>> Narrator: theCUBE's live coverage is made possible by funding from Dell Technologies. Creating technologies that drive human progress. (upbeat music) >> Hey, welcome back to the Fira in Barcelona. My name is Dave Vellante. I'm here with David Nicholson, day four of MWC '23. Show's winding down a little bit, but it's still pretty packed here. Lot of innovation, planes, trains, automobiles, and we're talking 5G all week, private networks, connected breweries. It's super exciting. Really happy to have Warren Jackson here as the Edge Gateway Product Technologist at Dell Technologies, and Scott Waller, the CTO of the 5G Open Innovation Lab. Folks, welcome to theCUBE. >> Good to be here. >> Really interesting stories that we're going to talk about. Let's start, Scott, with you, what is the Open Innovation Lab? >> So it was hatched three years ago. Ideated about a bunch of guys from Microsoft who ran startup ventures program, started the developers program over at Microsoft, if you're familiar with MSDN. And they came three years ago and said, how does CSPs working with someone like T-Mobile who's in our backyard, I'm from Seattle. How do they monetize the edge? You need a developer ecosystem of applications and use cases. That's always been the thing. The carriers are building the networks, but where's the ecosystem of startups? So we built a startup ecosystem that is sponsored by partners, Dell being one sponsor, Intel, Microsoft, VMware, Aspirant, you name it. The enterprise folks who are also in the connectivity business. And with that, we're not like a Y Combinator or a Techstars where it's investment first and it's all about funding. It's all about getting introductions from a startup who might have a VR or AI type of application or observability for 5G slicing, and bring that in front of the Microsoft's of the world, or the Intel's and the Dell's of the world that they might not have the capabilities to do it because they're still a small little startup with an MVP. So we really incubate. We're the connectors and build a network. We've had 101 startups over the last three years. They've raised over a billion dollars. And it's really valuable to our partners like T-Mobile and Dell, et cetera, where we're bringing in folks like Expedo and GenXComm and Firecell. Start up private companies that are around here they were cohorts from our program in the past. >> That's awesome because I've often, I mean, I've seen Dell get into this business and I'm like, wow, they've done a really good job of finding these guys. I wonder what the pipeline is. >> We're trying to create the pipeline for the entire industry, whether it's 5G on the edge for the CSPs, or it's for private enterprise networks. >> Warren, what's this cool little thing you got here? >> Yeah, so this is very unique in the Dell portfolio. So when people think of Dell, they think of servers laptops, et cetera. But what this does is it's designed to be deployed at the edge in harsh environments and it allows customers to do analytics, data collection at the edge. And what's unique about it is it's got an extended temperature range. There's no fan in this and there's lots of ports on it for data ingestion. So this is a smaller box Edge Gateway 3200. This is the product that we're using in the brewery. And then we have a bigger brother of this, the Edge Gateway 5200. So the value of it, you can scale depending on what your edge compute requirements are at the edge. >> So tell us about the brewery story. And you covered it, I know you were in the Dell booth, but it's basically an analog brewery. They're taking measurements and temperatures and then writing it down and then entering it in and somebody from your company saw it and said, "We can help you with this problem." Explain the story. >> Yeah, so Scott and I did a walkthrough of the brewery back in November timeframe. >> It's in Framingham, Mass. >> Framingham, Mass, correct. And basically, we talked to him, and we said, what keeps you guys up at night? What's a problem that we can solve? Very simple, a kind of a lower budget, didn't have a lot money to spend on it, but what problem can we solve that will realize great benefit for you? So we looked at their fermentation process, which was completely analog. Somebody was walking around with a clipboard looking at analog gauges. And what we did is we digitized that process. So what this did for them rather than being completely reactive, and by the time they realized there was something going wrong with the fermentation process, it's too late. A batch of scrap. This allowed them to be proactive. So anytime, anywhere on the tablet or a phone, they can see if that fermentation process is going out of range and do something about it before the batch gets scrapped. >> Okay. Amazing. And Scott, you got a picture of this workflow here? >> Yeah, actually this is the final product. >> Explain that. >> As Warren mentioned, the data is actually residing in the industrial side of the network So we wanted to keep the IT/OT separation, which is critical on the factory floor. And so all the data is brought in from the sensors via digital connection once it's converted and into the edge gateway. Then there's a snapshot of it using Telit deviceWISE, their dashboarding application, that is decoding all the digital readings, putting them in a nice dashboard. And then when we gave them, we realized another problem was they're using cheap little Chromebooks that they spill beer on once a week and throw them out. That's why they bought the cheap ones 'cause they go through them so fast. So we got a Dell Latitude Rugged notebook. This is a brand new tablet, but they have the dashboarding software. So no matter if they're out there on the floor, but because the data resides there on the factory they have access to be able to change the parameters. This one's in the maturation cycle. This one's in the crashing cycle where they're bringing the temperature back down, stopping the fermentation process, getting it ready to go to the canning side of the house. >> And they're doing all that from this dashboard. >> They're doing all from the dashboard. They also have a giant screen that we put up there that in the floor instead of walking a hundred yards back behind a whole bunch of machinery equipment from a safety perspective, now they just look up on the screen and go, "Oh, that's red. That's out of range." They're actually doing a bunch of cleaning and a bunch of other things right now, too. So this is real time from Boston. >> Dave: Oh okay. >> Scott: This is actually real time from Boston. >> I'm no hop master, but I'm looking at these things flashing at me and I'm thinking something's wrong with my beer. >> We literally just lit this up last week. So we're still tweaking a few things, but they're also learning around. This is a new capability they never had. Oh, we have the ability to alert and monitor at different processes with different batches, different brews, different yeast types. Then now they're also training and learning. And we're going to turn that into eventually a product that other breweries might be able to use. >> So back to the kind of nuts and bolts of the system. The device that you have here has essentially wifi antennas on the back. >> Warren: Correct. >> Pull that up again if you would, please. >> Now I've seen this, just so people are clear, there are also paddle 5G antennas that go on the other side. >> Correct. >> That's sort of the connection from the 5G network that then gets transmogrified, technical term guys, into wifi so the devices that are physically connected to the brew vats, don't know what they're called. >> Fermentation tanks. >> Fermentation tanks, thank you. Those are wifi. That's a wifi signal that's going into this. Is that correct? >> Scott: No. >> No, it's not. >> It's a hard wire. >> Okay, okay. >> But, you're right. This particular gateway. >> It could be wifi if it's hard wire. >> It could be, yes. Could be any technology really. >> This particular gateway is not outfitted with 5G, but something that was very important in this application was to isolate the IT network, which is on wifi and physically connected from the OT network, which is the 5G connection. So we're sending the data directly from the gateway up to the cloud. The two partners that we worked with on this project were ifm, big sensor manufacturer that actually did the wired sensors into an industrial network called IO-Link. So they're physically wired into the gateway and then in the gateway we have a solution from our partner Telit that has deviceWISE software that actually takes the data in, runs the analytics on it, the logic, and then visualizes that data locally on those panels and also up to their cloud, which is what we're looking at. So they can look at it locally, they're in the plant and then up in the cloud on a phone or a tablet, whatever, when they're at home. >> We're talking about a small business here. I don't know how many employees they have, but it's not thousands. And I love that you're talking about an IT network and an OT network. And so they wanted, it is very common when we talk about industrial internet of things use cases, but we're talking about a tiny business here. >> Warren: Correct. >> They wanted to separate those networks because of cost, because of contention. Explain why. >> Yeah, just because, I mean, they're running their ERP system, their payroll, all of their kind of the way they run their business on their IT network and you don't want to have the same traffic out on the factory floor on that network, so it was pretty important. And the other thing is we really, one of the things that we didn't want to do in this project is interrupt their production process at all. So we installed this entire system in two days. They didn't have to shut down, they didn't have to stop. We didn't have to interrupt their process at all. It was like we were invisible there and we spun the thing up and within two days, very simple, easy, but tremendous value for their business. >> Talk about new markets here. I mean, it's like any company that's analog that needs to go digital. It's like 99% of the companies on the planet. What are you guys seeing out there in terms of the types of examples beyond breweries? >> Yeah, I could talk to that. So I spent a lot of time over the last couple years running my own little IoT company and a lot of it being in agriculture. So like in Washington state, 70% of the world's hops is actually grown in Washington state. It's my hometown. But in the Ag producing regions, there's lack of connectivity. So there's interest in private networks because the carriers aren't necessarily deploying it. But because we have the vast amount of hops there's a lot of IPAs, a lot of hoppy IPAs that come out of Seattle. And with that, there's a ton of craft breweries that are about the same size, some are a little larger. Anheuser-Busch and InBev and Heineken they've got great IoT platforms. They've done it. They're mass scale, they have to digitize. But the smaller shops, they don't, when we talk about IT/OT separation, they're not aware of that. They think it's just, I get local broadband and I get wifi and one hotspot inside my facility and it works. So a little bit of it was the education. I have got years in IT/OT security in my background so that education and we come forward with a solution that actually does that for them. And now they're aware of it. So now when they're asking questions of other vendors that are trying to sell them some type of solution, they're inherently aware of what should be done so they're not vulnerable to ransomware attacks, et cetera. So it's known as the Purdue Model. >> Well, what should they do? >> We came in and keep it completely separated and educated them because in the end too we'll build a design guide and a starter kit out of this that other brewers can use. Because I've toured dozens of breweries in Washington, the exact same scenario, analog gauges, analog process, very manual. And in the end, when you ask the brewer, what do they want out of this? It keeps them up at night because if the temperature goes out of range, because the chiller fails, >> They ruined. >> That's $30,000 lost in beer. That's a lot to a small business. However, it's also once they start digitizing the data and to Warren's point, it's read-only. We're not changing any of the process. We augmented on top of their existing systems. We didn't change their process. But now they have the ability to look at the data and see batch to batch consistency. Quality doesn't always mean best, it means consistency from batch to batch. Every beer from exhibit A from yesterday to two months from now of the same style of beer should be the same taste, flavor, boldness, et cetera. This is giving them the insights on it. >> It's like St. Louis Buds, when we were kids. We would buy the St. Louis Buds 'cause they tasted better than the Merrimack Buds. And then Budweiser made them all the same. >> Must be an East coast thing. >> It's an old guy thing, Dave. You weren't born yet. >> I was in high school. Yeah, I was in high school. >> We like the hops. >> We weren't 21. Do me a favor, clarify OT versus IT. It's something we talk about all the time, but not everyone's familiar with that separation. Define OT for me. >> It's really the factory floor. You got IT systems that are ERP systems, billing, you're getting your emails, stuff like that. Where the ransomware usually gets infected in. The OT side is the industrial control network. >> David: What's the 'O' stand for? >> Operation. >> David: Operation? >> Yeah, the operations side. >> 'Cause some people will think objects 'cause we think internet of things. >> The industrial operations, think of it that way. >> But in a sense those are things that are connected. >> And you think of that as they are the safety systems as well. So a machine, if someone doesn't push the stop button, you'd think if there's a lot of traffic on that network, it isn't guaranteed that that stop button actually stops that blade from coming down, someone's going to lose their arm. So it's very tied to safety, reliability, low latency. It is crafted in design that it never touches the internet inherently without having to go through a security gateway which is what we did. >> You mentioned the large companies like InBev, et cetera. You're saying they're already there. Are they not part of your target market? Or are there ways that you can help them? Is this really more of a small to mid-size company? >> For this particular solution, I think so, yeah. Because the cost to entry is low. I mean, you talk about InBev, they have millions of dollars of budgets to spend on OT. So they're completely automated from top to bottom. But these little craft brewers, which they're everywhere in the US. Vermont, Washington state, they're completely manual. A lot of these guys just started in their garage. And they just scaled up and they got a cult kind of following around their beers. One thing that we found here this week, when you talk around edge and 5G and beer, those things get people excited. In our booth we're serving beer, and all these kind of topics, it brings people together. >> And it lets the little guy compete more effectively with the big giants. >> Correct. >> And how do you do more with less as the little guy is kind of the big thing and to Warren's point, we have folks come up and say, "Great, this is for beer, but what about wine? What about the fermentation process of wine?" Same materials in the end. A vessel of some sort, maybe it's stainless steel. The clamps are the same, the sensors are the same. The parameters like temperature are key in any type of fermentation. We had someone talking about olive oil and using that. It's the same sanitary beverage style equipment. We grabbed sensors that were off the shelf and then we integrated them in and used the set of platforms that we could. How do we rapidly enable these guys at the lowest possible cost with stuff that's at the shelf. And there's four different companies in the solution. >> We were having a conversation with T-Mobile a little earlier and she mentioned the idea of this sounding scary. And this is a great example of showing that in fact, at a relatively small scale, this technology makes a lot of sense. So from that perspective, of course you can implement private 5G networks at an industrial scale with tens of millions of dollars of investment. But what about all of the other things below? And that seems to be a perfect example. >> Yeah, correct. And it's one of the things with the gateway and having flexibility the way Dell did a great job of putting really good modems in it. It had a wide spectrum range of what bands they support. So being able to say, at a larger facility, I mean, if Heineken wants to deploy something like this, oh, heck yeah, they probably could do it. And they might have a private 5G network, but let's say T-Mobile offers a private offering on their public via a slice. It's easy to connect that radio to it. You just change the sims. >> Is that how the CSPs fit here? How are they monetized? >> Yeah, correct. So one of our partners is T-Mobile and so we're working with them. We've got other telco partners that are coming on board in our lab. And so we'll do the same thing. We're going to take this back and put it in the lab and offer it up as others because the baseline building blocks or Lego blocks per se can be used in a bunch of different industries. It's really that starter point of giving folks the idea of what's possible. >> So small manufacturing, agriculture you mentioned, any other sort of use cases we should tune into? >> I think it's environmental monitoring, all of that stuff, I see it in IoT deployments all over the world. Just the simple starter kits 'cause a farmer doesn't want to get sold a solution, a platform, where he's got to hire a bunch of coders and partner with the big carriers. He just wants something that works. >> Another use case that we see a lot, a high cost in a lot of these places is the cost of energy. And a lot of companies don't know what they're spending on electricity. So a very simple energy monitoring system like that, it's a really good ROI. I'm going to spend five or $10,000 on a system like this, but I'm going to save $20,000 over a year 'cause I'm able to see, have visibility into that data. That's a lot of what this story's about, just giving visibility into the process. >> It's very cool, and like you said, it gets people excited. Is it a big market? How do you size it? Is it a big TAM? >> Yeah, so one thing that Dell brings to the table in this space is people are buying their laptops, their servers and whatnot from Dell and companies are comfortable in doing business with Dell because of our model direct to customer and whatnot. So our ability to bring a device like this to the OT space and have them have that same user experience they have with laptops and our client products in a ruggedized solution like this and bring a lot of partners to the table makes it easy for our customers to implement this across all kinds of industries. >> So we're talking to billions, tens of billions. Do we know how big this market is? What's the TAM? I mean, come on, you work for Dell. You have to do a TAM analysis. >> Yes, no, yeah. I mean, it really is in the billions. The market is huge for this one. I think we just tapped into it. We're kind of focused in on the brewery piece of it and the liquor piece of it, but the possibilities are endless. >> Yeah, that's tip of the spear. Guys, great story. >> It's scalable. I think the biggest thing, just my final feedback is working and partnering with Dell is we got something as small as this edge gateway that I can run a Packet Core on and run a 5G standalone node and then have one of the small little 5G radios out there. And I've got these deployed in a farm. Give the farmer an idea of what's possible, give him a unit on his tractor, and now he can do something that, we're providing connectivity he had never had before. But as we scale up, we've got the big brother to this. When we scale up from that, we got the telco size units that we can put. So it's very scalable. It's just a great suite of offerings. >> Yeah, outstanding. Guys, thanks for sharing the story. Great to have you on theCUBE. >> Good to be with you today. >> Stop by for beer later. >> You know it. All right, Dave Vellante for Dave Nicholson and the entire CUBE team, we're here live at the Fira in Barcelona MWC '23 day four. Keep it right there. (upbeat music)

(upbeat music) >> Hello, everyone; I'm John Furrier with SiliconANGLE NEWS and host of theCUBE, and welcome to our SiliconANGLE NEWS MWC NEWS UPDATE in Barcelona where MWC is the premier event for the cloud telecommunication industry, and in the news here is Red Hat, Red Hat announcing a collaboration with NVIDIA, Samsung and Arm on Efficient Open Networks. Red Hat announced updates across various fields including advanced 5G telecommunications cloud, industrial edge, artificial intelligence, and radio access networks, RAN, and Efficiency. Red Hat's enterprise Kubernetes platform, OpenShift, has added support for NVIDIA's converged accelerators and aerial SDK facilitating RAND deployments on industry standard service across hybrid and multicloud platforms. This composable infrastructure enables telecom firms to support heavier compute demands for edge computing, AI, private 5G, and more, and just also helps network operators adopt open architectures, allowing them to choose non-proprietary components from multiple suppliers. In addition to the NVIDIA collaboration, Red Hat is working with Samsung to offer a new vRAN solution for service providers to better manage their open RAN networks. They're also working with UK chip designer, Arm, to create new networking solutions for energy efficient Red Hat Open Source Kubernetes-based Efficient Power Level Exporter project, or Kepler, has been donated to the open Cloud Native Compute Foundation, allowing enterprise to better understand their cloud native workloads and power consumptions. Kepler can also help in the development of sustainable software by creating less power hungry applications. Again, Red Hat continuing to provide OpenSource, OpenRAN, and contributing an open source project to the CNCF, continuing to create innovation for developers, and, of course, Red Hat knows what, a lot about operating systems and the telco could be the next frontier. That's SiliconANGLE NEWS. I'm John Furrier; thanks for watching. (monotone music)

(electronic music) >> Hello, I'm John Furrier with SiliconANGLE News and host of theCUBE, and welcome to our news update for MWC in Barcelona, the premier event for cloud and to the telecommunication industry. News today, VMware in the news has lots of announcements, where it's expanding its line of products for communication service providers with Open RAND portfolio VMware's unveiled service management orchestration framework for simplifying and automating radio access networks and their applications. RANDs have traditionally been proprietary because of their need for low latency and speed and the Overran Alliance is championed open standard that would expand the number of players in the RAND ecosystem. According to Sanjay Oppai, senior vice president and general manager of the service provider and Edge Business Unit at VMware, VMware is the forefront of getting deployed in telcos both in the RAND as well as the core and VMware hopes they can extend their leadership from the enterprise data center and SD WAN and be the defacto standard in the RAND. VMware is also announcing a technical preview that'll allow communications service providers to run disaggregated and virtualized RAND functions directly on bare metal servers using VMware Tanzu. Project Hui is the initiative aimed at telecom providers that need flexibility in how they deploy edge devices. The VMware Telco cloud platform is also being improved to deliver carrier grade intelligent networking and lateral security features such as distributed firewall and intrusion detection and prevention, along with support for energy efficient use cases for 4G and 5G core load balancing. For enterprise customers, VMware is delivering new and enhanced remote worker device connectivity and intelligent wireless capabilities to its SD WAN and Secure Access Service Edge, or SASE Products, is also expanding its collaboration with Intel aimed at delivering new edge applications based on 5G connectivity that will support SD WAN use cases involving mobile and internet of things devices. Again, VMware spinning their portfolio in the news. Again, VMware is not stopping. Of course, theCUBE's, all the coverage of VMware Explorer will be coming up this year in 2023. Don't miss that. But at mwc, Dave Vellante and Lisa Martin, the entire Cube team are there for four days of live coverage. Of course, all the news and reporting is on SiliconANGLE.com. For all the action, go there. And of course theCUBE.net is where the broadcast is in Barcelona. This is theCUBE News. Thanks for watching.

>> This past May, the Cube, in collaboration with Influx Data shared with you the latest innovations in Time series databases. We talked at length about why a purpose-built time series database for many use cases, was a superior alternative to general purpose databases trying to do the same thing. Now, you may, you may remember that time series data is any data that's stamped in time and if it's stamped, it can be analyzed historically. And when we introduced the concept to the community we talked about how in theory those time slices could be taken, you know every hour, every minute, every second, you know, down to the millisecond and how the world was moving toward realtime or near realtime data analysis to support physical infrastructure like sensors, and other devices and IOT equipment. Time series databases have had to evolve to efficiently support realtime data in emerging use, use cases in IOT and other use cases. And to do that, new architectural innovations have to be brought to bear. As is often the case, open source software is the linchpin to those innovations. Hello and welcome to Evolving Influx DB into the Smart Data platform, made possible by influx data and produced by the cube. My name is Dave Vellante, and I'll be your host today. Now, in this program, we're going to dig pretty deep into what's happening with Time series data generally, and specifically how Influx DB is evolving to support new workloads and demands and data, and specifically around data analytics use cases in real time. Now, first we're going to hear from Brian Gilmore who is the director of IOT and emerging technologies at Influx Data. And we're going to talk about the continued evolution of Influx DB and the new capabilities enabled by open source generally and specific tools. And in this program, you're going to hear a lot about things like rust implementation of Apache Arrow, the use of Parquet and tooling such as data fusion, which are powering a new engine for Influx db. Now, these innovations, they evolve the idea of time series analysis by dramatically increasing the granularity of time series data by compressing the historical time slices if you will, from, for example minutes down to milliseconds. And at the same time, enabling real time analytics with an architecture that can process data much faster and much more efficiently. Now, after Brian, we're going to hear from Anais Dotis-Georgiou who is a developer advocate at Influx Data. And we're going to get into the "why's" of these open source capabilities, and how they contribute to the evolution of the Influx DB platform. And then we're going to close the program with Tim Yocum. He's the director of engineering at Influx Data, and he's going to explain how the Influx DB community actually evolved the data engine in mid-flight and which decisions went into the innovations that are coming to the market. Thank you for being here. We hope you enjoy the program. Let's get started.

>>The cybersecurity landscape continues to be one characterized by a series of point tools designed to do a very specific job, often pretty well, but the mosaic of tooling is grown over the years causing complexity in driving up costs and increasing exposures. So the game of Whackamole continues. Moreover, the way organizations approach security is changing quite dramatically. The cloud, while offering so many advantages, has also created new complexities. The shared responsibility model redefines what the cloud provider secures, for example, the S three bucket and what the customer is responsible for, eg properly configuring the bucket. You know, this is all well and good, but because virtually no organization of any size can go all in on a single cloud, that shared responsibility model now spans multiple clouds and with different protocols. Now, that of course includes on-prem and edge deployments, making things even more complex. Moreover, the DevOps team is being asked to be the point of execution to implement many aspects of an organization's security strategy. >>This extends to securing the runtime, the platform, and even now containers, which can end up anywhere. There's a real need for consolidation in the security industry, and that's part of the answer. We've seen this both in terms of mergers and acquisitions as well as platform plays that cover more and more ground. But the diversity of alternatives and infrastructure implementations continues to boggle the mind with more and more entry points for the attackers. This includes sophisticated supply chain attacks that make it even more difficult to understand how to secure components of a system and how secure those components actually are. The number one challenge CISOs face in today's complex world is lack of talent to address these challenges, and I'm not saying that SecOps pros are now talented. They are. There just aren't enough of them to go around, and the adversary is also talented and very creative, and there are more and more of them every day. >>Now, one of the very important roles that a technology vendor can play is to take mundane infrastructure security tasks off the plates of SEC off teams. Specifically, we're talking about shifting much of the heavy lifting around securing servers, storage, networking, and other infrastructure and their components onto the technology vendor via r and d and other best practices like supply chain management. And that's what we're here to talk about. Welcome to the second part in our series, A Blueprint for Trusted Infrastructure Made Possible by Dell Technologies and produced by the Cube. My name is Dave Ante, and I'm your host now. Previously, we looked at what trusted infrastructure means >>And the role that storage and data protection play in the equation. In this part two of the series, we explore the changing nature of technology infrastructure, how the industry generally in Dell specifically, are adapting to these changes and what is being done to proactively address threats that are increasingly stressing security teams. Now today, we continue the discussion and look more deeply into servers networking and hyper-converged infrastructure to better understand the critical aspects of how one company Dell is securing these elements so that devs SEC op teams can focus on the myriad new attack vectors and challenges that they faced. First up is Deepak rang Garage Power Edge security product manager at Dell Technologies, and after that we're gonna bring on Mahesh Naar oim, who was a consultant in the networking product management area at Dell. And finally, we're closed with Jerome West, who is the product management security lead for HCI hyperconverged infrastructure and converged infrastructure at Dell. Thanks for joining us today. We're thrilled to have you here and hope you enjoy the program.

>>We're back with Jess Borgman of Starburst and Richard Jarvis of EVAs health. Okay. We're gonna get into lie. Number two, and that is this an open source based platform cannot give you the performance and control that you can get with a proprietary system. Is that a lie? Justin, the enterprise data warehouse has been pretty dominant and has evolved and matured. Its stack has mature over the years. Why is it not the default platform for data? >>Yeah, well, I think that's become a lie over time. So I, I think, you know, if we go back 10 or 12 years ago with the advent of the first data lake really around Hudu, that probably was true that you couldn't get the performance that you needed to run fast, interactive, SQL queries in a data lake. Now a lot's changed in 10 or 12 years. I remember in the very early days, people would say, you'll, you'll never get performance because you need to be column. You need to store data in a column format. And then, you know, column formats were introduced to, to data lake. You have Parque ORC file in aro that were created to ultimately deliver performance out of that. So, okay. We got, you know, largely over the performance hurdle, you know, more recently people will say, well, you don't have the ability to do updates and deletes like a traditional data warehouse. >>And now we've got the creation of new data formats, again, like iceberg and Delta and hoote that do allow for updates and delete. So I think the data lake has continued to mature. And I remember a quote from, you know, Kurt Monash many years ago where he said, you know, it takes six or seven years to build a functional database. I think that's that's right. And now we've had almost a decade go by. So, you know, these technologies have matured to really deliver very, very close to the same level performance and functionality of, of cloud data warehouses. So I think the, the reality is that's become a lie and now we have large giant hyperscale internet companies that, you know, don't have the traditional data warehouse at all. They do all of their analytics in a data lake. So I think we've, we've proven that it's very much possible today. >>Thank you for that. And so Richard, talk about your perspective as a practitioner in terms of what open brings you versus, I mean, the clothes is it's open as a moving target. I remember Unix used to be open systems and so it's, it is an evolving, you know, spectrum, but, but from your perspective, what does open give you that you can't get from a proprietary system where you are fearful of in a proprietary system? >>I, I suppose for me open buys us the ability to be unsure about the future, because one thing that's always true about technology is it evolves in a, a direction, slightly different to what people expect and what you don't want to end up done is backed itself into a corner that then prevents it from innovating. So if you have chosen the technology and you've stored trillions of records in that technology and suddenly a new way of processing or machine learning comes out, you wanna be able to take advantage your competitive edge might depend upon it. And so I suppose for us, we acknowledge that we don't have perfect vision of what the future might be. And so by backing open storage technologies, we can apply a number of different technologies to the processing of that data. And that gives us the ability to remain relevant, innovate on our data storage. And we have bought our way out of the, any performance concerns because we can use cloud scale infrastructure to scale up and scale down as we need. And so we don't have the concerns that we don't have enough hardware today to process what we want to do, want to achieve. We can just scale up when we need it and scale back down. So open source has really allowed us to maintain the being at the cutting edge. >>So Jess, let me play devil's advocate here a little bit, and I've talked to JAK about this and you know, obviously her vision is there's an open source that, that data mesh is open source, an open source tooling, and it's not a proprietary, you know, you're not gonna buy a data mesh. You're gonna build it with, with open source toolings and, and vendors like you are gonna support it, but come back to sort of today, you can get to market with a proprietary solution faster. I'm gonna make that statement. You tell me if it's a lie and then you can say, okay, we support Apache iceberg. We're gonna support open source tooling, take a company like VMware, not really in the data business, but how, the way they embraced Kubernetes and, and you know, every new open source thing that comes along, they say, we do that too. Why can't proprietary systems do that and be as effective? >>Yeah, well I think at least with the, within the data landscape saying that you can access open data formats like iceberg or, or others is, is a bit dis disingenuous because really what you're selling to your customer is a certain degree of performance, a certain SLA, and you know, those cloud data warehouses that can reach beyond their own proprietary storage drop all the performance that they were able to provide. So it is, it reminds me kind of, of, again, going back 10 or 12 years ago when everybody had a connector to hit and that they thought that was the solution, right? But the reality was, you know, a connector was not the same as running workloads in hit back then. And I think similarly, you know, being able to connect to an external table that lives in an open data format, you know, you're, you're not going to give it the performance that your customers are accustomed to. And at the end of the day, they're always going to be predisposed. They're always going to be incentivized to get that data ingested into the data warehouse, cuz that's where they have control. And you know, the bottom line is the database industry has really been built around vendor lockin. I mean, from the start, how, how many people love Oracle today, but our customers, nonetheless, I think, you know, lockin is, is, is part of this industry. And I think that's really what we're trying to change with open data formats. >>Well, it's interesting remind of when I, you know, I see the, the gas price, the TSR gas price I, I drive up and then I say, oh, that's the cash price credit card. I gotta pay 20 cents more, but okay. But so the, the argument then, so let me, let me come back to you, Justin. So what's wrong with saying, Hey, we support open data formats, but yeah, you're gonna get better performance if you, if you, you keep it into our closed system, are you saying that long term that's gonna come back and bite you cuz you're gonna end up, you mentioned Oracle, you mentioned Teradata. Yeah. That's by, by implication, you're saying that's where snowflake customers are headed. >>Yeah, absolutely. I think this is a movie that, you know, we've all seen before. At least those of us who've been in the industry long enough to, to see this movie play over a couple times. So I do think that's the future. And I think, you know, I loved what Richard said. I actually wrote it down. Cause I thought it was an amazing quote. He said, it buys us the ability to be unsure of the future. That that pretty much says it all the, the future is unknowable and the reality is using open data formats. You remain interoperable with any technology you want to utilize. If you want to use spark to train a machine learning model and you wanna use Starbust to query via sequel, that's totally cool. They can both work off the same exact, you know, data, data sets by contrast, if you're, you know, focused on a proprietary model, then you're kind of locked in again to that model. I think the same applies to data, sharing to data products, to a wide variety of, of aspects of the data landscape that a proprietary approach kind of closes you and, and locks you in. >>So I, I would say this Richard, I'd love to get your thoughts on it. Cause I talked to a lot of Oracle customers, not as many te data customers there, but, but a lot of Oracle customers and they, you know, they'll admit yeah, you know, the Jammin us on price and the license cost, but we do get value out of it. And so my question to you, Richard, is, is do the, let's call it data warehouse systems or the proprietary systems. Are they gonna deliver a greater ROI sooner? And is that in allure of, of that customers, you know, are attracted to, or can open platforms deliver as fast an ROI? >>I think the answer to that is it can depend a bit. It depends on your business's skillset. So we are lucky that we have a number of proprietary teams that work in databases that provide our operational data capability. And we have teams of analytics and big data experts who can work with open data sets and open data formats. And so for those different teams, they can get to an ROI more quickly with different technologies for the business though, we can't do better for our operational data stores than proprietary databases. Today we can back off very tight SLAs to them. We can demonstrate reliability from millions of hours of those databases being run at enterprise scale, but for an analytics workload where increasing our business is growing in that direction, we can't do better than open data formats with cloud-based data mesh type technologies. And so it's not a simple answer. That one will always be the right answer for our business. We definitely have times when proprietary databases provide a capability that we couldn't easily represent or replicate with open technologies. >>Yeah. Richard, stay with you. You mentioned, you know, you know, some things before that, that strike me, you know, the data brick snowflake, you know, thing is always a lot of fun for analysts like me. You've got data bricks coming at it. Richard, you mentioned you have a lot of rockstar, data engineers, data bricks coming at it from a data engineering heritage. You get snowflake coming at it from an analytics heritage. Those two worlds are, are colliding people like PJI Mohan said, you know what? I think it's actually harder to play in the data engineering. So IE, it's easier to for data engineering world to go into the analytics world versus the reverse, but thinking about up and coming engineers and developers preparing for this future of data engineering and data analytics, how, how should they be thinking about the future? What, what's your advice to those young people? >>So I think I'd probably fall back on general programming skill sets. So the advice that I saw years ago was if you have open source technologies, the pythons and Javas on your CV, you command a 20% pay, hike over people who can only do proprietary programming languages. And I think that's true of data technologies as well. And from a business point of view, that makes sense. I'd rather spend the money that I save on proprietary licenses on better engineers, because they can provide more value to the business that can innovate us beyond our competitors. So I think I would my advice to people who are starting here or trying to build teams to capitalize on data assets is begin with open license, free capabilities because they're very cheap to experiment with. And they generate a lot of interest from people who want to join you as a business. And you can make them very successful early, early doors with, with your analytics journey. >>It's interesting. Again, analysts like myself, we do a lot of TCO work and have over the last 20 plus years and in the world of Oracle, you know, normally it's the staff, that's the biggest nut in total cost of ownership, not an Oracle. It's the it's the license cost is by far the biggest component in the, in the blame pie. All right, Justin, help us close out this segment. We've been talking about this sort of data mesh open, closed snowflake data bricks. Where does Starburst sort of as this engine for the data lake data lake house, the data warehouse, it, it fit in this, in this world. >>Yeah. So our view on how the future ultimately unfolds is we think that data lakes will be a natural center of gravity for a lot of the reasons that we described open data formats, lowest total cost of ownership, because you get to choose the cheapest storage available to you. Maybe that's S3 or Azure data lake storage or Google cloud storage, or maybe it's on-prem object storage that you bought at a, at a really good price. So ultimately storing a lot of data in a data lake makes a lot of sense, but I think what makes our perspective unique is we still don't think you're gonna get everything there either. We think that basically centralization of all your data assets is just an impossible endeavor. And so you wanna be able to access data that lives outside of the lake as well. So we kind of think of the lake as maybe the biggest place by volume in terms of how much data you have, but to, to have comprehensive analytics and to truly understand your business and understanding holistically, you need to be able to go access other data sources as well. And so that's the role that we wanna play is to be a single point of access for our customers, provide the right level of fine grained access controls so that the right people have access to the right data and ultimately make it easy to discover and consume via, you know, the creation of data products as well. >>Great. Okay. Thanks guys. Right after this quick break, we're gonna be back to debate whether the cloud data model that we see emerging and the so-called modern data stack is really modern or is it the same wine new bottle when it comes to data architectures, you're watching the cube, the leader in enterprise and emerging tech coverage.

(bright upbeat music) >> Welcome back, everyone, to the "Supercloud 22." I'm John Furrier, host of "The Cube." This is the Cloud-erati panel, the distinguished experts who have been there from day one, watching the cloud grow, from building clouds, and all open source stuff as well. Just great stuff. Good friends of "The Cube," and great to introduce back on "The Cube," Adrian Cockcroft, formerly with Netflix, formerly AWS, retired, now commentating here in "The Cube," as well as other events. Great to see you back out there, Adrian. Lori MacVittie, Cloud Evangelist with F5, also wrote a great blog post on supercloud, as well as Dave Vellante as well, setting up the supercloud conversation, which we're going to get into, and Chris Hoff, who's the CTO and CSO of LastPass who's been building clouds, and we know him from "The Cube" before with security and cloud commentary. Welcome, all, back to "The Cube" and supercloud. >> Thanks, John. >> Hi. >> All right, Lori, we'll start with you to get things going. I want to try to sit back, as you guys are awesome experts, and involved from building, and in the trenches, on the front lines, and Adrian's coming out of retirement, but Lori, you wrote the post setting the table on supercloud. Let's start with you. What is supercloud? What is it evolving into? What is the north star, from your perspective? >> Well, I don't think there's a north star yet. I think that's one of the reasons I wrote it, because I had a clear picture of this in my mind, but over the past, I don't know, three, four years, I keep seeing, in research, my own and others', complexity, multi-cloud. "We can't manage it. They're all different. "We have trouble. What's going on? "We can't do anything right." And so digging into it, you start looking into, "Well, what do you mean by complexity?" Well, security. Migration, visibility, performance. The same old problems we've always had. And so, supercloud is a concept that is supposed to overlay all of the clouds and normalize it. That's really what we're talking about, is yet another abstraction layer that would provide some consistency that would allow you to do the same security and monitor things correctly. Cornell University actually put out a definition way back in 2016. And they said, "It's an architecture that enables migration "across different zones or providers," and I think that's important, "and provides interfaces to everything, "makes it consistent, and normalizes the network," basically brings it all together, but it also extends to private clouds. Sometimes we forget about that piece of it, and I think that's important in this, so that all your clouds look the same. So supercloud, big layer on top, makes everything wonderful. It's unicorns again. >> It's interesting. We had multiple perspectives. (mumbles) was like Snowflake, who built on top of AWS. Jerry Chan, who we heard from earlier today, Greylock Penn's "Castles in the Cloud" saying, "Hey, you can have a moat, "you can build an advantage and have differentiation," so startups are starting to build on clouds, that's the native cloud view, and then, of course, they get success and they go to all the other clouds 'cause they got customers in the ecosystem, but it seems that all the cloud players, Chris, you commented before we came on today, is that they're all fighting for the customer's workloads on their infrastructure. "Come bring your stuff over to here, "and we'll make it run better." And all your developers are going to be good. Is there a problem? I mean, or is this something else happening here? Is there a real problem? >> Well, I think the north star's over there, by the way, Lori. (laughing) >> Oh, there it is. >> Right there. The supercloud north star. So indeed I think there are opportunities. Whether you call them problems or not, John, I think is to be determined. Most companies have, especially if they're a large enterprise, whether or not they've got an investment in private cloud or not, have spent time really trying to optimize their engineering and workload placement on a single cloud. And that, regardless of your choice, as we take the big three, whether it's Amazon, Google, or Microsoft, each of them have their pros and cons for various types of workloads. And so you'll see a lot of folks optimizing for a particular cloud, and it takes a huge effort up and down the stack to just get a single cloud right. That doesn't take into consideration integrations with software as a service, instantiated, oftentimes, on top of infrastructure of the service that you need to supplement where the obstruction layer ends in infrastructure of the service. You've seen most IS players starting to now move up-chain, as we predicted years ago, to platform as a service, but platforms of various types. So I definitely see it as an opportunity. Previous employers have had multiple clouds, but they were very specifically optimized for the types of workloads, for example, in, let's say, AWS versus GCP, based on the need for different types and optimized compute platforms that each of those providers ran. We never, in that particular case, thought about necessarily running the same workloads across both clouds, because they had different pricing models, different security models, et cetera. And so the challenge is really coming down to the fact that, what is the cost benefit analysis of thinking about multi-cloud when you can potentially engineer the resiliency or redundancy, all the in-season "ilities" that you might need to factor into your deployments on a single cloud, if they are investing at the pace in which they are? So I think it's an opportunity, and it's one that continues to evolve, but this just reminds me, your comments remind me, of when we were talking about OpenStack versus AWS. "Oh, if there were only APIs that existed "that everybody could use," and you saw how that went. So I think that the challenge there is, what is the impetus for a singular cloud provider, any of the big three, deciding that they're going to abstract to a single abstraction layer and not be able to differentiate from the competitors? >> Yeah, and that differentiation's going to be big. I mean, assume that the clouds aren't going to stay still like AWS and just not stop innovating. We see the devs are doing great, Adrian, open source is bigger and better than ever, but now that's been commercialized into enterprise. It's an ops problem. So to Chris's point, the cost benefit analysis is interesting, because do companies have to spin up multiple operations teams, each with specialized training and tooling for the clouds that they're using, and does that open up a can of worms, or is that a good thing? I mean, can you design for this? I mean, is there an architecture or taxonomy that makes it work, or is it just the cart before the horse, the solution before the problem? >> Yeah, well, I think that if you look at any large vendor... Sorry, large customer, they've got a bit of everything already. If you're big enough, you've bought something from everybody at some point. So then you're trying to rationalize that, and trying to make it make sense. And I think there's two ways of looking at multi-cloud or supercloud, and one is that the... And practically, people go best of breed. They say, "Okay, I'm going to get my email "from Google or Microsoft. "I'm going to run my applications on AWS. "Maybe I'm going to do some AI machine learning on Google, "'cause those are the strengths of the platforms." So people tend to go where the strength is. So that's multi-cloud, 'cause you're using multiple clouds, and you still have to move data and make sure they're all working together. But then what Lori's talking about is trying to make them all look the same and trying to get all the security architectures to be the same and put this magical layer, this unicorn magical layer that, "Let's make them all look the same." And this is something that the CIOs have wanted for years, and they keep trying to buy it, and you can sell it, but the trouble is it's really hard to deliver. And I think, when I go back to some old friends of ours at Enstratius who had... And back in the early days of cloud, said, "Well, we'll just do an API that abstracts "all the cloud APIs into one layer." Enstratius ended up being sold to Dell a few years ago, and the problem they had was that... They didn't have any problem selling it. The problem they had was, a year later, when it came up for renewal, the developers all done end runs around it were ignoring it, and the CIOs weren't seeing usage. So you can sell it, but can you actually implement it and make it work well enough that it actually becomes part of your core architecture without, from an operations point of view, without having the developers going directly to their favorite APIs around them? And I'm not sure that you can really lock an organization down enough to get them onto a layer like that. So that's the way I see it. >> You just defined- >> You just defined shadow shadow IT. (laughing) That's pretty- (crosstalk) >> Shadow shadow IT, yeah. >> Yeah, shadow shadow it. >> Yeah. >> Yeah. >> I mean, this brings up the question, I mean, is there really a problem? I mean, I guess we'll just jump to it. What is supercloud? If you can have the magic outcome, what is it? Enstratius rendered in with automation? The security issues? Kubernetes is hot. What is the supercloud dream? I guess that's the question. >> I think it's got easier than it was five, 10 years ago. Kubernetes gives you a bunch of APIs that are common across lots of different areas, things like Snowflake or MongoDB Atlas. There are SaaS-based services, which are across multiple clouds from vendors that you've picked. So it's easier to build things which are more portable, but I still don't think it's easy to build this magic API that makes them all look the same. And I think that you're going to have leaky abstractions and security being... Getting the security right's going to be really much more complex than people think. >> What about specialty superclouds, Chris? What's your view on that? >> Yeah, I think what Adrian is alluding to, those leaky abstractions, are interesting, especially from the security perspective, 'cause I think what you see is if you were to happen to be able to thin slice across a set of specific types of workloads, there is a high probability given today that, at least on two of the three major clouds, you could get SaaS providers that sit on those same infrastructure of the service clouds for you, string them together, and have a service that technically is abstracted enough from the things you care about to work on one, two, or three, maybe not all of them, but most SaaS providers in the security space, or identity space, data space, for example, coexist on at least Microsoft and AWS, if not all three, with Google. And so you could technically abstract a service to the point that you let that level of abstract... Like Lori said, no computer science problem could not be... So, no computer science problem can't be solved with more layers of abstraction or misdirection... Or redirection. And in that particular case, if you happen to pick the right vendors that run on all three clouds, you could possibly get close. But then what that really talks about is then, if you built your seven-layer dip model, then you really have specialty superclouds spanning across infrastructure of the service clouds. One for your identity apps, one for data and data layers, to normalize that, one for security, but at what cost? Because you're going to be charged not for that service as a whole, but based on compute resources, based on how these vendors charge across each cloud. So again, that cost-benefit ratio might start being something that is rather imposing from a budgetary perspective. >> Lori, weigh in on this, because the enterprise people love to solve complexity with more complexity. Here, we need to go the other way. It's a commodity. So there has to be a better way. >> I think I'm hearing two fundamental assumptions. One, that a supercloud would force the existing big three to implement some sort of equal API. Don't agree with that. There's no business case for that. There's no reason that could compel them to do that. Otherwise, we would've convinced them to do that, what? 10, 15 years ago when we said we need to be interoperable. So it's not going to happen there. They don't have a good reason to do that. There's no business justification for that. The other presumption, I think, is that we would... That it's more about the services, the differentiated services, that are offered by all of these particular providers, as opposed to treating the core IaaS as the commodity it is. It's compute, it's some storage, it's some networking. Look at that piece. Now, pull those together by... And it's not OpenStack. That's not the answer, it wasn't the answer, it's not the answer now, but something that can actually pull those together and abstract it at a different layer. So cloud providers don't have to change, 'cause they're not going to change, but if someone else were to build that architecture to say, "all right, I'm going to treat all of this compute "so you can run your workloads," as Chris pointed out, "in the best place possible. "And we'll help you do that "by being able to provide those cost benefit analysis, "'What's the best performance, what are you doing,' "And then provide that as a layer." So I think that's really where supercloud is going, 'cause I think that's what a lot of the market actually wants in terms of where they want to run their workloads, because we're seeing that they want to run workloads at the edge, "a lot closer to me," which is yet another factor that we have to consider, and how are you going to be moving individual workloads around? That's the holy grail. Let's move individual workloads to where they're the best performance, the security, cost optimized, and then one layer up. >> Yeah, I think so- >> John Considine, who ultimately ran CloudSwitch, that sold to Verizon, as well as Tom Gillis, who built Bracket, are both rolling in their graves, 'cause what you just described was exactly that. (Lori laughing) Well, they're not even dead yet, so I can't say they're rolling in their graves. Sorry, Tom. Sorry, John. >> Well, how do hyperscalers keep their advantage with all this? I mean, to that point. >> Native services and managed services on top of it. Look how many flavors of managed Kubernetes you have. So you have a choice. Roll your own, or go with a managed service, and then differentiate based on the ability to take away and simplify some of that complexity. Doesn't mean it's more secure necessarily, but I do think we're seeing opportunities where those guys are fighting tooth and nail to keep you on a singular cloud, even though, to Lori's point, I agree, I don't think it's about standardized APIs, 'cause I think that's never going to happen. I do think, though, that SaaS-y supercloud model that we were talking about, layering SaaS that happens to span all the three infrastructure of the service are probably more in line with what Lori was talking about. But I do think that portability of workload is given to you today within lots of ways. But again, how much do you manage, and how much performance do you give up by running additional abstraction layers? And how much security do you give up by having to roll your own and manage that? Because the whole point was, in many cases... Cloud is using other people's computers, so in many cases, I want to manage as little of it as I possibly can. >> I like this whole SaaS angle, because if you had the old days, you're on Amazon Web Services, hey, if you build a SaaS application that runs on Amazon, you're all great, you're born in the cloud, just like that generations of startups. Great. Now when you have this super pass layer, as Dave Vellante was riffing on his analysis, and Lori, you were getting into this pass layer that's kind of like SaaS-y, what's the SaaS equation look like? Because that, to me, sounds like a supercloud version of saying, "I have a workload that runs on all the clouds equally." I just don't think that's ever going to happen. I agree with you, Chris, on that one. But I do see that you can have an abstraction that says, "Hey, I don't really want to get in the weeds. "I don't want to spend a lot of ops time on this. "I just want it to run effectively, and magic happens," or, as you said, some layer there. How does that work? How do you see this super pass layer, if anything, enabling a different SaaS game? >> I think you hit on it there. The last like 10 or so years, we've been all focused on developers and developer productivity, and it's all about the developer experience, and it's got to be good for them, 'cause they're the kings. And I think the next 10 years are going to be very focused on operations, because once you start scaling out, it's not about developers. They can deliver fast or slow, it doesn't matter, but if you can't scale it out, then you've got a real problem. So I think that's an important part of it, is really, what is the ops experience, and what is the best way to get those costs down? And this would serve that purpose if it was done right, which, we can argue about whether that's possible or not, but I don't have to implement it, so I can say it's possible. >> Well, are we going to be getting into infrastructure as code moves into "everything is code," security, data, (laughs) applications is code? I mean, "blank" is code, fill in the blank. (Lori laughing) >> Yeah, we're seeing more of that with things like CDK and Pulumi, where you are actually coding up using a real language rather than the death by YAML or whatever. How much YAML can you take? But actually having a real language so you're not trying to do things in parsing languages. So I think that's an interesting trend. You're getting some interesting templates, and I like what... I mean, the counterexample is that if you just go deep on one vendor, then maybe you can go faster and it is simpler. And one of my favorite vendor... Favorite customers right now that I've been talking to is Liberty Mutual. Went very deep and serverless first on AWS. They're just doing everything there, and they're using CDK Patterns to do it, and they're going extremely fast. There's a book coming out called "The Value Flywheel" by Dave Anderson, it's coming out in a few months, to just detail what they're doing, but that's the counterargument. If you could pick one vendor, you can go faster, you can get that vendor to do more for you, and maybe get a bigger discount so you're not splitting your discounts across vendors. So that's one aspect of it. But I think, fundamentally, you're going to find the CIOs and the ops people generally don't like sitting on one vendor. And if that single vendor is a horizontal platform that's trying to make all the clouds look the same, now you're locked into whatever that platform was. You've still got a platform there. There's still something. So I think that's always going to be something that the CIOs want, but the developers are always going to just pick whatever the best tool for building the thing is. And a analogy here is that the developers are dating and getting married, and then the operations people are running the family and getting divorced. And all the bad parts of that cycle are in the divorce end of it. You're trying to get out of a vendor, there's lawyers, it's just a big mess. >> Who's the lawyer in this example? (crosstalk) >> Well... (laughing) >> Great example. (crosstalk) >> That's why ops people don't like lock-in, because they're the ones trying to unlock. They aren't the ones doing the lock-in. They're the ones unlocking, when developers, if you separate the two, are the ones who are going, picking, having the fun part of it, going, trying a new thing. So they're chasing a shiny object, and then the ops people are trying to untangle themselves from the remains of that shiny object a few years later. So- >> Aren't we- >> One way of fixing that is to push it all together and make it more DevOps-y. >> Yeah, that's right. >> But that's trying to put all the responsibilities in one place, like more continuous improvement, but... >> Chris, what's your reaction to that? Because you're- >> No, that's exactly what I was going to bring up, yeah, John. And 'cause we keep saying "devs," "dev," and "ops" and I've heard somewhere you can glue those two things together. Heck, you could even include "sec" in the middle of it, and "DevSecOps." So what's interesting about what Adrian's saying though, too, is I think this has a lot to do with how you structure your engineering teams and how you think about development versus operations and security. So I'm building out a team now that very much makes use of, thanks to my brilliant VP of Engineering, a "Team Topologies" approach, which is a very streamlined and product oriented way of thinking about, for example, in engineering, if you think about team structures, you might have people that build the front end, build the middle tier, and the back end, and then you have a product that needs to make use of all three components in some form. So just from getting stuff done, their ability then has to tie to three different groups, versus building a team that's streamlined that ends up having front end, middleware, and backend folks that understand and share standards but are able to uncork the velocity that's required to do that. So if you think about that, and not just from an engineering development perspective, but then you couple in operations as a foundational layer that services them with embedded capabilities, we're putting engineers and operations teams embedded in those streamlined teams so that they can run at the velocity that they need to, they can do continuous integration, they can do continuous deployment. And then we added CS, which is continuously secure, continuous security. So instead of having giant, centralized teams, we're thinking there's a core team, for example, a foundational team, that services platform, makes sure all the trains are running on time, that we're doing what we need to do foundationally to make the environments fully dev and operator and security people functional. But then ultimately, we don't have these big, monolithic teams that get into turf wars. So, to Adrian's point about, the operators don't like to be paned in, well, they actually have a say, ultimately, in how they architect, deploy, manage, plan, build, and operate those systems. But at the same point in time, we're all looking at that problem across those teams and go... Like if one streamline team says, "I really want to go run on Azure, "because I like their services better," the reality is the foundational team has a larger vote versus opinion on whether or not, functionally, we can satisfy all of the requirements of the other team. Now, they may make a fantastic business case and we play rock, paper, scissors, and we do that. Right now, that hasn't really happened. We look at the balance of AWS, we are picking SaaS-y, supercloud vendors that will, by the way, happen to run on three platforms, if we so choose to expand there. So we have a similar interface, similar capability, similar processes, but we've made the choice at LastPass to go all in on AWS currently, with respect to how we deliver our products, for all the reasons we just talked about. But I do think that operations model and how you build your teams is extremely important. >> Yeah, and to that point- >> And has the- (crosstalk) >> The vendors themselves need optionality to the customer, what you're saying. So, "I'm going to go fast, "but I need to have that optionality." I guess the question I have for you guys is, what is today's trade-off? So if the decision point today is... First of all, I love the go-fast model on one cloud. I think that's my favorite when I look at all this, and then with the option, knowing that I'm going to have the option to go to multiple clouds. But everybody wants lock-in on the vendor side. Is that scale, is that data advantage? I mean, so the lock-in's a good question, and then also the trade-offs. What do people have to do today to go on a supercloud journey to have an ideal architecture and taxonomy, and what's the right trade-offs today? >> I think that the- Sorry, just put a comment and then let Lori get a word in, but there's a lot of... A lot of the market here is you're building a product, and that product is a SaaS product, and it needs to run somewhere. And the customers that you're going to... To get the full market, you need to go across multiple suppliers, most people doing AWS and Azure, and then with Google occasionally for some people. But that, I think, has become the pattern that most of the large SaaS platforms that you'd want to build out of, 'cause that's the fast way of getting something that's going to be stable at scale, it's got functionality, you'd have to go invest in building it and running it. Those platforms are just multi-cloud platforms, they're running across them. So Snowflake, for example, has to figure out how to make their stuff work on more than one cloud. I mean, they started on one, but they're going across clouds. And I think that that is just the way it's going to be, because you're not going to get a broad enough view into the market, because there isn't a single... AWS doesn't have 100% of the market. It's maybe a bit more than them, but Azure has got a pretty solid set of markets where it is strong, and it's market by market. So in some areas, different people in some places in the world, and different vertical markets, you'll find different preferences. And if you want to be across all of them with your data product, or whatever your SaaS product is, you're just going to have to figure this out. So in some sense, the supercloud story plays best with those SaaS providers like the Snowflakes of this world, I think. >> Lori? >> Yeah, I think the SaaS product... Identity, whatever, you're going to have specialized. SaaS, superclouds. We already see that emerging. Identity is becoming like this big SaaS play that crosses all clouds. It's not just for one. So you get an evolution going on where, yes, I mean, every vendor who provides some kind of specific functionality is going to have to build out and be multi-cloud, as it were. It's got to work equally across them. And the challenge, then, for them is to make it simple for both operators and, if required, dev. And maybe that's the other lesson moving forward. You can build something that is heaven for ops, but if the developers won't use it, well, then you're not going to get it adopted. But if you make it heaven for the developers, the ops team may not be able to keep it secure, keep everything. So maybe we have to start focusing on both, make it friendly for both, at least. Maybe it won't be the perfect experience, but gee, at least make it usable for both sides of the equation so that everyone can actually work in concert, like Chris was saying. A more comprehensive, cohesive approach to delivery and deployment. >> All right, well, wrapping up here, I want to just get one final comment from you guys, if you don't mind. What does supercloud look like in five years? What's the Nirvana, what's the steady state of supercloud in five to 10 years? Or say 10 years, make it easier. (crosstalk) Five to 10 years. Chris, we'll start with you. >> Wow. >> Supercloud, what's it look like? >> Geez. A magic pane, a single pane of glass. (laughs) >> Yeah, I think- >> Single glass of pain. >> Yeah, a single glass of pain. Thank you. You stole my line. Well, not mine, but that's the one I was going to use. Yeah, I think what is really fascinating is ultimately, to answer that question, I would reflect on market consolidation and market dynamics that happens even in the SaaS space. So we will see SaaS companies combining in focal areas to be able to leverage the positions, let's say, in the identity space that somebody has built to provide a set of compelling services that help abstract that identity problem or that security problem or that instrumentation and observability problem. So take your favorite vendors today. I think what we'll end up seeing is more consolidation in SaaS offerings that run on top of infrastructure of the service offerings to where a supercloud might look like something I described before. You have the combination of your favorite interoperable identity, observability, security, orchestration platforms run across them. They're sold as a stack, whether it be co-branded by an enterprise vendor that sells all of that and manages it for you or not. But I do think that... You talked about, I think you said, "Is this an innovator's dilemma?" No, I think it's an integrator's dilemma, as it has always ultimately been. As soon as you get from Genesis to Bespoke Build to product to then commoditization, the cycle starts anew. And I think we've gotten past commoditization, and we're looking at niche areas. So I see just the evolution, not necessarily a revolution, of what we're dealing with today as we see more consolidation in the marketplace. >> Lori, what's your take? Five years, 10 years, what does supercloud look like? >> Part of me wants to take the pie in the sky unicorn approach. "No, it will be beautiful. "One button, and things will happen," but I've seen this cycle many times before, and that's not going to happen. And I think Chris has got it pretty close to what I see already evolving. Those different kinds of super services, basically. And that's really what we're talking about. We call them SaaS, but they're... X is a service. Everything is a service, and it's really a supercloud that can run anywhere, but it presents a different interface, because, well, it's easier. And I think that's where we're going to go, and that's just going to get more refined. And yes, a lot of consolidation, especially on the observability side, but that's also starting to consume the security side, which is really interesting to watch. So that could be a little different supercloud coming on there that's really focused on specific types of security, at least, that we'll layer across, and then we'll just hook them all together. It's an API first world, and it seems like that's going to be our standard for the next while of how we integrate everything. So superclouds or APIs. >> Awesome. Adrian... Adrian, take us home. >> Yeah, sure. >> What's your- I think, and just picking up on Lori's point that these are web services, meaning that you can just call them from anywhere, they don't have to run everything in one place, they can stitch it together, and that's really meant... It's somewhat composable. So in practice, people are going to be composable. Can they compose their applications on multiple platforms? But I think the interesting thing here is what the vendors do, and what I'm seeing is vendors running software on other vendors. So you have Google building platforms that, then, they will support on AWS and Azure and vice versa. You've got AWS's distro of Kubernetes, which they now give you as a distro so you can run it on another platform. So I think that trend's going to continue, and it's going to be, possibly, you pick, say, an AWS or a Google software stack, but you don't run it all on AWS, you run it in multiple places. Yeah, and then the other thing is the third tier, second, third tier vendors, like, I mean, what's IBM doing? I think in five years time, IBM is going to be a SaaS vendor running on the other clouds. I mean, they're already halfway there. To be a bit more controversial, I guess it's always fun to... Like I don't work for a corporate entity now. No one tells me what I can say. >> Bring it on. >> How long can Google keep losing a billion dollars a quarter? They've either got to figure out how to make money out of this thing, or they'll end up basically being a software stack on another cloud platform as their, likely, actual way they can make money on it. Because you've got to... And maybe Oracle, is that a viable cloud platform that... You've got to get to some level of viability. And I think the second, third tier of vendors in five, 10 years are going to be running on the primary platform. And I think, just the other final thing that's really driving this right now. If you try and place an order right now for a piece of equipment for your data center, key pieces of equipment are a year out. It's like trying to buy a new fridge from like Sub-Zero or something like that. And it's like, it's a year. You got to wait for these things. Any high quality piece of equipment. So you go to deploy in your data center, and it's like, "I can't get stuff in my data center. "Like, the key pieces I need, I can't deploy a whole system. "We didn't get bits and pieces of it." So people are going to be cobbling together, or they're going, "No, this is going to cloud, because the cloud vendors "have a much stronger supply chain to just be able "to give you the system you need. "They've got the capacity." So I think we're going to see some pandemic and supply chain induced forced cloud migrations, just because you can't build stuff anymore outside the- >> We got to accelerate supercloud, 'cause they have the supply. They are the chain. >> That's super smart. That's the benefit of going last. So I'm going to scoop in real quick. I can't believe we can call this "Web3 Supercloud," because none of us said "Web3." Don't forget DAO. (crosstalk) (indistinct) You have blockchain, blockchain superclouds. I mean, there's some very interesting distributed computing stuff there, but we'll have to do- >> (crosstalk) We're going to call that the "Cubeverse." The "Cubeverse" is coming. >> Oh, the "Cubeverse." All right. >> We will be... >> That's very meta. >> In the metaverse, Cubeverse soon. >> "Stupor cloud," perhaps. But anyway, great points, Adrian and Lori. Loved it. >> Chris, great to see you. Adrian, Lori, thanks for coming on. We've known each other for a long time. You guys are part of the cloud-erati, the group that has been in there from day one, and watched it evolve, and you get the scar tissue to prove it, and the experience. So thank you so much for sharing your commentary. We'll roll this up and make it open to everybody as additional content. We'll call this the "outtakes," the longer version. But really appreciate your time, thank you. >> Thank you. >> Thanks so much. >> Okay, we'll be back with more "Supercloud 22" right after this. (bright upbeat music)

[Music] hello everyone welcome back to the live coverage here in monaco for the monaco crypto summit i'm john furrier host of thecube uh we have a great great guest lineup here already in nine interviews small gathering of the influencers and the people making it happen powered by digital bits sponsored by digital bits presented by digital bits of course a lot happening around decentralization web 3 the metaverse we've got a a powerhouse influencer on the qb ryan gills the founder of openmeta been in the issue for a while ryan great to see you thanks for coming on great to be here thank you you know one of the things that we were observing earlier conversations is you have young and old coming together the best and brightest right now in the front line it's been there for a couple years you know get some hype cycles going on but that's normal in these early growth markets but still true north star is in play that is democratize remove the intermediaries create immutable power to the people the same kind of theme has been drum beating on now come the metaverse wave which is the nfts now the meta verses you know at the beginning of this next wave yeah this is where we're at right now what are you working on tell us what's what's open meta working on yeah i mean so there is a reason for all of this right i think we go through all these different cycles and there's an economic incentive engine and it's designed in because people really like making money but there's a deeper reason for it all and the words the buzzwords the terms they change based off of different cycles this one is a metaverse i just saw it a little early you know so i recognized the importance of an open metaverse probably in 2017 and really decided to dedicate 10 years to that um so we're very early into that decade and we're starting to see more of a movement building and uh you know i've catalyzed a lot of that from from the beginning and making sure that while everything moves to a closed corporate side of things there's also an equal bottom-up approach which i think is just more important and more interesting well first of all i want to give you a lot of props for seeing it early and recognizing the impact and potential collateral damage of not not having open and i was joking earlier about the facebook little snafu with the the exercise app and ftc getting involved and you know i kind of common new york times guy comment online like hey i remember aol wanted to monopolize dial up internet and look the open web obviously changed all that they went to sign an extinction not the same comparable here but you know everyone wants to have their own little walled guard and they feel comfortable first-party data the data business so balancing the benefit of data and all the ip that could come into whether it's a visualization or platform it has to be open without open then you're going to have fragmentation you're going to have all kinds of perverse incentives how does the metaverse continue with such big players like meta themselves x that new name for facebook you know big bully tons of cash you know looking to you know get their sins forgiven um so to speak i mean you got google probably will come in apple's right around the corner amazon you get the whales out there how do is it proprietary is walled garden the new proprietary how do you view all that because it's it's still early and so there's a lot of change can happen well it's an interesting story that's really playing out in three acts right we had the first act which was really truly open right there was this idea that the internet is for the end user this is all just networking and then web 2 came and we got a lot of really great business models from it and it got closed up you know and now as we enter this sort of third act we have the opportunity to learn from both of those right and so i think web 3 needs to go back to the values of web one with the lessons in hindsight of web 2. and all of the winners from web 2 are clearly going to want to keep winning in web 3. so you can probably guess every single company and corporation on earth will move into this i think most governments will move into it as well and um but they're not the ones that are leading it the ones that are leading it are are just it's a culture of people it's a movement that's building and accumulating over time you know it's weird it's uh the whole web 2 thing is the history is interesting because you know when i started my podcasting company in 2004 there's only like three of us you know the dave weiner me evan williams and jack dorsey and we thought and the blogging just was getting going and the dream was democratization at the time mainstream media was the enemy and then now blogs are media so and then all sudden it like maybe it was the 2008 area with the that recession it stopped and then like facebook came in obviously twitter was formed from the death of odio podcasting company so the moment in time in history was a glimmic glimmer of hope well we went under my company went under we all went under but then that ended and then you had the era of twitter facebook linkedin reddit was still around so it kind of stopped where did it where did it pick up was it the ethereum bitcoin and ethereum brought that back where'd the open come back well it's a generational thing if you if you go back to like you know apple as a startup they were trying to take down ibm right it was always there's always the bigger thing that was that we we're trying to sort of unbundle or unpackage because they have too much power they have too much influence and now you know facebook and apple and these big tech companies they are that on on the planet and they're doing it bigger than it's ever been done but when they were startups they existed to try to take that from a bigger company so i think you know it's not an it's not a fact that like facebook or zuckerberg is is the villain here it's just the fact that we're reaching peak centralization anything past this point it becomes more and more unhealthy right and an open metaverse is just a way to build a solution instead of more of a problem and i think if we do just allow corporations to build and own them on the metaverse these problems will get bigger and larger more significant they will touch more people on earth and we know what that looks like so why not try something different so what's the playbook what's the current architecture of the open meta verse that you see and how do people get involved is there protocols to be developed is there new things that are needed how does the architecture layout take us through that your mindset vision on that and then how can people get involved yeah so the the entity structure of what i do is a company called crucible out of the uk um but i i found out very quickly that just a purely for-profit closed company a commercial company won't achieve this objective there's limitations to that so i run a dao as well out of switzerland it's called open meta we actually we named it this six months before facebook changed their name and so this is just the track we're on right and what we develop is a protocol uh we believe that the internet built by game developers is how you define the metaverse and that protocol is in the dao it is in the dow it's that's crucial crucible protocol open meta okay you can think of crucible as labs okay no we're building we're building everything so incubator kind of r d kind of thing exactly yeah and i'm making the choice to develop things and open them up create public goods out of them harness things that are more of a bottom-up approach you know and what we're developing is the emergence protocol which is basically defining the interface between the wallets and the game engines right so you have unity and unreal which all the game developers are sort of building with and we have built software that drops into those game engines to map ownership between the wallet and the experience in the game so integration layer basically between the wallet kind of how stripe is viewed from a software developer's campaign exactly but done on open rails and being done for a skill set of world building that is coming and game developers are the best suited for this world building and i like to own what i built yeah i don't like other people to own what i build and i think there's an entire generation that's that's really how do you feel about the owning and sharing component is that where you see the scale coming into play here i can own it and scale it through the relationship of the open rails yeah i mean i think the truth is that the open metaverse will be a smaller network than even one corporate virtual world for a while because these companies have billions of people right yeah every room you've ever been in on earth people are using two or three of facebook's products right they just have that adoption but they don't have trust they don't have passion they don't have the movement that you see in web3 they don't have the talent the level of creative talent those people care about owning what they create on the on what can someone get involved with question is that developer is that a sponsor what do people do to get involved with do you and your team and to make it bigger i mean it shouldn't be too small so if this tracks you can assume it gets bigger if you care about an open metaverse you have a seat at the table if you become a member of the dao you have a voice at the table you can make decisions with us we are building developing technology that can be used openly so if you're a game developer and you use unity or unreal we will open the beta this month later and then we move directly into what's called a game jam so a global hackathon for game developers where we just go through a giant exploration of what is possible i mean you think about gaming i always said the early adopters of all technology and the old web one was porn and that was because they were they were agnostic of vendor pitches or whatever is it made money they've worked we don't tell them we've always been first we don't tolerate vaporware gaming is now the new area where it is so the audience doesn't want vapor they want it to work they want technology to be solid they want community so it's now the new arbiter so gaming is the pretext to metaverse clearly gaming is swallowing all of media and probably most of the world and this game mechanics under the hood and all kinds of underlying stuff now how does that shape the developer community so like take the classic software developer may not be a game developer how do they translate over you seeing crossover from the software developers that are out there to be game developers what's your take on that it's an interesting question because i come to a lot of these events and the entire web 3 movement is web developers it's in the name yeah right and we have a whole wave of exploration and nfts being sold of people who really love games they're they're players they're gamers and they're fans of games but they are not in the skill set of game development this is a whole discipline yeah it's a whole expertise right you have to understand ik retargeting rigging bone meshes and mapping of all of that stuff and environment building and rendering and all these things it's it's a stacked skill set and we haven't gone through any exploration yet with them that is the next cycle that we're going to and that's what i've spent the last three or four years preparing for yeah and getting the low code is going to be good i was saying earlier to the young gun we had on his name was um oscar belly he's argo versus he's 25 years old he's like he made a quote i'm too old to get into esports like 22 old 25 come on i'd love to be in esports i was commenting that there could be someone sitting next to us in the metaverse here on tv on our digital tv program in the future that's going to be possible the first party citizenship between physical experience absolutely and meta versus these cameras all are a layer in which you can blend the two yeah so that that's that's going to be coming sooner and it's really more of the innovation around these engines to make it look real and have someone actually moving their body not like a stick figure yes or a lego block this is where most people have overlooked because what you have is you have two worlds you have web 3 web developers who see this opportunity and are really going for it and then you have game developers who are resistant to it for the most part they have not acclimated to this but the game developers are more of the keys to it because they understand how to build worlds yeah they do they understand how to build they know what success looks like they know what success looks like if you if you talk about the metaverse with anyone the most you'll hear is ready player one yeah maybe snow crash but those things feel like games yeah right so the metaverse and gaming are so why are game developers um like holding back is because they're like ah it's too not ready yet i'm two more elite or is it more this is you know this is an episode on its own yeah um i'm actually a part of a documentary if you go to youtube and you say why gamers hate nfts there's a two-part documentary about an hour long that robin schmidt from the defiant did and it's really a very good deep dive into this but i think we're just in a moment in time right now if you remember henry ford when he he produced the car everybody wanted faster horses yeah they didn't understand the cultural shift that was happening they just wanted an incremental improvement right and you can't say that right now because it sounds arrogant but i do believe that this is a moment in time and i think once we get through this cultural shift it will be much more clear why it's important it's not pure speculation yeah it's not clout it's not purely money there's something happening that's important for humanity yeah and if we don't do it openly it will be more of a problem yeah i totally agree with you on that silent impact is number one and people some people just don't see it because it's around the corner visionaries do like yourselves we do my objective over the next say three to six months is to identify which game developers see the value in web 3 and are leaning into it because we've built technology that solves interoperability between engines mapping ownership from wallets all the sort of blueprints that are needed in order for a game developer to build this way we've developed that we just need to identify where are they right because the loudest voices are the ones that are pushing back against this yeah and if you're not on twitter you don't see how many people really see this opportunity and i talked to epic and unity and nvidia and they all agree that this is where the future is going but the one question mark is who wants it where are they you know it's interesting i talked to lauren besel earlier she's from the music background we were talking about open source and how music i found that is not open it's proprietary i was talking about when i was in college i used to deal software you'd be like what do you mean deal well at t source code was proprietary and that started the linux movement in the 80s that became a systems revolution and then open source then just started to accelerate now people like it's free software is like not a big deal everyone knows it's what it was never proprietary but we were fighting the big proprietary code bases you mentioned that earlier is there a proprietary thing for music well not really because it's licensed rights right so in the metaverse who's the proprietary is it the walled garden is the is it is it the gamers so is it the consoles is it the investment that these gaming companies have in the software itself so i find that that open source vibe is very much circulating around your world actually open maps in the word open but open source software has a trajectory you know foundations contributors community building same kind of mindset music not so much because no one's it's not direct comparable but i think here it's interesting the gaming culture could be that that proprietary ibm the the state the playstation the xbox you know if you dive into the modding community right the modding community has sort of been this like gray area of of gaming and they will modify games that already exist but they do it with the values of open source they do it with composability and there's been a few breakthroughs counter-strike is a mod right some of the largest games of all time came from mods of other games look at quake had a comeback i played first multiplayer doom when it came out in the 90s and that was all mod based exactly yeah quake and quake was better but you know i remember the first time on a 1.5 cable mode and playing with my friends remember vividly now the graphics weren't that good but that was mod it's mod so then you go i mean and then you go into these other subcultures like dungeons and dragons which was considered to be such a nerdy thing but it's just a deeply human thing it's a narrative building collective experience like these are all the bottom-up type approaches modding uh world building so you're going to connect so i'm just kind of thinking out loud here you're going to connect the open concept of source with open meta bring game developers and software drills together create a fabric of a baseline somewhat somewhat collected platform tooling and components and let it just sell form see what happens better self form that's your imposing composability is much faster yeah than a closed system and you got what are your current building blocks you have now you have the wallet and you have so we built an sdk on both unity and unreal okay as a part of a system that is a protocol that plugs into those two engines and we have an inventory service we have an avatar system we basically kind of leaned into this idea of a persona being the next step after a pfp so so folks that are out there girls and boys who are sitting there playing games they could build their own game on this thing absolutely this is the opportunity for them entrepreneurs to circumvent the system and go directly with open meta and build their own open environment like i said before i i like to own the things i built i've had that entrepreneurial lesson but i don't think in the future you should be so okay with other companies or other intermediaries owning you and what you build i think i mean opportunity to build value yeah and i think i think your point the mod culture is not so much going to be the answer it's what that was like the the the the dynamic of modding yes is developing yes and then therefore you get the benefit of sovereign identity yeah you get the benefit of unbanking that's not the way we market this but those are benefits that come along with it and it allows you to live a different life and may the better product win yeah i mean that's what you're enabling yeah ryan thanks so much for coming on real final question what's going on here why are we here in monaco what's going on this is the inaugural event presented by digital bits why are we here monaco crypto summit i'm here uh some friends of mine brittany kaiser and and lauren bissell invited me here yeah i've known al for for a number of years and i'm just here to support awesome congratulations and uh we'll keep in touch we'll follow up on the open meta great story we love it thanks for coming on okay cube coverage continues here live in monaco i'm john furrier and all the action here on the monaco crypto summit love the dame come back next year it'll be great back with more coverage to wrap up here on the ground then the yacht club event we're going to go right there as well that's in a few hours so we're going to be right back [Music] you

>>We're back at your storage service. Emil Stan is here. He's the chief commercial officer and chief marketing officer of open line. Thank you, Emil, for coming on the cube. Appreciate your time. >>Thank you, David. Nice. Uh, glad to be here. >>Yeah. So tell us about open line. You're a managed service provider. What's your focus? >>Yeah, we're actually a cloud managed service provider and I do put cloud in front of the managed services because it's not just only the scripts that we manage. We have to manage the clouds as well nowadays. And then unfortunately, everybody only thinks there's one cloud. But's always multiple layers in the cloud. So we have a lot of work in integrating, uh, it where a cloud manages provider in the Netherlands, focusing on, uh, companies who have a head office in the Netherlands, mainly in the, uh, healthcare local government, social housing logistics department. And then in the midsize companies between say 250 to 10,000 office employees. Uh, and that's what we do. We provide them with excellent cloud managed services, uh, as it should be >>Interesting, you know, lot early on in the cloud days, highly regulated industries like healthcare government were somewhat afraid of the cloud. So I'm sure that's one of the ways in which you provide value to your customers is helping them become cloud proficient. Maybe you could talk a little bit more about the value prop to customers. Why do they do business with you? >>Yeah, I think, uh, there are a number of reasons why they do business with us or choose to choose for our managed services provider. Tracy, of course, are looking for stability and continuity, uh, and, and from a cost perspective, predict predictable costs, but nowadays you also have a shortage in personnel and knowledge. So, and it's not always very easy for them to access, uh, those skill sets because most it, people just want to have, uh, a great variety in work, what they are doing, uh, towards, towards the local government, uh, healthcare, social housing. They actually, uh, a sector that, uh, that are really in between embracing the public cloud, but also have a lot of legacy and, and bringing together best of all, worlds is what we do. So we also bring them comfort. We do understand what legacy, uh, needs from a manager's perspective. We also know how to leverage the benefits in the public cloud. Uh, and, uh, I'd say from a marketing perspective, actually, we focus on using an ideal cloud, being a mix of traditional and future based cloud. >>Thank you. I, you know, I'd like to get your perspective on this idea of as a service and the, as a service economy that we often talk about on the cube. I mean, you work with a lot of different companies. We talked about some of the industries and, and increasingly it seems like organizations are focused more on outcomes, continuous value delivery via, you know, suites of services and, and they're leaning into platforms versus one off product offerings, you know, do you see that? How do you see your customers reacting to this as a service trend? >>Yeah. Uh, to be honest, sometimes it makes it more complex because services like, look at your Android or iPhone, you can buy apps, uh, and download apps the way you went to. So they have a lot of apps, but how do you integrate it into one excellent workflow, something that works for you, David or works for me? Uh, so the difficulty, some sometimes lies in, uh, the easy accessibility that you have to those solutions, but nobody takes into account that they're all part of a chain or workflow supply chain, uh, and, and, uh, they're being hyped as well. So what, we also have a lot of time in, in, in, in, in managing our customers, is that the tremendous feature push feature push that there is from technology providers, SaaS providers. Whereas if you provide 10 features, you only need one or two, uh, but the other eight are very distracting from your prime core business. Uh, so there's a natural way in that people are embracing, uh, SA solutions, embracing cloud solutions. Uh, but what's not taken into account as much is that we love to see it the way that you integrate all those solutions to it's something that's workable for the person that's actually using them. And it's seldomly that somebody is only using one solution. There's always a chain of solutions. Um, so yeah, there are a lot of opportunities, but also a lot of challenges for us, but also for our customers. >>Do you see that trend toward, as a service continuing, or do you actually see based on what you're just saying that pendulum, you know, swinging back and forth, somebody comes out with a new sort of feature product and that, you know, changes the dynamic or do you see as a service really having legs? >>Ah, that's very, very good question, David, because that's something that's keeps our busy all the time. We do see a trend in as a service looking at, uh, talk about pure later on. We also use pure as a service more or less. Yeah. And it really helps us. Uh, but you see, uh, um, that sometimes people make a step too, too fast, too quick, not well thought of, and then you see what they call sort of cloud repatriation, tend that people go back to what they're doing and then they stop innovating or stop leveraging. The possibilities are actually there. Uh, so from a consultancy guidance and architecture point of view, we try to help them as much possible to think in a SA thought, but just don't use the, cloud's just another data center. Eh, and so it's all about managing the maturity on our side, but on our customer side as well. >>So I'm interested in how you're sort of your philosophy and it relates, I think, in, in, in terms of how you work with pure, but how do you stay tightly in lockstep with, with your customers so that you don't over rotate so that you don't them to over rotate, but then you're not also, you don't wanna be too late to the game. How, how do you manage all that? >>Oh, there's, there's, there's a world of interactions between us and our customers. And so I think a well known, uh, uh, uh, thing that people, the most customer intimacy, that's very important for us to get to know our customers and get to predict which way they're moving. But the, the thing that we add to it is also the ecosystem intimacy. So no, the application and services landscape, our customers know the primary providers and work with them, uh, to, to, to create something that, that really fits the customers to just not look at from our own silo where a cloud managed service provider that we actually work in the ecosystem with, with, with, with the primary providers. And we have, I think where the average customers, I think we have, uh, uh, uh, in a month we have so much interactions on our operational level and technical levels, strategic level. >>We do bring together our customers also, and to jointly think about what we can do together, what we independently can never reach, but we also involve our customers in defining our own strategy. So we have something we call a customer involvement board. So we present a strategy and today, does it make sense? Eh, this is actually what you need also. So we take a lot of our efforts into our customers and we do also, uh, understand the significant moments of truth. We are now in this, in this broadcast, David there. So you can imagine that at this moment, not thinking go wrong. Uh, if, if, if the internet stops, we have a problem. And now, so we, we actually know that this broadcast is going on for our customers. And we manage that. It's always on, uh, uh, where in the other moments in the week, we might have a little less attention, but this moment we should be there in these moments of truth that we really embraced. We got them well described. Everybody working out line knows what the moment of truth is for our customers. Uh, uh, so we have a big logistics provider. For instance, you does not have to ask us to, uh, have, uh, a higher availability on black Friday or cyber Monday. We know that's the most important part in the year for him or her. Does it answer your question, David? >>Yes. We know as well. You know, when these big, the big game moments you have to be on your top, uh, top of your game. Yeah. Uh, you know, the other thing, a Emil about this as a service approach that I really like is, is it's a lot of it is consumption based and the data doesn't lie, you can see adoption, you know, D daily, weekly, monthly. And so I wonder how you're leveraging pure as a service specifically in what kind of patterns you're seeing in, in, in the adoption, >>Uh, pure as a service for our customers. It's mainly never visible. Uh, we provide storage services, provide storage solutions, storage job is part of a bigger thing of a server of application. Uh, so the real benefits to be honest of, of course, towards our customer, it's all flash, uh, uh, and they have the fast, fastest storage is available. But for ourself, we, uh, we use less resources to manage our storage. We have far more that we have a near to maintenance free storage solution now because we have it as a service and we work closely together with pure. Uh, so, uh, actually the way we treat our customers is the way pure treats us as well. And that's why there's a used click. So the real benefits, uh, uh, how we leverage is it normally we had a bunch of guys managing us storage. Now we only have one and knowing that's a shortage of it, personnel, the other persons can well be, uh, involved in other parts of our services or in other parts of an innovation. So, uh, that's simply great. >>You know, um, my takeaway Emil is that you've made infrastructure, at least, least the storage infrastructure, invisible to your customers, which is the way it should be. You didn't have to worry about it. And you've, you've also attacked the, the labor problem. You're not, you know, provisioning lungs anymore, or, you know, tuning the storage, you know, with, with arms and legs. So that's huge. So that gets me into the next topic, which is business transformation. That, that means that I can now start to attack the operational model. So I've got a different it model. Now I'm not managing infrastructure same way. So I have to shift those resources. And I'm presuming that it's a bus now becomes a business transformation discussion. How are you seeing your customers shift those resources and focus more on their business as a result of this sort of as a service trend? >>I think I do not know if they, they transform their business. Thanks to us. I think that they can more leverage their own business. They have less problems, less maintenance, et cetera, et cetera. But we also add new, uh, certainties to it, like, uh, uh, the, the latest service we we released was imutable storage being the first in the Netherlands offering this thanks to, uh, thanks to the pure technology, but for customers, it takes them to give them a good night rest because, you know, we have some, uh, geopolitical issues in the world. Uh, there's a lot of hacking. People have a lot of ransomware attacks and, and we just give them a good night rest. So from a business transformation, doesn't transform their business. I think that gives them a comfort in running your business, knowing that certain things are well arranged. You don't have to worry about that. We will do that. We'll take it out of your hands and you just go ahead and run your business. Um, so to me, it's not really transformation. It's just using the right opportunities at the right moment. >>The imutable piece is interesting because of course, but speaking of as a service, you know, anybody can go on the dark web and buy ransomware as a service. I mean, as it's, he was seeing the, as a service economy hit, hit everywhere, the good and the, and the not so good. Um, and so I presume that your customers are, are looking at, I imutability as another service capability of the service offering and really rethinking, maybe because of the recent, you know, ransomware attacks, rethinking how they, they approach, uh, business continuance, business resilience, disaster recovery. Do you see that? >>Yep, definitely. Definitely. I, not all of them yet. Imutable storage. So it's like an insurance as well. Yeah. Which you have when you have imutable storage and you have, you have a ransomware attack, at least if you part the data, which never, if data is corrupted, you cannot restore it. If your hardware is broken, you can order new hardware. Every data is corrupted. You cannot order new data. Now we got that safe and well. And so we offer them the possibility to, to do the forensics and free up their, uh, the data without a tremendous loss of time. Uh, but you also see that you raise the new, uh, how do you say, uh, the new baseline for other providers as well? Eh, so there's security of the corporate information security officer, the CIO, they're all fairly happy with that. And they, they, they raise the baseline for others as well. So they can look at other security topics and look from, say a security operation center that now we can really focus on our prime business risks, because from a technical perspective, we got it covered. How can we manage the business risk, uh, which is a combination of people, processes and technology. >>Right. Makes sense. Okay. I'll give you the last word. Uh, talk about your relationship with pure, where you wanna see that, that going in the future. >>Uh, I hope we've be working together for a long time. Uh, I, I ex experienced them very involved. Uh, it's not, we have done the sell and now it's all up to you now. We really closely working together. I know if I talk to my prime marketing, Marcel height is very happy and it looks a little more or less if we work with pure, like we're working with colleagues, not with a supplier, uh, and a customer, uh, and, uh, the whole pure concept is quite fascinating. Uh, I, uh, I had the opportunity to visit San Francisco head office, and they told me to fish in how they launched pure being, if you want to implement it, it had to be on one credit card. The, the, the menu had to be on one credit card, just a simple thought of put that as your big hair, audacious goal to make the simplest, uh, implementable storage available. But for, uh, it gives me the expectation that there will be a lot of more surprises with puring in near future. Uh, and for us as a provider, what we, uh, literally really look forward to is that, that for us, these new developments will not be new migrations. It will be a gradual growth of our services on storage services. Uh, so that's what I expect, and that was what I, and we look forward to. >>Yeah, that's great. Uh, thank you so much, Emil, for coming on the, the cube and, and sharing your thoughts and best of luck to you in the future. >>Thank you. >>You're welcome. Thanks for having me. You're very welcome. Okay. In a moment, I'll be back to give you some closing thoughts on at your storage service. You're watching the cube, the leader in high tech enterprise coverage.

>>Welcome to this cube conversation. I'm John fury host of the cube here in Palo Alto, California. We're talking open source. We're talking about the data center. We're talking about cloud scale, bringing that software benefits all to the table, all around the network, the network operating system, and more gotta go a guest here, sir. Rob Capor director of product management, Dell networking, sir. Rob. Great to see you. Thanks for coming on. >>Thank you, John. Good to be here. Thanks for inviting me. >>You know, we were talking before we came on camera around how the networking business is changing, why hardware matters, why software's more important. And in all of this shift, that's happening in the transition to fully distributed computing, which Matt, you got the edge, you got the data center, you got the cloud all coming together. One of the common threads in all of this is open source. Okay. Open source software, next generations coming. You're seeing more and more new cool things in open source, but also in parallel with the enterprise. This is a huge kind of flash point to the next gen open source enterprise convergence with, with open source software and the communities and all and all that, all that good stuff. And you're in the middle of it. What's driving this Hmm. Source and the data center. We're seeing the levels of support like we've never seen before and specifically at the network level. >>Awesome. Yeah. So, well, to set the context, let's start by looking at the story of comput solution, right? Uh, in the nineties, the comput infrastructure was vertically integrated. Uh, there were multiple vendors each offering their own operating system, usually a version of hearings, uh, on, on the proprietary hardwares. If I wanted to run a Solas operating system, I had to run that over a Spoor and the applications were written, especially for, for that architecture. So, so this represented multiple challenges back then the customer were locked in growth and innovation developers had to recreate applications for, for different architectures and, and the interoperability was extremely difficult, but with the advent of X 86 architecture and standardized operating systems like like windows and Linux, the stack got disaggregated, which allowed for flexibility, innovation, affordability and finding expand engine. We see a similar trend happening on the networking side now where the traditional networking solutions, uh, are not flexible. >>The switch, the network operating system, the APIs are all provided by the same vendor. So if a feature is, is needed, the user has to either wait for the vendor to deliver it, or is forced to replace then time for structure. But with the of open networking and opensource networking based solutions, we see an evolution that has paved the way for the customers to unlock their data center technologies and innovate. The modern data center is, is no longer centered around protocol sax. It's about agility, flexibility, innovation, network automation, and simplicity. It's about how to make operations more agile, agile, more effective, and, and, you know, bake it into an overall infrastructure today. A large element of, uh, of, of business action behind open networking is that companies are moving towards application centricity and, and a true realization of as a service model. Right? So, so that is where Sonic comes into the picture, right? >>But it's large and diverse community around, around modular containers, architecture born in Microsoft as your environment, Sonic is, is built for automation, telemetry and scale. And the flexibility of this architecture allows you for, you know, in terms of running to applications by providing that high level of redundancy. So, so basically know Sonic kind of check marks to all the requirements of the modern data center from open flexible architectures to cloud economics. And if you have to follow a comput evolution analogy, we believe that, you know, switches is the server now in Sonic is the Linux for networking. >>It's like the Ker of networking. I mean, we'd be and reporting. We've had all the cube conversations where Sonic's been mentioned and people have been saying things like it's taking the networking world by storm. Um, and all, all that with open source kind of ties it and scales it together. Can you take a minute to explain a little bit about what it is? What is Sonic, what does it stand for? Why is it important? What does it do? What's the benefit to the customers? What are they, what what's going on around Sonic take a minute to explain what is Sonic. >>Absolutely. Yeah. So is Sonic stands for software for open talking in the cloud. It's a brain of Microsoft in, in 2016, they announced their contribution of Sonic to the open source community and, and through the networking technology to revolutionary set forward with the yet level of this aggregation by breaking the monolithic nos into multiple containers components. And, and through the use of ization, Sonic provides the, the network managers, the plug and place sensibility, the ability to run third party proprietary or open source application containers and, and perform those in-service updates with zero down time. Sonic is, is primarily designed across four main per principles. First one is the notion of control where, uh, Sonic is an open software organizations are deploying it, working on it. The network managers can decide what features they want to ship on a switch, so that there's less potential for bug and, and tailored for more of the use cases, right? >>Sonic was designed for extensibility for, uh, the developers to come and add new cable, roll those out rapidly on, on a platform. Uh it's it was designed for agility. The ability to take changes, roll those out rapidly, whether it's a bug fix or a new feature coming out, uh, which is significant. And finally Sonic was designed around this notion of open collaboration with such a diverse community around. We have Silicon vendors to ODM providers. It contribute is the more people work on it better and more like the software it becomes. Yeah. I mean, it has evolved considerably and, and since it's inception, it's, it's, uh, the growth is, is nurtured by an increasing set of users, uh, a vibrant open source community. Uh, and then there's a long, uh, trail of, of, you know, falling from, from the non hyperscalers where they like the value propers, you know, technology. And I want to adapt it for their environment. >>Yeah. And of course we love Silicon here at Silicon angle on the cube. Uh, but this is the whole new thing. Silicon advances is still software hardware matters. Dave LAN is doing a big thing called on why hardware matters with our team hardware and software together with open source really is coming back smaller, faster, cheaper. It's really good. So I want to ask you about Sonic, what types of customers mm-hmm <affirmative> would be looking to implement this, is this more of a, a reset in the data center? Is it a cloud scale team? Is it tributed computing? What's the new look of the customer who are implementing the like so, so, >>Well, uh, you know, it has evolved considerably since it's <inaudible> right. It was born into a hyperscale environment and we see a big end happening where, uh, you know, there's a wider appeal that is across non hyperscalers who want to emulate the best practices of the hyperscalers. They, but they want to do it on their own dumps. They want, uh, uh, a feature solution that is tailored for enterprise use cases. And, and, you know, looking at this whole contains architecture, Sonic kinda fits the build well where, you know, providing a Linux, no, that can be managed by the same set of automation management tools. Uh, and you know, these are the same teams, you know, uh, that have, you know, been acclimated world on website. Now with this all tool consolidation and consistent operations across the data center infrastructure, we, we see that Sonic brings a lot of value, uh, to these distributed application use cases, these modern data center environments, where you, you know, you have, you know, customers looking for cloud economics, multi vendor ecosystem, open and flexible architectures. And in fact, you know, uh, you know, we are told by the industry analyst that there's a strong possibility that, you know, during the next three to six years, Sonic is going to become analog as to Linux. Uh, now allowing the enterprises to, to sanitize on this. No, and, and, and, you know, they also predict that, uh, you know, 40% of the organizations that have, uh, you large data centers or 200 plus switches will deploy Sonic in production. And the market is going to be approximately 2.5 billion by, by 25. >>You know, we've Al we've always been riffing about the network layers, always the last area to kind of get the innovation, because it's so important. I mean, right. If you look at the advances of cloud and cloud scale, obviously Amazon did great work and what starts with networking lay what they did kind of with the, in the cloud, but even in the enterprise, it's so locked down, it's so important. Um, and things like policy, these are the concepts that have been moving up the stack. We see that, but also software's moving down the stack, right? So this notion of a network operating system kind of now is in play at the data center level, not just on the server, you're talking about like packets and observability monitoring, you know, more and more and more data coming in. So with data surging, tsunami of data, new, um, agile architectures changing in real time dynamic policy, this is what's happening. What's the role of Dell in all this? You guys got the hardware, um, you got the servers now it's open source, it's got community. What is Dell bringing to the table? What's your role in this development and the evolution of Sonic and, and what do you guys bringing to the table? >>Absolutely. So, so we are now, uh, enterprise Sonic distribution by Dell technologies, a commercial offering for Sonic in June last year. And our vision has been primarily to bridge the cap between hyperscale networking and enterprise networking. Right here we are, we are combining the stents and value proposition of Sonic and Dell technologies where the customers get an innovative, scalable, open source NA, which is hardened supported and backed by industry leader and open networking that has been, that has been our primary play into this where enterprise Sonic by Dell, we, we CU the customers, you know, get support and deployment services. Uh, we work with the customers in building out a roadmap that is, you know, a predictable software and hardware roadmap for them. Uh, we, we provide extended and validated use cases where, uh, you know, they can average, you know, Sonic for their, you know, specific environments, whether it's a cloud environment or the enterprise environment, uh, we've created a partner ecosystem where, uh, you know, with, with certain organizations that allow you to leverage the inherent automation, telemetric capabilities in the NAS, uh, to enhance the usability of the software, we have, uh, created an intuitive CLI framework called manage framework to allow you to better consume Sonic for your environment. >>We offer support for open conflict models and then also answerable playbooks for, for network automation. So, so it's been a journey, uh, you know, we are making the solution ready for enterprise consumption is a, a big fan falling that is happening from the non hyperscaler awards. And, uh, we've made significant in, in, in the community as well. Yeah. 1 million lines plus of code what fixes and, and helping with the documentation. So we are at the forefront of, of so journey. >>So you're saying that you, you're saying Dell for the folks watching you guys are putting the work in you're investing in opensource. >>Yeah, yeah, absolutely. I mean, we, we, we are, uh, you know, extending open source to the bottom market, you know, making it enterprise ready, uh, with, with feature enhancements and building a partner ecosystem. Uh, you know, we, we ensure that, you know, it advanced through extensive internal testing and validation for the customers. And then, uh, in order to allow the customers to absorb this new technology in house, uh, you know, we, we provide virtual to MOS. We have, you know, hands on labs for, for customers and channel partners. We, we also help them with, with a lot of documentation and reference architecture so that, you know, it's a knowledge repository across the board that can be leveraged for the modern use cases. So, yeah, so that's been a, it's been a journey with the customers and it's always in evolution where we, you know, get better of it with extended use cases and, and more capabilities on the portfolio. >>You know, I always, I always talk with Michael Dell at the Dell tech world every year. And sometimes we text back and forth. Uh, we kind of grew up together in the industry about the same age. Um, and we joke about the Dell early days of Dell, how supply chain was really part of their advantage. Um, and this is getting a little bit of a throwback, but you look back back then it was a of systems architecture. You have suppliers, you have chips, you have boards, you build PCs, you build servers. And the DNA of Dell, Dell technologies has always been around the system and with open source and tributed computing cloud data center edge, it's a system. And we're hearing words like supply chain in software, right? So when you start to think about Sonic and network operating systems and that kind of, those kinds of systems, when you modernize it, it's still gotta enable things to enable value. So what's the enabling value that Sonic has for the modern era here and comput as new kinds of supply chains emerge, new kinds of partnerships have to evolve. And the environment under the covers is changing too. You got cloud native, you got growth of containers. I think DACA was telling us that the container market there is pushing 20 million developers. I mean, massive cloud native activity and open source growth. This is a system. >>No, absolutely. I mean, uh, you know, the modern world has changed so much from, from, you know, the proprietary infrastructure and stacks. Now, uh, we Dell, you know, becoming, uh, uh, you know, more software focused now because that's a real value, uh, that you bring to the customers. Now, it's all about application centricity. Nobody is talking about out, you know, protocol stacks, or, you know, they, they want simplicity. They want ease of network management. And how do you expose all these capabilities? It's, it's with software, right? Sonic being open software. There's so much happening, uh, in, in the community around it. You know, we provide not bond interfaces that, you know, customers can hook up into their applications and get better at monitoring, get better at you managing that entire CIC CD pipeline in the infrastructure. So I think, you know, soft is, is a core in the heart of, you know, the modern data center infrastructure today. And, you know, we've been, uh, you know, uh, uh, at the forefront of this journey with, with Sonic and, uh, you know, bringing the real choice and flexibility for the customers. >>It's certainly an exciting time if you're in the data center, you're in, in architecture, cloud architecture, urine in data engineering, a new growing field, not just data science data is code. We did a big special on that recently in the cube, but also just overall scale. And so this, these are all new factors in C CXOs are dealing with obviously securities playing a big part of it and the role of data, uh, and also application developers all in the partner ecosystem becomes a really important part of, so I have to ask you, can you expand a little bit more on your comment earlier about the partner ecosystem and the importance of plays mm-hmm, <affirmative> in providing a best in class service because you're relying on others in open source, but you're commercializing Sonic with others. So there's a, there's a ecosystem play here. What's, what's talk more about that and, and the importance of it, >>Right, right. Yes, sir. As I mentioned earlier, right, the modern data center is no longer centered on protocol stack, right? So it's about agility, flexibility, choice, uh, network automation, simplicity, and based on these needs, we've built up, uh, portfolio with, with plethora of options, for, uh, you know, integrations into open source tool chains and, and also building enterprise partnerships for, uh, with, with technologies that matter to the customers. Right? So, uh, the ecosystem partners, uh, are, are, you know, apps are Juniper. Um, Okta, there are crews that offer solutions at simplify network management and monitoring of, of massive complex networks and leverage the, the inherent automation telemetry capabilities in Sonic. It comes to the open source tools. Uh, you know, these, these are tools that, you know, the broader, the, the tier two cloud of this point is the large enterprises also want, you know, based on how they're moving towards an open source based ecosystem. We have, you know, created ible modules for network automation. We have integrated into open source marketing tools like Telegraph or far and Promeus, and then we continue to, you know, scaling and expanding on easy integrations and ecosystem partners, uh, to bring the choice, flexibility, uh, to the customers where, uh, you know, they can leverage inherent software capabilities and leverage it to their application business needs. >>Rob, great to have you on the cube Sergeant Kabar, director of product management, Dell tech, Dell networking, Dell technologies, um, networking really important area. That's where the innovation is. It matters the most latency. You can't change the, the laws of physics, but you can certainly change architectures. This is kind of the new normal going on. Find final point final comment. What can people expect to see around Sonic and where this goes? What, what happens next? How do you see this evolving? >>Well, there's a, uh, you know, I think we start off a journey to an exciting, you know, evolution on a networking happening with Sonic so much. This, this technology has to offer with, you know, a lot of technical value prop and microservices, container architecture with such a diverse community around it. There's, uh, a lot of feature additions, extended use cases that are coming up with Sonic. And we, we, we actively engage in the community with lot of feature enhancements and help also helping stay the community in, in a direction that, you know, uh, brings Sonic to the wider market. So, you know, I think this is, this is great, you know, start to a fantastic journey here. And, uh, we look forward to the exciting things that are coming on the so journey. >>Awesome. Thanks for coming on. Great cube culture. We'll follow up more. I wanna track this Dell networking networking's important software operating systems. It's a system approach distributed computings back modernizing here with Dell technologies. Thanks for coming on. Appreciate it. >>Awesome. Thank you, John. >>I'm John furry with the cube here at Palo Alto, California. Thanks for watching.

(upbeat music) >> Hey, everyone. Welcome to theCUBE's coverage of Women in Tech: International Women's Day, 2022. I'm your host, Lisa Martin. Erin Chu joins me next. Life Sciences Lead at AWS Open Data. Erin, welcome to the program. >> Thanks so much for having me, Lisa. Tell me a little bit about you and your role at AWS. >> I would love to. So I am a life sciences lead on the AWS Open Data team, and we are really in the business of democratizing access to data. We believe that if you make high quality, high impact data openly available in the cloud, that people can start innovate, make discoveries and do science faster with those data. So we have a number of specialists with expertise in different domains. Geospatial sciences, climate sustainability, statistical regulatory and then of course myself, the life sciences lead. >> So, you have a really interesting background. You're a veterinarian by training. You have a PhD, you've worked in mobile veterinary clinics, and also in an animal genomic startup, how did you make the change from the clinical side to working for a large international, one of the biggest companies in the world? >> Yeah, I love that question because so much of, I think, anybody's career path is serendipitous and circumstantial, right? But the fact is I was working in a mobile veterinary clinics while I was finishing up a PhD in molecular genomics. And at the same time was reached out to by a professor at Cornell who had started a little dog genomic startup. And he said, "Hey, we need a veterinarian who can talk to people and who understands the genomic side of things?" And I said, "Yeah, I'm your girl." And I came on full time with that startup towards the end of my PhD, signed on after I finished, came on on as their senior veterinary geneticist. Startups a great whirlwind. You end up learning a ton. You have a huge, deep learning curve. You're wearing every possible hat you can. And after a couple years there, I wondered what else I could do. And simply said, where else could I look for work? And how else could I grow? And I decided to try the larger tech world, because I said, this is a toolkit I don't have yet. So I'd like to try and see how I can do it, and here I am. >> And you, I was reading about you that you felt empowered by the notion that I have to trust my instincts. You look at careers in biology, you decided what directions you wanted to take but how did you kind of conjure that feeling of empowerment? >> Yeah, I have to see say I have an incredibly supportive team and in supportive manager, but a lot of it was simply because I've never been afraid to fail. The worst thing that someone can ever say to you is, no or that you didn't do that well. Once you come across that once in your life, it doesn't hurt so bad the second time around. And so, I was hired for a very specific data set that my team was helping to manage. And that does take up a good deal of my time, it still does, but I also had the freedom to say, "Hey, what are the trends in biology? I am an expert in this field. What do I know is coming around the corner? What do I know my researchers need?" And I was entrusted with that, this ability to say, "Hey, these are the decisions I think we should make." And I got to see those outcomes fairly quickly. So, my managers have always put a good deal of trust in me and I don't think I've let them down. >> I'm sure you haven't. Tell me a little bit about some of your mentors or sponsors that have helped guide you along the way and really kind of feel that empowerment that you already had. >> Absolutely. Well, the first and foremost mentor in has been my mother. So, in the spirit of International Women's Day, my mom is actually the first Asian engineer to ever reach executive level. Asian female engineer to ever reach executive level at IBM. And so, I spent my life seeing what my mother could do, and watching her just succeed. And I think very early it clear, she said, "What can't you do?" And that was kind of how I approached my entire life, is what can't I do, and what's the worst thing that will happen. You fail and then you try again. So she is absolutely my first mentor, and a role model to me and hopefully to women everywhere, honestly. I've had some amazing teachers and mentors. My professor who oversaw my PhD, Dr. Paul Soloway. He's currently still at Cornell, really just said, "What decisions do you want to make?" And, "I will support you in the best way I can." And we learned a lot together. I have a professor at Cornell who I still come back. I speak at her alternate careers in veterinary medicine because she just... And she was the one who told me, "Erin, you have a really high buoyancy factor. Don't lose that." And her name is Dr. Carolyn McDaniel. And she has just been such a positive force just saying, "What else could we do?" >> Well, that's- >> And, "Never let your degrees or your training say that this is what you have to do. Think of it as a starting point." >> That's a great point. We often, especially when we're little kids, many of us, you think of these very defined, doctor, lawyer, accountants, nurse instead of having something like you do and being able to go, what else can I do with this? How can I take this education, this information and the interest that I have and parlay it into something that really can kick the door wide open. And to your point, I love how your mom was saying, "What can't you do?" That's a message that everyone needs to hear. And there's an AWS Open Data Sponsorship Program. Talk to me a little bit about that. I'm always interested in sponsorship programs. >> Oh, thanks for asking. So the Open Data Sponsorship Program or the ODP since Open Data Sponsorship Program can be a little mouthful after you say it a few times, but the ODP is a program that AWS sponsors where we will actually cover at the cost of storage transfer and egress of high impact data sets in the cloud. Basically, we know that sometimes the barrier to getting into cloud can be very high for certain providers of gold standard data sets. And when I mean gold standard data sets, I mean like NASA Sentinel-2, or the National Institutes of Health Sequence Read Archive. These are invaluable data sets that are ingested by thousands if not millions of users every day. And what we want to do is lower that barrier to cloud and efficient distribution of those data to zero. So, the program is actually open to anybody. It can be a government entity, it can be a startup, it can be nonprofit. We want to understand more about your data and help you distribute it well in the cloud. >> So this is for any type of organization regardless of industry? >> That's right. >> So, you're really allowing more organizations... One of the things that we say often when we're talking on theCUBE is that every company these days is a data company, or it has to be. Every company has to be a tech company, whether we're talking about your grocery store or AWS, for example. So helping organizations to be able to take that data, understand it, and have those personal conversations that as consumers we expect is critical, but it's challenging for organizations that say, "Well, I came up in retail and now I've got to be a tech company." Talk to me about kind of empowering organizations to be able to use that data, to grow the organization, grow the business, but also to delight customers 'cause of course we are quite picky. >> You're so right. Data is power and it doesn't matter what you are selling or who you are serving. If you have the data about your product. And also to some degree, the data about who your consumers are, you can really tailor an experience. I always tell my colleagues that data is impersonal, right? You can look at bits and bites, numbers, structured columns and rows, but you can funnel data into a truly personal experience as long as you do you it right. And hopefully, when I work with my data providers I ask them, how do you want people to use your data? What are the caveats? How can we make these data easy to work with? But also easy to draw correct insights from. >> Right, that easy to use is critical because as you know the proliferation of data just continues and it will continue. If we think of experiences. I want to go back to your experience. What's been the biggest learning curve that you've had so far? >> Oh my gosh. So, the best part of being at a large company is that you're not in the same room or even like whatever the same slack channel as all of your colleagues, right? Coming from a startup or clinical space where quite literally you are in the same room as everybody 'cause there are less than 60 of you, you could just talk to the person who might be an internal stakeholder. You had that personal relationship, and frankly, like most of the time your views were very aligned. It was sell the product, get to MVP. Moving into larger tech, the steepest curve I had other than becoming very comfortable in the cloud, in all the services that AWS has to offer, were to manage those internal relationships. You have to understand who the stakeholders are. There typically many, many of them for any given project or a company that we're serving. And you have to make sure that you're all aligned internally, make sure that everyone gets what they need and that we reach that end to ultimately serve the customer together. >> Yeah, that communication and collaboration is key. And that's something that we've seen over the last two years, is how dependent we've all become on collaboration tools. But it is a different type of relationship. You're right. Going from a clinic where you're all in the same room or the same location to everyone being distributed globally. Relationship management there is key. It's one of my favorite things about being in tech is that, I think it's such a great community. It's a small community, and I think there's so there's so much opportunity there. If you're a good person, you manage those relationships and you learn how to work with different types of people. You'll always be successful. Talk to me about what you would say, if someone's saying, "Erin, I need some advice. I want to change industries or I want to take this background that I have, and use it in a different industry." What are the three pieces of advice that you would share? >> Oh, absolutely. So, the first thing that I always talk with my... I have quite a few colleagues who have approached me from all different parts of my life. And they've said, "Erin, how did you make the change? And how can I make a change?" And the first thing I say is let's look at your resume and define what your translational skills are. That is so big, right? It doesn't matter what you think you're a specialist in, it's how generalizable are those specialty skills and how can you show that to somebody who's looking at your resume. Let's call it a nontraditional resume. And the second is don't hesitate to ask question. Go for the informational interview. People want to tell you about how they've gotten to where they are and how you might be able to get there too. And so I say, get on LinkedIn and start asking questions. If one person says yes, and you get no responses I call that a success. Don't be afraid of not getting a response, that's okay. And the last thing, and I think this is the most important thing is to hold onto the things that make you happy no matter where you are in your life. It's important to realize you are more than your job. It is important to remember what makes you happy and try to hang on those. I am a gym rat. I admit that I am a gym rat. I'm in the gym five days a week. I have a horse. I go out to see him at least two or three a days. I know it's typical veterinarian, right? You just collect niches until you run out of things you want to pay for. But those are things that have been constant through 20 plus years of being in the workforce. And they've been what kept me going. Let's revise that in ten years. >> So critical because as we all know tech can be all consuming. It will take everything if you let it. So being able to have... We always talk about the balance. Well, the balance is hard. It's definitely a way to scale, right? It's going back and forth, but being able to hold onto the things that actually make you who you are, I think make you better at your job, probably more productive and happier. >> I agree. I totally agree. >> Another thing that you believe, which I love, this is an important message is that, if you look at a job, I like how you said earlier, the worst they can say is no. You have nothing to lose. And it's really true. As scary as that is same thing with raising your hand as you say, and I agree with you about that. Ask a question. It's not a dumb question. I guarantee you. If you're in a room or you're on a Zoom or even in a slack channel. A fair number of people probably have the same question. Be the one to raise your hand and say, "Maybe I missed this. Can you clarify this?" But you also think that you don't have to meet all the job requirements. If you see something that says, five years experience in this or 10 years in that or must have this degree or that degree, you're saying you don't have to meet all that criteria. >> I agree. Yeah, that's another big thing is that, I'll literally talk to people who are like, "Well, Erin, this job application, look at all these requirements and I can't fill these requirements." I'm like, "First of all, who says you can't?" Just because you don't have a certification, what has your work thus far done to reflect that? Yeah, you can meet that requirement, even if you don't have an official certification. But two, like what's the worst thing that happens. You don't get a call back from a recruiter. That's okay. I have so many friends who are afraid of failure, and I tell them, just fail once doesn't hurt. It never hurts as much as you think it's going to hurt. And then you just keep going. >> You keep going and you learn. But you've also brought up a great point about those transfer growth skills or those soft skills that are so important. Communication skills, for example. Relationship building skills that may not be in that written job description. So you may not think about actually there's a tremendous amount of importance that these skills have. That having this kind of breadth of background. I think is always so interesting we think about thought diversity, and if we're talking about women in tech. We know that the number of women in technical roles is is still pretty low, but there's so much data that shows that companies that have even 30% females on their executive staff are more performant and more profitable. So that thought diversity is important, but we need more women to be able to feel that empowerment I think that you feel. >> Yes. >> So when you think of International Women's Day with the theme of breaking the bias, what does that mean to you and where do you feel we are in terms of breaking the bias? >> Yeah, so it's interesting, I was just on a working group with some of my colleagues from our larger organization at AWS. And we were talking about, what are different kinds of bias and what our strategies to go ahead and combat them. The fact is we are all making progress and it has to be in one step at a time. I don't think that if we snapped our fingers, things would just go away. You have to take one step at a time. I also come at it from a data perspective, right? I'm a data person. I work with data. And like I said, data is, or data are, if you want to be correct. Data are impersonal, right? They are just statistics, their numbers, but you can use data to suddenly say, "Hey, where are the biases? And how can we fix them?" So I'm going to give you a great example. So my mother, again, a wonderful woman, a super amazing role model to me. She was diagnosed with breast cancer last year. And she being a smart lady, actually looked online. She went online on Google Scholar and PubMed Central. And she said, "May, look..." May is my little nickname. She goes, "Look at these numbers." She said, "My prognosis is terrible. Look at these numbers, how can you say that this is worth it. That chemotherapy is worth it." And I looked at it and I said, "Mom, I hate to break this to you. But this is a retrospective study of several thousand women from the Bavarian cancer registry." And you might guess I am not a Bavarian origin. I had a chat with her and I said, "Mom, let's look at the data. What are the data? And how can you take away stuff from this with the caveat that you may very well not have the same genetic background as some of the women or most of the women in this registry." There are biases. We know when we look at population sequencing, when we look at the people who are sequenced, the people who put in medical survey information. There are not representations of certain ethnicities of certain sexes, of certain parts of the country. One of the things I really want to do in the next three years is say, how can we support people who are trying to increase representation and research so that every single woman gets the right care and can feel like they are themselves represented in what we call precision medicine or personalized care. >> Absolutely. >> That's a long story. >> It was a great story. >> That was a long answer to answer your question. >> You talked about how your mom was a great inspiration to you and it sounds like you've been quite a great inspiration to her as well. Was a delight talking with you, Erin. Congratulations on your success on being able to be one of those people that is helping to break the bias. We appreciate your time. >> Thanks, Lisa. >> My pleasure. For Erin Chu, I'm Lisa Martin. You're watching Women in Tech: International Women's Day, 2022. (upbeat music)

(upbeat music) >> Hello, and welcome to this startup showcase. It's great to be here and talk about some of the innovations we are doing at AWS, how we work with our partner community, especially our open source partners. My name is Deepak Singh. I run our compute services organization, which is a very vague way of saying that I run a number of things that are connected together through compute. Very specifically, I run a container services organization. So for those of you who are into containers, ECS, EKS, fargate, ECR, App Runner Those are all teams that are within my org. I also run the Amazon Linux and BottleRocketing. So anything AWS does with Linux, both externally and internally, as well as our high-performance computing team. And perhaps very relevant to this discussion, I run the Amazon open source program office. Serving at AWS for over 13 years, almost 14, involved with compute in various ways, including EC2. What that has done has given me a vantage point of seeing how our customers use the services that we build for them, how they leverage various partner solutions, and along the way, how AWS itself has gotten involved with opensource. And I'll try and talk to you about some of those factors and how they impact, how you consume our services. So why don't we get started? So for many of you, you know, one of the things, there's two ways to look at AWS and open-source and Amazon in general. One is the number of contributors you may have. And the number of repositories that contribute to. Those are just a couple of measures. There are people that I work with on a regular basis, who will remind you that, those are not perfect measures. Sometimes you could just contribute to one thing and have outsized impact because of the nature of that thing. But it address being what it is, increasingly we'll look at different ways in which we can help contribute and enhance open source 'cause we consume a lot of it as well. I'll talk about it very specifically from the space that I work in the container space in particular, where we've worked a lot with people in the Kubernetes community. We've worked a lot with people in the broader CNCF community, as well as, you know, small projects that our customers might have got started off with. For example, I want to like talking about is Argo CD from Intuit. We were very actively involved with helping them figure out what to do with it. And it was great to see how into it. And we worked, etc, came together to think about get-ups at the Kubernetes level. And while those are their projects, we've always been involved with them. So we try and figure out what's important to our customers, how we can help and then take because of that. Well, let's talk about a little bit more, here's some examples of the kinds of open source projects that Amazon and AWS contribute to. They arranged from the open JDK. I think we even now have our own implementation of Java, the Corretto open source project. We contribute to projects like rust, where we are very active in the rest foundation from a leadership role as well, the robot operating system, just to pick some, we collaborate with Facebook and actively involved with the pirates project. And there's many others. You can see all the logos in here where we participate either because they're important to us as AWS in the services that we run or they're important to our customers and the services that they consume or the open source projects they care about and how we get to those. How we get and make those decisions is often depends on the importance of that particular project. At that point in time, how much impact they're having to AWS customers, or sometimes very feel that us contributing to that project is super critical because it helps us build more robust services. I'll talk about it in a completely, you know, somewhat different basis. You may have heard of us talk about our new next generation of Amazon Linux 2022, which is based on fedora as its sub stream. One of the reasons we made this decision was it allows us to go and participate in the preneurial project and make sure that the upstream project is robust, stays robust. And that, that what that ends up being is that Amazon Linux 2022 will be a robust operating system with the kinds of capabilities that our customers are asking for. That's just one example of how we think about it. So for example, you know, the Python software foundation is something that we work with very closely because so many of our customers use Python. So we help run something like PyPy which is many, you know, if you're a Python developer, I happened to be a Ruby one, but lots of our customers use Python and helping the Python project be robust by making sure PyPy is available to everybody is something that we help provide credits for help support in other ways. So it's not just code. It can mean many different ways of contributing as well, but in the end code and operations is where we hang our happens. Good examples of this is projects that we will create an open source because it makes sense to make sure that we open source some of the core primitives or foundations that are part of our own services. A great example of that, whether this be things that we open source or things that we contribute to. And I'll talk about both and I'll talk about things near and dear to my heart. There's many examples I've picked the two that I like talking about. The first of these is firecracker. Many of you have heard about it, a firecracker for those of you who don't know is a very lightweight virtual machine manager, which allows you to run these micro VMs. And why was this important many years ago when we started Lambda and quite honestly, Fugate and foggy, it still runs quite a bit in that mode, we used to have to run on VMs like everything else and finding the right VM for the size of tasks that somebody asks for the size of function that somebody asks for is requires us to provision capacity ahead of time. And it also wastes a lot of capacity because Lambda function is small. You won't even if you find the smallest VM possible, those can be a little that can be challenging. And you know, there's a lot of resources that are being wasted. VM start at a particular speed because they have to do a whole bunch of things before the operating system spins up and the virtual machine spins up and we asked ourselves, can we do better? come up with something that allows us to create right size, very lightweight, very fast booting. What's your machines, micro virtual machine that we ended up calling them. That's what led to firecracker. And we open source the project. And today firecrackers use, not just by AWS Lambda or foggy, but by a number of other folks, there's companies like fly IO that are using it. We know people using firecracker to run Kubernetes on prem on bare metal as an example. So we've seen a lot of other folks embrace it and use it as the foundation for building their own serverless services, their own container services. And we think there's a lot of value and learnings that we can bring to the table because we get the experience of operating at scale, but other people can bring to the table cause they may have specific requirements that we may not find it as important from an AWS perspective. So that's firecracker an example of a project where we contribute because we feel it's fundamentally important to us as continually. We were found, you know, we've been involved with continuity from the beginning. Today, we are a whole team that does nothing else, but contribute to container D because container D underlies foggy. It underlies our Kubernetes offerings. And it's increasingly being used by customers directly by their placement. You know, where they're running container D instead of running a full on Docker or similar container engine, what it has allowed us to do is focus on what's important so that we can operate continuously at scale, keep it robust and secure, add capabilities to it that AWS customers need manifested often through foggy Kubernetes, but in the end, it's a win-win for everybody. It makes continuously better. If you want to use containers for yourself on AWS, that's a great way to you. You know, you still, you still benefit from all the work that we're doing. The decision we took was since it's so important to us and our customers, we wanted a team that lived in breathed container D and made sure a super robust and there's many, many examples like that. No, that we ended up participating in, either by taking a project that exists or open sourcing our own. Here's an example of some of the open source projects that we have done from an AWS on Amazon perspective. And there's quite a few when I was looking at this list, I was quite surprised, not quite surprised I've seen the reports before, but every time I do, I have to recount and say, that's a lot more than one would have thought, even though I'd been looking at it for such a long time, examples of this in my world alone are things like, you know, what work had to do with Amazon Linux BottleRocket, which is a container host operating system. That's been open-sourced from day one. Firecracker is something we talked about. We have a project called AWS peril cluster, which allows you to spin up high performance computing clusters on AWS using the kind of schedulers you may use to use like slum. And that's an open source project. We have plenty of source projects in the web development space, in the security space. And more recently things like the open 3d engine, which is something that we are very excited about and that'd be open sourced a few months ago. And so there's a number of these projects that cover everything from tooling to developer, application frameworks, all the way to database and analytics and machine learning. And you'll notice that in a few areas, containers, as an example, machine learning as an example, our default is to go with open source option is where we can open source. And it makes sense for us to do so where we feel the product community might benefit from it. That's our default stance. The CNCF, the cloud native computing foundation is something that we've been involved with quite a bit. You know, we contribute to Kubernetes, be contribute to Envoy. I talked about continuity a bit. We've also contributed projects like CDK 8, which marries the AWS cloud development kit with Kubernetes. It's now a sandbox project in Kubernetes, and those are some of the areas. CNCF is such a wide surface area. We don't contribute to everything, but we definitely participate actively in CNCF with projects like HCB that are critical to eat for us. We are very, very active in just how the project evolves, but also try and see which of the projects that are important to our customers who are running Kubernetes maybe by themselves or some other project on AWS. Envoy is a good example. Kubernetes itself is a good example because in the end, we want to make sure that people running Kubernetes on AWS, even if they are not using our services are successful and we can help them, or we can work on the projects that are important to them. That's kind of how we think about the world. And it's worked pretty well for us. We've done a bunch of work on the Kubernetes side to make sure that we can integrate and solve a customer problem. We've, you know, from everything from models to work that we have done with gravity on our arm processor to a virtual GPU plugin that allows you to share and media GPU resources to the elastic fabric adapter, which are the network device for high performance computing that it can use at Kubernetes on AWS, along with things that directly impact Kubernetes customers like the CDKs project. I talked about work that we do with the container networking interface to the Amazon control of a Kubernetes, which is an open source project that allows you to use other AWS services directly from Kubernetes clusters. Again, you notice success, Kubernetes, not EKS, which is a managed Kubernetes service, because if we want you to be successful with Kubernetes and AWS, whether using our managed service or running your own, or some third party service. Similarly, we worked with premetheus. We now have a managed premetheus service. And at reinvent last year, we announced the general availability of this thing called carpenter, which is a provisioning and auto-scaling engine for Kubernetes, which is also an open source project. But here's the beauty of carpenter. You don't have to be using EKS to use it. Anyone running Kubernetes on AWS can leverage it. We focus on the AWS provider, but we've built it in such a way that if you wanted to take carpenter and implemented on prem or another cloud provider, that'd be completely okay. That's how it's designed and what we anticipated people may want to do. I talked a little bit about BottleRocket it's our Linux-based open-source operating system. And the thing that we have done with BottleRocket is make sure that we focus on security and the needs of customers who want to run orchestrated container, very focused on that problem. So for example, BottleRocket only has essential software needed to run containers, se Linux. I just notice it says that's the lineups, but I'm sure that, you know, Lena Torvalds will be pretty happy. And seeing that SE linux is enabled by default, we use things like DM Verity, and it has a read only root file system, no shell, you can assess it. You can install it if you wanted to. We allowed it to create different bill types, variants as we call them, you can create a variant for a non AWS resource as well. If you have your own homegrown container orchestrator, you can create a variant for that. It's designed to be used in many different contexts and all of that is open sourced. And then we use the update framework to publish and secure repository and kind of how this transactional system way of updating the software. And it's something that we didn't invent, but we have embraced wholeheartedly. It's a bottle rockets, completely open source, you know, have partners like Aqua, where who develop security tools for containers. And for them, you know, something I bought in rocket is a natural partnership because people are running a container host operating system. You can use Aqua tooling to make sure that they have a secure Indiana environment. And we see many more examples like that. You may think so over us, it's all about AWS proprietary technology because Lambda is a proprietary service. But you know, if you look peek under the covers, that's not necessarily true. Lambda runs on top of firecracker, as we've talked about fact crackers and open-source projects. So the foundation of Lambda in many ways is open source. What it also allows people to do is because Lambda runs at such extreme scale. One of the things that firecracker is really good for is running at scale. So if you want to build your own firecracker base at scale service, you can have most of the confidence that as long as your workload fits the design parameters, a firecracker, the battle hardening the robustness is being proved out day-to-day by services at scale like Lambda and foggy. For those of you who don't know service support services, you know, in the end, our goal with serverless is to make sure that you don't think about all the infrastructure that your applications run on. We focus on business logic as much as you can. That's how we think about it. And serverless has become its own quote-unquote "Sort of environment." The number of partners and open-source frameworks and tools that are spun up around serverless. In which case mostly, I mean, Lambda, API gateway. So it says like that is pretty high. So, you know, number of open source projects like Zappa server serverless framework, there's so many that have come up that make it easier for our customers to consume AWS services like Lambda and API gateway. We've also done some of our own tooling and frameworks, a serverless application model, AWS jealous. If you're a Python developer, we have these open service runtimes for Lambda, rust dot other options. We have amount of number of tools that we opened source. So in general, you'll find that tooling that we do runtime will tend to be always be open-sourced. We will often take some of the guts of the things that we use to build our systems like firecracker and open-source them while the control plane, etc, AWS services may end up staying proprietary, which is the case in Lambda. Increasingly our customers build their applications and leverage the broader AWS partner network. The AWS partner network is a network of partnerships that we've built of trusted partners. when you go to the APN website and find a partner, they know that that partner meets a certain set of criteria that AWS has developed, and you can rely on those partners for your own business. So whether you're a little tiny business that wants some function fulfill that you don't have the resources for or large enterprise that wants all these applications that you've been using on prem for a long time, and want to keep leveraging them in the cloud, you can go to APN and find that partner and then bring their solution on as part of your cloud infrastructure and could even be a systems integrator, for example, to help you solve this specific development problem that you may have a need for. Increasingly, you know, one of the things we like to do is work with an apartment community that is full of open-source providers. So a great one, there's so many, and you have, we have a panel discussion with many other partners as well, who make it easier for you to build applications on AWS, all open source and built on open source. But I like to call it a couple of them. The first one of them is TIDELIFT. TIDELIFT, For those of you who don't know is a company that provides SAS based tools to curate track, manage open source catalogs. You know, they have a whole network of maintainers and providers. They help, if you're an independent open developer, or a smart team should probably get to know TIDELIFT. They provide you benefits and, you know, capabilities as a developer and maintainer that are pretty unique and really help. And I've seen a number of our open source community embraced TIDELIFT quite honestly, even before they were part of the APN. But as part of the partner network, they get to participate in things like ISP accelerate and they get to they're officially an advanced tier partner because they are, they migrated the SAS offering onto AWS. But in the end, if you're part of the open source supply chain, you're a maintainer, you are a developer. I would recommend working with TIDELIFT because their goal is making all of you who are developing open source solutions, especially on AWS, more successful. And that's why I enjoy this partnership with them. And I'm looking to do a lot more because I think as a company, we want to make sure that open source developers don't feel like they are not supported because all you have to do is read various forums. It's challenging often to be a maintainer, especially of a small project. So I think with helping with licensing license management, security identification remediation, helping these maintainers is a big part of what TIDELIFT to us and it was great to see them as part of a partner network. Another partner that I like to call sysdig. I actually got introduced to them many years ago when they first launched. And one of the things that happened where they were super interested in some of our serverless stuff. And we've been trying to figure out how we can work together because all of our customers are interested in the capabilities that cystic provides. And over the last few years, he found a number of areas where we can collaborate. So sysdig, I know them primarily in a security company. So people use cystic to secure the bills, detect, you know, do threat response, threat detection, completely continuously validate their posture, get this continuous analytics signal on how they're doing and monitor performance. At the end of it, it's a SAS platform. They have a very nice open source security stack. The one I'm most familiar with. And I think most of you are probably familiar with is Falco. You know, sysdig, a CNCF project has been super popular. It's just to go SSS what 3, 37, 40 million downloads by now. So that's pretty, pretty cool. And they have been a great partner because we've had to do make sure that their solution works at target, which is not a natural place for their software to run, but there was enough demand and interest from our customers that, you know, or both companies leaned in to make sure they can be successful. So last year sister got a security competency. We have a number of specific competencies that we for our partners, they have integration and security hub is great. partners are lean in the way cystic has onto making our customer successful. And working with us are the best partners that we have. And there's a number of open source companies out there built on open source where their entire portfolio is built on open source software or the active participants like we are that we love working with on a day to day basis. So, you know, I think the thing I would like to, as we wind this out in this presentation is, you know, AWS is constantly looking for partnerships because our partners enable our customers. They could be with companies like Redis with Mongo, confluent with Databricks customers. Your default reaction might be, "Hey, these are companies that maybe compete with AWS." but no, I mean, I think we are partners as well, like from somebody at the lower end of the spectrum where people run on top of the services that I own on Linux and containers are SE 2, For us, these partners are just as important customers as any AWS service or any third party, 20 external customer. And so it's not a zero sum game. We look forward to working with all these companies and open source projects from an AWS perspective, a big part of how, where my open source program spends its time is making it easy for our developers to contribute, to open source, making it easy for AWS teams to decide when to open source software or participate in open source projects. Over the last few years, we've made significant changes in how we reduce the friction. And I think you can see it in the results that I showed you earlier in this stock. And the last one is one of the most important things that I say and I'll keep saying that, that we do as AWS is carry the pager. There's a lot of open source projects out there, operationalizing them, running them at scale is not easy. It's not all for whatever reason. It may not have anything to do with the software itself. But our core competency is taking that and being really good at operating it and becoming experts at operating it. And then ideally taking that expertise and experience and operating that project, that software and contributing back upstream. Cause that makes it better for everybody. And I think you'll see us do a lot more of that going forward. We've been doing that for the last few years, you know, in the container space, we do it every day. And I'm excited about the possibilities. With that. Thank you very much. And I hope you enjoy the rest of the showcase. >> Okay. Welcome back. We have Deepak sing here. We just had the keynote closing keynote vice-president of compute services. Deepak. Great to a great keynote, great wisdom and insight from that session. A very notable highlights and cutting edge trends and product information. Thanks for sharing. >> No, anytime it's always good to be here. It's too bad that we still doing this virtually, but always good to talk to you, John. >> We'll get hopefully through this way pretty quickly, I want to jump right in. Cause we don't have a lot of time. I want to get some quick question. You've brought up a good things. Open source innovation. Okay. Going next level. You've seen the rise of super clouds and super apps developing at open source. You're seeing big companies contributing, you know, you mentioned Argo into it. You're seeing that dynamic where companies are forming around this. This is a rising tide. This is, this is actually real. It's not the old school of, okay, here's a project. And then someone manages support and commercialization of it. It's actually platform in cloud scale. This is next gen. >> Yeah. And actually I think it started a few years ago. We can talk about a company that, you know, you're very familiar with as part of this event, which is armory many years ago, Netflix spun off this project called Spinnaker. A Spinnaker is CISED you know, CSED system that was developed at Netflix for their own purposes, but they chose to open solicit. And since then, it's become very popular with customers who want to use it even on prem. And you have a company that spun up on it. I think what's making this world very unique is you have very large companies like Facebook that will build things for themselves like VITAS or Netflix with Spinnaker and open source them. And you can have a lot of discussion about why they chose to do so, etc. But increasingly that's becoming the default when Amazon or Netflix or Facebook or Mehta, I guess you call them these days, build something for themselves for their own needs. The first question we ask ourselves is, should it be opensource? And increasingly we are all saying yes. And here's what happens because of that. It gives an opportunity depending on how you open source it for innovation through commercial deployments, so that you get SaaS companies, you know, that are going to take that product and make it relevant and useful to a very broad number of customers. You build partnerships with cloud providers like AWS, because our customers love this open source project and they need help. And they may choose an AWS managed service, or they may end up working with this partner on a day-to-day basis. And we want to work with that partner because they're making our customers successful, which is one reason all of us are here. So you're having this set of innovation from large companies from, you know, whether they are just consumer companies like Metta infrastructure companies like us, or just random innovation that's happening in an open source project that which ends up in companies being spun up and that foster that innovative innovation and that flywheel that's happening right now. And I think you said that like, this is unique. I mean, you never saw this happen before from so many different directions. >> It really is a nice progression on the business model side as well. You mentioned Argo, which is a great organic thing that was Intuit developed. We just interviewed code fresh. They just presented here in the showcase as well. You seeing the formation around these projects develop now in the community at a different scale. I mean, look at code fresh. I mean, Intuit did it Argo and they're not just supporting it. They're building a platform. So you seeing the dynamics of tools and now emerging the platforms, you mentioned Lambda, okay. Which is proprietary for AWS and your talk powered by open source. So again, open source combined with cloud scale allows for new potential super applications or super clouds that are developing. This is a new phenomenon. This isn't just lift and shift and host on the cloud. This is actually a construction production developer workflow. >> Yeah. And you are seeing consumers, large companies, enterprises, startups, you know, it used to be that startups would be comfortable adopting some of these solutions, but now you see companies of all sizes doing so. And I said, it's not just software it's software, the services increasingly becoming the way these are given, delivered to customers. I actually think the innovation is just getting going, which is why we have this. We have so many partners here who are all in inventing and innovating on top of open source, whether it's developed by them or a broader community. >> Yeah. I liked, I liked the represent container. Do you guys have, did that drove that you've seen a lot of changes and again, with cloud scale and open source, you seeing the dynamics change, whether you're enabling that, and then you see kind of like real big change. So let's take snowflake, a big customer of AWS. They started out as a startup too, but they weren't a data warehouse. They were bringing data warehouse like functionality and then changing everything differently and making it consumable for the cloud. And hence they're huge. So that's a disruption into an incumbent leader or sector. Then you've got new capabilities emerging. What's your thoughts, Deepak? Can you share your vision on how you have the disruption to existing leaders, old guard, if you will, as you guys call them and then new capabilities as these new platforms emerge at a net new functionality, how do you see that emerging? >> Yeah. So I speak from my side of the world. I've lived in over the last few years, which has containers and serverless, right? There's a lot of, if you go to any enterprise and ask them, do you want to modernize the infrastructure? Do you want to take advantage of automated software delivery, continuous delivery infrastructure as code modern observability, all of them will say yes, but they also are still a large enterprise, which has these enterprise level requirements. I'm using the word enterprise a lot. And I usually it's a trigger word for me because so many customers have similar requirements, but I'm using it here as large company with a lot of existing software and existing practices. I think the innovation that's coming and I see a lot of companies doing that is saying, "Hey, we understand the problems you want to solve. We understand the world where you live in, which could be regulated." You want to use all these new modalities. How do we allow you to use all of them? Keep the advantages of switching to a Lambda or switching to, and a service running on far gate, but give you the same capabilities. And I think I'll bring up cystic here because we work so closely with them on Falco. As an example, I just talked about them in my keynote. They could have just said, "Oh no, we'll just support the SE2 and be done with it." They said, "No, we're going to make sure that serverless containers in particular are something that you're going to be really good at because our customers want to use them, but requires us to think differently. And then they ended up developing new things like Falco that are born in this new world, but understand the requirements of the old world. If you get what I'm saying. And I think that a real example. >> Yeah. Oh, well, I mean, first of all, they're smart. So that was pretty obvious for most people that know, sees that you can connect the dots on serverless, which is a great point, but not everyone can see that again, this is what's new and and systig was just found in his backyard. As I found out on my interview, a great, great founder, they would do a new thing. So it was a very easy to connect the dots there again, that's the trend. Well, I got to ask if they're doing that for serverless, you mentioned graviton in your speech and what came out of you mentioned graviton in your speech and what came out of re-invent this past year was all the innovation going on at the compute level with gravitron at many levels in the Silicon. How should companies and open source developers think about how to innovate with graviton? >> Yeah, I mean, you've seen examples from people blogging and tweeting about how fast their applications run and grab it on the price performance benefits that they get, whether it's on, you know, whether it's an observability or other places. something that AWS is going to embrace across a compute something that AWS is going to embrace across a compute portfolio. Obviously you can go find EC2 instances, the gravitron two instances and run on them and that'll be great. But we know that most of our customers, many of our customers are building new applications on serverless containers and serveless than even as containers increasingly with things like foggy, where they don't want to operate the underlying infrastructure. A big part of what we're doing is to make sure that graviton is available to you on every compute modality. You can run it on a C2 forever. You've been running, being able to use ECS and EKS and run and grab it on almost since launch. What do you want me to take it a step further? You elastic Beanstalk customers, elastic Beanstalk has been around for a decade, but you can now use it with graviton. people running ECS on for gate can now use graviton. Lambda customers can pick graviton as well. So we're taking this price performance benefits that you get So we're taking this price performance benefits that you get from graviton and basically putting it across the entire compute portfolio. What it means is every high level service that gets built on compute infrastructure. And you get the price performance benefits, you get the price performance benefits of the lower power consumption of arm processes. So I'm personally excited like crazy. And you know, this has graviton 2 graviton 3 is coming. >> That's incredible. It's an opportunity like serverless was it's pretty obvious. And I think hopefully everyone will jump on that final question as the time's ticking here. I want to get your thoughts quickly. If you look at what's happened with containers over the past say eight years since the original founding of the first Docker instance, if you will, to how that's evolved and then the introduction of Kubernetes and the cloud native wave we're seeing now, what is, how would you describe the relationship between the success Docker, seeing now with Kubernetes in the cloud native construct what's different and why is this combination so successful? >> Yeah. I often say that containers would have, let me rephrase that. what I say is that people would have adopted sort of the modern way of running applications, whether containers came around or not. But the fact that containers came around made that migration and that journey is so much more efficient for people. So right from, I still remember the first doc that Solomon gave Billy announced DACA and starting to use it on customers, starting to get interested all the way to the more sort of advanced orchestration that we have now for containers across the board. And there's so many examples of the way you can do that. Kubernetes being the most, most well-known one. Here's the thing that I think has changed. I think what Kubernetes or Docker, or the whole sort of modern way of building applications has done is it's taken people who would have taken years adopting these practices and by bringing it right to the fingertips and rebuilding it into the APIs. And in the case of Kubernetes building an entire sort of software world around it, the number of, I would say number of decisions people have to take has gone smaller in many ways. There's so many options, the number of decisions that become higher, but the com the speed at which they can get to a result and a production version of an application that works for them is way low. I have not seen anything like what I've seen in the last 6, 7, 8 years of how quickly the most you know, the most I would say is, you know, a company that you would think would never adopt modern technology has been able to go from, this is interesting to getting a production really quickly. And I think it's because the tooling makes it So, and the fact that you see the adoption that you see right and the fact that you see the adoption that you see right from the fact that you could do Docker run Docker, build Docker, you know, so easily back in the day, all the way to all the advanced orchestration you can do with container orchestrator is today. sort of taking all of that away as well. there's never been a better time to be a developer independent of whatever you're trying to build. And I think containers are a big central part of why that's happened. >> Like the recipe, the combination of cloud-scale, the timing of Kubernetes and the containerization concepts just explode as a beautiful thing. And it creates more opportunities and will challenges, which are opportunities that are net new, but it solves the automation piece that we're seeing this again, it's only makes things go faster. >> Yes. >> And that's the key trend. Deepak, thank you so much for coming on. We're seeing tons of open cloud innovations, thanks to the success of your team at AWS and being great participants in the community. We're seeing innovations from startups. You guys are helping enabling that. Of course, they want to live on their own and be successful and build their super clouds and super app. So thank you for spending the time with us. Appreciate. >> Yeah. Anytime. And thank you. And you know, this is a great event. So I look forward to people running software and building applications, using AWS services and all these wonderful partners that we have. >> Awesome, great stuff. Great startups, great next generation leaders emerging. When you see startups, when they get successful, they become the modern software applications platforms out there powering business and changing the world. This is the cube you're watching the AWS startup showcase. Season two episode one open cloud innovations on John Furrier your host, see you next time.

(upbeat music) >> Hello, and welcome back to AWS Startup Showcase, I'm John Furrier, your host. This is the Hero panel, the AWS Heroes. These are folks that have a lot of experience in Open Source, having fun building great projects and commercializing the value and best practices of Open Source innovation. We've got some great guests here. Liz Rice, Chief Open Source Officer, Isovalent. CUBE alumni, great to see you. Brian LeRoux, who is the Co-founder and CTO of begin.com. Erica Windisch who's an Architect for Developer Experience. AWS Hero, also CUBE alumni. Casey Lee, CTO Gaggle. Doing some great stuff in ed tech. Great collection of experts and experienced folks doing some fun stuff, welcome to this conversation this CUBE panel. >> Hi. >> Thanks for having us. >> Hello. >> Let's go down the line. >> I don't normally do this, but since we're remote and we have such great guests, go down the line and talk about why Open Source is important to you guys. What projects are you currently working on? And what's the coolest thing going on there? Liz we'll start with you. >> Okay, so I am very involved in the world of Cloud Native. I'm the chair of the technical oversight committee for the Cloud Native Computing Foundation. So that means I get to see a lot of what's going on across a very broad range of Cloud Native projects. More specifically, Isovalent. I focus on Cilium, which is it's based on a technology called EBPF. That is to me, probably the most exciting technology right now. And then finally, I'm also involved in an organization called OpenUK, which is really pushing for more use of open technologies here in the United Kingdom. So spread around lots of different projects. And I'm in a really fortunate position, I think, to see what's happening with lots of projects and also the commercialization of lots of projects. >> Awesome, Brian what project are you working on? >> Working project these days called Architect. It's a Open Source project built on top of AWSM. It adds a lot of sugar and terseness to the SM experience and just makes it a lot easier to work with and get started. AWS can be a little bit intimidating to people at times. And the Open Source community is stepping up to make some of that bond ramp a little bit easier. And I'm also an Apache member. And so I keep a hairy eyeball on what's going on in that reality all the time. And I've been doing this open-source thing for quite a while, and yeah, I love it. It's a great thing. It's real science. We get to verify each other's work and we get to expand and build on human knowledge. So that's a huge honor to just even be able to do that and I feel stoked to be here so thanks for having me. >> Awesome, yeah, and totally great. Erica, what's your current situation going on here? What's happening? >> Sure, so I am currently working on developer experience of a number of Open Source STKS and CLI components from my current employer. And previously, recently I left New Relic where I was working on integrating with OpenTelemetry, as well as a number of other things. Before that I was a maintainer of Docker and of OpenStack. So I've been in this game for a while as well. And I tend to just put my fingers in a lot of little pies anywhere from DVD players 20 years ago to a lot of this open telemetry and monitoring and various STKs and developer tools is where like Docker and OpenStack and the STKs that I work on now, all very much focusing on developer as the user. >> Yeah, you're always on the wave, Erica great stuff. Casey, what's going on? Do you got some great ed techs happening? What's happening with you? >> Yeah, sure. The primary Open Source project that I'm contributing to right now is ACT. This is a tool I created a couple of years back when GitHub Actions first came out, and my motivation there was I'm just impatient. And that whole commit, push, wait time where you're testing out your pipelines is painful. And so I wanted to build a tool that allowed developers to test out their GitHub Actions workflows locally. And so this tool uses Docker containers to emulate, to get up action environment and gives you fast feedback on those workflows that you're building. Lot of innovation happening at GitHub. And so we're just trying to keep up and continue to replicate those new features functionalities in the local runner. And the biggest challenge I've had with this project is just keeping up with the community. We just passed 20,000 stars, and it'd be it's a normal week to get like 10 PRs. So super excited to announce just yesterday, actually I invited four of the most active contributors to help me with maintaining the project. And so this is like a big deal for me, letting the project go and bringing other people in to help lead it. So, yeah, huge shout out to those folks that have been helping with driving that project. So looking forward to what's next for it. >> Great, we'll make sure the SiliconANGLE riders catch that quote there. Great call out. Let's start, Brian, you made me realize when you mentioned Apache and then you've been watching all the stuff going on, it brings up the question of the evolution of Open Source, and the commercialization trends have been very interesting these days. You're seeing CloudScale really impact also with the growth of code. And Liz, if you remember, the Linux Foundation keeps making projections and they keep blowing past them every year on more and more code and more and more entrance coming in, not just individuals, corporations. So you starting to see Netflix donates something, you got Lyft donate some stuff, becomes a project company forms around it. There's a lot of entrepreneurial activity that's creating this new abstraction layers, new platforms, not just tools. So you start to see a new kickup trajectory with Open Source. You guys want to comment on this because this is going to impact how fast the enterprise will see value here. >> I think a really great example of that is a project called Backstage that's just come out of Spotify. And it's going through the incubation process at the CNCF. And that's why it's front of mind for me right now, 'cause I've been working on the due diligence for that. And the reason why I thought it was interesting in relation to your question is it's spun out of Spotify. It's fully Open Source. They have a ton of different enterprises using it as this developer portal, but they're starting to see some startups emerging offering like a hosted managed version of Backstage or offering services around Backstage or offering commercial plugins into Backstage. And I think it's really fascinating to see those ecosystems building up around a project and different ways that people can. I'm a big believer. You cannot sell the Open Source code, but you can sell other things that create value around Open Source projects. So that's really exciting to see. >> Great point. Anyone else want to weigh in and react to that? Because it's the new model. It's not the old way. I mean, I remember when I was in college, we had the Pirate software. Open Source wasn't around. So you had to deal under the table. Now it's free. But I mean the old way was you had to convince the enterprise, like you've got a hard knit, it builds the community and the community manage the quality of the code. And then you had to build the company to make sure they could support it. Now the companies are actually involved in it, right? And then new startups are forming faster. And the proof points are shorter and highly accelerated for that. I mean, it's a whole new- >> It's a Cambrian explosion, and it's great. It's one of those things that it's challenging for the new developers because they come in and they're like, "Whoa, what is all this stuff that I'm supposed to figure out?" And there's no right answer and there's no wrong answer. There's just tons of it. And I think that there's a desire for us to have one sort of well-known trot and happy path, that audience we're a lot better with a more diverse community, with lots of options, with lots of ways to approach these problems. And I think it's just great. A challenge that we have with all these options and all these Cambrian explosion of projects and all these competing ideas, right now, the sustainability, it's a bit of a tricky question to answer. We know that there's a commercialization aspect that helps us fund these projects, but how we compose the open versus the commercial source is still a bit of a tricky question and a tough one for a lot of folks. >> Erica, would you chime in on that for a second. I want to get your angle on that, this experience and all this code, and I'm a new person, I'm an existing person. Do I get like a blue check mark and verify? I mean, these are questions like, well, how do you navigate? >> Yeah, I think this has been something happening for a while. I mean, back in the early OpenStack days, 2010, for instance, Rackspace Open Sourcing, OpenStack and ANSU Labs and so forth, and then trying, having all these companies forming in creating startups around this. I started at a company called Cloudccaling back in late 2010, and we had some competitors such as Piston and so forth where a lot of the ANSUL Labs people went. But then, the real winners, I think from OpenStack ended up being the enterprises that jumped in. We had Red Hat in particular, as well as HP and IBM jumping in and investing in OpenStack, and really proving out a lot of... not that it was the first time, but this is when we started seeing billions of dollars pouring into Open Source projects and Open Source Foundations, such as the OpenStack Foundation, which proceeded a lot of the things that we now see with the Linux Foundation, which was then created a little bit later. And at the same time, I'm also reflecting a little bit what Brian said because there are projects that don't get funded, that don't get the same attention, but they're also getting used quite significantly. Things like Log4j really bringing this to the spotlight in terms of projects that are used everywhere by everything with significant outsized impacts on the industry that are not getting funded, that aren't flashy enough, that aren't exciting enough because it's just logging, but a vulnerability in it brings every everything and everybody down and has possibly billions of dollars of impact to our industry because nobody wanted to fund this project. >> I think that brings up the commercialization point about maybe bringing a venture capital model in saying, "Hey, that boring little logging thing could be a key ingredient for say solving some observability problems so I think let's put some cash." Again then we'd never seen that before. Now you're starting to see that kind of a real smart investment thesis going into Open Source projects. I mean, Promethease, Crafter, these are projects that turned off companies. This is turning up companies. >> A decade ago, there was no money in Dev tools that I think that's been fully debunked now. They used to be a concept that the venture community believed, but there's just too much evidence to the contrary, the companies like Cash Court, Datadog, the list goes on and on. I think the challenge for the Open Source (indistinct) comes back to foundations and working (indistinct) these developers make this code safe and secure. >> Casey, what's your reaction to all of this? You've got, so a project has gained some traction, got some momentum. There's a lot of mission critical. I won't say white spaces, but the opportunities in the big cloud game happening. And there's a lot of, I won't say too many entrepreneurial, but there's a lot of community action happening that's precommercialization that's getting traction. How does this all develop naturally and then vector in quickly when it hits? >> Yeah, I want to go back to the Log4j topic real quick. I think that it's a great example of an area that we need to do better at. And there was a cool article that Rob Pike wrote describing how to quantify the criticality. I think that's sort of quantifying criticality was the article he wrote on how to use metrics, to determine how valuable, how important a piece of Open Source is to the community. And we really need to highlight that more. We need a way to make it more clear how important this software is, how many people depend on it and how many people are contributing to it. And because right now we all do that. Like if I'm going to evaluate an Open Source software, sure, I'll look at how many stars it has and how many contributors it has. But I got to go through and do all that work myself and come up with. It would be really great if we had an agreed upon method for ranking the criticality of software, but then also the risk, hey, that this is used by a ton of people, but nobody's contributing to it anymore. That's a concern. And that would be great to potential users of that to signal whether or not it makes sense. The Open Source Security Foundation, just getting off the ground, they're doing some work in this space, and I'm really excited to see where they go with that looking at ways to stop score critically. >> Well, this brings up a good point while we've got everyone here, let's take a plug and plug a project you think that's not getting the visibility it needs. Let's go through each of you, point out a project that you think people should be looking at and talking about that might get some free visibility here. Anyone want to highlight projects they think should be focused more on, or that needs a little bit of love? >> I think, I mean, particularly if we're talking about these sort of vulnerability issues, there's a ton of work going on, like in the Secure Software Foundation, other foundations, I think there's work going on in Apache somewhere as well around the bill of material, the software bill of materials, the Secure Software supply chain security, even enumerating your dependencies is not trivial today. So I think there's going to be a ton of people doing really good work on that, as well as the criticality aspect. It's all like that. There's a really great xkcd cartoon with your software project and some really big monolithic lumps. And then, this tiny little piece in a very important point that's maintained by somebody in his bedroom in Montana or something and if you called it out. >> Yeah, you just opened where the next lightening and a bottle comes from. And this is I think the beauty of Open Source is that you get a little collaboration, you get three feet in a cloud of dust going and you get some momentum, and if it's relevant, it rises to the top. I think that's the collective intelligence of Open Source. The question I want to ask that the panel here is when you go into an enterprise, and now that the game is changing with a much more collaborative and involved, what's the story if they say, hey, what's in it for me, how do I manage the Open Source? What's the current best practice? Because there's no doubt I can't ignore it. It's in everything we do. How do I organize around it? How do I build around it to be more efficient and more productive and reduce the risk on vulnerabilities to managing staff, making sure the right teams in place, the right agility and all those things? >> You called it, they got to get skin in the game. They need to be active and involved and donating to a sustainable Open Source project is a great way to start. But if you really want to be active, then you should be committing. You should have a goal for your organization to be contributing back to that project. Maybe not committing code, it could be committing resources into the darks or in the tests, or even tweeting about an Open Source project is contributing to it. And I think a lot of these enterprises could benefit a lot from getting more active with the Open Source Foundations that are out there. >> Liz, you've been actively involved. I know we've talked personally when the CNCF started, which had a great commercial uptake from companies. What do you think the current state-of-the-art kind of equation is has it changed a little bit? Or is it the game still the same? >> Yeah, and in the early days of the CNCF, it was very much dominated by vendors behind the project. And now we're seeing more and more membership from end-user companies, the kind of enterprises that are building their businesses on Cloud Native, but their business is not in itself. That's not there. The infrastructure is not their business. And I think seeing those companies, putting money in, putting time in, as Brian says contributing resources quite often, there's enough money, but finding the talent to do the work and finding people who are prepared to actually chop the wood and carry the water, >> Exactly. >> that it's hard. >> And if enterprises can find peoples to spend time on Open Source projects, help with those chores, it's hugely valuable. And it's one of those the rising tide floats all the boats. We can raise security, we can reduce the amount of dependency on maintain projects collectively. >> I think the business models there, I think one of the things I'll react to and then get your guys' comments is remember which CubeCon it was, it was one of the early ones. And I remember seeing Apple having a booth, but nobody was manning. It was just an Apple booth. They weren't doing anything, but they were recruiting. And I think you saw the transition of a business model where the worry about a big vendor taking over a project and having undue influence over it goes away because I think this idea of participation is also talent, but also committing that talent back into the communities as a model, as a business model, like, okay, hire some great people, but listen, don't screw up the Open Source piece of it 'cause that's a critical. >> Also hire a channel, right? They can use those contributions to source that talent and build the reputation in the communities that they depend on. And so there's really a lot of benefit to the larger organizations that can do this. They'll have a huge pipeline of really qualified engineers right out the gate without having to resort to cheesy whiteboard interviews, which is pretty great. >> Yeah, I agree with a lot of this. One of my concerns is that a lot of these corporations tend to focus very narrowly on certain projects, which they feel that they depend greatly, they'll invest in OpenStack, they'll invest in Docker, they'll invest in some of the CNCF projects. And then these other projects get ignored. Something that I've been a proponent of for a little bit for a while is observability of your dependencies. And I don't think there's quite enough projects and solutions to this. And it sounds maybe from lists, there are some projects that I don't know about, but I also know that there's some startups like Snyk and so forth that help with a little bit of this problem, but I think we need more focus on some of these edges. And I think companies need to do better, both in providing, having some sort of solution for observability of the dependencies, as well as understanding those dependencies and managing them. I've seen companies for instance, depending on software that they actively don't want to use based on a certain criteria that they already set projects, like they'll set a requirement that any project that they use has a code of conduct, but they'll then use projects that don't have codes of conduct. And if they don't have a code of conduct, then employees are prohibited from working on those projects. So you've locked yourself into a place where you're depending on software that you have instructed, your employees are not allowed to contribute to, for certain legal and other reasons. So you need to draw a line in the sand and then recognize that those projects are ones that you don't want to consume, and then not use them, and have observability around these things. >> That's a great point. I think we have 10 minutes left. I want to just shift to a topic that I think is relevant. And that is as Open Source software, software, people develop software, you see under the hood kind of software, SREs developing very quickly in the CloudScale, but also you've got your classic software developers who were writing code. So you have supply chain, software supply chain challenges. You mentioned developer experience around how to code. You have now automation in place. So you've got the development of all these things that are happening. Like I just want to write software. Some people want to get and do infrastructure as code so DevSecOps is here. So how does that look like going forward? How has the future of Open Source going to make the developers just want to code quickly? And the folks who want to tweak the infrastructure a bit more efficient, any views on that? >> At Gaggle, we're using AWS' CDK, exclusively for our infrastructure as code. And it's a great transition for developers instead of writing Yammel or Jason, or even HCL for their infrastructure code, now they're writing code in the language that they're used to Python or JavaScript, and what that's providing is an easier transition for developers into that Infrastructure as code at Gaggle here, but it's also providing an opportunity to provide reusable constructs that some Devs can build on. So if we've got a very opinionated way to deploy a serverless app in a database and do auto-scaling behind and all stuff, we can present that to a developer as a library, and they can just consume it as it is. Maybe that's as deep as they want to go and they're happy with that. But then they want to go deeper into it, they can either use some of the lower level constructs or create PRs to the platform team to have those constructs changed to fit their needs. So it provides a nice on-ramp developers to use the tools and languages they're used to, and then also go deeper as they need. >> That's awesome. Does that mean they're not full stack developers anymore that they're half stack developers they're taking care of for them? >> I don't know either. >> We'll in. >> No, only kidding. Anyway, any other reactions to this whole? I just want to code, make it easy for me, and some people want to get down and dirty under the hood. >> So I think that for me, Docker was always a key part of this. I don't know when DevSecOps was coined exactly, but I was talking with people about it back in 2012. And when I joined Docker, it was a part of that vision for me, was that Docker was applying these security principles by default for your application. It wasn't, I mean, yes, everybody adopted because of the portability and the acceleration of development, but it was for me, the fact that it was limiting what you could do from a security angle by default, and then giving you these tuna balls that you can control it further. You asked about a project that may not get enough recognition is something called DockerSlim, which is designed to optimize your containers and will make them smaller, but it also constraints the security footprint, and we'll remove capabilities from the container. It will help you build security profiles for app armor and the Red Hat one. SELinux. >> SELinux. >> Yeah, and this is something that I think a lot of developers, it's kind of outside of the realm of things that they're really thinking about. So the more that we can automate those processes and make it easier out of the box for users or for... when I say users, I mean, developers, so that it's straightforward and automatic and also giving them the capability of refining it and tuning it as needed, or simply choosing platforms like serverless offerings, which have these security constraints built in out of the box and sometimes maybe less tuneable, but very strong by default. And I think that's a good place for us to be is where we just enforced these things and make you do things in a secure way. >> Yeah, I'm a huge fan of Kubernetes, but it's not the right hammer for every nail. And there are absolutely tons of applications that are better served by something like Lambda where a lot more of that security surface is taken care of for the developer. And I think we will see better tooling around security profiling and making it easier to shrink wrap your applications that there are plenty of products out there that can help you with this in a cloud native environment. But I think for the smaller developer let's say, or an earlier stage company, yeah, it needs to be so much more straightforward. Really does. >> Really an interesting time, 10 years ago, when I was working at Adobe, we used to requisition all these analysts to tell us how many developers there were for the market. And we thought there was about 20 million developers. If GitHub's to be believed, we think there is now around 80 million developers. So both these groups are probably wrong in their numbers, but the takeaway here for me is that we've got a lot of new developers and a lot of these new developers are really struck by a paradox of choice. And they're typically starting on the front end. And so there's a lot of movement in the stack moved towards the front end. We saw that at re:Invent when Amazon was really pushing Amplify 'cause they're seeing this too. It's interesting because this is where folks start. And so a lot of the obstructions are moving in that direction, but maybe not always necessarily totally appropriate. And so finding the right balance for folks is still a work in progress. Like Lambda is a great example. It lets me focus totally on just business logic. I don't have to think about infrastructure pretty much at all. And if I'm newer to the industry, that makes a lot of sense to me. As use cases expand, all of a sudden, reality intervenes, and it might not be appropriate for everything. And so figuring out what those edges are, is still the challenge, I think. >> All right, thank you very much for coming on the CUBE here panel. AWS Heroes, thanks everyone for coming. I really appreciate it, thank you. >> Thank you. >> Thank you. >> Okay. >> Thanks for having me. >> Okay, that's a wrap here back to the program and the awesome startups. Thanks for watching. (upbeat music)

(gentle upbeat music) >> Hello, and welcome to theCUBE presentation of the AWS Startup Showcase Open Cloud Innovations. This is season two episode one of an ongoing series covering setting status from the AWS ecosystem. Talking about innovation, here it's open source for this theme. We do this every episode, we pick a theme and have a lot of fun talking to the leaders in the industry and the hottest startups. I'm your host John Furrier here with Lisa Martin in our Palo Alto studios. Lisa great series, great to see you again. >> Good to see you too. Great series, always such spirited conversations with very empowered and enlightened individuals. >> I love the episodic nature of these events, we get more stories out there than ever before. They're the hottest startups in the AWS ecosystem, which is dominating the cloud sector. And there's a lot of them really changing the game on cloud native and the enablement, the stories that are coming out here are pretty compelling, not just from startups they're actually penetrating the enterprise and the buyers are changing their architectures, and it's just really fun to catch the wave here. >> They are, and one of the things too about the open source community is these companies embracing that and how that's opening up their entry to your point into the enterprise. I was talking with several customers, companies who were talking about the 70% of their pipeline comes from the open source community. That's using the premium version of the technology. So, it's really been a very smart, strategic way into the enterprise. >> Yeah, and I love the format too. We get the keynote we're doing now, opening keynote, some great guests. We have Sir John on from AWS started program, he is the global startups lead. We got Swami coming on and then closing keynote with Deepak Singh. Who's really grown in the Amazon organization from containers now, compute services, which now span how modern applications are being built. And I think the big trend that we're seeing that these startups are riding on that big wave is cloud natives driving the modern architecture for software development, not just startups, but existing, large ISV and software companies are rearchitecting and the customers who buy their products and services in the cloud are rearchitecting too. So, it's a whole new growth wave coming in, the modern era of cloud some say, and it's exciting a small startup could be the next big name tomorrow. >> One of the things that kind of was a theme throughout the conversations that I had with these different guests was from a modern application security perspective is, security is key, but it's not just about shifting lab. It's about doing so empowering the developers. They don't have to be security experts. They need to have a developer brain and a security heart, and how those two organizations within companies can work better together, more collaboratively, but ultimately empowering those developers, which goes a long way. >> Well, for the folks who are watching this, the format is very simple. We have a keynote, editorial keynote speakers come in, and then we're going to have a bunch of companies who are going to present their story and their showcase. We've interviewed them, myself, you Dave Vallante and Dave Nicholson from theCUBE team. They're going to tell their stories and between the companies and the AWS heroes, 14 companies are represented and some of them new business models and Deepak Singh who leads the AWS team, he's going to have the closing keynote. He talks about the new changing business model in open source, not just the tech, which has a lot of tech, but how companies are being started around the new business models around open source. It's really, really amazing. >> I bet, and does he see any specific verticals that are taking off? >> Well, he's seeing the contribution from big companies like AWS and the Facebook's of the world and large companies, Netflix, Intuit, all contributing content to the open source and then startups forming around them. So Netflix does some great work. They donated to open source and next thing you know a small group of people get together entrepreneurs, they form a company and they create a platform around it with unification and scale. So, the cloud is enabling this new super application environment, superclouds as we call them, that's emerging and this new supercloud and super applications are scaling data-driven machine learning and AI that's the new formula for success. >> The new formula for success also has to have that velocity that developers expect, but also that the consumerization of tech has kind of driven all of us to expect things very quickly. >> Well, we're going to bring in Serge Shevchenko, AWS Global Startup program into the program. Serge is our partner. He is the leader at AWS who has been working on this program Serge, great to see you. Thanks for coming on. >> Yeah, likewise, John, thank you for having me very excited to be here. >> We've been working together on collaborating on this for over a year. Again, season two of this new innovative program, which is a combination of CUBE Media partnership, and AWS getting the stories out. And this has been a real success because there's a real hunger to discover content. And then in the marketplace, as these new solutions coming from startups are the next big thing coming. So, you're starting to see this going on. So I have to ask you, first and foremost, what's the AWS startup showcase about. Can you explain in your terms, your team's vision behind it, and why those startup focus? >> Yeah, absolutely. You know John, we curated the AWS Startup Showcase really to bring meaningful and oftentimes educational content to our customers and partners highlighting innovative solutions within these themes and ultimately to help customers find the best solutions for their use cases, which is a combination of AWS and our partners. And really from pre-seed to IPO, John, the world's most innovative startups build on AWS. From leadership downward, very intentional about cultivating vigorous AWS community and since 2019 at re:Invent at the launch of the AWS Global Startup program, we've helped hundreds of startups accelerate their growth through product development support, go to market and co-sell programs. >> So Serge question for you on the theme of today, John mentioned our showcases having themes. Today's theme is going to cover open source software. Talk to us about how Amazon thinks about opensource. >> Sure, absolutely. And I'll just touch on it briefly, but I'm very excited for the keynote at the end of today, that will be delivered by Deepak the VP of compute services at AWS. We here at Amazon believe in open source. In fact, Amazon contributes to open source in multiple ways, whether that's through directly contributing to third-party project, repos or significant code contributions to Kubernetes, Rust and other projects. And all the way down to leadership participation in organizations such as the CNCF. And supporting of dozens of ISV myself over the years, I've seen explosive growth when it comes to open source adoption. I mean, look at projects like Checkov, within 12 months of launching their open source project, they had about a million users. And another great example is Falco within, under a decade actually they've had about 37 million downloads and that's about 300% increase since it's become an incubating project in the CNCF. So, very exciting things that we're seeing here at AWS. >> So explosive growth, lot of content. What do you hope that our viewers and our guests are going to be able to get out of today? >> Yeah, great question, Lisa. I really hope that today's event will help customers understand why AWS is the best place for them to run open source, commercial and which partner solutions will help them along their journey. I think that today the lineup through the partner solutions and Deepak at the end with the ending keynote is going to present a very valuable narrative for customers and startups in selecting where and which projects to run on AWS. >> That's great stuff Serge would love to have you on and again, I want to just say really congratulate your team and we enjoy working with them. We think this showcase does a great service for the community. It's kind of open source in its own way if I can co contributing working on out there, but you're really getting the voices out at scale. We've got companies like Armory, Kubecost, Sysdig, Tidelift, Codefresh. I mean, these are some of the companies that are changing the game. We even had Patreon a customer and one of the partners sneak with security, all the big names in the startup scene. Plus AWS Deepak saying Swami is going to be on the AWS Heroes. I mean really at scale and this is really a great. So, thank you so much for participating and enabling all of this. >> No, thank you to theCUBE. You've been a great partner in this whole process, very excited for today. >> Thanks Serge really appreciate it. Lisa, what a great segment that was kicking off the event. We've got a great lineup coming up. We've got the keynote, final keynote fireside chat with Deepak Singh a big name at AWS, but Serge in the startup showcase really innovative. >> Very innovative and in a short time period, he talked about the launch of this at re:Invent 2019. They've helped hundreds of startups. We've had over 50 I think on the showcase in the last year or so John. So we really gotten to cover a lot of great customers, a lot of great stories, a lot of great content coming out of theCUBE. >> I love the openness of it. I love the scale, the storytelling. I love the collaboration, a great model, Lisa, great to work with you. We also Dave Vallante and Dave Nicholson interview. They're not here, but let's kick off the show. Let's get started with our next guest Swami. The leader at AWS Swami just got promoted to VP of the database, but also he ran machine learning and AI at AWS. He is a leader. He's the author of the original DynamoDB paper, which is celebrating its 10th year anniversary really impacted distributed computing and open source. Swami's introduced many opensource aspects of products within AWS and has been a leader in the engineering side for many, many years at AWS, from an intern to now an executive. Swami, great to see you. Thanks for coming on our AWS startup showcase. Thanks for spending the time with us. >> My pleasure, thanks again, John. Thanks for having me. >> I wanted to just, if you don't mind asking about the database market over the past 10 to 20 years cloud and application development as you see, has changed a lot. You've been involved in so many product launches over the years. Cloud and machine learning are the biggest waves happening to your point to what you're doing now. Software is under the covers it's powering it all infrastructure is code. Open source has been a big part of it and it continues to grow and change. Deepak Singh from AWS talks about the business model transformation of how like Netflix donates to the open source. Then a company starts around it and creates more growth. Machine learnings and all the open source conversations around automation as developers and builders, like software as cloud and machine learning become the key pistons in the engine. This is a big wave, what's your view on this? How how has cloud scale and data impacting the software market? >> I mean, that's a broad question. So I'm going to break it down to kind of give some of the back data. So now how we are thinking about it first, I'd say when it comes to the open source, I'll start off by saying first the longevity and by ability of open sources are very important to our customers and that is why we have been a significant contributor and supporter of these communities. I mean, there are several efforts in open source, even internally by actually open sourcing some of our key Amazon technologies like Firecracker or BottleRocket or our CDK to help advance the industry. For example, CDK itself provides some really powerful way to build and configure cloud services as well. And we also contribute to a lot of different open source projects that are existing ones, open telemetries and Linux, Java, Redis and Kubernetes, Grafana and Kafka and Robotics Operating System and Hadoop, Leucine and so forth. So, I think, I can go on and on, but even now I'd say the database and observability space say machine learning we have always started with embracing open source in a big material way. If you see, even in deep learning framework, we championed MX Linux and some of the core components and we open sourced our auto ML technology auto Glue on, and also be open sourced and collaborated with partners like Facebook Meta on Fighter showing some major components and there, and then we are open search Edge Compiler. So, I would say the number one thing is, I mean, we are actually are very, very excited to partner with broader community on problems that really mattered to the customers and actually ensure that they are able to get amazing benefit of this. >> And I see machine learning is a huge thing. If you look at how cloud group and when you had DynamoDB paper, when you wrote it, that that was the beginning of, I call the cloud surge. It was the beginning of not just being a resource versus building a data center, certainly a great alternative. Every startup did it. That's history phase one inning and a half, first half inning. Then it became a large scale. Machine learning feels like the same way now. You feel like you're seeing a lot of people using it. A lot of people are playing around with it. It's evolving. It's been around as a science, but combined with cloud scale, this is a big thing. What should people who are in the enterprise think about how should they think about machine learning? How has some of your top customers thought about machine learning as they refactor their applications? What are some of the things that you can share from your experience and journey here? >> I mean, one of the key things I'd say just to set some context on scale and numbers. More than one and a half million customers use our database analytics or ML services end-to-end. Part of which machine learning services and capabilities are easily used by more than a hundred thousand customers at a really good scale. However, I still think in Amazon, we tend to use the phrase, "It's day one in the age of internet," even though it's an, or the phrase, "Now, but it's a golden one," but I would say in the world of machine learning, yes it's day one but I also think we just woke up and we haven't even had a cup of coffee yet. That's really that early, so. And, but when you it's interesting, you've compared it to where cloud was like 10, 12 years ago. That's early days when I used to talk to engineering leaders who are running their own data center and then we talked about cloud and various disruptive technologies. I still used to get a sense about like why cloud and basic and whatnot at that time, Whereas now with machine learning though almost every CIO, CEO, all of them never asked me why machine learning. Instead, the number one question, I get is, how do I get started with it? What are the best use cases? which is great, and this is where I always tell them one of the learnings that we actually learned in Amazon. So again, a few years ago, probably seven or eight years ago, and Amazon itself realized as a company, the impact of what machine learning could do in terms of changing how we actually run our business and what it means to provide better customer experience optimize our supply chain and so far we realized that the we need to help our builders learn machine learning and the help even our business leaders understand the power of machine learning. So we did two things. One, we actually, from a bottom-up level, we built what I call as machine learning university, which is run in my team. It's literally stocked with professors and teachers who offer curriculum to builders so that they get educated on machine learning. And now from a top-down level we also, in our yearly planning process, we call it the operational planning process where we write Amazon style narratives six pages and then answer FAQ's. We asked everyone to answer one question around, like how do you plan to leverage machine learning in your business? And typically when someone says, I really don't play into our, it does not apply. It's usually it doesn't go well. So we kind of politely encourage them to do better and come back with a better answer. This kind of dynamic on top-down and bottom-up, changed the conversation and we started seeing more and more measurable growth. And these are some of the things you're starting to see more and more among our customers too. They see the business benefit, but this is where to address the talent gap. We also made machine learning university curriculum actually now open source and freely available. And we launched SageMaker Studio Lab, which is a no cost, no set up SageMaker notebook service for educating learner profiles and all the students as well. And we are excited to also announce AIMLE scholarship for underrepresented students as well. So, so much more we can do well. >> Well, congratulations on the DynamoDB paper. That's the 10 year anniversary, which is a revolutionary product, changed the game that did change the world and that a huge impact. And now as machine learning goes to the next level, the next intern out there is at school with machine learning. They're going to be writing that next paper, your advice to them real quick. >> My biggest advice is, always, I encourage all the builders to always dream big, and don't be hesitant to speak your mind as long as you have the right conviction saying you're addressing a real customer problem. So when you feel like you have an amazing solution to address a customer problem, take the time to articulate your thoughts better, and then feel free to speak up and communicate to the folks you're working with. And I'm sure any company that nurtures good talent and knows how to hire and develop the best they will be willing to listen and then you will be able to have an amazing impact in the industry. >> Swami, great to know you're CUBE alumni love our conversations from intern on the paper of DynamoDB to the technical leader at AWS and database analyst machine learning, congratulations on all your success and continue innovating on behalf of the customers and the industry. Thanks for spending the time here on theCUBE and our program, appreciate it. >> Thanks again, John. Really appreciate it. >> Okay, now let's kick off our program. That ends the keynote track here on the AWS startup showcase. Season two, episode one, enjoy the program and don't miss the closing keynote with Deepak Singh. He goes into great detail on the changing business models, all the exciting open source innovation. (gentle bright music)

>>Hi, everyone. Welcome to the cubes presentation of the eight of us startup showcase open cloud innovations. This is season two episode one of the ongoing series covering the exciting startups from ABC ecosystems today. Uh, episode one, steam is the open source community and open cloud innovations. I'm Sean for your host got two great guests, Webb brown CEO of coop costs and as Thielen, head of business development, coop quest, gentlemen, thanks for coming on the cube for the showcase 80, but startups. >>Thanks for having a Sean. Great to be back, uh, really excited for the discussion we have here. >>I keep alumni from many, many coupons go. You guys are in a hot area right now, monitoring and reducing the Kubernetes spend. Okay. So first of all, we know one thing for sure. Kubernetes is the hottest thing going on because of all the benefits. So take us through you guys. Macro view of this market. Kubernetes is growing, what's going on with the company. What is your company's role? >>Yeah, so we've definitely seen this growth firsthand with our customers in addition to the broader market. Um, you know, and I think we believe that that's really indicative of the value that Kubernetes provides, right? And a lot of that is just faster time to market more scalability, improved agility for developer teams and, you know, there's even more there, but it's a really exciting time for our company and also for the broader cloud native community. Um, so what that means for our company is, you know, we're, we're scaling up quickly to meet our users and support our users, every, you know, metric that our company's grown about four X over the last year, including our team. Um, and the reason that one's the most important is just because, you know, the, the more folks and the larger that our company is, the better that we can support our users and help them monitor and reduce those costs, which ultimately makes Kubernetes easier to use for customers and users out there on the market. >>Okay. So I want to get into why Kubernetes is costing so much. Obviously the growth is there, but before we get there, what is the background? What's the origination story? Where did coop costs come from? Obviously you guys have a great name costs. Qube you guys probably reduced costs and Kubernetes great name, but what's the origination story. How'd you guys get here? What HR you scratching? What problem are you solving? >>So yeah, John, you, you guessed it, uh, you know, oftentimes the, the name is a dead giveaway there where we're cost monitoring cost management solutions for Kubernetes and cloud native. Um, and backstory here is our founding team was at Google before starting the company. Um, we were working on infrastructure monitoring, um, both on internal infrastructure, as well as Google cloud. Um, we had a handful of our teammates join the Kubernetes effort, you know, early days. And, uh, we saw a lot of teams, you know, struggling with the problems we're solving. We were solving internally at Google and we're we're solving today. Um, and to speak to those problems a little bit, uh, you know, you, you, you touched on how just scale alone is making this come to the forefront, right. You know, there's now many billions of dollars being spent on CU, um, that is bringing this issue, uh, to make it a business critical questions that is being asked in lots of organizations. Um, you know, that combined with, you know, the dynamic nature and complexity of Kubernetes, um, makes it really hard to manage, um, you know, costs, uh, when you scale across a very large organization. Um, so teams turned to coop costs today, you know, thousands of them do, uh, to get monitoring in place, you know, including alerts, recurring reports and like dynamic management insights or automation. >>Yeah. I know we talked to CubeCon before Webb and I want to come back to the problem statement because when you have these emerging growth areas that are really relevant and enabling technologies, um, you move to the next point of failure. And so, so you scaling these abstraction layers. Now services are being turned on more and more keeping it as clusters are out there. So I have to ask you, what is the main cost driver problem that's happening in the cube space that you guys are addressing? Is it just sheer volume? Is it different classes of services? Is it like different things are kind of working together, different monitoring tools? Is it not a platform and take us through the, the problem area? What do you guys see this? >>Yeah, the number one problem area is still actually what, uh, the CNCF fin ops survey highlighted earlier this year, um, which is that approximately two thirds of companies still don't have kind of baseline to visibility into spend when they moved to Kubernetes. Um, so, you know, even if you had a really complex, you know, chargeback program in place, when you're building all your applications on BMS, you move to Kubernetes and most teams again, can't answer these really simple questions. Um, so we're able to give them that visibility in real time, so they can start breaking these problems down. Right. They can start to see that, okay, it's these, you know, the deployments are staple sets that are driving our costs or no, it's actually, you know, these workloads that are talking to, you know, S3 buckets and, you know, really driving, you know, egress costs. Um, so it's really about first and foremost, just getting the visibility, getting the eyes and ears. We're able to give that to teams in real time at the largest scale Kubernetes clusters in the world. Um, and again, most teams, when they first start working with us, don't have that visibility, not having that visibility can have a whole bunch of downstream impacts, um, including kind of not getting, you know, costs right. You know, performance, right. Et cetera. >>Well, let's get into that downstream benefit, uh, um, problems and or situations. But the first question I have just throw naysayer comment at you would be like, oh, wait, I have all this cost monitoring stuff already. What's different about Kubernetes. Why what's what's the problem I can are my other tool is going to work for me. How do you answer that one? >>Yeah. So, you know, I think first and foremost containers are very dynamic right there. They're often complex, often transient and consume variable cluster resources. And so as much as this enables teams to contract construct powerful solutions, um, the associated costs and actually tracking those, those different variables can be really difficult. And so that's why we see why a solution like food costs. That's purpose built for developers using Kubernetes is really necessary because some of those older, you know, traditional cloud cost optimization tools are just not as fit for, for this space specifically. >>Yeah. I think that's exactly right, Alex. And I would add to that just the way that software is being architected deployed and managed is fundamentally changing with Kubernetes, right? It is deeply impacting every part of scifi software delivery process. And through that, you know, decisions are getting made and, you know, engineers are ultimately being empowered, um, to make more, you know, costs impacting decisions. Um, and so we've seen, you know, organizations that get real time kind of built for Kubernetes are built for cloud native, um, benefit from that massively throughout their, their culture, um, you know, cost performance, et cetera. >>Uh, well, can you just give a quick example because I think that's a great point. The architectures are shifting, they're changing there's new things coming in, so it's not like you can use an old tool and just retrofit it. That's sometimes that's awkward. What specific things you see changing with Kubernetes that's that environments are leveraging that's good. >>Yeah. Yeah. Um, one would be all these Kubernetes primitives are concepts that didn't exist before. Right. So, um, you know, I'm not, you know, managing just a generic workload, I'm managing a staple set and, or, you know, three replica sets. Right. And so having a language that is very much tailored towards all of these Kubernetes concepts and abstractions, et cetera. Um, but then secondly, it was like, you know, we're seeing this very obvious, you know, push towards microservices where, you know, typically again, you're shipping faster, um, you know, teams are making more distributed or decentralized decisions, uh, where there's not one single point where you can kind of gate check everything. Um, and that's a great thing for innovation, right? We can move much faster. Um, but for some teams, um, you know, not using a tool like coop costs, that means sacrificing having a safety net in place, right. >>Or guard rails in place to really help manage and monitor this. And I would just say, lastly, you know, uh, a solution like coop costs because it's built for Kubernetes sits in your infrastructure, um, it can be deployed with a single helmet stall. You don't have to share any data remotely. Um, but because it's listening to your infrastructure, it can give you data in real time. Right. And so we're moving from this world where you can make real time automated decisions or manual decisions as opposed to waiting for a bill, you know, a day, two days or a week later, um, when it may be already too late, you know, to avoid, >>Or he got the extra costs and you know what, he wants that. And he got to fight for a refund. Oh yeah. I threw a switch or wasn't paying attention or human error or code because a lot of automation is going on. So I could see that as a benefit. I gotta, I gotta ask the question on, um, developer uptake, because develop, you mentioned a good point. There that's another key modern dynamic developers are in, in the moment making decisions on security, on policy, um, things to do in the CIC D pipeline. So if I'm a developer, how do I engage with Qube cost? Do I have to, can I just download something? Is it easy? How's the onboarding process for your customers? >>Yeah. Great, great question. Um, so, you know, first and foremost, I think this gets to the roots of our company and the roots of coop costs, which is, you know, born in open-source, everything we do is built on top of open source. Uh, so the answer is, you know, you can go out and install it in minutes. Like, you know, thousands of other teams have, um, it is, you know, the, the recommended route or preferred route on our side is, you know, a helm installed. Um, again, you don't have to share any data remotely. You can truly not lock down, you know, namespace eat grass, for example, on the coop cost namespace. Um, and yeah, and in minutes you'll have this visibility and can start to see, you know, really interesting metrics that, again, most teams, when we started working with them, either didn't have them in place at all, or they had a really rough estimate based on maybe even a coop cost Scruff on a dashboard that they installed. >>How does cube cost provide the visibility across the environment? How do you guys actually make it work? >>Yeah, so we, you know, sit in your infrastructure. Um, we have integrations with, um, for on-prem like custom pricing sheets, uh, with card providers will integrate with your actual billing data, um, so that we can, uh, listen for events in your infrastructure, say like a nude node coming up, or a new pod being scheduled, et cetera. Um, we take that information, join with your billing data, whether it's on-prem or in one of the big three cloud providers. And then again, we can, in real time tell you the cost of, you know, any dimension of your infrastructure, whether it's one of the backing, you know, virtual assets you're using, or one of the application dimensions like a label or annotation namespace, you know, pod container, you name it >>Awesome. Alex, what's your take on the landscape with, with the customers as they look the cost reductions. I mean, everyone loves cost reductions as a, certainly I love the safety net comment that Webb made, but at the end of the day, Kubernetes is not so much a cost driver. It's more of a, I want the modern apps faster. Right? So, so, so people who are buying Kubernetes usually aren't price sensitive, but they also don't want to get gouged either on mistakes. Where is the customer path here around Kubernetes cost management and reduction and a scale? >>Yeah. So I think one thing that we're looking forward to hearing this upcoming year, just like we did last year is continuing to work with the various tools that customers are already using and, you know, meeting those customers where they are. So some examples of that are, you know, working with like CICT tools out there. Like we have a great integration with armoring Spinnaker to help customers actually take the insights from coop costs and deploy those, um, in a more efficient manner. Um, we're also working with a lot of partners, like, you know, for fauna to help customers visualize our data and, you know, integrate with or rancher, which are management platforms for Kubernetes. And all of that I think is just to make cost come more to the forefront of the conversation when folks are using Kubernetes and provide that, that data to customers and all the various tools that they're using across the ecosystem. Um, so I think we really want to surface this and make costs more of a first-class citizen across, you know, the, the ecosystem and then the community partners. >>What's your strategy of the biz dev side. As you guys look at a growing ecosystem with CubeCon CNCF, you mentioned that earlier, um, the community is growing. It's always been growing fast. You know, the number of people entering in are amazing, but now that we start going, you know, the S curves kicking in, um, integration and interoperability and openness is always a key part of company success. What's Qube costs is vision on how you're going to do biz dev going forward. >>Absolutely. So, you know, our products opensource that is deeply important to our company, we're always going to continue to drive innovation on our open source product. Um, as Webb mentioned, you know, we have thousands of teams that are, that are using our product. And most of that is actually on the free, but something that we want to make sure continues to be available for the community and continue to bring that development for the community. And so I think a part of that is making sure that we're working with folks not just on the commercial side, but also those open source, um, types of products, right? So, you know, for Fanta is open source Spinnaker's are open source. I think a lot of the biz dev strategies just sticking to our roots and make sure that we continue to drive it a strong open source presence and product for, for our community of users, keep that >>And a, an open source and commercial and keep it stable. Well, I got to ask you, obviously, the wave is here. I always joke, uh, going back. I remember when the word Kubernetes was just kicked around pre uh, the OpenStack days many, many years ago. It's the luxury of being a old cube guy that I am 11 years doing the cube, um, all fun. But if we remember talking to him in the early days, is that with Kubernetes was, if, if it worked, the, the phrase was rising, tide floats all boats, I would say right now, the tides rising pretty well right now, you guys are in a good spot with the cube costs. Are there areas that you see coming where cost monitoring, um, is going to expand more? Where do you see the Kubernetes? Um, what's the aperture, if you will, of the, of the cost monitoring space at your end that you think you can address. >>Yeah, John, I think you're exactly right. This, uh, tide has risen and it just keeps riding rising, right? Like, um, you know, the, the sheer number of organizations we use C using Kubernetes at massive scale is just mind blowing at this point. Um, you know, what we see is this really natural pattern for teams to start using a solution like coop costs, uh, start with, again, either limited or no visibility, get that visibility in place, and then really develop an action plan from there. And that could again be, you know, different governance solutions like alerts or, you know, management reports or, you know, engineering team reports, et cetera. Um, but it's really about, you know, phase two of taking that information and really starting to do something with it. Right. Um, we, we are seeing and expect to see more teams turn to an increasing amount of, of automation to do that. Um, but ultimately that is, uh, very much after you get this baseline highly accurate, uh, visibility that you feel very comfortable making, potentially critical, very critical related to reliability, performance decisions within your infrastructure. >>Yeah. I think getting it right key, you mentioned baseline. Let me ask you a quick follow-up on that. How fast can companies get there when you say baseline, there's probably levels of baseline. Obviously all environments are different now. Not all one's the same, but what's just anecdotally you see, as that baseline, how fast we will get there, is there a certain minimum viable configuration or architecture? Just take us through your thoughts on that. >>Yeah. Great question. It definitely depends on organizational complexity and, you know, can depend on applicational application complexity as well. But I would say most importantly is, um, you know, the, the array of cost centers, departments, you know, complexity across the org as opposed to, you know, technological. Um, so I would say for, you know, less complex organizations, we've seen it happen in, you know, hours or, you know, a day less, et cetera. Um, because that's, you know, one or two or a smaller engineering games, they can share that visibility really quickly. And, um, you know, they may be familiar with Kubernetes and they just get it right away. Um, for larger organizations, we've seen it take kind of up 90 days where it's really about infusing this kind of into their DNA. When again, there may not have been a visibility or transparency here before. Um, again, I think the, the, the bulk of the time there is really about kind of the cultural element, um, and kind of awareness building, um, and just buy in throughout the organization. >>Awesome. Well, guys got a great product. Congratulations, final question for both of you, it's early days in Kubernetes, even though the tide is rising, keeps rising, more boats are coming in. Harbor is getting bigger, whatever, whatever metaphor you want to use, it's really going great. You guys are seeing customer adoption. We're seeing cloud native. I was told that my friends at dock or the container side is going crazy as well. Everything's going great in cloud native. What's the vision on the innovation? How do you guys continue to push the envelope on value in open source and in the commercial area? What's the vision? >>Yeah, I think there's, there's many areas here and I know Alex will have more to add here. Um, but you know, one area that I know is relevant to his world is just more, really interesting integrations, right? So he mentioned coop costs, insights, powering decisions, and say Spinnaker, right? I think more and more of this tool chain really coming together and really seeing the benefits of all this interoperability. Right. Um, so that I think combined with, uh, just more and more intelligence and automation being deployed again, that's only after the fact that teams are really comfortable with his decisions and the information and the decisions that are being made. Um, but I think that increasingly we see the community again, being ready to leverage this information and really powerful ways. Um, just because, you know, as teams scale, there's just a lot to manage. And so a team, you know, leveraging automation can, you know, supercharge them and in really impactful ways. >>Awesome, great integration integrations, Alex, expand on that. A whole different kind of set of business development integrations. When you have lots of tool chains, lots of platforms and tools kind of coming together, sharing data, working together, automating together. >>Well. Yeah, we, so I think it's going to be super important to keep a pulse on the new tools. Right. Make sure that we're on the forefront of what customers are using and just continuing to meet them where they are. And a lot of that honestly, is working with AWS too, right? Like they have great services and EKS and managed Prometheus's. Um, so we want to make sure that we continue to work with that team and support their services as that launched as well. >>Great stuff. I got a couple of minutes left. I felt I'll throw one more question in there since I got two great experts here. Um, just, you know, a little bit change of pace, more of an industry question. That's really no wrong answer, but I'd love to get your reaction to, um, the SAS conversation cloud has changed what used to be SAS. SAS was, oh yeah. Software as a service. Now that you have all these kinds of new kinds of you have automation, horizontally, scalable cloud and edge, you now have vertical machine learning. Data-driven insights. A lot of things in the stack are changing. So the question is what's the new SAS look like it's the same as the old SAS? Or is it a new kind of refactoring of what SAS is? What's your take on this? >>Yeah. Um, there's a web, please jump in here wherever. But in, in my view, um, it's a spectrum, right? There's there's customers that are on both ends of this. Some customers just want a fully hosted, fully managed product that wouldn't benefit from the luxury of not having to do any, any sort of infrastructure management or patching or anything like that. And they just want to consume a great product. Um, on the other hand, there's other customers that have more highly regulated industries or security requirements, and they're going to need things to deploy in their environment. Um, right now QP cost is, is self hosted. But I think in the future, we want to make sure that, you know, we, we have versions of our product available for customers across that entire spectrum. Um, so that, you know, if somebody wants the benefit of just not having to manage anything, they can use a fully self hosted sat or a fully multitenant managed SAS, or, you know, other customers can use a self hosted product. And then there's going to be customers that are in the middle, right, where there's certain components that are okay to be a SAS or hosted elsewhere. But then there's going to be components that are really important to keep in their own environment. So I think, uh, it's really across the board and it's going to depend on customer and customer, but it's important to make sure we have options for all of them. >>Great guys, we have SAS, same as the old SAS. What's the SAS playbook. Now >>I think it is such a deep and interesting question and one that, um, it's going to touch so many aspects of software and on our lives, I predict that we'll continue to see this, um, you know, tension or real trade-off across on the one hand convenience. And now on the other hand, security, privacy and control. Um, and I think, you know, like Alex mentioned, you know, different organizations are going to make different decisions here based on kind of their relative trade-offs. Um, I think it's going to be of epic proportions. I think, you know, we'll look back on this period and just say that, you know, this was one of the foundational questions of how to get this right. We ultimately view it as like, again, we want to offer choice, um, and make, uh, make every choice be great, but let our users, uh, pick the right one, given their profile on those, on those streets. >>I think, I think it's a great comment choice. And also you got now dimensions of implementations, right? Multitenant, custom regulated, secure. I want have all these controls. Um, it's great. No one, no one SaaS rules the world, so to speak. So it's again, great, great dynamic. But ultimately, if you want to leverage the data, is it horizontally addressable? MultiTech and again, this is a whole nother ball game we're watching this closely and you guys are in the middle of it with cube costs, as you guys are creating that baseline for customers. Uh, congratulations. Uh, great to see you where thanks for coming on. Appreciate it. Thank you so much for having us again. Okay. Great. Conservation aiders startup showcase open cloud innovators here. Open source is driving a lot of value as it goes. Commercial, going to the next generation. This is season two episode, one of the AWS startup series with the cube. Thanks for watching.

(bright music) >> Hi, everyone. Welcome to the CUBE's presentation of the AWS Startup Showcase around open cloud innovations. It's the season two episode one of the ongoing series covering exciting startups from the AWS ecosystem and talking about open source and innovation. I'm John Furrier, your host. Today, we're joined by two great guests. Dan Garfield, chief open source officer and co-founder of Codefresh IO, and Raziel Tabib, CEO and co-founder. Two co-founders in the middle of all the innovation. Gentlemen thanks for coming on. >> Thank you. >> So you guys have a great platform and as cloud native goes mainstream in the enterprise and for developers, the big topic is unification, end-to-end, horizontally scalable, leveraging data. All these things around agile that I call agile cloud next level. This is kind of what we're seeing. The CNCF is growing. You've seen KubeCon every year is more about these kinds of things. Words like orchestration, Kubernetes, container, security. All of those complexities are now at the center of making things easier for developers. This is a key value proposition and you guys at Codefresh are offering really the first enterprise delivery solution powered by Argo, which is an open source project. Again, open source driving really big changes. So let's get into it. And first of all, congratulations, and thanks for working on this project. What's so special about- >> Thank you for that. >> Argo the project, and why have you guys decided to build a platform on it, and where is this coming together? Take us through why this is so important. >> I think Argo has been a very fast growing open source project for multiple reasons. A, it has been built for the new way of building and deploying an application. It's cloud native. You mentioned Kubernetes becoming kind of the de facto way of running application. It's the de facto way to run automation and pipeline. But also Argo has been built from the ground up to the latest practices of how we deploy software. We deploy software now differently. We deploy it using a GitOps practice. We're deploying it using canary blue-green progressive deployment. And Argo has been built around these practices, around these technologies, and has been very much widely adopted by the community. In the past, the KubeCon you've mentioned, Argo was all over the place. And we were very glad to be working with the community to talk about what the next steps with Argo. >> Yeah, it's a really good point. I would like to just follow up on that because you see this being talked about. It always comes up, where is open source really outside of a pure contributors matter? And when you have corporations contributing, you seeing this has been the trend. You saw it with Lyft, with Envoy, companies doing more and more open source. This is part of a big collaboration. And again, this comes back down to this whole why it's relevant and why it's so special with Argo. Continue to talk about relationship because it's not just you guys, it's now community. >> Yeah, I can speak to that. The Argo project is something that we maintain in partnership with several other companies and really our relationship with it is that this is something that we're actively contributing to. This is something that we're helping build the roadmap on and planning the events around and all those kinds of things. And we're doing that because we really believe in this technology and we've built our platform on it. So when you deploy Codefresh, you're deploying technology that's built directly on Argo and is designed specifically to solve that problem that you spoke to at the top of the hour. We all want to deliver software faster. We all want to have fewer regressions. We want to have fewer breaking changes. We want software to be super reliable. We want to be comfortable with what we're doing. That's really why we picked Argo because that technology that we have it is to Raziel's point delivered in this new way. It's delivered using GitOps. And that's a whole revolution and change in the way that people build and deploy software. And bringing cohesion into that experience is so critical to building the confidence that lets you actually deploy often and frequently and more. >> Dan, if you don't mind just expanding on that one point about the problem you solve, because to me, this has been kind of that evolution. It's almost like, yeah, there's been problems, plural, and opportunities that you saw with those in growing markets like this with DevOps and DevSecOps and now cloud native. What is the catalyst behind all of this? What was the epiphany behind it? How did it get so much momentum? What was it really doing under the covers? >> Well, it's a very simple and easy to use set of tools. And that's one of the big things is that if you look at the ideas of GitOps and there's actually a foundation around this that were part of called open GitOps to GitOps working group under the CNCF. And those principles of, I want to, yes, do my software defined as code. I want to do my infrastructure defined as code and I need something monitoring by production run times and making sure that the declared desired state is always matching the actual state. Those principles have actually been around for a number of years. And with Kubernetes, we really unlocked an API that allowed us to start doing GitOps and this is why we bring in Argo and you see the rise of Argo CD and other workflows and what we've been doing is really because that technology has been unlocked now. So the ability to define how your software is supposed to run and now your entire software delivery stack should run, all defined and then monitored and then kept in check using the GitOps operator. That critical unlock is what's really driving the massive adoption. And like Raziel said, Argo is the fastest growing and most popular open source project for delivering software. And it's not even close. >> Yeah, this is really great point. And I want to get into that 'cause I want to know why, what you guys do on your platform versus the open source and get that relationship settled? Before we get there, though, I want to get your reaction to some of the commentary in the industry 'cause GitOps trend has been exploding into new directions. I mean, it used to be a term about 10 years ago called big data. And at the beginning where data was all big data. Now it was DevOps revolution around data as well. But now you're hearing people talk about big code. Like, I mean, the code bases are becoming so huge. So as a developer, you're leveraging large open source code. This idea of the software delivery with existing code and new code just adds to more code. There's more code being developed every day. >> There is more code delivered every day. And I think that organization realize today, almost in every industry that they have to pace up how fast and how frequent they update their software delivery. We're living in a world in which every aspect of our life has been disrupted by software and organization realize that they have to keep up and figure out how to deploy software more frequent and more lively. And I think, you mentioned that really Kubernetes, the cloud native became the de facto way of running application. I think most of organization has made that decision to move into cloud native. The second question is after, is okay, now we have all applications running, how fast and how more frequent we can deploy applications to the cloud native? And that's the stage in which we're super excited about Argo and our up platform because that's basically streamline the building application for these cloud native, deploying applications for the cloud native, and so on. >> Yeah, and I think that highlights the business value. You getting a lot of the conversations with businesses that say they want the modern application on the cloud scale. And at the end of the day, it comes down to speed and security. So how fast can I get the app out? How well does it work? Does it run performance? And does it have security? And I don't want a slow. >> Exactly. Exactly. It kind of oversimplifies it, but that's kind of the net net. So when you look at Argo open source, what's that's done and kind of where you guys are taking it. Can you talk about the differences between your enterprise version and the open source version and the interplay there, the relationship, the business model health customers can play on both sides or understand the difference? >> Sure. >> Go ahead. >> Go ahead, Raziel. Okay, so I think Argo, as you mentioned, is probably the most advanced technology today to both run pipelines. They're like events to trigger pipelines and Argo work for the one that pipelines, the Argo CD for GitOps and Rollout, for Canary blue-green strategies. And the adoption is really exploding. Just as an Advocate that we had in December, we have worked with the community and organized ArgoCon events in which we had initially kind of thought about 500 attendees. And so we have more than 4,000 registrants and majority of them are coming from enterprise. Now as we have talked to the community during this conference and figure out, okay, so what are the things that you're still missing? And that will help you take the benefit that you get from Argo to the next level. The few things that came up. One is Argo is a great technology. However, Argo now is fragmented into four projects. There is an advance. There is workflow. There is Argo CD. And there is Argo Rollout. And there is a need to bring them all together into a solid platform, solid one run time that can be easily installed, monitor all of these in a single UI, in a single control plane. That's one aspect. The second is the scalability. Really being able to manage it centrally across multiple clusters, not in one cluster. And what we bring in with the new one, we're so excited about this platform, is we're bringing that big. The first to get all of these four projects in one runtime, and one control plane, but also allow the community to run it across multiple cluster from one place getting into the solution, not just as a technology. >> If I may add to that, the value of bringing these projects together, it provides so many insights. So when you're trying to figure out, there's some breaking change that has been made, but you don't necessarily know where it is because you have a lot of microservices that are out there. You have a lot of teams working on it. By bringing all of these things together, we're able to look at all of the commits, all of the deployments, all of the Jira issues. All of these components combined together, so you really get a single view where you can see everything that's going on. And this is another element where when you're trying to deploy software at scale, you're trying to deliver it faster. People are getting a little bit overwhelmed because there are so many updates and so many different services and so many teams working that they're starting to miss that visibility. So this is what we want to bring into the ecosystem is we really want them that visibility to be super clear. And by bringing all of the Argo components, the Argo tools together, we're able to do that in a single dashboard. >> Yeah, so if I get this right, let me just double click on that because it sounds like, yeah, Argo's great. It's been organically growing, a lot of different components to it, but when you start getting into pushing code in an organization, you have, I call the old-school version control kind of vibe going on where it's like you don't know what's out there and how that affects the system as it's a distributed system, which cloud is. There are consequences when stuff breaks. So we all know that. Is that kind of where you guys are getting at? The challenge is actually the opportunity at the same time where it's all goodness, but then when you start looking at scale and the system impact, is that kind of where the open source and you guys pick up, is that right? >> This is one aspect. I think the second one is that again, when you look at each individual component of Argo, each provide a lot of value by itself. But when you sum it, the value of the sum is greater than the value of the individual. So when you're taking, really the events and workflow, Argo CD and Argo Rollout, and you bring them all together into single runtime. The value of its time is really automation all the way from code to cloud. It's not breaking into, there is like an automation for CI, there's an automation for CD, there's information for progressive delivery. It's actually automated all the way from the Git commit through the GitOps through the deployment strategy, and so on. And being able to monitor it and scale it in the enterprise scale. So, of course, it's helping enterprise and make Argo to some level more crucial for enterprise, if I may say, but second is really bringing all of these components together and get the outcome be greater than the individual parts. >> Yeah, that's a good point. Yeah, make it make a commercial grade, if you will, for enterprise who wants to have support and consistency and whatnot. What other problems are you solving? Dan, can you chime in on the whole, how you guys resolve some of these challenges for the enterprise? Because, again, some stability is key as well, but also the business benefit has got to be there for the development teams. >> Yeah. So there's several. One aspect is that the way that most people operate today is they essentially do a bunch of commands and engage with systems. And then hopefully at the end, they write those things to Git. And this is a little bit backwards if you think about it because there's a situation where you can end up with things in production that were never checked in, or maybe somebody is operating and they're making a change. If we look at most of the downtime that's occurred over the last two years, it's because people have flubbed a key when they were typing in a command or something like that. The way that this system works is that we provide an interface, both the CLI and the GUI, where those operations interactions actually end with a Git commit. So rather than doing an operation and then hopefully committing to Git, most of the operations are actually done first in Git, or if there is something that can't be done first in Git, it's maybe bootstrapped and then committed to Git as part of a single command. So this means you have end-to-end traceability. It also means your auditability is way better. And then the second, the other component that we're adding is that security and scale layer. So we are securing these things, we're building in single sign-on, and all those robust security things you would expect to have across all these instances. So many organizations, when they're building their software delivery tools, they have to deploy instances in many locations. And so this is how you end up with companies that have 5,000 instances that are all out of date and insecure. Well with Codefresh, if you need to deploy a component onto this end cluster or something like that, you may have thousands of them. All of those are monitored and taken care of in a centralized way, so I can do all of my updates at once. I can make sure they're all up to date. I'm not running with a bunch of known CVEs or something like that and it's clear. The components are also designed in an architectural way. So that only the information that is needed is ever passed out. So I can have a cluster that is remotely managed, that checks out code, that the control plane never has access to. So this hybrid model has been really popular with our customers. We have customers in healthcare, we have customers in defense and in financial services, all these regulated industries. The flow of information is really critical. So this hybrid model allows you to deploy something that has the ease of a SaaS solution, but has the security of an on-prem solution while being centrally managed and easy to take care of. >> Yeah, it's a platform. It's what it is. It's not a tool. It's not a tool anymore. It's a platform. >> Exactly. >> I think the foundational aspect of this is critical. And you mentioned automation before. If you're going to go end-to-end automation, you have some stuff in the system that whether it hasn't been checked in yet. I mean, we know what this leads to. Disaster or a lot of troubleshooting and disruption. That's what it seems to solve. Am I getting that right? Is that right? >> Yeah. >> Go ahead. >> Yeah, it helps automate the whole process. But as you say, it's really like identify what needs not to be going all the way to production and really kind of avoid vulnerabilities or any flaws in the software. So it automates everything, but in a way that the automation can identify issues and avoid them from coming into the production. >> Well, great stuff here. I've got to ask you guys now that you've got that settled. It's really, I see the value there, how you guys are letting it grow organically and with Argo and then building that platform for businesses and developers. It's really cool. And I see the foundational value there. It just only gets better. How you guys contributing back to open source and helping the wider GitOps and Argo communities? Because this is, again, the rising tide that's bringing all the boats into the harbor, so to speak. So this is a good trend and people will acknowledge that. So how's this going to work as you guys work back into the open source community? >> So we work closely with both myself and the other maintainers worked closely with the community on the roadmap and making sure that we're addressing issues. I think if you look in the last quarter, we probably have upwards of 40 or 50 different issues that we've solved in terms of fixing a bug or adding features or things like that. So making sure that these tools, which are really the undergirding components of our platform, they have to be really robust. They have to be really strong. And so we're contributing those things back. And then when it comes to the scalability side, these are things that we can build into the platform. So the value should be really clear. I can deploy this, I can manage it myself, I can build tools on top of it. And if I want to start doing it at scale, maybe I want support. That's when I really am going to go to Codefresh and start saying, let's get the enterprise little platform. >> Awesome. GitOps, a lot of people like some naysayers may say, Hey, it's the latest fad. Is it here to stay? We were talking about big code earlier. GitOps, obviously seeing open source. Just every year, just get better and better and growth. I mean, I remember when I was breaking into the business, you have to sell under the table. Now it's all free and open and getting better every year. Just the growth of code. Is GitOps a fad? How do you talk to people who say that? I mean, besides slapping around saying wake up. I mean, how do you guys address that when people say it's just the latest fad? >> So if I may comment here and Dan feel free to chime in, I think that the GitOps is a continuation of a trend that everything is a source code. As a developer, many years ago myself and still writing code, always both code and code was the source of tool that's where we write the code. But now code actually is also describing how our application is running in production. And we've already seen kind of where it's get next. We also hear about infrastructure as a code. So now actually we storing the code the way the infrastructure should be. And I think that the benefit of storing all this configuration in a source code, which has been built to track changes, to be enabled to roll back, that is just going to be here to stay. And I think that's the new way of doing things. >> All right, gentlemen, great. Closing statements. Please share an update on the company. What it's all about? What event you got coming? I know you got a big launch. Can you take us through? Take us home. >> Join on February 1st, we're going to be launching the Codefresh software delivery platform. Raziel and I will be hosting the event. We've got a number of customers, a number of members of the community who are going to be joining us to show off that platform. So you're going to be able to see it in action, see how the features work, and understand the value of it. And you'll see how it works with GitOps. You'll see how it helps you deliver software at scale. That's February 1st. You can get information at codefresh.io. >> Raziel, Dan, thanks for coming on. >> Thank you. >> Pretty good showcase. Thanks for sharing. Congratulations. Great venture. Loved the approach. Love the growth in cloud native and you guys sure on the cutting edge. Fresh code, people love fresh code, codefresh.io. Thanks for coming on. >> Thank you. Thank you. >> Okay, this is the AWS Startup Showcase Open Cloud Innovations. Cloud scale, software, data. That's the future of modern applications being developed, changing the game to the next level. This is the CUBE's coverage season two episode one of the ongoing AWS Startup series here in theCUBE.

>>Hello everyone. And welcome to the cubes presentation of the AWS startup showcase open cloud innovations. This is season two episode one of our showcase ongoing series. We're covering very exciting startups from the AWS ecosystem. And we're going to be talking about the open source community. I'm your host, Lisa Martin. And today I'm excited to be joined by Robbie, Myra, the head of product and partner marketing at sneak. Robbie's here to talk with me about developer security for your digital transformation. Robbie, it's great to have you on the cube. >>Thanks Lisa. Nice to be here. >>So talk to me about what's going on in developer land. They're under a lot of pressure. A lot of them are building apps with open source, but what does sneak seeing from the developers lens >>From the developer's lens? There's a lot of pressure to build fast and that's probably the biggest challenge, right? We're in a world of digital transformation where everybody's trying to compete no matter what industry you're in, right on the technology and on the quality of your software or the capabilities of your software, which puts a lot of pressure on developers to build fast. That causes them to do a few things. One, it causes them to build, to develop in a way where they're doing constant iteration and so models that would have enabled a security check to come in at the end, aren't working anymore because they don't have time for those security checks. And it also causes them to do a good thing, which is to leverage other people's code when they can like open source. So they can just focus on, on their own functionality. And that's true, whether they're building new functionality or modernizing legacy applications by moving them to the cloud. >>So it's a high percentage of, of app code 80 to 90% is open source. Then that opens up. Talk to me about w where the vulnerabilities are and how you guys help customers and developers address that. >>Yeah, the vulnerabilities can be anywhere, but the key is that that point, right? If you're using open source in a typical application, 80 to 90 plus percent of the lines of code in that application are going to be open source code, their code. Somebody else wrote that you don't have a direct relationship with, and yet you own the risk that whatever they may have, whatever vulnerabilities may be in their code, you now own that risk. So what we're trying to do with sneakers, trying to do is enable developers to leverage open source, but do that securely. And then we also help them with the 10% that they rent as well, and, and do that all in one really easy environment for a developer that fits into their workflow and into their daily life. >>So security should shift left. I've had the chance to talk with a couple of, do you call them sneakers sneakers? Oh, you do a couple of sneakers recently. We've talked about security shifting lab. That's not a new concept, but I'd love to dig in more to how sneak and AWS do that. And I'm also curious if what you're doing helps. We've talked about the cybersecurity skills got for a long time. Now, just what you guys do, help address that >>It does because it's really leveraging a resource that, that is there, right? There's the number of developers worldwide is growing from, depending on who you believe for these numbers and their estimated numbers, right? But 25 million to 50 million over roughly a five-year period that's already started. So we're somewhere in the 30 now, right? Meanwhile, the security jobs, there's something like 9 million cyber security people in the world, and that's all cyber security roles. It's a much shorter, a smaller chunk that are application security folks. And there's three and a half million unfilled cybersecurity roles. So you can't get cyber security people and keep using the current model you're using. But just scale it linearly, you have to change things. And sneaks belief is the way you change things is you have the developers be part of your security solution, which means they need to have the ability to not only develop, but to develop securely. And that's our concept of developer security. We build tools and a platform that enables developers to be the first part of the security solution and enable security teams rather than individually auditing and fixing things to develop a process, govern the process, guide the development teams, but let the developers own that first step of security. And that's really how you solve that scale problem. >>When you're talking with customers, is this kind of a better together scenario, developers and security folks? Are you helping them align culturally because this is a change? >>Absolutely. I think one of the biggest misconceptions out there is that there's a tension between security and development. And I think that's because organizationally there might be right. Security is responsible for risk and developers responsible for speed of innovation and the faster you innovate, potentially there's more risk. So there might be some organizational tension, but at the human level, people understand each other, they understand the pressures that the other one's going through. They just don't have an easy way to work together. And if you can help them get that, then they, it really takes off it. The relationships form they'll build human to human programs like security champion programs and things to, to integrate the teams because they're both going after the same goal, both sides want to build awesome technology and grow in whatever market they're in. >>Right. And of course, with the need to do that at today's markets speed and scale is a great thing that you guys are doing to facilitate that collaboration. And of course the security let's kind of take a double-click now into the different integrations that sneek has with AWS services. I know there's quite a few, >>There's quite a few. The biggest one, probably the easiest one for the integrations is the native integration that we have with code pipeline. So it makes it easy for developers as they're finishing their builds and deploying to have an automatic security check that comes in, understands if there's things that need to be fixed before this really should be released, and then they can fix it and go forward. But we integrate across with our API across a lot of other services, ECR EKS code builder, so that wherever the developer is working, there's a way for us to integrate with them as they're building across their AWS development process. >>Okay. So giving them plenty of opportunity, let's dig into the platform. Talk to me about the platform, how it's really aimed at developers. You alluded to this a little bit, but I'd like to kind of take a double-click into the technology. >>Sure. That the platform, it, part of it is that idea of it we've wrapped it all as a developer tool. But the thing that makes sneak unique in this is not only we have the idea that we wanted to shift left in time, but we wanted to shift left in ownership. So the developers are primary user and we built a tool that is a developer tool that happens to do security. And we've extended that tool into a platform by enabling it to connect into the developers tools, sharing information, across different elements of what it securing. So for example, the open source that we're scanning for you and testing to find for vulnerabilities, we're also looking at the vulnerabilities in your code and where they may overlap or intersect. We can adjust priorities so that you might not need to fix something. Let's say you're using an open source, vulnerable, a package that has a vulnerability, but your code is never going to access that you don't need to fix it. >>So you can prioritize that one lower, right? Same thing with Kubernetes and containers. You may have a container vulnerability, but the way you're going to leverage the container that won't be used so we can adjust the priority to make it easy for the developer. And that's the other big thing that's different about a developer security platform than a typical security tool. A typical security tool is an audit tool it's designed to output. Here are all the things you have a problem with a developer security tool is a fixing tool. It's just defined as a, here are the problems you have developed with here's how you fix it and go back to building on that. That prioritization is a big part of that, because you can say, here's what you don't need to worry about. And then you can focus the rest of your energy on helping developers fix the problem either by giving them really good advice or automating it for them and saying, Hey, here's a button click that will generate a pull request. And your problem is this fixed. >>It must go a long way to improving developer productivity, one facilitating that speed and the agility with which they need to work, but also from a developer kind of crowd sourcing, crowd swell perspective. I imagine, talk to me about what some of the voices are, the developers that are in your community. What are some of the things that they're saying in terms of how much faster they're able to work, they're able to get those priorities established with automation so much faster? >>Well, that's the biggest thing. Is there a, the productivity gain happens because of the benefit of shift left, right? You're testing earlier. You're finding it at an earlier time when it's easier to fix, but that's because they're the ones doing it, right. If they're waiting to hand off to an auto report and then it comes back, even if somebody is, is giving them them audit faster, it's still after they've moved on. And the other way people try to solve it as well. They'll say, well, I'll take a security tool then to hand it to the developer and they can run it. But so developers are not security experts. So the tool needs to understand what they know and what they don't know, and, and working in an upload. And that's what developers generally say to us because sneak makes it easy to work, but also focuses on the fix and helps them guide them to that, to that answer. Then they're able to go much faster when we're evaluated by companies who are looking for a security solution. If the developers get involved in that evaluation, they'll choose sneak. >>So I'm curious a little bit about as, as the head of product marketing, I'm thinking customer advisory boards, things like that. What's the collaboration like between sneak and the developers to really tune and push the technology forward. I imagine it's quite collaborative, >>Quite collaborative and it's across a lot of, of spectrum. So we do have a customer advisory board and that's generally leaders, right? That's either security leaders or development leaders or operations leaders who are in that advisory board. And they're giving us input on things they need for program-wide governance or program wide adoption. We also have a developer community where we're talking directly to developers and that's where we get a lot of, Hey, here's how I could use this better as a developer. And that guides where we focus features that help developers work better, whether it's integrations with our IDs or whether it's the way we present information, help them prioritize. And then the third part is we have a lot of people using the tool because it has a free model, right? We're as a developer tool, we have a freemium model. There's a level of sneak that developers can use that they don't need to pay for. That's not a temporary trial, it's forever. If you want to use it at that level and we can observe what they're doing. So that observability gives us another insight into where folks get challenged run into, to struggles. And then we can look to address those in our roadmap as well. So, so all of that together really helps us drive the product forward. >>What is the perspective from the analyst view? You talked a little bit about the perspective from the customer. We'll get into a customer story in a bit, but I'd love to know what are the gardeners saying? >>Well, Gardner especially put us, we debuted in their magic quadrant for application security last year. And we did David as a visionary and sort of the highest part of the visionary quadrant you could get in before you crossed over into leader, which is kind of unheard of for a first time into the, into the quadrant. And the main reason for that is that they have built the way those, those magic quadrants are built is they have key capabilities and then they score companies against key capabilities and they weight those capabilities, you know, by order of importance. And Gardner has started to put some of this notion of developer security and cross cloud native application security into those key capabilities. And those tend to align really well with what sneakers. So they have a, for example, a software composition, which is sort of open source security analysis, where first, w w w where the top ranking in that, where the top ranking and container security, where the top ranking and developer enablement. So that's pulling us, they are so-so Gardner and the analyst community is seeing this same demand coming from their customers. And that's really aligning to where our vision is. >>And in terms of kind of propelling that vision forward, the voice of the customer, the voice of the analyst, aligning with what you guys are doing to kind of lead the vision going forward. I want to get into some of the intelligence before we kind of break into a customer example. Talk to me a little bit about snakes security intelligence, what the key capabilities are, and some customers that are leveraging it. Sure. >>The biggest thing is with all the developer tool wrapping that needs to be in this product than it is a developer tool. It's got a developers heart, but it has to have a security brain because it still is a security tool. There are some developer tools. We try to have little check the box capabilities of security and they'll crowdsource for vulnerabilities potentially. But if you're doing this, you need to make sure that all the vulnerabilities that could be found are in the database to be able to be found that the database is comprehensive, that it's timely. They get in very quickly that it's accurate. You don't waste time on false positives because that will turn developers off faster than anything. And that it's actionable. So when it does find something, it helps you go forward with it. And that's where sneaks really focused on. So we collect data from multiple public sources. >>We also have a fairly large proprietary research team that curates that information determines what needs to go in. Sometimes we'll adjust priorities. And we also get a lot of contributions from other sources like community contributions. Again, that big free user base of ours is giving us input academia. Open source groups are also in their social media trends. So if we see something trending on Twitter, then that'll not only get it into the database, but it'll drive prioritization. And that's a big part of what's in sneak Intel, which is the name we use for our vulnerability database. We also have a machine learning algorithm. That's constantly looking at all the code in public, in public applications and repositories. And we use that to train for our own proprietary code testing tool, but it also just gets a lot of it finds things there as well. So it brings a really good source of information that helps people make sure you're finding the vulnerabilities, you're prioritizing them correctly and fixing them. And so Amazon's one who is the, you know, one of the folks that using that tool where one of the primary sources of, of Amazon inspector for open source vulnerabilities, as well as a bunch of other security companies like rapid seven tenable and, and others. >>One of the things I was reading from, I'm always kind of looking at the differentiators and I'm sure you are as the head of product marketing and partner marketing, but it sounds like the database can, is, is a key differentiator finding vulnerabilities up to what is it? 46 days faster than competitors. >>Yeah. I mean, faster than especially public sources, which are the easier ones to, to know how you're doing against, but that's a big part of us. So when I talked about those categories, that's really what we measure ourselves against. How are we doing in terms of comprehensive? Do we have the vulnerabilities that we should have? So we have over four times the number of vulnerabilities as the next largest publicly available database, we find them faster, so timely. So that's at 46 days getting it in faster or faster than other public sources, they get into our solution and then accuracy. Again, we, it's not a stat we can test because you can't test it just from the database. You have to run the tools of our, of others in this space. And we don't have those, but making sure that you're not hitting a lot of false positives is a big part of it as well. >>Got it. Okay. And we only have a couple minutes left, but there's two more areas that I want to dig into with you just crack crack. The surface one is log four, shallow was reading. Snake says this. We were the perfect solution at the perfect time. Unpack that for me in the next minute or so. >>Yeah. And that's a bit, and it kind of wraps back to what we were talking about earlier. Everybody's using open source. If you're in the Java world, a lot of folks had logged for shell and we're using lock for shell for logging as a part of their, as a part of their applications. And so a lot of our customers, I think it was over 30%, 36% of our paying customers had the vulnerability. And you would only have the vulnerability of your Java. So it's a very large percentage of our Java using my customers had the vulnerability, but because they were using sneak, they were able, once we put it in the database, which we did the day, it was disclosed, they were able to find it and fix it very quickly. So 91% of our customers fixed that vulnerability in just two days, 98%, because this was a rolling thunder event, right. There was a vulnerability. And then there was a second vulnerability in the, in the fix. And then there was a vulnerability, even in the fix of that. So the second vulnerability that came out because everybody had been ready for it from the first time 98% picks within two days. Whereas the median number of days to generally fix a vulnerability is over two months. So really fast addressing the solution. >>So those are really impressive. And speaking of stats, I wanted to get into just really quickly a case study that really shows that lasting is one of your customer. One of your many customers, big developer community there about 3,500 developers. Give me some kind of the high level of business outcomes that at Lasagne is, is, is achieving thanks to sneaky. >>Yeah. I mean the biggest one is that almost 99% of their applications are deployed in containers. So being able to have the containers tested for vulnerabilities as they're being deployed before they're being deployed is huge for them to reduce the risk of a vulnerability. They, they had a 65% reduction in high severity container volumes a few months after using sneak across all those developers, which really reduces your, your risk profile of your, of your cloud native applications. They're obviously a big AWS user as well. So, so for them, that was the big thing. And again, it goes to that scale, right? They've got 3 3500 developers, more than 3,500 developers. If you try to go through the security team and have the security team fixing all those things, you'll just never catch up. >>Got it. Last question. Where can I get this available through the AWS market prays marketplace? You mentioned the freemium model, give folks kind of a direction on where to go. >>Yeah. So I would say if you are a, if you're someone in the security team, if you're a buyer, the AWS marketplace is a great place to go because you can probably leverage your existing spend commits with AWS. It's easy to purchase, easy billing, et cetera. If you're a developer, then there is this free version where you might go and just start using it and get comfort for it. And if you are a buyer, talk to your developers because there's a pretty good chance. Someone in your company, that's a developer is already using. Sneak will be comfortable with it. These solutions are only successful. If the developers actually use it, you can't shift left unless the developers pick it up and use it. So using the one that developers are already using is probably a good idea. >>Awesome. Robbie, this has been a great conversation, so much momentum at snake. You're the third sneaker I'd gotten to speak to you in the last month and I have, it's pretty exciting, but thanks for walking us through the technology, the capabilities, the differentiators, the voice of the customer, the voice of the analyst, we appreciate your insights and your time. And we look forward to next time we talk to you. >>Terrific. Lisa, I look forward to it as well, but there's a lot more Smith sneakers to go through before you get back to me again. I guess >>I look forward to adding to my repertoire of sneaker interviews, Ravi. Thanks so much. Thank you for Ravi Myra. I'm Lisa Martin. You're watching this cube interview as part of the AWS startup showcase. Stick around more great content coming up next.

>>Welcoming into the cubes presentation of AWS startup showcase open cloud innovations. This is season two episode one of the ongoing series covering exciting hot startups from the AWS ecosystem. Today's episode. One of season two theme is open source community and the open cloud innovations. I'm your host, John farrier of the cube. And today we're excited to be joined by Loris Dajani who is the C T O chief technology officer and founder of cystic found that in his backyard with some wine and beer. Great to see you. We're here to talk about Falco finding cloud threats in real time. Thank you for joining us, Laura. Thanks. Good to see you >>Love that your company was founded in your backyard. Classic startup story. You have been growing very, very fast. And the key point of the showcase is to talk about the startups that are making a difference and, and that are winning and doing well. You guys have done extremely well with your business. Congratulations, but thank you. The big theme is security and as organizations have moved their business critical applications to the cloud, the attackers have followed. This is Billy important in the industry. You guys are in the middle of this. What's your view on this? What's your take? What's your reaction? >>Yeah. As we, as a end ecosystem are moving to the cloud as more and more, we are developing cloud native applications. We relying on CACD. We are relying on orchestrations in containers. Security is becoming more and more important. And I would say more and more complex. I mean, we're reading every day in the news about attacks about data leaks and so on. There's rarely a day when there's nothing major happening and that we can see the press from this point of view. And definitely things are evolving. Things are changing in the cloud. In for example, Cisco just released a cloud native security and usage report a few days ago. And the mundane things that we found among our user base, for example, 60, 66% of containers are running as rude. So still many organizations adopting a relatively relaxed way to deploy their applications. Not because they like doing it, but because it tends to be, you know, easier and a little bit with a little bit less ration. >>We also found that that 27% of users unnecessary route access in the 73% of the cloud accounts, public has three buckets. This is all stuff that is all good, but can generate consequences when you make a mistake, like typically, you know, your data leaks, no, because of super sophisticated attacks, but because somebody in your organization forgets maybe some data on it on a public history bucket, or because some credentials that are not restrictive enough, maybe are leaked to another team member or, or, or a Gita, you know, repository or something like that. So is infrastructures and the software becomes a let's a more sophisticated and more automated. There's also at the same time, more risks and opportunities for misconfigurations that then tend to be, you know, very often the sewers of, of issues in the cloud. >>Yeah, those self-inflicted wounds definitely come up. We've seen people leaving S3 buckets open, you know, it's user error, but, you know, w w those are small little things that get taken care of pretty quickly. That's just hygiene. It's just discipline. You know, most of the sophisticated enterprises are moving way past that, but now they're adopting more cloud native, right. And as they get into the critical apps, securing them has been challenging. We've talked to many CEOs and CSOs, and they say that to us. Yeah. It's very challenging, but we're on it. I have to ask you, what should people worry about when secure in the cloud, because they know is challenging, then they'll have the opportunity on the other side, what are they worried about? What do you see people scared of or addressing, or what should I be worried about when securing the cloud? >>Yeah, definitely. Sometimes when I'm talking about the security, I like to compare, you know, the old data center in that the old monolithic applications to a castle, you know, in middle aged castle. So what, what did you do to protect your castle? You used to build very thick walls around it, and then a small entrance and be very careful about the entrance, you know, protect the entrance very well. So what we used to doing that, that data center was protect everything, you know, the, the whole perimeter in a very aggressive way with firewalls and making sure that there was only a very narrow entrance to our data center. And, you know, as much as possible, like active security there, like firewalls or this kind of stuff. Now we're in the cloud. Now, it's everything. Everything is much more diffused, right? Our users, our customers are coming from all over the planet, every country, every geography, every time, but also our internal team is coming from everywhere because they're all accessing a cloud environment. >>You know, they often from home for different offices, again, from every different geography, every different country. So in this configuration, the metaphor data that they like to use is an amusement park, right? You have a big area with many important things inside in the users and operators that are coming from different dangerous is that you cannot really block, you know, you need to let everything come in and in operate together in these kinds of environment, the traditional protection is not really effective. It's overwhelming. And it doesn't really serve the purpose that we need. We cannot build a giant water under our amusement park. We need people to come in. So what we're finding is that understanding, getting visibility and doing, if you Rheodyne is much more important. So it's more like we need to replace the big walls with a granular network of security cameras that allow us to see what's happening in the, in the different areas of our amusement park. And we need to be able to do that in a way that is real time and allows us to react in a smart way as things happen because in the modern world of cloud five minutes of delay in understanding that something is wrong, mean that you're ready being, you know, attacked and your data's already being >>Well. I also love the analogy of the amusement park. And of course, certain rides, you need to be a certain height to ride the rollercoaster that I guess, that's it credentials or security credentials, as we say, but in all seriousness, the perimeter is dead. We all know that also moats were relied upon as well in the old days, you know, you secure the firewall, nothing comes in, goes out, and then once you're in, you don't know what's going on. Now that's flipped. There's no walls, there's no moats everyone's in. And so you're saying this kind of security camera kind of model is key. So again, this topic here is securing real time. Yeah. How do you do that? Because it's happening so fast. It's moving. There's a lot of movement. It's not at rest there's data moving around fast. What's the secret sauce to making real identifying real-time threats in an enterprise. >>Yeah. And in, in our opinion, there are some key ingredients. One is a granularity, right? You cannot really understand the threats in your amusement park. If you're just watching these from, from a satellite picture. So you need to be there. You need to be granular. You need to be located in the, in the areas where stuff happens. This means, for example, in, in security for the clowning in runtime, security is important to whoever your sensors that are distributed, that are able to observe every single end point. Not only that, but you also need to look at the infrastructure, right? From this point of view, cloud providers like Amazon, for example, offer nice facilities. Like for example, there's CloudTrail in AWS that collects in a nice opinionated consistent way, the data that is coming from multiple cloud services. So it's important from one point of view, to go deep into, into the endpoint, into the processes, into what's executing, but also collect his information like the cultural information and being able to correlate it to there's no full security without covering all of the basics. >>So a security is a matter of both granularity and being able to go deep and understanding what every single item does, but also being able to go abroad and collect the right data, the right data sources and correlated. And then the real time is really critical. So decisions need to be taken as the data comes in. So the streaming nature of security engines is becoming more and more important. So the step one of course, security, especially cost security, posture management was very much let's ball. Once in a while, let's, let's involve the API and see what's happening. This is still important. Of course, you know, you need to have the basics covered, but more and more, the paradigm needs to change to, okay, the data is coming in second by second, instead of asking for the data manually, once in a while, second by second, there's the moment it arrives. You need to be able to detect, correlate, take decisions. And so, you know, machine learning is very important. Automation is very important. The rules that are coming from the community on a daily basis are, are very important. >>Let me ask you a question, cause I love this topic because it's a data problem at the same time. There's some network action going on. I love this idea of no perimeter. You're going to be monitoring anything, but there's been trade offs in the past, overhead involved, whether you're monitoring or putting probes in the network or the different, there's all kinds of different approaches. How does the new technology with cloud and machine learning change the dynamics of the kinds of approaches? Because it's kind of not old tech, but you the same similar concepts to network management, other things, what what's going on now that's different and what makes this possible today? >>Yeah, I think from the friction point of view, which is one very important topic here. So this needs to be deployed efficiently and easily in this transparency, transparent as possible, everywhere, everywhere to avoid blind spots and making sure that everything is scheduled in front. His point of view, it's very important to integrate with the orchestration is very important to make use of all of the facilities that Amazon provides in the it's very important to have a system that is deployed automatically and not manually. That is in particular, the only to avoid blind spots because it's manual deployment is employed. Somebody would forget, you know, to deploy where somewhere where it's important. And then from the performance point of view, very much, for example, with Falco, you know, our open source front-end security engine, we really took key design decisions at the beginning to make sure that the engine would be able to support in Paris, millions of events per second, with minimal overhead. >>You know, they're barely measure measurable overhead. When you want to design something like that, you know, that you need to accept some kind of trade-offs. You need to know that you need to maybe limit a little bit this expressiveness, you know, or what can be done, but ease of deployment and performance were more important goals here. And you know, it's not uncommon for us is Dave to have users of Farco or commercial customers that they have tens of thousands, hundreds of thousands of machines. You know, I said two machines and sometimes millions of containers. And in these environments, lightweight is key. You want death, but you want overhead to be really meaningful and >>Okay, so a amusement park, a lot of diverse applications. So integration, I get that orchestration brings back the Kubernetes angle a little bit and Falco and per overhead and performance cloud scale. So all these things are working in favor. If I get that right, is that, am I getting that right? You get the cloud scale, you get the integration and open. >>Yeah, exactly. Any like ingredients over SEP, you know, and that, and with these ingredients, it's possible to bake a, a recipe to, to have a plate better, can be more usable, more effective and more efficient. That may be the place that we're doing in the previous direction. >>Oh, so I've got to ask you about Falco because it's come up a lot. We talked about it on our cube conversations already on the internet. Check that out. And a great conversation there. You guys have close to 40 million plus million downloads of, of this. You have also 80 was far gate integration, so six, some significant traction. What does this mean? I mean, what is it telling us? Why is this successful? What are people doing with Falco? I see this as a leading indicator, and I know you guys were sponsoring the project, so congratulations and propelled your business, but there's something going on here. What does this as a leading indicator of? >>Yeah. And for, for the audience, Falco is the runtime security tool of the cloud native generation such. And so when we, the Falco, we were inspired by previous generation, for example, network intrusion detection, system tools, and a post protection tools and so on. But we created essentially a unique tool that would really be designed for the modern paradigm of containers, cloud CIC, and salt and Falco essentially is able to collect a bunch of brainer information from your applications that are running in the cloud and is a religion that is based on policies that are driven by the community, essentially that allow you to detect misconfigurations attacks and normals conditions in your cloud, in your cloud applications. Recently, we announced that the extension of Falco to support a cloud infrastructure and time security by parsing cloud logs, like cloud trail and so on. So now Falba can be used at the same time to protect the workloads that are running in virtual machines or containers. >>And also the cloud infrastructure to give the audience a couple of examples, focused, able to detect if somebody is running a shelf in a radius container, or if somebody is downloading a sensitive by, from an S3 bucket, all of these in real time with Falco, we decided to go really with CR study. This is Degas was one of the team members that started it, but we decided to go to the community right away, because this is one other ingredient. We are talking about the ingredients before, and there's not a successful modern security tool without being able to leverage the community and empower the community to contribute to it, to use it, to validate and so on. And that's also why we contributed Falco to the cloud native computing foundation. So that Falco is a CNCF tool and is blessed by many organizations. We are also partnering with many companies, including Amazon. Last year, we released that far gate support for Falco. And that was done is a project that was done in cooperation with Amazon, so that we could have strong runtime security for the containers that are running in. >>Well, I've got to say, first of all, congratulations. And I think that's a bold move to donate or not donate contribute to the open source community because you're enabling a lot of people to do great things. And some people might be scared. They think they might be foreclosing and beneficial in the future, but in the reality, that is the new business model open source. So I think that's worth calling out and congratulations. This is the new commercial open source paradigm. And it kind of leads into my last question, which is why is security well-positioned to benefit from open source besides the fact that the new model of getting people enabled and getting scale and getting standards like you're doing, makes everybody win. And again, that's a community model. That's not a proprietary approach. So again, source again, big part of this. Why was security benefit from opensource? >>I am a strong believer. I mean, we are in a better, we could say we are in a war, right? The good guys versus the bad guys. The internet is full of bad guys. And these bad guys are coordinated, are motivated, are sometimes we'll find it. And we'll equip. We win only if we fight this war as a community. So the old paradigm of vendors building their own Eva towers, you know, their own self-contained ecosystems and that the us as users as, as, as customers, every many different, you know, environments that don't communicate with each other, just doesn't take advantage of our capabilities. Our strength is as a community. So we are much stronger against the big guys and we have a much better chance doing when this war, if we adopt a paradigm that allows us to work together. Think only about for example, I don't know, companies any to train, you know, the workforce on the security best practices on the security tools. >>It's much better to standardize on something, build the stack that is accepted by everybody and tell it can focus on learning the stack and becoming a master of the steak rounded rather than every single organization naming the different tool. And, and then B it's very hard to attract talent and to have the right, you know, people that can help you with, with your issues in, in, in, in, in, with your goals. So the future of security is going to be open source. I'm a strong believer in that, and we'll see more and more examples like Falco of initiatives that really start with, with the community and for the community. >>Like we always say an open, open winds, always turn the lights on, put the code out there. And I think, I think the community model is winning. Congratulations, Loris Dajani CTO and founder of SIS dig congratulatory success. And thank you for coming on the cube for the ADB startup showcase open cloud innovations. Thanks for coming on. Okay. Is the cube stay with us all day long every day with the cube, check us out the cube.net. I'm John furrier. Thanks for watching.