>>Hello and welcome back to the Cube's coverage of AWS Reinvent 2022. I'm John Furrier, host of the Cube. We got a great conversation with Patrick Kauflin, vice president of Go to Market Strategy and specialization at Splunk. We're talking about the open cybersecurity scheme of framework, also known as the O C sf, a joint strategic collaboration between Splunk and aws. It's got a lot of traction momentum. Patrick, thanks for coming on the cube for reinvent coverage. >>John, great to be here. I'm excited for this. >>You know, I love this open source movement and open source and continues to add value, almost sets the standards. You know, we were talking at the CNCF Linux Foundation this past fall about how standards are coming outta open source. Not so much the the classic standards groups, but you start to see the developers voting with their code groups deciding what to adopt de facto standards and security is a real key part of that where data becomes key for resilience. And this has been the top conversation at reinvent and all around the industry, is how to make data a key part of building into cyber resilience. So I wanna get your thoughts about the problem that you see that's emerging that you guys are solving with this group kind of collaboration around the ocs f >>Yeah, well look, John, I I think, I think you, you've already, you've already hit the high notes there. Data is proliferating across the enterprise. The attack surface area is rapidly expanding. The threat landscape is ever changing. You know, we, we just had a, a lot of scares around open SSL before that we had vulnerabilities and, and Confluence and Atlassian, and you go back to log four J and SolarWinds before that and, and challenges with the supply chain. In this year in particular, we've had a, a huge acceleration in, in concerns and threat vectors around operational technology. In our customer base alone, we saw a huge uptake, you know, and double digit percentage of customers that we're concerned about the traditional vectors like, like ransomware, like business email compromise, phishing, but also from insider threat and others. So you've got this, this highly complex environment where data continues to proliferate and flow through new applications, new infrastructure, new services, driving different types of outcomes in the digitally transformed enterprise of today. >>And, and what happens there is, is our customers, particularly in security, are, are left with having to stitch all of this together. And they're trying to get visibility across multiple different services, infrastructure applications across a number of different point solutions that they've bought to help them protect, defend, detect, and respond better. And it's a massive challenge. And you know, when our, when our customers come to us, they are often looking for ways to drive more consolidation across a variety of different solutions. They're looking to drive better outcomes in terms of speed to detection. How do I detect faster? How do I bind the thing that when bang in the night faster? How do I then fix it quickly? And then how do I layer in some automation so hopefully I don't have to do it again? Now, the challenge there that really OCF Ocsf helps to, to solve is to do that effectively, to detect and to respond at the speed at which attackers are demanding. >>Today we have to have normalization of data across this entire landscape of tools, infrastructure, services. We have to have integration to have visibility, and these tools have to work together. But the biggest barrier to that is often data is stored in different structures and in different formats across different solution providers, across different tools that are, that are, that our customers are using. And that that lack of data, normalization, chokes the integration problem. And so, you know, several years ago, a number of very smart people, and this was, this was a initiative s started by Splunk and AWS came together and said, look, we as an industry have to solve this for our customers. We have to start to shoulder this burden for our customers. We can't, we can't make our customers have to be systems integrators. That's not their job. Our job is to help make this easier for them. And so OCS was born and over the last couple of years we've built out this, this collaboration to not just be AWS and Splunk, but over 50 different organizations, cloud service providers, solution providers in the cybersecurity space have come together and said, let's decide on a single unified schema for how we're gonna represent event data in this industry. And I'm very proud to be here today to say that we've launched it and, and I can't wait to see where we go next. >>Yeah, I mean, this is really compelling. I mean, it's so much packed in that, in that statement, I mean, data normalization, you mentioned chokes, this the, the solution and integration as you call it. But really also it's like data's not just stored in silos. It may not even be available, right? So if you don't have availability of data, that's an important point. Number two, you mentioned supply chain, there's physical supply chain that's coming up big time at reinvent this time as well as in open source, the software supply chain. So you now have the perimeter's been dead for multiple years. We've been talking with that for years, everybody knows that. But now combined with the supply chain problem, both physical and software, there's so much more to go on. And so, you know, the leaders in the industry, they're not sitting on their hands. They know this, but they're just overloaded. So, so how do leaders deal with this right now before we get into the ocs f I wanna just get your thoughts on what's the psychology of the, of the business leader who's facing this landscape? >>Yeah, well, I mean unfortunately too many leaders feel like they have to face these trade offs between, you know, how and where they are really focusing cyber resilience investments in the business. And, and often there is a siloed approach across security, IT developer operations or engineering rather than the ability to kind of drive visibility integration and, and connection of outcomes across those different functions. I mean, the truth is the telemetry that, that you get from an application for application performance monitoring or infrastructure monitoring is often incredibly valuable when there's a security incident and vice versa. Some of the security data that, that you may see in a security operation center can be incredibly valuable in trying to investigate a, a performance degradation in an application and understanding where that may come from. And so what we're seeing is this data layer is collapsing faster than the org charts are or the budget line items are in the enterprise. And so at Splunk here, you know, we believe security resilience is, is fundamentally a data problem. And one of the things that we do often is, is actually help connect the dots for our customers and bring our customers together across the silos they may have internally so that they can start to see a holistic picture of what resilience means for their enterprise and how they can drive faster detection outcomes and more automation coverage. >>You know, we recently had an event called Super Cloud, we're going into the next gen kind of a cloud, how data and security are all kind of part of this NextGen application. It's not just us. And we had a panel that was titled The Innovators Dilemma, kind of talk about you some of the challenges. And one of the panelists said, it's not the innovator's dilemma, it's the integrator's dilemma. And you mentioned that earlier, and I think this a key point right now into integration is so critical, not having the data and putting pieces together now open source is becoming a composability market. And I think having things snap together and work well, it's a platform system conversation, not a tool conversation. So I really wanna get into where the OCS f kind of intersects with this area people are working on. It's not just solution architects or cloud cloud native SREs, especially where DevSecOps is. So this that's right, this intersection is critical. How does Ocsf integrate into that integration of the data making that available to make machine learning and automation smarter and more relevant? >>Right, right. Well look, I mean, I I think that's a fantastic question because, you know, we talk about, we use Bud buzzwords like machine learning and, and AI all the time. And you know, I know they're all over the place here at Reinvent and, and the, there's so much promise and hope out there around these technologies and these innovations. However, machine learning AI is only as effective as the data is clean and normalized. And, and we will not realize the promise of these technologies for outcomes in resilience unless we have better ways to normalize data upstream and better ways to integrate that data to the downstream tools where detection and response is happening. And so Ocsf was really about the industry coming together and saying, this is no longer the job of our customers. We are going to create a unified schema that represents the, an event that we will all bite down on. >>Even some of us are competitors, you know, this is, this is that, that no longer matters because at the point, the point is how do we take this burden off of our customers and how do we make the industry safer together? And so 15 initial members came together along with AWS and Splunk to, to start to create that, that initial schema and standardize it. And if you've ever, you know, if you've ever worked with a bunch of technical grumpy security people, it's kind of hard to drive consensus about around just about anything. But, but I, I'm really happy to see how quickly this, this organization has come together, has open sourced the schema, and, and, and just as you said, like I think this, this unlocks the potential for real innovation that's gonna be required to keep up with the bad guys. But right now is getting stymied and held back by the lack of normalization and the lack of integration. >>I've always said Splunk was a, it eats data for breakfast, lunch, and dinner and turns it into insights. And I think you bring up the silo thing. What's interesting is the cross company sharing, I think this hits point on, so I see this as a valuable opportunity for the industry. What's the traction on that? Because, you know, to succeed it does take a village, it takes a community of security practitioners and, and, and architects and developers to kind of coalesce around this defacto movement has been, has been the uptake been good? How's traction? Can you share your thoughts on how this is translating across companies? >>Yeah, absolutely. I mean, look, I, I think cybersecurity has a, has a long track record of, of, of standards development. There's been some fantastic standards recently. Things like sticks and taxi for threat intelligence. There's been things like the, you know, the Mir attack framework coming outta mi mir and, and, and the adoption, the traction that we've seen with Attack in particular has been amazing to, to watch how that has kind of roared onto the scene in the last couple of years and has become table stakes for how you do security operations and incident response. And, you know, I think with ocs f we're gonna see something similar here, but, you know, we are in literally the first innings of, of this. So right now, you know, we're architecting this into our, into every part of our sort of backend systems here at Polan. I know our our collaborators at AWS and elsewhere are doing it too. >>And so I think it starts with bringing this standard now that the standard exists on a, you know, in schema format and there, there's, you know, confluence and Jira tickets around it, how do we then sort of build this into the code of, of the, the collaborators that have been leading the way on this? And you know, it's not gonna happen overnight, but I think in the coming quarters you'll start to see this schema be the standard across the leaders in this space. Companies like Splunk and AWS and others who are leading the way. And often that's what helps drive adoption of a standard is if you can get the, the big dogs, so to speak, to, to, to embrace it. And, and, you know, there's no bigger one than aws and I think there's no, no more important one than Splunk in the cybersecurity space. And so as we adopt this, we hope others will follow. And, and like I said, we've got over 50 organizations contributing to it today. And so I think we're off to a running >>Start. You know, it's interesting, choking innovation or having things kind of get, get slowed down has really been a problem. We've seen successes recently over the past few years. Like Kubernetes has really unlocked and accelerated the cloud native worlds of runtime with containers to, to kind of have the consensus of the community to say, Hey, if we just do this, it gets better. I think this is really compelling with the o the ocs F because if people can come together around this and get unified as well as all the other official standards, things can go highly accelerated. So I think, I think it looks really good and I think it's great initiative and I really appreciate your insight on that, on, on your relationship with Amazon. Okay. It's not just a partnership, it's a strategic collaboration. Could you share that relationship dynamic, how to start, how's it going, what's strategic about it? Share to the audience kind of the relationship between Splunk and a on this important OCS ocsf initiative. >>Look, I, I mean I think this, this year marks the, the 10th year anniversary that, that Splunk and AWS have been collaborating in a variety of different ways. I, I think our, our companies have a fantastic and, and long standing relationship and we've, we've partnered on a number of really important projects together that bring value obviously to our individual companies, but also to our shared customers. When I think about some of the most important customers at Splunk that I spend a significant amount of time with, I I I know how many of those are, are AWS customers as well, and I know how important AWS is to them. So I think it's, it's a, it's a collaboration that is rooted in, in a respect for each other's technologies and innovation, but also in a recognition that, that our shared customers want to see us work better together over time. And it's not, it's not two companies that have kind of decided in a back room that they should work together. It's actually our customers that are, that are pushing us. And I think we're, we're both very customer centric organizations and I think that has helped us actually be better collaborators and better partners together because we're, we're working back backwards from our customers >>As security becomes a physical and software approach. We've seen the trend where even Steven Schmidt at Amazon Web Services is, is the cso, he is not the CSO anymore. So, and I asked him why, he says, well, security's also physical stuff too. So, so he's that's right. Whole lens is now expanded. You mentioned supply chain, physical, digital, this is an important inflection point. Can you summarize in your mind why open cybersecurity schema for is important? I know the unification, but beyond that, what, why is this so important? Why should people pay attention to this? >>You know, I, if, if you'll let me be just a little abstract in meta for a second. I think what's, what's really meaningful at the highest level about the O C S F initiative, and that goes beyond, I think, the tactical value it will provide to, to organizations and to customers in terms of making them safer over the coming years and, and decades. I think what's more important than that is it's really the, one of the first times that you've seen the industry come together and say, we got a problem. We need to solve. That, you know, doesn't really have anything to do with, with our own economics. Our customers are, are hurt. And yeah, some of us may be competitors, you know, we got different cloud service providers that are participating in this along with aws. We got different cybersecurity solution providers participating in this along with Splunk. >>But, but folks who've come together and say, we can actually solve this problem if, if we're able to kind of put aside our competitive differences in the markets and approach this from the perspective of what's best for information security as a whole. And, and I think that's what I'm most proud of and, and what I hope we can do more of in other places in this industry, because I think that kind of collaboration from real market leaders can actually change markets. It can change the, the, the trend lines in terms of how we are keeping up with the bad guys. And, and I'd like to see a lot more of >>That. And we're seeing a lot more new kind of things emerging in the cloud next kind of this next generation architecture and outcomes are happening. I think it's interesting, you know, we always talk about sustainability, supply chain sustainability about making the earth a better place. But you're hitting on this, this meta point about businesses are under threat of going under. I mean, we want to keep businesses to businesses to be sustainable, not just, you know, the, the environment. So if a business goes outta business business, which they, their threats here are, can be catastrophic for companies. I mean, there is, there is a community responsibility to protect businesses so they can sustain and and stay Yeah. Stay producing. This is a real key point. >>Yeah. Yeah. I mean, look, I think, I think one of the things that, you know, we, we, we complain a lot of in, in cyber security about the lack of, of talent, the talent shortage in cyber security. And every year we kinda, we kind of whack ourselves over the head about how hard it is to bring people into this industry. And it's true. But one of the things that I think we forget, John, is, is how important mission is to so many people in what they do for a living and how they work. And I think one of the things that cybersecurity is strongest in information Security General and has been for decades is this sense of mission and people work in this industry be not because it's, it's, it's always the, the, the most lucrative, but because it, it really drives a sense of safety and security in the enterprises and the fabric of the economy that we use every day to go through our lives. And when I think about the spun customers and AWS customers, I think about the, the different products and tools that power my life and, and we need to secure them. And, and sometimes that means coming to work every day at that company and, and doing your job. And sometimes that means working with others better, faster, and stronger to help drive that level of, of, of maturity and security that this industry >>Needs. It's a human, is a human opportunity, human problem and, and challenge. That's a whole nother segment. The role of the talent and the human machines and with scale. Patrick, thanks so much for sharing the information and the insight on the Open cybersecurity schema frame and what it means and why it's important. Thanks for sharing on the Cube, really appreciate it. >>Thanks for having me, John. >>Okay, this is AWS Reinvent 2022 coverage here on the Cube. I'm John Furry, you're the host. Thanks for watching.

>>Hello everyone. Welcome back to the Cube's Live coverage. I'm John Fur, host of the Cube. We got two sets here, three sets total. Another one in the executive center. It's our 10th year covering AWS Reinvent. I remember 2013 like it was yesterday. You know, now it's a massive of people buying out restaurants. 35,000 people now it's 55,000, soon to be 70,000 back. Great event. Continuing to set the standard in the industry. We had an amazing guest here, Leah Bibo, vice President of Product Marketing. She's in charge of the messaging, the product, overseeing how these products gonna market. Leah, great to see you. Thanks for joining me on the Cube today. >>Absolutely. It's great to be here. It's also my 10 reinvent, so it's, it's been a wild ride. >>Absolutely. Yeah. You and I were talking before we came on camera, how much we love products and yes, this is a product-centric company, has been from day one and you know, over the years watching the announcements, the tsunami of announcements, just all the innovation that's come out from AWS over the years has been staggering to say the least. Everyone always jokes about, oh my God, 5,000 new announcements, over 200 services you're managing and you're marketing them. It's pretty crazy right now. And Adam, as he comes on, as I called them, the solutions CEO on my piece I wrote on Friday, we're in an era where solutions, the products are enabling more solutions. Unpack the messaging around this cuz this is really big moment for aws. >>Absolutely. Well, I'll say first of all that we are a customer focused company that happens to be really good at innovating incredible products and services for our customers. So today the, the energy in the room and what Adam talked about, I think is focused on a few great things for customers that are really important for transformation. So we talked a lot about best price performance for workloads and we talked about extreme workloads, but if you think about the work that we've been doing to innovate on the silicon side, we're really talking about with Graviton all your workloads and getting really great price performance for all of them. You know, we came out with graviton three 25% faster than graviton two, also 60% more energy efficient. We talked about something that is emerging that I think is gonna be really big, which is simulation and really the ability to model these complex worlds and all the little interactions, which I think, you know, in the future as we have more complex environments like 3D simulation is gonna be a bigger part of every, every business's >>Business. You know, just as an aside, we were talking on the analyst segment that speeds and feeds are back and the old days and the data center days was like, we don't wanna talk about speeds and feeds about solutions and you know, the outcomes when you get the cloud, it was like, okay, get the workloads over there, but people want faster and lower cost performance workloads gotta be running at at high performance. And, and there's a real discussion around those. Let's unpack security data performance. What, what does that mean for customers? Because again, I get the workloads run fast. That's great. What else is behind the curtain, so to speak from a customer standpoint? >>Absolutely. Well I think if you're gonna move all your workloads to the cloud, you know, security is a really big area that's important. It's important to every one of our enterprise companies customers. Actually it's important to all of our customers and we've been working, you know, since the beginning of AWS to really create and build the most secure global infrastructure. And you know, as our customers have moved mission critical workloads, we've built out a lot more capabilities and now we have a whole portfolio of security services. And what we announced today is kind of game changing. The service called Security Lake, which brings together, you know, an ecosystem of security data in a format that's open. So you can share data between all of these sources and it's gonna give folks the opportunity to really be able to analyze data, find threats faster, and just kind of know their security posture. And I think, you know, as we talked about today, you don't wanna think about the cloud as unfathomable, the unfathomable, you really need to know that security. And I think that like a lot of things we discussed, security is a data opportunity, right? And I think we, we had a section on on data, but really if you look at the keynote across security, across solutions, across the purpose built things we made, it's all, it all comes down to data and it's really the, the transformational element that our customers >>Are. I mean the data secured is very integral part good call out there. And I, I wanna just double down on that real quick because I remember in 2014 I interviewed Steven Schmidt when he was the CSOs and back then in 2014, if you remember the conversation was this, the clouds not secure, gotta be on premises. Now in today's keynote, Adam says, and he laid out the whole global security footprint. There's a lot going on that Amazon has now become more secure than on-prem. He actually made that statement. So, and then plus you got thousands of security partners, third party partners, you got the open cyber security framework which you guys co-found with all the other, so you got securities not as a team sport, this is what they, they said yes, yes. What does that mean for customers? Because now this is a big deal. >>Well I think for customers, I mean it means nothing but goodness, right? But all of these thousands of security partners have really innovated and created solutions that our customers are using. But they all have different types of data in different silos. And to really get a full picture bringing all that data together is really important. And it's not easy today. You know, log data from different sources, data from detection services and really what customers want is an easier way to get it all together. Which is why we have the open OCS F and really analyze using the tools of their choice. And whether that's AWS tools for analytics or it's tools from our partners, customers need to be able to make that choice so that they can feel like their applications and their workloads are the most secure on aws. >>You know, I've been very impressed with guard duty and I've been following Merit Bear's blogs on online. She's in the security team, she's amazing. Shout out to her. She's been pushing guard duty for a long time now there's big news around guard duty. So you got EKS protection, you know, at Coan this was the biggest cloud native issue, the runtime of Kubernetes and inside the container and outside the container detection of threats, right? As a real software supply chain concern. How are you guys marketing that? This is a huge announcement. EKS protection I know is very nuanced but it's pretty big deal. >>It is a big deal. It is a big deal. And guard duty has been kind of like a quiet service that maybe you don't hear a lot about, but has been really, really popular with our customers. Adam mentioned that 85% of, you know, our top 2000 customers are using guard duty today. And it was a big moment. We launched EKS protection, you know, a little bit earlier and the customer uptake on that has been really incredible. And it is because you can protect your Kubernetes cluster, which is really important because so many customers are, you know, part of their migration to the cloud is containers. Yeah. And so we're pretty excited that now we can answer that question of what's going on inside the container. And so you have both, yeah, right. You know that your Kubernetes pluses are good and you know what's going on inside the container and it's just more threats that you can detect and protect >>Yourself from. You know, as an aside, I'm sure you're watching this, but you know, we go to a lot of events, you know, the C I C D pipeline as developers are getting higher velocity coding, it has moved in because of DevOps on the cloud into the C I C D pipeline. So you're seeing that developer takes some of those IT roles in the coding workflow, hence the, the shift left and or container security, which you guys now, now and are driving towards. But the security and the data teams are emerging as a very key element inside the organizational structure. When I sat down with Adam, one of the things he was very adamant about in my conversation was not just digital transformation, business transformation, structural organizational moves are making where it's not a department anymore, it is the company, a technology is the company when you transform. Absolutely. So digital is the process, business is the outcome. This is a really huge message. What's your reaction to that? What's, what can you share extra cuz that's, this is a big part of the thing. He hit it right outta the gate on the front end of the keynote. >>Absolutely. Absolutely. I mean I think, you know, companies have been migrating to the cloud for a while, but I think that this time that we're going through has really accelerated that migration And as part of that, you know, digital transformation has become real for a lot of companies. And it is true what Adam said there is technology transformation involved, there's data transformation involved, but it, it is transforming businesses. And I think if you look at some of the things that Adam talked about, you know, aws, supply chain, security Lake, aws clean rooms, and Omic, aws, omic, you know, those are all examples of data and the ability to work with data transforming different lines of business within a company, transforming horizontal processes like contact centers and like supply chain and also, you know, going into vertical specific solutions. So what it means is that as technology becomes more pervasive, as data becomes more pervasive, businesses are transforming and that means that a lot more people are going to use the cloud and interact with the cloud and they might not want to or be able to kind of use our building blocks. And so what's really exciting that what we're able to do is make cloud more accessible to lines of business folks to analysts, to security folks. So >>It's, yeah, and that's, and that's why I was calling my this this new trend I see as Amazon Classic, my words, not your words, I call the, hey there was classic cloud and then you got the next gen clown, the new next generation. And I was talking with Adrian Cockcroft, former aws, so he's now retired, he's gonna come on later today. He and I were talking, he use this thing of you got a bag of Legos aka primitives or a toy that's been assembled for you glued together, ones out of the box, but they're not mutually exclusive. You can build a durable application and foundation with the building blocks more durable. You can manage it, refine it, but you got the solution that breaks. You don't have as much flexibility but you gotta replace it. That's okay too. So like this is now kind of a new portfolio approach to the cloud. It's very interesting and I think, I think, I think that's what I took away from the keynote is that you can have both. >>Yes, absolutely. You can do both. I mean, we're gonna go full throttle on releasing innovations and pushing the envelope on compute and storage and databases and our core services because they matter. And having, you know, the choice to choose from a wide range of options. I mean that's what, that's what customers need. You know, if you're gonna run hpc, you're gonna run machine learning and you're gonna run your SAP applications or your Windows applications, you need choice of what you know, specific type of instance and compute capabilities. You need to get the price performance. It's, it's definitely not a one size fits all. It's a 600 instance type. Size fits all maybe. >>Exactly. And you got a lot of instance and we'll get to that in a second. Yeah, I love the themes. I love this keynote themes you had like at first space, but I get the whole data, then you look at it, you can look at it differently. Really good metaphor, the ocean one I love with the security because he mentioned you can have the confidence to explore go deep snorkeling versus scuba and knowing how much oxygen you have. I mean, so really cool metaphor made me think very provocative. So again, this is kind of why people go to AWS because you now have these, these abilities to do things differently, depend on the context of what products you're working with. Yes. Explain why that was the core theme. Was there any rationale behind that? Was it just how you guys saw it? I mean that was pretty clever. >>Well, I think that, you know, we're, we're talking about environments and I think in this world, you know, there's uncertainty in a lot of places and we really feel like all of us need to be prepared for different types of environments. And so we wanted to explore what that could look like. And I think, you know, we're fascinated by space and the vastness and it is very much like the world of data. I don't know about you, but I actually scuba dive. So I love the depths of the ocean. I loved working on that part. There's extremes, extreme workloads like hpc, extreme workloads like machine learning with the growing models and there's an imagination, which is also one of my favorite areas to explore. >>Yeah. And you use the Antarctica one for about the whole environment and extreme conditions. That's good in the performance. And I love that piece of it. And I want to get into the, some of the things I love the speeds and fee. I think the, the big innovation with the silicon we've been covering as, you know, like a blanket. The, he's got the GRAVITON three 25% faster than GRAVITON two, the C seven GN network intense workloads. This is kind of a big deal. I mean this is one of those things where it might not get picked up in the major press, but the network use cases are significant. Nira has been successful. Share your thoughts on these kinds of innovations because they look kind of small, but they're not, they're >>Big, they're not small for sure, especially at the scale that our customers are, are, are running their applications. Like every little optimization that you can get really makes a huge difference. And I think it's exciting. I mean you hit on, you kind of hit on it when we've been working on silicon for a while now we know that, you know, if we're gonna keep pushing the element, the envelope in these areas, we had to, we had to go down to the silicon. And I think that Nitro has really been what's kind of been a breakthrough for us. You know, reinventing that virtualization layer, offloading security and storage and networking to special purpose chips. And I think that it's not just in the area of network optimization, right? You saw training optimized instances and inference optimized instances and HPC optimized instances. So yeah, we are kind of looking at all the extremes of, of what customers want to do. >>I know you can't talk about the future, but I can almost connect the dots as you're talking. It's like, hmm, specialized instances, specialized chips, maybe programmability of workload, smart intelligence, generative AI, weaving in there. A lot of kind of cool things I can see around the corner around generative AI automation. Hey, go to this instance with that go here. This is kind of what I see kind of coming around the corner. >>And we have some of that with our instance optimizers, our cost optimizer products where, you know, we wanna help customers find the best instance for their workload, get the best utilization they possibly can, you know, cut costs, but still have the great performance. So I don't, I don't know about your future, John, it sounds great, but we have, you know, we're taking steps in that direction today. >>Still look in this code that's gonna be on this code. Okay. Any, okay, I wanna give you one final question. Well, well two questions. One was a comment Adam made, I'd love to get your reaction if you want to tighten your bell, come to the cloud. I thought that was a very interesting nuance. A lot of economic pressure. Cloud is an opportunity to get agile, time to value faster. We had Zs carve cube analyst who's with us earlier said, the more you spend on the cloud, the more you save. That was his line, which I thought was very smart. Spending more doesn't mean you're gonna lose money, means you can save money too. So a lot of cost optimization discussions. Absolutely. Hey, your belt come to the cloud. What does he mean by that? >>Well I think that in, in times where, you know, there's uncertainty and economic conditions, it is, it's really, you know, you sometimes wanna pull back kind of, you know, batten down the hatches. But the cloud really, and we saw this with C you know, if you, if you move to the cloud, not only can you cut costs, but you put yourself in this position where you can continue to innovate and you can be agile and you can be prepared for whatever environment you're in so that you know when things go back or you have a customer needs that and innovation that goes off like you, you can accelerate back up really, really quickly. And I think we talked about Airbnb, that example of how, you know, in, in that really tough time of covid when travel industry wasn't happening so much, you know, they were able to scale back and save money. And then at the same time when, you know, Airbnb's kind of once again travel came back, they were in a position to really, really quickly change with the, the customer needs. >>You know, Lee, it's always great talking with you. You got a lot of energy, you're so smart and we both love products and you're leading the product marketing. We have an Instagram challenge here on the cube. I'm gonna put you on the spot here. Oh my gosh. It's called Instagram. We called a bumper sticker section. We used to call it what's the bumper sticker for reinvent. But we kind of modernized that. If you were gonna do an Instagram reel right now, what would be the Instagram reel for reinvent Keynote day one. As we look for, we got Verner, we'll probably talk about productivity with developers. What's the Instagram reel for reinvent? >>Wow. That means I have to get short with it, right? I am, I'm not always, that's still wrong answer. Yeah, well I think, you know, this is really big day one, so it's excitement, it's, we're glad to be here. We have a lot coming for you. We're super excited. And if you think about it, it's price, performance, it's data, it's security and it's solutions for purpose-built use cases. >>Great job. Congratulations. I love the message. I love how you guys had the theme. I thought it was great. And it's great to see Amazon continue to innovate with, with the, with the, with the innovation on the product side. But as we get into transformation, starting to see these solutions and the ecosystem is thriving and looking forward to hearing the, the new partner, chief Aruba tomorrow. Absolutely. See what she's got a new plan apparently unveiling. So exciting. Everyone's pretty excited. Thanks for coming >>On. Great. Great. Thanks for having >>Me. All right. Leah, here in the cube. You are the cube, the leader in tech coverage. I'm John Fur, your host. More live coverage after the short break. We'll be right back here. Day two of the cube, day one of reinvent. Lot of great action. Three, four days of wall to wall coverage. We'll be right back.

>>We're back with the cube at Falcon 2022, Dave ante and Dave Nicholson. We're at the aria. We do of course, a lot of events in Las Vegas. It's the, it's the place to do events. Dave, I think is my sixth or seventh time here this year. At least. I don't know. I lose track. Jeff Swain is here. He's the vice president of global programs store and tech alliances at CrowdStrike. Jeff. Good to see you again. We saw each other at reinvent in July in Boston. >>Yes. Yeah, it was great to see you again, Dave, thank >>Very much. And we talked about making this happen so thrilled to be here at, at, at CrowdStrike Falcon. We're gonna talk today about the CrowdStrike XDR Alliance partners. First of all, what's XDR >>Well, I hope you were paying attention to George's George's keynote this morning. I guess. You know, the one thing we know is that if you ask 10, five people, what XDR is you'll get 10 answers. >>I like this answer a holistic approach to endpoint security. I, that was, >>It was good. Simple. >>That was a good one at black hat. So, but tell us about the XDR Alliance partners program. Give us the update there. >>Yeah, so I mean, we spoke about it reinforced, you know, the XDR program is really predicated on having a robust ecosystem of partners to help us share that telemetry across all of the different parts of our customers' environment. So we've done a lot of work over the last few weeks and trying to bolster that environment specifically, putting a lot of focus on firewall. You'll see that Cisco and fortunate have both joined the XD XDR Alliance. So we're working on that right now. A lot of customer demand for firewall data into the telemetry set. You know, obviously it's a very rich data environment. There's a lot of logs on firewalls. And so it drives a lot of, of, of information that we can, we can leverage. So we're continuing to grow that. And what we're doing is building out different content packs that support different use cases. So firewall is one CAS B is another emails another and we're building, building out the, the partner set right across the board. So it's, it's, it's been a, a great set of >>Activity. So it's it's partners that have data. Yep. There's probably some, you know, Joe Tuchi year old boss used to say that that overlap is better than gaps. So there's sometimes there's competition, but that's from a customer standpoint, overlap is, is better than gaps. So as gonna mention Cisco forte and there are a number of others, they've got data. Yes. And they're gonna pump it into your system, our platform, and you've got the, your platform. You've got the ability to ingest. You've got the cloud native architecture, you've got the analytics and you've got the near real time analysis capability. Right, right. >>Augmented by people as well, which is a really important part of our value proposition. You know, we, it's not just relying purely on AI, but we have a human, a human aspect to it as well to make sure we're getting extremely accurate responses. And then there's the final phase is the response phase. So being able to take action on a CASB, for example, when we have a known bad actor operating in the cloud is a really important, easy action for our customer to take. That's highly valuable. You're >>Talking about your threat hunting capability, right? >>So it's threat hunting and our Intel capability as well. We use all of that information as well as the telemetry to make sure we're making good, actionable >>Decisions, Intel being machine intelligence or, or human and machine >>Human and human and machine intelligence that we have. We have a whole business that's out there gathering Intel. I believe you think to Adam Myers who runs that business. And you know, that Intel is critical to making good decisions for our customers. >>So the X and XDR is extended, correct. Extending to things like firewalls. That's pretty obvious in the security space. Are there some less obvious data sources that you look to extend to at some point? >>Yeah, I think we're gonna continually go with where the customer demand is. And firewalls is one of the first and is very significant. Other one, you'll see that we're announcing support for Microsoft 365 as well as part of this, this announcement, but then we'll still grow out into the other areas. NDR is, you know, a specific area where we've already got a number of partners in that, in that space. And, and we'll grow that as we go. I think one of the really exciting additional elements is the, the OCS F announcement that we made at at, at, at, at reinforced, which also is a shared data scheme across a number of vendors as well. So talking to Mike's point, Microsoft ST's point this morning in his keynote, it's really about the industry getting together to do better job for our customers. And XDR is the platform to do that. And crowd strikes it way of doing it is the only really true, visible way for a customer to get their hands on all that information, make the decision, see the good from the bad and take the action. So I feel like we're really well placed to help our customers in >>That space. Well, Kevin mania referenced this too today, basically saying the industry's doing a better job of collaborations. I mean, sometimes I'm skeptical because we've certainly seen people try to, you know, commercialize private information, private reports. Yeah. But, but, but you're talking about, you know, some of your quasi competitors cooperatives, you know, actually partnering with you now. So that's a, that's a good indicator. Yeah. I want to step back a little bit, talk about the macro, the big conversation on wall street. Everybody wants to talk about the macro of course, for obvious reasons, we just published our breaking analysis, talking about you guys potentially being a generational company and sort of digging into that a little bit. We've seen, you know, cyber investments hold up a little bit better, both in terms of customer spending and of course the stock market better than tech broadly. Yeah. So in that case it would, it would suggest that cyber investments are somewhat non-discretionary. So, but that is my question are cyber investments non-discretionary if, if so, how, >>You know, I think George George calls that out directly in our analyst reports as well that, you know, we believe that cyber is a non-discretionary spend, but I, I actually think it's more than that. I think in this current macro or economic environment where CIOs and CSOs are being asked to sweat their assets for significantly longer period of time, that actually creates vulnerabilities because they have older kit, that's running for a longer period that they normally, you know, round out or churn out of their environment. They're not getting the investment to replace those laptops. They're not getting the, I placement to replace those servers. We have to sweat them for a little bit longer, longer, which means they need to be on top of the security posture of those devices. So that means that we need the best possible telemetry that we can get to protect those in the best possible way. So I actually think not only is it makes it non-discretionary, it actually increases the, the business case for, for, for taking on a, a cyber project. >>And I buy that. I buy that the business case is better potentially for cyber business case. And cyber is about, about risk reduction, right? It's about, it's about reducing expected loss. I, I, I, I, but the same time CISOs don't have an open wallet. They have to compete with other P and L managers. I also think the advantage for CrowdStrike I'm, I'm getting deeper into the architecture and beginning to understand the power of a lightweight agent that can do handle. I think you're up to 22 modules now, correct? Yes. I've got questions on how you keep that lightweight, but, but nonetheless, if you can consolidate the point tools, which is, you know, one of the biggest challenges that, that SecOps teams face that strengthens the ROI as well. >>Absolutely. And if you look at what George was saying this morning in the keynote, the combination of being able to provide tools, not only to the SecOps team, but the it ops team as well, being able to give the it ops team visibility on how many assets they have. I mean, these simple, these are simple questions that we should be able to answer. But often when we ask, you know, an operations leader, can you answer it? It sometimes it's hard for them. We actually have a lot of that information. So we are able to bring that into the platform. We're able to show them, we're able to show them where the assets are, where the vulnerabilities are against those assets and help it ops do a better job as well as SecOps. So the, the strength, the case strengthens, as you said, the CSO can also be talking to the it ops budget. >>The edge is getting more real. We're certainly hearing a lot about it now we're seeing a lot more and you kind of got the, the near edge, like the home Depot and the lows, you know, stores. Yeah. Okay. That I, I can get a better handle on, okay. How do I secure that? I've got some standards, but that's the far edge. It's, it's the, the OT yes. Piece of it. That's sort of the brave new world. What are you seeing there? How do you protect those far flowing estates? >>I think this gets back to the question of what's what's new or what's coming and where do we see the, the next set of workloads that we have to tackle? You know, when we came along first instance, we were really doing a lot of the on-prem on-prem and, and, and known cloud infrastructure suites. Then we started really tackling the broader crowd market with tools and technology to give visibility and control of the overall cloud environment. OT represents that next big addressable market for us, because there are so many questions around devices where they are, how old they are, what they're running. So visibility into the OT network is extremely, extremely important. And, you know, the, the wall that has existed again between the CISO and the OT environments coming down, we're seeing that's closer, closer alignment between the security on both those worlds. So the announcement that we've made around extending our Falcon discover product, to be able to receive and understand device information from the OT network and bring it into the same console as the, the it and the OT in the same console to give one cohesive picture of, of visibility of all of our devices is a major step forward for our customers and for, for the industry as well. >>And we see that being, being able to get the visibility will then lead us to a place of being able to build our AI models, build our response frameworks. So then we can go to a full EDR and then beyond that, there's, you know, all the other things that CrowdStrike do so well, but this is the first step to really the first step on control is visibility. And >>The OT guys are engineers. So they're obviously conscious of this stuff. It's, it's more it's again, you're extending that culture, isn't >>It? Yeah, yeah, yeah. Now when you're looking at threats, great, you want to do things to protect against those threats, but how much, how much of CrowdStrike's time is spent thinking about the friction that's involved in transactions? If I wanna go to the grocery store, think of me as an end point. If I wanna go to the grocery store, if I had to drive through three DUI checkpoints or car safety inspections. Yeah. Every time I went to the grocery store, I wouldn't be happy as an end point as an end user in this whole thing. Ideally, we'd be able just to be authenticated and then not have to worry about anything moving forward. Do you see that as your role, reducing friction 1%, >>That's again, one of the core tenants of, of, of why George founded the company. I mean, he tells the story of sitting on an airplane and seeing an executive who was also on the airplane, trying to boot their machine up and try and get an email out before the plane took off and watching the scanning happen, you know, old school virus scanning happening on the laptop and, and that executive not making it because, and he is like in this day and age, how can we be holding people back with that much friction in their day to day life? So that's one of the, again, founding principles of what we do at CrowdStrike was the security itself needs to support business growth, support, user growth, and actually get out of the way of how people do things. And we've seen progression along that lines. I think the zero trust work that we're doing right now really helps with that as well. >>Our integrations into other companies that play within the zero trust space makes that frictionless experience for the user, because yeah, we, we, we want to be there. We want to know everything that's happening, but we don't wanna see where we always want control points, but that's the value of the telemetry we take. We're taking all the data so we can see everything. And then we pick what we want to review rather than having to do the, the checkpoint approach of stop here. Now, let me see your credentials. Stop here. Let me see your credentials because we have a full field of, of knowledge and information on what the device is doing and what the user is doing. We're able to then do the trust with verify style approach. >>So coming back to the, to the edge in IOT, you know, bringing that zero trust concept to the, to the edge you've got, you've got it. And OT. Okay. So that's a new constituency, but you're consolidating that view. Your job gets harder. Doesn't it? So, so, so talk about how you resolve that. Do do the, do the concepts that you apply to traditional it endpoints apply at the edge. >>So first things we have to do is gain the visibility. And, and so the way in which we're doing that is effectively drawing information out from the OT environment at, by, by having a collector that's sitting there and bringing that into our console, which then will give us the ability to run our AI models and our other, you know, indications of attack or our indicators of misconfiguration into the model. So we can see whether something's good or bad whilst we're doing that. Obviously we're also working on building specific senses that will then sit in OT devices down, you know, one layer down from rather being collected and pulled and brought into the platform, being collected at the individual sensor level when we have that completed. And that requires a whole different ecosystem for us, it means that we have to engage with organizations like Rockwell and Siemens and Schneider, because they're the people who own the equipment, right? Yeah. And we have to certify with them to make sure that when we put technology onto their equipment, we're not going to cause any kind of critical failure that, you know, that could have genuine real world physical disastrous consequences. So we have to be super careful with how we build that, which we're we're in the process of >>Doing are the IOA signatures indicator as a tax. So I don't have to throw a dollar in the jar. Are the IOA signatures substantially similar at, at the edge, or >>I think we learn as we go, you know, first we have to gain the information and understand what good and bad looks like, what the kind of behaviors are there. But what we will see is that, you know, as someone's trying to, there's an actor, you know, making an attack, you know, will be able to see how they're affecting each of those endpoints individually, whether they're trying to take some form of control, whether they're switching them on and off in the edge and the far edge, it's a little bit more binary in terms of the kind of function of the device. It is the valve open or is the valve closed? It's is the production line running or is the production not line running, not running. So we need to be able to see that it's more about protecting the outcomes there as well. But again, you know, it's about first, we have to get the information. That's what this product will help us do, get it into the platform, get our teams over the top of it, learn more about what's going on there and then be able to take action. >>But the key point is the architecture will scale. And that's where the cloud native things comes >>Into. Yeah, it'll, it'll it'll scale. But to your, to your point about the lack of investment and infrastructure means older stuff means potentially wider gaps, bigger security holes, more opportunity for the security sector. Yep. I buy that. That makes sense. I think if it's a valid argument, when you, when you, when you know, we, we loosely talk about internet of things, edge, a lot of those things on the edge, there's probably a trillion dollars worth of a hundred year old garbage, and I'm only slightly exaggerating on the trillion and the a hundred years old, a lot of those critical devices that need to be sensed that are controlling our, our, our, our electrical grid. For example, a lot of those things need to be updated. So, so as you're pushing into that frontier, are you, you know, are, are you extending out developer kits and APIs to those people as they're developing those new things? Well, because some of the old stuff will never work. >>And that's what we're we're seeing is that there is a movement within the industrial control side of things to actually start, you know, doing this. Some, some simple things like removing the air gap from certain systems because you, now we can build a system around it. That's trustable and supportable. So now we can get access there over, over and over a network over the internet to, to, to kind of control a valve set that's down a pipeline or something like that. So there is, there is, there is willingness within the ecosystem, the, the IOT provider ecosystem to give us access to some of those, those controls, which, which wasn't there, which has led to some of some of these issues. Are we gonna be able to get to all of them? No, we're gonna have to make decisions based on customer demand, based on where the big, the big rock lie. And, and so we will continue to do that based on customer feedback on again, on what we see >>And the legacy air gaps in the OT worlds were by design for security reasons, or just sort of >>Mostly because there was no way to, to do before. Right. So it was, was like black >>Connectivity is >>So, so, so it was, people felt more comfortable sending an engineer route to the field truck roll. Yeah, yeah, yeah. To do it rather than expensive, rather. And, and exactly that, again, going back to our macro economic situation, you know, it's a very expensive way of managing and maintaining your fleet if you have to send someone to it every time. So there is a lot of there's, there's a lot of customer demand for change, and we're engaging in that change. And we want, we see a huge opportunity there >>Coming back to the X XDR Alliance, cuz that's kind of where we started. Where do you wanna see that go? What's your vision for that? >>So the Alliance itself has been fundamental in terms of now where we go with the overall platform. We are always constantly looking for customer feedback on where we go next on what additional elements to add that the Alliance members have been this fantastic time and effort in terms of engaging with us so that we can build in responses to their platforms, into, you know, into, into what we do. And they're seeing the value of it. I, I feel that over the next, you know, over the next two year period, we're gonna see those, our XDR Alliance and other XDR alliances growing out to get to each other and they will they'll touch each other. We will have to do it like the OSF project at AWS. And as that occurs, we're gonna be able to focus on customer outcomes, which is, you know, again, if you listen to George, you listen to Mike protecting the customers, the mission of CrowdStrike. So I think that's core to that, to, to that story. What we will see now is it's a great vehicle for us to give a structured approach to partnership. So we'll continue to invest in that. We've, we've got, we've got a pipeline of literally hundreds of, of partners who want to join. We've just gotta do that in a way that's consumable for us and consumable for the customer. >>Jeff Swain. Thanks so much for coming back in the cube. It's great to have you. Yeah. Thanks guys. Thank you. Okay. And thank you for watching Dave Nicholson and Dave ante. We'll be back right after this short break. You're watching the cube from Falcon 22 in Las Vegas, right back.

>>We're back with the cube at Falcon 2022, Dave ante and Dave Nicholson. We're at the aria. We do obvious of course, a lot of events in Las Vegas. It's the, it's the place to do events. Dave, I think is my sixth or seventh time here this year. At least. I don't know. I lose track. Jeff Swayne is here. He's the vice president of global programs store and tech alliances at CrowdStrike. Jeff. Good to see again. We saw each other at reinvent in July in Boston. >>Yes. Have it's great to see you again, Dave. Thank you very >>Much. And we talked about making this happen, so it's thrilled to be here at, at, at CrowdStrike Falcon. We're gonna talk today about the CrowdStrike XDR Alliance partners. First of all, what's XDR >>Well, I hope you were paying attention to George's George's keynote this morning. I guess. You know, the one thing we know is that if you ask 10, five people, what XDR is you'll get 10 answers. >>I like this answer a holistic approach to endpoint security. I, that was a, >>It was good. Simple. That >>Was a good one at black hat. So, but tell us about the XDR Alliance partners program. Give us the update there. >>Yeah, so I mean, we spoke about it reinforced, you know, the XDR program is really predicated on having a robust ecosystem of partners to help us share that telemetry across all of the different parts of our customers' environment. So we've done a lot of work over the last few weeks and trying to bolster that environment, specifically, putting a, a lot of focus on firewall. You'll see that Cisco and fortunate have both joined the XD XDR Alliance. So we're working on that right now. A lot of customer demand for firewall data into the telemetry set. You know, obviously it's a very rich data environment. There's a lot of logs on firewalls. And so it drives a lot of, of, of information that we can, we can leverage. So we're continuing to grow that. And what we're doing is building out different content packs that support different use cases. So firewall is one CAS B is another emails another and we're building, building out the, the partner set right across the board. So it's, it's, it's been a, a great set of >>Activity. So it's it's partners that have data. Yep. There's probably some, you know, Joe, Tuchi your old boss used to say that that overlap is better than gaps. So there's sometimes there's competition, but that's from a customer standpoint, overlap is, is better than gaps. So you gonna mention Cisco forte and there are a number of others. They've got data. Yes. And they're gonna pump it into your system, our platform, and you've got the, your platform. You've got the ability to ingest. You've got the cloud native architecture, you've got the analytics and you've got the near real time analysis capability, right. >>Augmented by people as well, which is a really important part of our value proposition. You know, we, it's not just relying purely on AI, but we have a human, a human aspect to it as well to make sure we're getting extremely accurate responses. And then there's the final phase is the response phase. So being able to take action on a CASB, for example, when we have a known bad actor operating in the cloud is a really important, easy action for our customer to take. That's highly valuable. You're >>Talking about your threat hunting capability, right? >>So threat hunting and our Intel capability as well. We use all of that information as well as the telemetry to make sure we're making good, actionable >>Decisions, Intel being machine intelligence or, or human in >>Machine human and human and machine intelligence that we have. We have a whole business that's out there gathering Intel. I believe you're thinking to Adam Myers who runs that business. And you know, that Intel is critical to making good decisions for our customers. >>So the X and XDR is extended, correct. Extending to things like firewalls. That's pretty obvious in the security space. Are there some less obvious data sources that you look to extend to at some point? >>Yeah, I think we're gonna continually go with where the customer demand is. Firewalls is one of the first and email is very significant. Other one, you'll see that we're announcing support for Microsoft 365 as well as part of this, this announcement, but then we'll still grow out into the other areas. NDR is, you know, a specific area where we've already got a number of partners in that, in that space. And, and we'll grow that as we go. I think one of the really exciting additional elements is the, the OCS F announcement that we made at at, at, at, at reinforced, which also is a shared data scheme across a number of vendors as well. So talking to Mike's point Microsoft's point this morning in his keynote, it's really about the industry getting together to do better job for our customers. And XDR is the platform to do that. And crowd strikes it way of doing it is the only really true, visible way for a customer to get their hands on all that information, make the decision, see the good from the bad and take the action. So I feel like we're really well placed to help our customers in >>That space. Well, Kevin, Mandy referenced this too today, basically saying the industry's doing a better job of collaboration. I mean, sometimes I'm skeptical because we've certainly seen people try to, you know, commercialize private information, private reports. Yeah. But, but, but you're talking about, you know, some of your quasi competitors cooperatives, you know, actually partnering with you now. So that's a, that's a good indicator. Yeah. I want to step back a little bit, talk about the macro, the big conversation on wall street. Everybody wants to talk about the macro of course, for obvious reasons, we just published our breaking analysis, talking about you guys potentially being a generational company and sort of digging into that a little bit. We've seen, you know, cyber investments hold up a little bit better, both in terms of customer spending and of course the stock market better than tech broadly. Yeah. So in that case it would, it would suggest that cyber investments are somewhat non-discretionary. So, but that's is my question are cyber investments non-discretionary if so, how, >>You know, I think George George calls that out directly in our analyst reports as well that, you know, we believe that cyber is a non-discretionary spend, but I, I actually think it's more than that. I think in this current macro of economic environment where CIOs and CSOs are being asked to sweat their assets for a significantly longer period of time, that actually creates vulnerabilities because they have older kit, that's running for a longer period that they normally, you know, round out or churn out of their environment. They're not getting the investment to replace those laptops. They're not getting the investment to replace those servers. We have to sweat them for a little bit longer, longer, which means they need to be on top of the security posture of those devices. So that means that we need the best possible telemetry that we can get to protect those in the best possible way. So I actually think not only is it makes it non-discretionary, it actually increases the, the business case for, for, for taking on a, a cyber project. >>And I buy that. I buy that the business case is better potentially for cyber business case. And cyber is about, about risk reduction, right? It's about, it's about reducing expected loss. I, I, I, I, but the same time CISOs don't have an open wallet. They have to compete with other P and L managers. I also think the advantage for CrowdStrike I'm, I'm getting deeper into the architecture and beginning to understand the power of a lightweight agent that can do handle. I think you're up to 22 modules now, correct? Yes. I've got questions on how you keep that lightweight, but, but nonetheless, if you can consolidate the point tools, which is, you know, one of the biggest challenges that, that SecOps teams face that strengthens the ROI as well. >>Absolutely. And if you look at what George was saying this morning in the keynote, the combination of being able to provide tools, not only to the SecOps team, but the it ops team as well, being able to give the it ops team visibility on how many assets they have. I mean, these simple, these are simple questions that we should be able to answer. But often when we ask, you know, an operations leader, can you answer it? It sometimes it's hard for them. We actually have a lot of that information. So we are able to bring that into the platform. We're able to show them, we're able to show them where the assets are, where the vulnerabilities are against those assets and help it ops do a better job as well as SecOps. So the, the strength, the case strengths, as you said, the CSO can also be talking to the it ops budget. >>The edge is getting more real. We're certainly hearing a lot about it. Now we're seeing a lot more and you kind of got the, the near edge. It's like the home Depot and the lows, you know, stores okay. That I, I can get a better handle on, okay. How do I secure that? I've got some standards, but that's the far edge. It's, it's the, the OT yes. Piece of it. That's sort of the brave new world. What are you seeing there? How do you protect those far flung estates? >>I think this gets back to the question of what's what's new what's coming and where do we see the, the next set of workloads that we have to tackle? You know, when we came along first instance, we were really doing a lot of the on-prem on-prem and, and, and known cloud infrastructure suites. Then we started really tackling the broader cloud market with tools and technology to give visibility and control of the overall cloud environment. OT represents that next big addressable market for us, because there are so many questions around devices where they are, how old they are, what they're running. So visibility into the OT network is extremely, extremely important. And, you know, the, the wall that has existed again between the CISO and the OT environments coming down, we're seeing that's closer, closer alignment between the security on both those worlds. So the announcement that we've made around extending our Falcon discover product, to be able to receive and understand device information from the OT network and bring it into the same console as the, the it and the OT in the same console to give one cohesive picture of, of visibility of all of our devices is a major step forward for our customers and for, for the industry as well. >>And we see that being, being able to get the visibility will then lead us to a place of being able to build our AI models, build our response frameworks. So then we can go to a full EDR and then beyond that, there's, you know, all the other things that CrowdStrike do so well, but this is the first step to really the first step on control is visibility. And >>The OT guys are engineers. So they're obviously conscious of this stuff. It's, it's more it's again, you're extending that culture, isn't it? >>Yeah, yeah, yeah. Now when you're looking at threats, great, you want to do things to protect against those threats, but how much, how much of CrowdStrike's time is spent thinking about the friction that's involved in transactions? If I wanna go to the grocery store, think of me as an end point. If I wanna go to the grocery store, if I had to drive through three DUI checkpoints or car safety inspections, every time I went to the grocery store, I wouldn't be happy as an end point as an end user in this whole thing. Ideally, we'd be able just to be authenticated and then not have to worry about anything moving forward. Do you see that as your role, reducing friction >>100%, that's again, one of the core tenants of, of, of why George founded the company. I mean, he tells the story of sitting on an airplane and seeing an executive who was also on the airplane, trying to boot their machine up and trying, and get an email out before the plane took off and watching the scanning happen, you know, old school virus scanning happening on the laptop and, and that executive not making it because, and he is like in this day and age, how can we be holding people back with that much friction in their day to day life? So that's one of the, again, founding principles of what we do at CrowdStrike was the security itself needs to support business growth, support, user growth, and actually get out of the way of how people do things. And we've seen progression along that lines. I think the zero trust work that we're doing right now really helps with that as well. >>Our integrations into other companies that play within the zero trust space makes that frictionless experience for the user, because yeah, we, we, we want to be there. We want to know everything that's happening, but we don't want to see where we always want control points, but that's the value of the telemetry we take. We're taking all the data so that we can see everything. And then we pick what we want to review rather than having to do the, the checkpoint approach of stop here. Now, let me see your credentials stop here. And let me see your credentials because we have a full field of, of knowledge and information on what the device is doing and what the user is doing. We're able to then do the trust with verify style approach. >>So coming back to the, to the edge and IOT, you know, bringing that zero trust concept to the, to the edge you've got, you've got it and OT. Okay. So that's a new constituency, but you're consolidating that view. Your job gets harder. Doesn't it? So, so, so talk about how you resolve that. Do do the, do the concepts that you apply to traditional it endpoints apply at the edge. >>So first things we have to do is gain the visibility. And, and so the way in which we're doing that is effectively drawing information out from the OT environment at, by, by having a collector that's sitting there and bringing that into our console, which then will give us the ability to run our AI models and our other, you know, indications of attack or our indications of misconfiguration into the model. So we can see whether something's good or bad whilst we're doing that. Obviously we're also working on building specific sensors that will then sit in OT devices down, you know, one layer down from rather being collected and pulled and brought into the platform, being collected at the individual sensor level when we have that completed. And that requires a whole different ecosystem for us, it means that we have to engage with organizations like Rockwell and Siemens and Schneider, because they're the people who own the equipment, right? Yeah. And we have to certify with them to make sure that when we put technology onto their equipment, we're not going to cause any kind of critical failure that, you know, that could have genuine real world physical disastrous consequences. So we have to be super careful with how we build that, which we're we're in the process of doing >>Are the IOA signatures indicator as a tax. So I don't have to throw a dollar in the jar, are the IOA signatures substantially similar at, at the edge? I think >>We learn as we go, you know, first we have to gain the information and understand what good and bad looks like, what the kind of behaviors are there. But what we will see is that, you know, as someone's trying to make, if there's an actor, you know, making an attack, you know, we'll be able to see how they're affecting each of those end points individually, whether they're trying to take some form of control, whether they're switching them on and off in the edge and the far edge, it's a little bit more binary in terms of the kind of function of the device. It is the valve open or is the valve closed? It's is the production line running or is the production not line running, not running. So we need to be able to see that it's more about protecting the outcomes there as well. But again, you know, it's about first, we have to get the information. That's what this product will help us do. Get it into the platform, get our teams over the top of it, learn more about what's going on there and then be able to take action. >>But the key point is the architecture will scale. That's where the cloud native things >>Comes into. Yeah, it'll, it'll it'll scale. But to your, to your point about the lack of investment and infrastructure means older stuff means potentially wider gaps, bigger security holes, more opportunity for the security sector. Yep. I buy that. That makes sense. I think if it's a valid argument, when you, when you, when you know, we, we loosely talk about internet of things, edge, a lot of those things on the edge, there's probably a trillion dollars worth of a hundred year old garbage, and I'm only slightly exaggerating on the trillion and the a hundred years old, a lot of those critical devices that need to be sensed that are controlling our, our, our, our electrical grid. For example, a lot of those things need to be updated. So, so as you're pushing into that frontier, are you, you know, are, are you extending out developer kits and APIs to those people as they're developing those new things, right? Because some of the old stuff will never work. >>And that's what we're we're seeing is that there is a movement within the industrial control side of things to actually start, you know, doing this. Some, some simple things like removing the air gap from certain systems, because now we can build a system around it, that's trustable and supportable. So now we can get access there over, over and over a network over the internet to, to, to kind of control a valve set that's down a pipeline or something like that. So there is a, there is, there is willingness within the ecosystem, the, the IOT provider ecosystem to give us access to some of those, those controls, which, which wasn't there, which has led to some of some of these issues. Are we gonna be able to get to all of them? No, we're gonna have to make decisions based on customer demand, based on where the big, the big rock lie. And, and so we will continue to do that based on customer feedback on again, on what we see >>And the legacy air gaps in the OT worlds were by design for security reasons, or just sort of, >>I see. Because there was no way to, to do before. Right. So it was, was like >>Lack connectivity is, >>Yeah. So, so, so it was, people felt more comfortable sending an engineer route to the field truck roll. Yeah, yeah, yeah. To do it rather than expensive, rather. And, and exactly that, again, going back to our macro economic situation, you know, it's a very expensive way of managing and maintaining your fleet if you have to send someone to it every time. So there is a lot of there's, there's a lot of customer demand for change, and we're engaging in that change. And we want to see a huge opportunity there >>Coming back to the XDR Alliance, cuz that's kind of where we started. Where do you wanna see that go? What's your vision for that? >>So the Alliance itself has been fundamental in terms of now where we go with the overall platform. We are always constantly looking for customer feedback on where we go next on what additional elements to add. The, the Alliance members have video this fantastic time and effort in terms of engaging with us so that we can build in responses to their platforms, into, you know, into, into what we do. And they're seeing the value of it. I, I feel that over the next, you know, over the next two year period, we're gonna see those, our XDR Alliance and other XDR alliances growing out to get to each other and they will they'll touch each other. We will have to do it like this O project at AWS. And as that occurs, we're gonna be able to focus on customer outcomes, which is, you know, again, if you listen to George, you listen to Mike protecting the customers, the mission of CrowdStrike. So I think that's core to that, to, to that story. What we will see now is it's a great vehicle for us to give a structured approach to partnership. So we'll continue to invest in that. We've, we've got, we've got a pipeline of literally hundreds of, of partners who want to join. We've just gotta do that in a way that's consumable for us and consumable for the customer. >>Jeff Swain. Thanks so much for coming back in the cube. It's great to have you. Yeah. Thanks guys. Thank you. Okay. And thank you for watching Dave Nicholson and Dave ante. We'll be back right to this short break. You're watching the cube from Falcon 22 in Las Vegas, right back.

>> Announcer: From the CUBE studios in Palo Alto and Boston, it's the CUBE, covering Empowering the Autonomous Enterprise brought to you by Oracle Consulting. >> Everybody welcome back to the CUBE, I'm Dave Vellante. We're covering the transformation of Oracle Consulting specifically focused on really what is, what I consider a rebirth from really staff augmentation to a much more strategic partner for customers. And with me to explore that a little bit is Sherry Lautenbach. She's the Senior Vice President of Cloud Key Accounts at Oracle, and we're also joined by Pat Mungovan, who's a Group VP for the North American Cloud Strategy also at Oracle. Folks welcome to the CUBE, thanks for comin' on. >> Thanks Dave. >> Yeah, thanks for havin' us. >> You're welcome. So Sherry, you're out talkin' to customers a lot, and I'm curious as to what that conversation is like specifically as it relates to consulting. Are you bringing Oracle Consulting now into the conversation? What's that conversation like? >> Absolutely, in fact every conversation we have relating to our cloud strategy, Oracle Consulting is part and parcel to that. And they are not staff augmentation, they are actually the digital transformation arm of what we do around cloud. So it's been really interesting to see what they've been able to do in terms of changing the narrative of what we do at Oracle, from just a software company to really transforming to a cloud provider. >> Strategy, obviously a fundamental part of any customer interaction, but what are you seeing? What underscores customer strategies? What are the business drivers for them right now? What are the catalysts that are driving their technology spending decision? >> I think a lot of it depends upon, especially in the times that we're in now, depends upon the industry that they're in, but most importantly, what we're seeing is right now is durability. So we want to make sure that the customers have, you know our Oracle customers and others, have an opportunity to have a disaster recovery, business continuity. In this stage right now it's less about expansion per se, unless they're in an industry that's uniquely positioned for that, and more about durability of the overall strategy. So when we look at that durability, we think about kind of two core missions. We think about sort of back office operations and continuity, and then we think about transformational revenue generation, and so when we partner with OCS, we want to make sure that we have both of those concepts in mind. >> You know we have a lot of talk about, in our community, about cloud first, and I think Oracle has sort of put forth the gauntlet of look we're leading now with cloud. You both have cloud in your title, but obviously being cloud first is more than that. Sherry, I wonder if you could talk about your customers in your cloud journey and share with us and kind of convince us that you are cloud first. >> I joined Oracle about 11 months ago, was in the industry for about 25 years, and I joined specifically because I believe in what Oracle is doing around this cloud journey. We are in our second generation of cloud capabilities and that's purposeful. And we do that because we realize that where cloud started and where we are today are two totally different things, and so we have capabilities around security, viability, extensions with autonomous that other cloud providers just simply don't have. And we built these from the ground up to ensure that we can run Oracle workloads, databases, and applications far better than any other cloud provider. So it's a super exciting time to be at Oracle, and it's absolutely fascinating what our customers are doing to adopt our technology. >> Pat, I want to ask you a sort of similar question, how fundamental is cloud to organization strategies, obviously everybody has a cloud strategy, but I'm specifically asking as it relates to mission critical workloads because, let's face it, that's been the hardest to move into the cloud. So when you're out talking to customers about their strategy, and obviously dovetailing it to Oracle's strategy, how do you align those? >> So first I think I would respond in the following way. When I think about our portfolio, I don't necessarily say cloud first, I say customer first, and I really want the customer to make a decision based upon a deployment model that makes sense for that particular customer, whether it's a regulated industry, or the public sector, or you know any sort of compliance considerations. So Oracle is one of the very few enterprise-class cloud Providers that has obviously on-premise capabilities as well, and so 99% of the cases that we see, with the exception of some of the sort of startup S and B type folks that are born in the cloud, we're dealing with the hybrid cloud model anyway. And so that's kind of the first order of priority is what's right for the customer and let's make sure that we get the appropriate deployment model for that customer. In terms of enterprise, essentially the workloads that we have, whether it's cloud or on prem, are enterprise workloads, and those are kind of separated into two buckets. One would be core mission, sort of the revenue generation side, and one would be mission critical, sort of the back office side. So Oracle is historically tremendous at the back office side, you know, running finance, running operations, running the supply chain, you know, doing those things that are mission critical. On the core mission side, that's really where we're starting to focus now, which is getting out into the revenue generation, the mission of the entity, with things like high performance computing and making sure that we have an ability to support our customers on both sides of the spectrum. >> All right Sherry, why are customers wanting to put mission critical workloads in the cloud? Is it the same sort of cloud agility and cost, et cetera, et cetera? I mean, why not just leave it on prem and keep it protected and maybe spend a little bit more? What's the driver for moving mission critical workloads into the cloud? >> Well, I think it's dependent upon what the initiatives are in the company, right? If they're looking for cost reduction are the looking for top line growth, are they looking for different capabilities around security that the cloud can provide? The great thing about what we do is we have optimized all of our workloads, both our database and our applications, into our cloud, so we're providing additional capabilities, but we're also saving a lot of money. So we say all the time that, you know, put us to the test, let us quantify what we would look like in the cloud with our workloads versus a competitor, and we will guarantee that we'll save you a lot of money. So I think that a lot of it has to do with one, it starts with essentially cost reduction but then they start seeing additional business value driven out of and back to Oracle Consulting. What Oracle Consulting provides in terms of the business value in the cloud is transformative for our customers. >> Talk about kind of how you lead in these customer conversations. >> Right, well normally our entry point is one, understanding what the business drivers are, right. It has to be a business led discussion. It really isn't a technology starter point, right? It really is around what business problems are you trying to solve and how can we help you solve them? And because we know your environments, we know what databases are deployed and where they're deployed, what Oracle applications you're leveraging to run your business, we can, I think, successfully position ourselves very, very competitively against other cloud providers. And I think that has been something that has resonated incredibly well with our customers and in fact, our largest customer. >> Yeah, so it seems like Oracle Consulting is an important ingredient as part of that strategy 'cause again, if it was, you know, five years ago, and it was just staff augmentation that's really not a compelling conversation to have with customers. But if you can come in with a mindset of strategic partner, you're bringing in Deloitte, we've been talking to some of their professionals about the Elevate Program with Oracle, that's a nice lever that you're, you can take advantage of. >> Absolutely, and in fact, we've seen that that is a huge opportunity for us because one, the partnership with Deloitte is incredibly strategic. But we also partner with other companies like Accenture and DXC and IBM candidly, and Oracle, Oracle Consulting is incredibly flexible in terms of what kind of partnerships and alignment they have with our customers and it's really based on what the customer preference is. >> It's not just about, you know, feature, function, speeds and feeds, maybe you could address that. And where does Oracle Consulting fit in that equation? >> We firmly believe that every customer is going to want to have a different option for what they do in the cloud and based on the provider. So we one, we've partnered with Microsoft, and we actually can interconnect our clouds together to provide that kind of flexibility to our customers, and Oracle Consulting is a key component of that. To engage our customers and talk about our Microsoft integration, our partnership, Oracle Consulting is the arm that does that work for us. So we are seeing them come up, come about in a much different way, and in a way that's differentiated between other consulting staff augmentation firms. >> I want to end on growth Pat, and maybe talk about everyone wants cloud, Cloud is the growth business. You look at Oracle's business, you know, everybody's business, this cloud is growing. Everything else is either hanging on or declining, so it's all about growth. How do you drive growth? What is cloud's role in terms of the growth strategy? And maybe add some color to that narrative. >> From a product perspective, I think we're sort of a luxury of riches around the autonomous capabilities with the (mumbles). So that's something that's incredibly unique to Oracle, you know, the autonomous database and all the autonomous services that we're rolling out. And that autonomous gets back to what we talked about earlier around security, around performance, around scalability and all these things so that ultimately we're positioning the capabilities of the future, but we're positioning them today. So we're a market leader in this space, you know, not only is the Oracle database, as you pointed out, the market leader, we're market leader in ERP Cloud and a bunch of the SAS series. But this autonomous segment of the market is crucial for us and crucial to our growth. >> Yeah, it really is an enabler, and what I've been saying is that it's almost compulsory for Oracle to participate and compete in the cloud because it gives you that automation and that scale. But you're talking about also setting up, you know, some future advantages of being able to take advantage of data, the combination of data, AI, and cloud is the new superpower within the industry. Sherry, I want to end on you. 11 months in at Oracle, let's say things work out great, you're here two, three, four years down the road, you look back, what does success look like? >> Success looks like every one of our customers moving to the Oracle cloud and seeing incredible business value from that partnering with Oracle Consulting. That's what my success criteria is. >> Guys, well listen, thanks for so much for coming on the CUBE where we've been tracking this transformation of Oracle Consulting. And one of the things that's very clear, is Oracle is obviously serious about cloud, but also seriously about bringing in new talent and new skill sets to really not only transform Oracle but help transform your customers. So thank you for your time, I really appreciate it. >> Thanks so much. >> Yep you bet, thank you. >> All right and thank you everybody for watching. This is Dave Vellante for the CUBE. We'll see you next time.

>>The cube at IBM. Impact 2014 is brought to you by headline sponsor. IBM. Here are your hosts, John furrier and Paul Gillin. >>Hey, welcome back everyone. This is Silicon angle's the cube. It's our flagship program. We go out to the events district as soon from the noise. We're ending out day two of two days of wall to wall coverage with myself and Paul Galen. Uh, 10 to six 30 every day. I'm just, we'll take as much as we can just to get the data. Share that with you. Restrict the signal from the noise. I'm John furrier the bonus look at angle Miko is Paul Gilliam and our special guests, Holger Mueller, Mueller from constellation research analyst covering the space. Ray Wang was here earlier. You've been here for the duration. Um, we're going to break down the event. We'll do a wrap up here. Uh, we have huge impact event for 9,000 people. Uh, Paul, I want to go to you first and get your take on just the past two days. And we've got a lot of Kool-Aid injection attempts for Kool-Aid injection, but IBM people were very, very candid. I mean, I didn't find it, uh, very forceful at all from IBM. They're pragmatic. What's your thoughts on it? >>I think pragmatism is, is what I take away, John, if it gets a good, that's a good word for it. Uh, what I saw was a, uh, not a blockbuster. Uh, there was not a lot of, of, uh, of hype and overstatement about what the company was doing. I was impressed with Steve mills, but our interview with him yesterday, we asked about blockbuster acquisitions and he said basically, why, why, I mean, why should we take on a big acquisition that is going to create a headache, uh, for us in integrating into your organization? Let's focus on the spots where we have gaps and let's fill those. And that's really what they've, you know, they really have put their money where their mouth is and doing these 150 or more acquisitions over the last, uh, three or four years. Um, I think that the, the one question that I would have, I don't think there's any doubt about IBM's commitment to cloud as the future about their investment in big data analytics. They certainly have put their money where their mouth is. They're over $25 billion invested in big data analytics. One question I have coming out of this conference is about power and about the decision to exit the x86 market and really create confusion in a part of their business partners, their customers about about how they're going to fill that gap and where are they going to go for their actually needs and the power. Clearly power eight clearly is the future. It's the will fill that role in the IBM portfolio, but they've got to act fast. >>Do you think there's a ripple effect then so that that move I'll see cause a ripple effect in their ecosystem? >>Well, I was talking to a, I've talked to two IBM partners today, fairly large IBM partners and both of them have expressed that their customers are suffering some whiplash right now because all of a sudden the x86 option from IBM has gone away. And so it's frozen there. Their purchasing process and some of them are going to HP, some of them are looking at other providers. Um, I don't think IBM really has has told a coherent story to the markets yet about how >>and power's new. So they've got to prop that up. So you, so you're saying is okay, HP is going to get some new sales out of this, so frozen the for IBM and yet the power story's probably not clear. Is that what you're hearing? >>I don't think the power story is clear. I mean certainly it was news to me that IBM is taking on Intel at the, at this event and I was surprised that, that, >>that that was a surprise. Hold on, I've got to go to you because we've been sitting here the Cuban, we've been having all the execs come here and we've been getting briefed here in the cube. Shared that with the audience. You've been out on the ground, we've bumped into you guys, all, all the other analysts and all the briefings you've been in, the private sessions you've been in the rooms you've been, you've been, you've been out, out in the trenches there. What have you, what are you finding, what have you been hearing and what are the, some of the soundbites that you could share with the audience? It's not the classic God, Yemen, what are the differences? >>The Austin executives in cloud pedal, can you give me your body language? He had impact one year ago because they didn't have self layer at a time, didn't want to immediately actionable to do something involving what? A difference things. What in itself is fine, but I agree with what you said before is the messaging is they don't tell the customers, here's where we are right now. Take you by the hand. It's going to be from your door. And there's something called VMs. >>So it's very interesting. I mean I would consider IBM finalized the acquisition only last July. It's only been nine months since was acquired. Everything is software now. It leads me to think of who acquired who IBM acquired a software or did soflar actually acquire IBM because it seems to, SoftLayer is so strategic. IBM's cloud strategy going forward. >>Very strategic. I think it's probably why most transformative seemed like the Nexans agenda. And you've heard me say assault on a single thing. who makes it seven or eight weeks ago? It's moving very far. >>What do you think about the social business? Is that hanging together, that story? Hang on. It's obviously relevant direction. It's kind of a smarter planet positioning. Certainly businesses will be social. Are you seeing any meat on the bone there? On the collaboration side, >>one of the weakest parts, they have to be built again. Those again, they also have an additional for HR, which was this position, this stuff. It's definitely something which gives different change. >>I have to say, John, I was struck by the lack of discussion of social business in the opening keynote in particular a mobile mobile, big data. I mean that that came across very clear, but I've been accustomed to hearing that the social business rugby, they didn't, it didn't come out of this conference. >>Yeah. I mean my take on that was, is that >>I think it's pretty late. I don't think there's a lot of meat in the bone with the social, and I'll tell you why. I think it's like it's like the destination everyone wants to go to, but there's no really engine yet. Right. I think there's a lot of bicycle riding when they need a car. Right? So the infrastructure is just not is too embryonic, if you will. A lot of manual stuff going on. Even the analytics and you know you're seeing in the leaderboard here in the social media side and big data analytics. Certainly there are some core engine parts around IBM, but that social engine, I just don't see it happening. You risk requires a new kind of automation. It's got some real times, but I think that this is some, some nice bright spots. I love the streams. I love this zone's concept that we heard from Watson foundations. >>I think that is something that they need to pull out the war chest there and bring that front and center. I think the thinking about data as zones is really compelling and then I'll see mobile, they've got all the messaging on that and to give IBM to the benefit of the doubt. I mean they have a story now that they have a revenue generating story with cloud and with big data and social was never a revenue generating story. That's a software story. It's not big. It's not big dollars. And they've got something now that really they're really can drive. >>I'll tell you Chris Kristin from mobile first. She was very impressive and, and I'll tell you that social is being worked on. So I put the people are getting it. I mean IBM 100% gets social. I think the, the, it's not a gimmick to them. It's not like, Oh, we got some social media stuff. I think in the DNA of their soul, they, they come from that background of social. So I give them high marks on that. I just don't see the engine yet. I'm looking for analytics. I'm looking for a couple of eight cylinders. I just don't see it yet. You know, the engine, the engines, lupus and she wants to build the next generation of education. Big data, tons of mobile as the shoulder equivalent to social. I'm skeptical. I'm skeptical on Bloomix. I'll tell you why. I'm not skeptical. I shouldn't say that. >>It's going to get some plane mail for that. Okay. I'll say I'll see what's out there. I'll say it. I'm skeptical of Blumix because it could be a Wright brothers situation. Okay, look, I'm wrong guys building the wrong airplane. So the question is they might be on the wrong side of history if they don't watch the open source foundations because here's the problem. I have a blue mix, gets rushed to the market. Certainly IBM has got muscle solutions together. No doubt debting on cloud Foundry is really a risk and although people are pumping it up and it's got some momentum, they don't have a big community, they have a lot of marketing behind it and I know Jane's Wars over there is doing a great job and I'm Josh McKinsey over there with piston cloud. It'll behind it. It has all the elements of open collaboration and architecture or collaboration. However, if it's not a done deal yet in my mind, so that's a, that is a risk factor in my my mind. >>We've met a number of amazing, maybe you can help to do, to put these in order, a number of new concepts out there. We've got Bloomex the soft player, and we've got the marketplace, and these are all three concepts that approval, which is a subset of which, what's the hierarchy of these different platforms? >>That's hopefully, that's definitely at the bottom. The gives >>us visibility. You talk about the CIO and CSI all the time. Something you securities on every stupid LCO one on OCS and the marketplace. Basically naming the applications. Who would folded? IBM. IBM would have to meet opensource platform as a service. >>Well, it's not, even though it's not even open source and doing a deal with about foundries, so, so they've got, I think they're going in the middle. Where's their angle on that? But again, I like, again, the developer story's good, the people are solid. So I think it's not a fail of my, in my mind that all the messaging is great. But you know, we went to red hat summit, you know, they have a very active community, multiple generations in the data center, in the Indiana prize with Linux and, and open, you know, they're open, open shift is interesting. It's got traction and it's got legit traction. So that's one area. The other area I liked with Steve mills was he's very candid about this turf. They're staking out. Clearly the cloud game is up, is there is hardcore for them and in the IBM flavor enterprise cloud, they want to win the enterprise cloud. They clearly see Amazon, they see Amazon and its rhetoric and Grant's narrative and rhetoric against Amazon was interesting saying that there's more links on SoftLayer and Amazon. Now if you count links, then I think that number is skewed. So it's, you know, there's still a little bit of gamification going to have to dig into that. I didn't want to call him out on that, but know there's also a hosting business versus, you know, cloud parse the numbers. But what's your take on Amazon soft layer kind of comparison. >>It's, it's fundamentally different, right? Mustn't all shows everything. Why did see retailers moves is what to entirely use this software, gives them that visibility machine, this accommodation more conservatively knowing that I buy them, I can see that I can even go and physically touch that machine and I can only did the slowly into any cloud virtualization shed everything. >>Oh, Paul, I gotta say my favorite interview and I want to get your take on this. It was a Grady food. She was sat down with us and talk with us earlier today. IBM fell up, walks on water with an IBM Aussie legend in the computer industry. Just riveting conversation. I mean, it was really just getting started. I mean, it felt like we were like, you know, going into cruising altitude and then he just walked away. So they w what's your take on that conversation? >>Well, I mean, certainly he, uh, the gritty boujee interview, he gave us the best story of, of the two days, which is, uh, they're being in the hospital for open heart surgery, looking up, seeing the equipment, and it's going to be used to go into his chest and open his heart and knowing that he knows the people who program that, that equipment and they programmed it using a methodology that he invented. Uh, that, that, that's a remarkable story. But I think, uh, uh, the fact that that a great igloo can have a job at a company like IBM is a tribute to IBM. The fact that they can employ people like that who don't have a hard revenue responsibility. He's not a P. and. L, he's just, he's just a genius and he's a legend and he's an IBM to its crude, finds a place for people like that all throughout his organization. >>And that's why they never lost their soul in my opinion. You look at what HP and IBM, you know, IBM had a lot of reorganizations, a lot of pivots, so to speak, a lot of battleship that's turned this in way. But you know, for the most part they kept their R and D culture. >>But there's an interesting analogy too. Do you remember the case methodology was mutual support of them within the finance language that you mailed something because it was all about images, right? You would use this, this methodology, different vendors that were prior to the transport itself. Then I've yet to that credit, bring it together. bring and did a great service to all for software engineering. And maybe it's the same thing at the end, can play around diversity. >>You've got to give IBM process a great point. Earlier we, Steve mills made a similar reference around, it wasn't animosity, it was more of Hey, we've helped make Intel a big business, but the PC revolution, you know, where, what's in it for us? Right? You know, where's our, you know, help us out, throw us a bone. Or you know, you say you yell to Microsoft to go of course with the licensing fee with Gates, but this is the point, the unification story and with grays here, you know IBM has some real good cultural, you know industry Goodwill, you agree >>true North for IBM is the Antal quest customer. They'll do what's right where the money and the budget of the enterprise customers and press most want compatibility. They don't want to have staff, of course they want to have investment protection >>guys. I'd be able to do a good job of defining that as their cloud strategy that clearly are not going head to head with Amazon. It's a hybrid cloud strategy. They want to, they see the enterprise customers that legacy as as an asset and it's something they want to build on. Of course the risk of that is that Amazon right now is the pure play. It has all the momentum. It has all the buzz and and being tied to a legacy is not always the greatest thing in this industry, but from a practical revenue generating standpoint, it's pretty good. >>Hey guys, let's go down and wrap up here and get your final thoughts on the event. Um, and let's just go by the numbers, kind of the key things that IBM was promoting and then our kind of scorecard on kind of where they, where they kind of played out and new things that popped out of the woodwork that got your attention. You see the PO, the power systems thing was big on their messaging. Um, the big data story continues to be part of it. Blue mix central to the operations and the openness. You had a lot of open, open openness in their messaging and for the most part that's pretty much it. Um, well Watson, yeah, continue. Agents got up to Watson. >>Wow. A lot of news still to come out of Watson I think in many ways that is their, is their ACE in the hole and then that is their diamond. Any other thoughts? >>Well, what I missed is, which I think sets IBM apart from this vision, which is the idea of the API. Everybody else at that pure name stops the platform or says, I'm going to build like the org, I'm going to build you. That's a clear differentiator on the IBM side, which you still have to build part. They still have to figure out granularity surface that sets them apart that they have to give one. >>Yeah, and I think I give him an a plus on messaging. I think they're on all the right fault lines on the tectonic shifts that we're seeing. Everyone, I asked every every guest interview, what's the game changing moment? Why is it so important? And almost consistently the answers were, you know, we're living in a time of fast change data, you know, efficiency spare or you're going to be left behind. This is the confluence of all these trends, these fall lines. So I think IBM is sitting on these fall lines. Now the question is how fast can they cobbled together the tooling from the machineries that they have built over the years. Going back to the mainframe anniversary, it's out there. A lot of acquisitions, but, but so far the story and the story >>take the customer by the hand. That's the main challenge. I see. This wasn't often we do in Mexico, they want zero due to two times or they're chilling their conferences. It's the customer event and you know, and it's 9,000 people somehow have to do something to just show, right? So why is my wave from like distinguished so forth and so and so into? Well Lou mentioned, sure for the cloud, but how do we get there, right? What can we use, what am I SS and leverage? How do I call >>guys, really appreciate the commentary. Uh, this is going to be a wrap for us when just do a shout out to Matt, Greg and Patrick here doing a great job with the production here in the cube team and we have another cube team actually doing a simultaneous cube up in San Francisco service. Now you guys have done a great job here. And also shout out to Bert Latta Moore who's been doing a great job of live tweeting and help moderate the proud show, which was really a huge success and a great crowd chat this time. Hopefully we'll get some more influencers thought leaders in there for the next event and of course want to thank Paul Gillen for being an amazing cohost on this trip. Uh, I thought the questions and the and the cadence was fantastic. The guests were happy and hold there. Thank you for coming in on our wrap up. >>Really appreciate it. Constellation research. Uh, this is the cube. We are wrapping it up here at the IBM impact event here live in Las Vegas. It's the cube John furrier with Paul Gillen saying goodbye and see it. Our next event and stay tuned if it's look at angel dot DV cause we have continuous coverage of service now and tomorrow we will be broadcasting and commentating on the Facebook developer conference in San Francisco. We're running here, Mark Zuckerberg and all Facebook's developers and all their developer programs rolling out. So watch SiliconANGLE TV for that as well. Again, the cube is growing with thanks to you watching and thanks to all of our friends in the industry. Thanks for watching..