shift does offer bare metal cloud, and we do you know, we do have customers who can take the open shift software and deploy it there right now are managed. Offering is running on top of the C two and on top of Azure VM. But again, this is this is appealing to customers who, you know, like what we bring in terms of an enterprise kubernetes platform, but don't wanna, you know, operated themselves, right? So it's a fully managed service. You just come and build and deploy your APS, and then we manage all of the infrastructure and all the underlying platform for you >>that's going to explode. My prediction. Um, let's take an example of heart example of security. And I'm interested in how you guys ensure a consistent, you know, security experience across all these locations on Prem Cloud. Multiple clouds, the edge. Maybe you could talk about that. And Stephanie, I'm sure you have a perspective on this is Well, from the standpoint of of Ralph. So who wants to start? >>Yeah, Maybe I could start from the bottom and then I'll pass it over to Joe to talk a bit. I think one of these aspects about security it's clearly top of mind of all customers. Um, it does start with the very bottom and base selection in your OS. We continue to drive SC Lennox capabilities into rural to provide that foundational layer. And then as we run real core OS and open shift, we bring over that s C Lennox capability as well. Um, but, you know, there's a whole lot of ways to tackle this we've done. We've done a lot around our policies around, um see ve updates, etcetera around rail to make sure that we are continuing to provide on DCA mitt too. Mitigating all critical and importance, providing better transparency toe how we assess those CVS. So security is certainly top of mind for us. And then as we move forward, right there's also and joke and talk about the security work we do is also capabilities to do that in container ization. But you know, we we work. We work all the way from the base to doing things like these images in these easy to build images, which are tailored so you can make them smaller, less surface area for security. Security is one of those things. That's a lifestyle, right? You gotta look at it from all the way the base in the operating system, with things like sc Lennox toe how you build your images, which now we've added new capabilities. There And then, of course, in containers. There's, um there's a whole focus in the open shift area around container container security, >>Joe. Anything you want to add to that? >>Yeah, sure. I >>mean, I think, you know, obviously, Lennox is the foundation for, you know, for all public clouds. It's it's driving enterprise applications in the data center, part of keeping those applications. Security is keeping them up to date And, you know, through, you know, through real, we provide, you know, securing up to date foundation as a Stephanie mentioned as you move into open shift, you're also been able to take advantage of, uh, Thio to take advantage of essentially mutability. Right? So now the application that you're deploying isn't immutable unit that you build once as a container image, and then you deploy that out all your various environments. When you have to do an update, you don't go and update all those environments. You build a new image that includes those updates, and then you deploy those images out rolling fashion and, as you mentioned that you could go back if there's issues. So the idea, the notion of immutable application deployments has a lot to do with security, and it's enabled by containers. And then, obviously you have cured Panetti's and, you know, and all the rest of our capabilities as part of open Shift managing that for you. We've extended that concept to the entire platform. So Stephanie mentioned, real core West Open shift has always run on real. What we have done in open shift for is we've taken an immutable version of Ralph. So it's the same red hat enterprise Lennox that we've had for years. But now, in this latest version relate, we have a new way to package and deploy it as a relic or OS image, and then that becomes part of the platform. So when customers want toe in addition to keeping their applications up to date, they need to keep their platform up to dates. Need to keep, you know, up with the latest kubernetes patches up with the latest Lennox packages. What we're doing is delivering that as one platform, so when you get updates for open shift, they could include updates for kubernetes. They could include updates for Lennox itself as well as all the integrated services and again, all of this is just you know this is how you keep your applications secure. Is making sure your you know, taking care of that hygiene of, you know, managing your vulnerabilities, keeping everything patched in up to date and ultimately ensuring security for your application and users. >>I know I'm going a little bit over, but I have I have one question that I wanna ask you guys and a broad question about maybe a trends you see in the business. I mean, you look at what we talk a lot about cloud native, and you look at kubernetes and the interest in kubernetes off the charts. It's an area that has a lot of spending momentum. People are putting resource is behind it. But you know, really, to build these sort of modern applications, it's considered state of the art on. Do you see a lot of people trying to really bring that modern approach toe any cloud we've been talking about? EJ. You wanna bring it also on Prem And people generally associate this notion of cloud native with this kind of elite developers, right? But you're bringing it to the masses and there's 20 million plus software developers out there, and most you know, with all due respect that you know they may not be the the the elites of the elite. So how are you seeing this evolve in terms of re Skilling people to be able, handle and take advantage of all this? You know, cool new stuff that's coming out. >>Yeah, I can start, you know, open shift. Our focus from the beginning has been bringing kubernetes to the enterprise. So we think of open shift as the dominant enterprise kubernetes platform enterprises come in all shapes and sizes and and skill sets. As you mentioned, they have unique requirements in terms of how they need toe run stuff in their data center and then also bring that to production, whether it's in the data center across the public clouds eso So part of it is, you know, making sure that the technology meets the requirements and then part of it is working. The people process and and culture thio make them help them understand what it means to sort of take advantage of container ization and cloud native platforms and communities. Of course, this is nothing new to red hat, right? This is what we did 20 years ago when we first brought Lennox to the Enterprise with well, right on. In essence, Carozza is basically distributed. Lennox right Kubernetes builds on Lennox and brings it out to your cluster to your distributed systems on across the hybrid cloud. So So nothing new for Red Hat. But a lot of the same challenges apply to this new cloud native world. >>Awesome. Stephanie, we'll give you the last word, >>all right? And I think just a touch on what Joe talked about it. And Joe and I worked really closely on this, right? The ability to run containers right is someone launches down this because it is magical. What could be done with deploying applications? Using a container technology, we built the capabilities and the tools directly into rural in order to be able to build and deploy, leveraging things like pod man directly into rural. And that's exactly so, folks. Everyone who has a real subscription today can start on their container journey, start to build and deploy that, and then we work to help those skills then be transferrable as you movinto open shift in kubernetes and orchestration. So, you know, we work very closely to make sure that the skills building can be done directly on rail and then transfer into open shift. Because, as Joe said, at the end of the day, it's just a different way to deploy. Lennox, >>You guys are doing some good work. Keep it up. And thanks so much for coming back in. The Cube is great to talk to you today. >>Good to see you, Dave. >>Yes, Thank you. >>All right. Thank you for watching everybody. The cubes coverage of Cuba con en a continues right after this.

>>Hi, everyone. Good afternoon. Thank you for joining this session. I feel honored to be invited to speak here today. And I also appreciate entity research Summit members for organ organizing and giving this great opportunity. Please let me give a quick introduction. First, I'm a Takashi from Marvin American population, and I'm leading technology scouting and global ation with digital health companies such as Business Alliance and Strategically Investment in North America. And since we started to focus on this space in 2016 our team is growing. And in order to bring more new technologies and services to Japan market Thesis year, we founded the new service theories for digital health business, especially, uh, in medical diagnosis space in Japan. And today I would like to talk how health care has been transformed for my micro perspective, and I hope you enjoy reasoning it. So what's happened since the US identify the first case in the middle of January, As everyone knows, unfortunately, is the damaged by this pandemic was unequal amongst the people in us. It had more determined tal impact on those who are socially and economically vulnerable because of the long, long lasting structural program off the U. S. Society and the Light Charity about daily case rating elevator country shows. Even in the community, the infection rate off the low income were 4.5 times higher than, uh, those of the high income and due to czar straight off the Corvette, about 14 million people are unemployed. The unique point off the U. S. Is that more than 60% of insurance is tied with employment, so losing a job can mean losing access to health care. And the point point here is that the Corvette did not create healthcare disparity but, uh nearly highlighted the underlying program and necessity off affordable care for all. And when the country had a need to increase the testing capacity and geographic out, treat the pharmacies and retails joined forces with existing stakeholders more than 90% off the U. S Corporation live within five miles off a community pharmacy such as CVS and Walgreen, so they can technically provide the test to everyone in all the community. And they also have a huge workforce memory pharmacist who are eligible to perform the testing scale, and this very made their potential in community based health care. Stand out and about your health has provided on alternative way for people to access to health care. At affordable applies under the unusual setting where social distancing, which required required mhm and people have a fear of infection. So they are afraid to take a public transportacion and visit >>the doctor the same thing supplied to doctor and the chart. Here is a number of total visit cranes by service type after stay at home order was issued across the U. S. By Ali April patient physical visits to doctor's offices or clinics declined by ALAN 70%. On the other hand, that share, or telehealth, accounted for 25% of the total total. Doctor's visit in April, while many states studied to re opening face to face visit is gradually recovering. And overall Tele Health Service did not offset the crime. Physician Physical doctor's visit and telehealth John never fully replace in person care. However, Telehealth has established a new way to provide affordable care, especially to vulnerable people, and I don't explain each player's today. But as an example, the chart shows the significant growth of the tell a dog who is one of the largest badger care and tell his provider, I believe there are three factors off paradox. Success under the pandemic. First, obviously tell Doc could reach >>the job between those patients and doctors. Majority of the patients who needed to see doctors who are those who have underlying health conditions and are high risk for Kelowna, Bilis and Secondary. They showed their business model is highly scalable. In the first quarter of this year, they moved quickly to expand their physical physicians network to increase their capacity and catch up growing demand. To some extent, they also contributed to create flexible job for the doctors who suffered from Lydia's appointment and surgery. They utilized. There are legalism to maximize the efficiency for doctors and doing so, uh, they have university maintained high quality care at affordable applies Yeah, and at the same time, the government recognize the body of about your care and de regulated traditional rules to sum up she m s temporary automated to pay a wide range of tell Her services, including hospital visit and HHS temporarily waived hip hop minorities for telehealth cases and they're changed allowed provider to use communication tools such as facetime and the messenger. During their appointment on August start, the government issued a new executive order to expand tell his services beyond the pandemic. So the government is also moving to support about your health care. So it was a quick review of the health care challenges and somewhat advancement in the pandemic. But as you understand, since those challenges are not caused by the pandemic, problems will stay remain and events off this year will continuously catalyze the transformation. So how was his cherished reshaped and where will we go? The topic from here can be also applied to Japan market. Okay, I believe democratization and decentralization healthcare more important than ever. So what does A. The traditional healthcare was defined in a framework over patient and a doctor. But in the new normal, the range of beneficiaries will be expanded from patient to all citizens, including the country uninsured people. Thanks to the technology evolution, as you can download health management off for free on iTunes stores while the range of the digital health services unable everyone to participate in new health system system. And in this slide, I put three essential element to fully realize democratization and decentralization off health care, health, literacy, data sharing and security, privacy and safety in addition, taken. In addition, technology is put at the bottom as a foundation off three point first. Health stimulus is obviously important because if people don't understand how the system works, what options are available to them or what are the pros and cons of each options? They can not navigate themselves and utilize the service. It can even cause a different disparity. Issue and secondary data must be technically flee to transfer. While it keeps interoperability ease. More options are becoming available to patient. But if data cannot be shared among stakeholders, including patient hospitals in strollers and budget your providers, patient data will be fragmented and people cannot yet continue to care which they benefited under current centralized care system. And this is most challenging part. But the last one is that the security aspect more players will involving decentralized health care outside of conventional healthcare system. So obviously, both the number of healthcare channels and our frequency of data sharing will increase more. It's create ah, higher data about no beauty, and so, under the new health care framework, we needed to ensure patient privacy and safety and also re examine a Scott write lines for sharing patient data and off course. Corbett Wasa Stone Catalyst off this you saved. But what folly. Our drivers in Macro and Micro Perspective from Mark Lowe. The challenges in healthcare system have been widely recognized for decades, and now he's a big pain. The pandemic reminded us all the key values. Misha, our current pain point as I left the church shores. Those are increasing the population, health sustainability for doctors and other social system and value based care for better and more affordable care. And all the elements are co dependent on each other. The light chart explained that providing preventive care and Alan Dimension is the best way threes to meet the key values here. Similarly, the direction of community based care and about your care is in line with thes three values, and they are acting to maximize the number of beneficiaries form. A micro uh, initiative by nonconventional players is a big driver, and both CBS and Walmart are being actively engaged in healthcare healthcare businesses for many years. And CBS has the largest walking clinic called MinuteClinic, Ottawa 1100 locations, and Walmart also has 20 primary clinics. I didn't talk to them. But the most interesting things off their recent innovation, I believe, is that they are adjusted and expanded their focus, from primary care to community health Center to out less to every every customer's needs. And CBS Front to provide affordable preventive health and chronic health monitoring services at 1500 CBS Health have, which they are now setting up and along a similar line would Mark is deploying Walmart Health Center, where, utilizing tech driven solutions, they provide affordable one stop service for core healthcare. They got less, uh, insurance status. For example, more than 40% of the people in U. S visit will not every big, so liberating the huge customer base and physical locations. Both companies being reading decentralization off health care and consumer device company such as Apple and Fitbit also have helped in transform forming healthcare in two ways. First, they are growing the boundaries between traditional healthcare and consumer product after their long development airport available, getting healthcare device and secondary. They acted as the best healthcare educators to consumers and increase people's healthcare awareness because they're taking an important role in the enhancement, health, literacy and healthcare democratization. And based on the story so far, I'd like to touch to business concept which can be applied to both Japan and the US and one expected change. It will be the emergence of data integration plot home while the telehealth. While the healthcare data data volume has increased 15 times for the last seven years and will continuously increase, we have a chance to improve the health care by harnessing the data. So meaning the new system, which unify the each patient data from multiple data sources and create 360 degrees longitudinal view each individual and then it sensitized the unified data to gain additional insights seen from structure data and unable to provide personal lives care. Finally, it's aggregate each individual data and reanalyzed to provide inside for population health. This is one specific model I envision. And, uh, health care will be provided slew online or offline and at the hospital or detail store. In order to amplify the impact of health care. The law off the mediator between health care between hospital and citizen will become more important. They can be a pharmacy toe health stand out about your care providers. They provide wide range of fundamental care and medication instruction and management. They also help individuals to manage their health care data. I will not explain the details today, but Japan has similar challenges in health care, such as increasing healthcare expenditure and lack of doctors and care givers. For example, they people in Japan have physical physician visit more than 20 times a year on average, while those in the U. S. On >>the do full times it sounds a joke, but people say because the artery are healthy, say visit hospitals to see friends. So we need to utilize thes mediators to reduce cost while they maintained social place for citizens in Japan, the government has promoted, uh, usual family, pharmacist and primary doctors and views the community based medical system as a policy. There was division of dispensing fees in Japan this year to ship the core load or pharmacist to the new role as a health management service providers. And so >>I believe we will see the change in those spaces not only in the U. S, but also in Japan, and we went through so unprecedented times. But I believe it's been resulting accelerating our healthcare transformation and creating a new business innovation. And this brings me to the end of my presentation. Thank you for your attention and hope you could find something somehow useful for your business. And if you have any questions >>or comments, please for you feel free to contact me.

>>Hi, everyone. Good afternoon. Thank you for joining this session. I feel honored to be invited to speak here today. And I also appreciate entity research Summit members for organ organizing and giving this great opportunity. Please let me give a quick introduction. First, I'm a Takashi from Marvin American population, and I'm leading technology scouting and global ation with digital health companies such as Business Alliance and Strategically Investment in North America. And since we started to focus on this space in 2016 our team is growing. And in order to bring more new technologies and services to Japan market Thesis year, we founded the new service theories for digital health business, especially, uh, in medical diagnosis space in Japan. And today I would like to talk how health care has been transformed for my micro perspective, and I hope you enjoy reasoning it. So what's happened since the US identify the first case in the middle of January, As everyone knows, unfortunately, is the damaged by this pandemic was unequal amongst the people in us. It had more determined tal impact on those who are socially and economically vulnerable because of the long, long lasting structural program off the U. S. Society and the Light Charity about daily case rating elevator country shows. Even in the community, the infection rate off the low income were 4.5 times higher than, uh, those of the high income and due to czar straight off the Corvette, about 14 million people are unemployed. The unique point off the U. S. Is that more than 60% of insurance is tied with employment, so losing a job can mean losing access to health care. And the point point here is that the Corvette did not create healthcare disparity but, uh nearly highlighted the underlying program and necessity off affordable care for all. And when the country had a need to increase the testing capacity and geographic out, treat the pharmacies and retails joined forces with existing stakeholders more than 90% off the U. S Corporation live within five miles off a community pharmacy such as CVS and Walgreen, so they can technically provide the test to everyone in all the community. And they also have a huge workforce memory pharmacist who are eligible to perform the testing scale, and this very made their potential in community based health care. Stand out and about your health has provided on alternative way for people to access to health care. At affordable applies under the unusual setting where social distancing, which required required mhm and people have a fear of infection. So they are afraid to take a public transportacion and visit >>the doctor the same thing supplied to doctor and the chart. Here is a number of total visit cranes by service type after stay at home order was issued across the U. S. By Ali April patient physical visits to doctor's offices or clinics declined by ALAN 70%. On the other hand, that share, or telehealth, accounted for 25% of the total total. Doctor's >>visit in April, while many states studied to re opening face to face visit is gradually recovering. And overall Tele Health Service did not offset the crime. Physician Physical doctor's visit and telehealth John never fully replace in person care. However, Telehealth has established a new way to provide affordable care, especially to vulnerable people, and I don't explain each player's today. But as an example, the chart shows the significant growth of >>the tell a dog who is one of the largest badger care and tell his provider, I believe there are three factors off paradox. Success under the pandemic. First, obviously tell Doc could reach >>the job between those patients and doctors. Majority of the patients who needed to see doctors who are those who have underlying health conditions and are high risk for Kelowna, Bilis and Secondary. They showed their business model is highly scalable. In the first quarter of this year, they moved quickly to expand their physical physicians network to increase their capacity and catch up growing demand. To some extent, they also contributed to create flexible job for the doctors who suffered from Lydia's appointment and surgery. They utilized. There are legalism to maximize the efficiency for doctors and doing so, uh, they have university maintained high quality care at affordable applies Yeah, and at the same time, the government recognize the body of about your care and de regulated traditional rules to sum up she m s temporary automated to pay a wide range of tell Her services, including hospital visit and HHS temporarily waived hip hop minorities for telehealth cases and they're changed allowed provider to use communication tools such as facetime and the messenger. During their appointment on August start, the government issued a new executive order to expand tell his services beyond the pandemic. So the government is also moving to support about your health care. So it was a quick review of the health care challenges and somewhat advancement in the pandemic. But as you understand, since those challenges are not caused by the pandemic, problems will stay remain and events off this year will continuously catalyze the transformation. So how was his cherished reshaped and where will we go? The topic from here can be also applied to Japan market. Okay, I believe democratization and decentralization healthcare more important than ever. So what does A. The traditional healthcare was defined in a framework over patient and a doctor. But in the new normal, the range of beneficiaries will be expanded from patient to all citizens, including the country uninsured people. Thanks to the technology evolution, as you can download health management off for free on iTunes stores while the range of the digital health services unable everyone to participate in new health system system. And in this slide, I put three essential element to fully realize democratization and decentralization off health care, health, literacy, data sharing and security, privacy and safety in addition, taken. In addition, technology is put at the bottom as a foundation off three point first. Health stimulus is obviously important because if people don't understand how the system works, what options are available to them or what are the pros and cons of each options? They can not navigate themselves and utilize the service. It can even cause a different disparity. Issue and secondary data must be technically flee to transfer. While it keeps interoperability ease. More options are becoming available to patient. But if data cannot be shared among stakeholders, including patient hospitals in strollers and budget your providers, patient data will be fragmented and people cannot yet continue to care which they benefited under current centralized care system. And this is most challenging part. But the last one is that the security aspect more players will involving decentralized health care outside of conventional healthcare system. So obviously, both the number of healthcare channels and our frequency of data sharing will increase more. It's create ah, higher data about no beauty, and so, under the new health care framework, we needed to ensure patient privacy and safety and also re examine a Scott write lines for sharing patient data and off course. Corbett Wasa Stone Catalyst off this you saved. But what folly. Our drivers in Macro and Micro Perspective from Mark Lowe. The challenges in healthcare system have been widely recognized for decades, and now he's a big pain. The pandemic reminded us all the key values. Misha, our current pain point as I left the church shores. Those are increasing the population, health sustainability for doctors and other social system and value based care for better and more affordable care. And all the elements are co dependent on each other. The light chart explained that providing preventive care and Alan Dimension is the best way threes to meet the key values here. Similarly, the direction of community based care and about your care is in line with thes three values, and they are acting to maximize the number of beneficiaries form. A micro uh, initiative by nonconventional players is a big driver, and both CBS and Walmart are being actively engaged in healthcare healthcare businesses for many years. And CBS has the largest walking clinic called MinuteClinic, Ottawa 1100 locations, and Walmart also has 20 primary clinics. I didn't talk to them. But the most interesting things off their recent innovation, I believe, is that they are adjusted and expanded their focus, from primary care to community health Center to out less to every every customer's needs. And CBS Front to provide affordable preventive health and chronic health monitoring services at 1500 CBS Health have, which they are now setting up and along a similar line would Mark is deploying Walmart Health Center, where, utilizing tech driven solutions, they provide affordable one stop service for core healthcare. They got less, uh, insurance status. For example, more than 40% of the people in U. S visit will not every big, so liberating the huge customer base and physical locations. Both companies being reading decentralization off health care and consumer device company such as Apple and Fitbit also have helped in transform forming healthcare in two ways. First, they are growing the boundaries between traditional healthcare and consumer product after their long development airport available, getting healthcare device and secondary. They acted as the best healthcare educators to consumers and increase people's healthcare awareness because they're taking an important role in the enhancement, health, literacy and healthcare democratization. And based on the story so far, I'd like to touch to business concept which can be applied to both Japan and the US and one expected change. It will be the emergence of data integration plot home while the telehealth. While the healthcare data data volume has increased 15 times for the last seven years and will continuously increase, we have a chance to improve the health care by harnessing the data. So meaning the new system, which unify the each patient data from multiple data sources and create 360 degrees longitudinal view each individual and then it sensitized the unified data to gain additional insights seen from structure data and unable to provide personal lives care. Finally, it's aggregate each individual data and reanalyzed to provide inside for population health. This is one specific model I envision. And, uh, health care will be provided slew online or offline and at the hospital or detail store. In order to amplify the impact of health care. The law off the mediator between health care between hospital and citizen will become more important. They can be a pharmacy toe health stand out about your care providers. They provide wide range of fundamental care and medication instruction and management. They also help individuals to manage their health care data. I will not explain the details today, but Japan has similar challenges in health care, such as increasing healthcare expenditure and lack of doctors and care givers. For example, they people in Japan have physical physician visit more than 20 times a year on average, while those in the U. S. On the do full times it sounds a joke, but people say because the artery are healthy, say visit hospitals to see friends. So we need to utilize thes mediators to reduce cost while they maintained social place for citizens in Japan, the government has promoted, uh, usual family, pharmacist and primary doctors and views the community based medical system as a policy. There was division of dispensing fees in Japan this year to ship the core load or pharmacist to the new role as a health management service providers. And so I believe we will see the change in those spaces not only in the U. S, but also in Japan, and we went through so unprecedented times. But I believe it's been resulting accelerating our healthcare transformation and creating a new business innovation. And this brings me to the end of my presentation. Thank you for your attention and hope you could find something somehow useful for your business. And if you have any questions >>or comments, please for you feel free to contact me. Thank you.