>> Hello and welcome to theCUBE's coverage of International Women's Day. I'm John Furrier, host of theCUBE. Got a variety of interviews across the gamut from topics, women in tech, mentoring, pipelining, developers, open source, executives. Stanford's having International Women's Day celebration with the women in data science, which we're streaming that live as well. Variety of programs. In this segment, Meagen Eisenberg, friend of theCUBE, she's the CMO of Laceworks, is an amazing executive, got a great journey story as a CMO but she's also actively advising startups, companies and really pays it forward. I want to say Meagen, thank you for coming on the program and thanks for sharing. >> Yeah, thank you for having me. I'm happy to be here. >> Well, we're going to get into some of the journey celebrations that you've gone through and best practice what you've learned is pay that forward. But I got to say, one of the things that really impresses me about you as an executive is you get stuff done. You're a great CMO but also you're advised a lot of companies, you have a lot of irons in the fires and you're advising companies and sometimes they're really small startups to bigger companies, and you're paying it forward, which I love. That's kind of the spirit of this day. >> Yeah, I mean, I agree with you. When I think about my career, a lot of it was looking to mentors women out in the field. This morning I was at a breakfast by Eileen and we had the CEO of General Motors on, and she was talking about her journey nine years as a CEO. And you know, and she's paying it forward with us. But I think about, you know, when you're advising startups, you know, I've gathered knowledge and pattern recognition and to be able to share that is, you know, I enjoy it. >> Yeah. And the startups are also fun too, but it's not always easy and it can get kind of messy as you know. Some startups don't make it some succeed and it's always like the origination story is kind of rewritten and then that's that messy middle. And then it's like that arrows that don't look like a straight line but everyone thinks it's great and you know, it's not for the faint of heart. And Teresa Carlson, who I've interviewed many times, former Amazon, now she's the president of Flexport, she always says, sometimes startups on certain industries aren't for the faint of heart so you got to have a little bit of metal, right? You got to be tough. And some cases that you don't need that, but startups, it's not always easy. What have you learned? >> Yeah, I mean, certainly in the startup world, grit, creativity. You know, when I was at TripActions travel company, pandemic hits, nobody's traveling. You cut budget, you cut heads, but you focus on the core, right? You focus on what you need to survive. And creativity, I think, wins. And, you know, as a CMO when you're marketing, how do you get through that noise? Even the security space, Lacework, it's a fragmented market. You've got to be differentiated and position yourself and you know, be talking to the right target audience and customers. >> Talk about your journey over the years. What have you learned? What's some observations? Can you share any stories and best practices that someone watching could learn from? I know there's a lot of people coming into the tech space with the generative AI things going on in Cloud computing, scaling to the edge, there's a lot more aperture for technical jobs as well as just new roles and new roles that haven't, you really don't go to college for anymore. You got cybersecurity you're in. What are some of the things that you've done over your career if you can share and some best practices? >> Yeah, I think number one, continual learning. When I look through my career, I was constantly reading, networking. Part of the journey is who you're meeting along the way. As you become more senior, your ability to hire and bring in talent matters a lot. I'm always trying to meet with new people. Yeah, if I look at my Amazon feed of books I've bought, right, it kind of chronicle of my history of things I was learning about. Right now I'm reading a lot about cybersecurity, how the, you know, how how they tell me the world ends is the one I'm reading most recently. But you've got to come up to speed and then know the product, get in there and talk to customers. Certainly on the marketing front, anytime I can talk with the customer and find out how they're using us, why they love us, that, you know, helps me better position and differentiate our company. >> By the way, that book is amazing. I saw Nicole speak on Tuesday night with John Markoff and Palo Alto here. What a great story she told there. I recommend that book to everyone. It goes in and she did eight years of research into that book around zero day marketplaces to all the actors involved in security. And it was very interesting. >> Yeah, I mean, it definitely wakes you up, makes you think about what's going on in the world. Very relevant. >> It's like, yeah, it was happening all the time, wasn't it. All the hacking. But this brings me, this brings up an interesting point though, because you're in a cybersecurity area, which by the way, it's changing very fast. It's becoming a bigger industry. It's not just male dominated, although it is now, it's still male dominated, but it's becoming much more and then just tech. >> Yeah, I mean it's a constantly evolving threat landscape and we're learning, and I think more than ever you need to be able to use the data that companies have and, you know, learn from it. That's one of the ways we position ourselves. We're not just about writing rules that won't help you with those zero day attacks. You've got to be able to understand your particular environment and at any moment if it changes. And that's how we help you detect a threat. >> How is, how are things going with you? Is there any new things you guys got going on? Initiatives or programs for women in tech and increasing the range of diversity inclusion in the industry? Because again, this industry's getting much wider too. It's not just specialized, it's also growing. >> Yes, actually I'm excited. We're launching secured by women, securedbywomen.com and it's very much focused on women in the industry, which some studies are showing it's about 25% of security professionals are women. And we're going to be taking nominations and sponsoring women to go to upcoming security events. And so excited to launch that this month and really celebrate women in security and help them, you know, part of that continual learning that I talked about, making sure they're there learning, having the conversations at the conferences, being able to network. >> I have to ask you, what inspired you to pursue the career in tech? What was the motivation? >> You know, if I think way back, originally I wanted to be on the art side and my dad said, "You can do anything as long as it's in the sciences." And so in undergrad I did computer science and MIS. Graduated with MIS and computer science minor. And when I came out I was a IT engineer at Cisco and you know, that kind of started my journey and decided to go back and get my MBA. And during that process I fell in love with marketing and I thought, okay, I understand the buyer, I can come out and market technology to the IT world and developers. And then from there went to several tech companies. >> I mean my father was an engineer. He had the same kind of thing. You got to be an engineer, it's a steady, stable job. But that time, computer science, I mean we've seen the evolution of computer science now it's the most popular degree at Berkeley we've heard and around the world and the education formats are changing. You're seeing a lot of people's self-training on YouTube. The field has really changed. What are some of the challenges you see for folks trying to get into the industry and how would you advise today if you were talking to your young self, what would you, what would be the narrative? >> Yeah, I mean my drawback then was HTML pages were coming out and I thought it would be fun to design, you know, webpages. So you find something you're passionate about in the space today, whether it's gaming or it's cybersecurity. Go and be excited about it and apply and don't give up, right? Do whatever you can to read and learn. And you're right, there are a ton of online self-help. I always try to hire women and people who are continual learners and are teaching themselves something. And I try to find that in an interview to know that they, because when you come to a business, you're there to solve problems and challenges. And the folks that can do that and be innovative and learn, those are the ones I want on my team. >> It's interesting, you know, technology is now impacting society and we need everyone involved to participate and give requirements. And that kind of leads my next question for you is, like, in your opinion, or let me just step back, let me rephrase. What are some of the things that you see technology being used for, for society right now that will impact people's lives? Because this is not a gender thing. We need everybody involved 'cause society is now digital. Technology's pervasive. The AI trends now we're seeing is clearly unmasking to the mainstream that there's some cool stuff happening. >> Yeah, I mean, I think ChatGPT, think about that. All the different ways we're using it we're writing content and marketing with it. We're, you know, I just read an article yesterday, folks are using it to write children's stories and then selling those stories on Amazon, right? And the amount that they can produce with it. But if you think about it, there's unlimited uses with that technology and you've got all the major players getting involved on it. That one major launch and piece of technology is going to transform us in the next six months to a year. And it's the ability to process so much data and then turn that into just assets that we use and the creativity that's building on top of it. Even TripActions has incorporated ChatGPT into your ability to figure out where you want when you're traveling, what's happening in that city. So it's just, you're going to see that incorporated everywhere. >> I mean we've done an interview before TripAction, your other company you were at. Interesting point you don't have to type in a box to say, I'm traveling, I want a hotel. You can just say, I'm going to Barcelona for Mobile World Congress, I want to have a good time. I want some tapas and a nice dinner out. >> Yes. Yeah. That easy. We're making it easy. >> It's efficiency. >> And actually I was going to say for women specifically, I think the reason why we can do so much today is all the technology and apps that we have. I think about DoorDash, I think about Waze you know, when I was younger you had to print out instructions. Now I get in the car real quick, I need to go to soccer practice, I enter it, I need to pick them up at someone's house. I enter it. It's everything's real time. And so it takes away all the things that I don't add value to and allows me to focus on what I want in business. And so there's a bunch of, you know, apps out there that have allowed me to be so much more efficient and productive that my mother didn't have for sure when I was growing up. >> That is an amazing, I think that actually illustrates, in my opinion, the best example of ChatGPT because the maps and GPS integration were two techs, technologies merged together that replace driving and looking at the map. You know, like how do you do that? Like now it's automatically. This is what's going to happen to creative, to writing, to ideation. I even heard Nicole from her book read said that they're using ChatGPT to write zero day exploits. So you seeing it... >> That's scary stuff. You're right. >> You're seeing it everywhere. Super exciting. Well, I got to ask you before you get into some of the Lacework things that you're involved with, cause I think you're doing great work over there is, what was the most exciting projects you've worked on in your career? You came in Cisco, very technical company, so got the technical chops, CSMIS which stands for Management of Information Science for all the young people out there, that was the state of the art back then. What are some of the exciting things you've done? >> Yeah, I mean, I think about, I think about MongoDB and learning to market to developers. Taking the company public in 2017. Launching Atlas database as a service. Now there's so much more of that, you know, the PLG motion, going to TripActions, you know, surviving a pandemic, still being able to come out of that and all the learnings that went with it. You know, they recently, I guess rebranded, so they're Navan now. And then now back in the security space, you know, 14 years ago I was at ArcSite and we were bought by HP. And so getting back into the security world is exciting and it's transformed a ton as you know, it's way more complicated than it was. And so just understanding the pain of our customers and how we protect them as is fun. And I like, you know, being there from a marketing standpoint. >> Well we really appreciate you coming on and sharing that. I got to ask you, for folks watching they might be interested in some advice that you might have for them and their career in tech. I know a lot of young people love the tech. It's becoming pervasive in our lives, as we mentioned. What advice would you give for folks watching that want to start a career in tech? >> Yeah, so work hard, right? Study, network, your first job, be the best at it because every job after that you get pulled into a network. And every time I move, I'm hiring people from the last job, two jobs before, three jobs before. And I'm looking for people that are working hard, care, you know, are continual learners and you know, add value. What can you do to solve problems at your work and add value? >> What's your secret networking hack or growth hack or tip that you can share? Because you're a great networker by the way. You're amazing and you do add a lot of value. I've seen you in action. >> Well, I try never to eat alone. I've got breakfast, I've got lunch, I've got coffee breaks and dinner. And so when I'm at work, I try and always sit and eat with a team member, new group. If I'm out on the road, I'm, you know, meeting people for lunch, going for dinner, just, you know, don't sit at your desk by yourself and don't sit in the hotel room. Get out and meet with people. >> What do you think about now that we're out of the pandemic or somewhat out of the pandemic so to speak, events are back. >> Yes. >> RSA is coming up. It's a big event. The bigger events are getting bigger and then the other events are kind of smaller being distributed. What's your vision of how events are evolving? >> Yeah, I mean, you've got to be in person. Those are the relationships. Right now more than ever people care about renewals and you are building that rapport. And if you're not meeting with your customers, your competitors are. So what I would say is get out there Lacework, we're going to be at RSA, we're going to be at re:Inforce, we're going to be at all of these events, building relationships, you know, coffee, lunch, and yeah, I think the future of events are here to stay and those that don't embrace in person are going to give up business. They're going to lose market share to us. >> And networking is obviously very key on events as well. >> Yes. >> A good opportunity as always get out to the events. What's the event networking trick or advice do you give folks that are going to get out to the networking world? >> Yeah, schedule ahead of time. Don't go to an event and expect people just to come by for great swag. You should be partnering with your sales team and scheduling ahead of time, getting on people's calendars. Don't go there without having 100 or 200 meetings already booked. >> Got it. All right. Let's talk about you, your career. You're currently at Lacework. It's a very hot company in a hot field, security, very male dominated, you're a leader there. What's it like? What's the strategies? How does a woman get in there and be successful? What are some tricks, observations, any data you can share? What's the best practice? What's the secret sauce from Meagen Eisenberg? >> Yes. Yeah, for Meagen Eisenberg. For Lacework, you know, we're focused on our customers. There's nothing better than getting, being close to them, solving their pain, showcasing them. So if you want to go into security, focus on their, the issues and their problems and make sure they're aware of what you're delivering. I mean, we're focused on cloud security and we go from build time to run time. And that's the draw for me here is we had a lot of, you know, happy, excited customers by what we were doing. And what we're doing is very different from legacy security providers. And it is tapping into the trend of really understanding how much data you have and what's happening in the data to detect the anomalies and the threats that are there. >> You know, one of the conversations that I was just having with a senior leader, she was amazing and I asked her what she thought of the current landscape, the job market, the how to get promoted through the careers, all those things. And the response was interesting. I want to get your reaction. She said interdisciplinary skills are critical. And now more than ever, the having that, having a set of skills, technical and social and emotional are super valuable. Do you agree? What's your reaction to that and what would, how would you reframe that? >> Yeah, I mean, I completely agree. You can't be a leader without balance. You've got to know your craft because you're developing and training your team, but you also need to know the, you know, how to build relationships. You're not going to be successful as a C-level exec if you're not partnering across the functions. As a CMO I need to partner with product, I need to partner with the head of sales, I need to partner with finance. So those relationships matter a ton. I also need to attract the right talent. I want to have solid people on the team. And what I will say in the security, cybersecurity space, there's a talent shortage and you cannot hire enough people to protect your company in that space. And that's kind of our part of it is we reduce the number of alerts that you're getting. So you don't need hundreds of people to detect an issue. You're using technology to show, you know, to highlight the issue and then your team can focus on those alerts that matter. >> Yeah, there's a lot of emerging markets where leveling up and you don't need pedigree. You can just level up skill-wise pretty quickly. Which brings me to the next question for you is how do you keep up with all the tech day-to-day and how should someone watching stay on top of it? Because I mean, you got to be on top of this stuff and you got to ride the wave. It's pretty turbulent, but it's still growing and changing. >> Yeah, it's true. I mean, there's a lot of reading. I'm watching the news. Anytime something comes out, you know, ChatGPT I'm playing with it. I've got a great network and sharing. I'm on, you know, LinkedIn reading articles all the time. I have a team, right? Every time I hire someone, they bring new information and knowledge in and I'm you know, Cal Poly had this learn by doing that was the philosophy at San Luis Obispo. So do it. Try it, don't be afraid of it. I think that's the advice. >> Well, I love some of the points you mentioned community and network. You mentioned networking. That brings up the community question, how could people get involved? What communities are out there? How should they approach communities? 'Cause communities are also networks, but also they're welcoming people in that form networks. So it's a network of networks. So what's your take on how to engage and work with communities? How do you find your tribe? If someone's getting into the business, they want support, they might want technology learnings, what's your approach? >> Yeah, so a few, a few different places. One, I'm part of the operator collective, which is a strong female investment group that's open and works a lot with operators and they're in on the newest technologies 'cause they're investing in it. Chief I think is a great organization as well. You've got a lot of, if you're in marketing, there's a ton of CMO networking events that you can go to. I would say any field, even for us at Lacework, we've got some strong CISO networks and we do dinners around you know, we have one coming up in the Bay area, in Boston, New York, and you can come and meet other CISOs and security leaders. So when I get an invite and you know we all do, I will go to it. I'll carve out the time and meet with others. So I think, you know, part of the community is get out there and, you know, join some of these different groups. >> Meagen, thank you so much for spending the time. Final question for you. How do you see the future of tech evolving and how do you see your role in it? >> Yeah, I mean, marketing's changing wildly. There's so many different channels. You think about all the social media channels that have changed over the last five years. So when I think about the future of tech, I'm looking at apps on my phone. I have three daughters, 13, 11, and 8. I'm telling you, they come to me with new apps and new technology all the time, and I'm paying attention what they're, you know, what they're participating in and what they want to be a part of. And certainly it's going to be a lot more around the data and AI. I think we're only at the beginning of that. So we will continue to, you know, learn from it and wield it and deal with the mass amount of data that's out there. >> Well, you saw TikTok just got banned by the European Commission today around their staff. Interesting times. >> It is. >> Meagen, thank you so much as always. You're a great tech athlete. Been following your career for a while, a long time. You're an amazing leader. Thank you for sharing your story here on theCUBE, celebration of International Women's Day. Every day is IWD and thanks for coming on. >> Thank you for having me. >> Okay. I'm John Furrier here in theCUBE Studios in Palo Alto. Thank you for watching, more to come stay with us. (bright music)

(rousing music) >> Hello everyone. Welcome back to "theCUBE's" day one coverage of Cloud Native Security Con 23. This is going to be an exciting panel. I've got three great guests. I'm Lisa Martin, you know our esteemed analysts, John Furrier, and Dave Vellante well. And we're excited to welcome to "theCUBE" for the first time, Yves Sandfort, the CEO of Comdivision Group, who's coming to us from Germany. As you know, Cloud Native Security Con is a global event. Everyone welcome Yves, great to have you in particular. Welcome to "theCUBE." >> Great to be here. >> Thank you for inviting me. >> Yves, tell us a little bit, before we dig into really wanting to understand your perspectives on the event and get Dave and John's feedback as well, tell us a little bit about you. >> So yeah, talking about me, or talking about Comdivision real quick. We are in the business for over 27 years already. We started as a SaaS company, then became more like an architecture and, and Cloud Native company over the last few years. But what's interesting is, and I think that's, that's, that's really interesting when we look at our industry. It hasn't really, the requirements haven't really changed over the years. It's still security. We still have to figure out how we deal with security. We still have to figure out how we deal with compliance and everything else. And I think therefore, it's more and more important that we take these items more seriously. Also, based on the fact that when we look at it, how development and other things happen nowadays, it's, it's, everybody says it's like open source. It's great because everybody can look into the code. We, I think the last few years have shown us enough example that that's not necessarily solving all the issues, but it's also code and development has changed rapidly when we look at the Cloud Native approach, where it's far more about gluing the pieces together, versus the development pieces. When I was actually doing software development 25 years ago, and had to basically build my code because I didn't have that much internet access for it. So it has evolved, but even back then we had to deal with security and everything. >> Right. The focus on security is, is incredibly important, and the focus keeps growing as you mentioned. This is, guys, and I want to get your perspectives on this. We're going to start with John. This is the first time Cloud Native Security Con is its own event being extracted from, and amplified from KubeCon. John, I want to understand from your perspective, break down the event, what you see, what you've heard, and Cloud Native Security in general. What does this mean to companies? What does it mean to customers? Is this a reality? >> Well, I think that's the topic we want to discuss, and I think Yves background, you see the VMware certification, I love that. Because what VMware did with virtualization, was abstract that from server virtualization, kind of really changed the game on things, and you start to see Cloud Native kind of go that next level of how companies will be operating their business, not just digital transformation, as digital transformation goes to completion, it's total business transformation where IT is everywhere. And so you're starting to see the trends where, "Okay, that's happening." Now you're starting to see, that's Cloud Native Con, or KubeCon, AWS re:Invent, or whatever show, or whatever way you want to look at it. But in, in the past decade, past five years, security has always been front and center as almost a separate thing, and, in and of itself, but the same thing. So you're starting to see the breakout of security conversations around how to make things work. So a lot of operational conversations around what used to be DevOps makes infrastructure as code, and that was great, that fueled that. Then DevSecOps came. So the Cloud Native next level, is more application development at scale, developers driving the standards with developer first thinking, shifting left, I get all that. But down in the lower ends of the stack, you got real operational issues. DNS we've heard in the keynote, we heard about the Colonel, the Lennox Colonel. Things that need to be managed and taken care of at a security level. These are like, seem like in the weeds, but you're starting to see that happen. And the other thing that I think's real about Cloud Native Security Con that's going to be interesting to watch, is Amazon has pretty much canceled all their re:Invent like shows except for two; Re:Invent, which is their annual conference, and Re:Inforce, which is dedicated to securities. So Cloud Native, Linux, the Linux Foundation has now breaking out Cloud Native Con and KubeCon, and now Cloud Native Security Con. They can't call it KubeCon because it's not Kubernetes, but it's like security focus. I think this is the beginning of starting to see this new developer driving, developers driving the standards, and it has it implications, what used to be called IT ops, and that's like the VMwares of the world. You saw all the stuff that was not at developer focus, but more ops, becoming much more in the application. So I think, I think it's real. The question is where does it go? How fast does it develop? So to me, I think it's a real trend, and it's worthy of a breakout, but it's not yet clear of where the landing zone is for people to start doing it, how they get started, what are the best practices. Machine learning's going to be a big part of this. So to me it's totally cool, but I'm not yet seeing the beachhead. So that's kind of my take. >> Dave, our inventor and host of breaking analysis, what's your take? >> So when you, I think when you zoom out, there's some, there's a big macro change that's been going on. I think when you look back, let's say 10, 12 years ago, the, the need for speed far trumped the, the, the security aspect, the governance, the data privacy. It was like, "Yeah, the risks, they're not that great compared to our opportunity." That has completely changed because the risks are now so much higher. And so what's happening, I think there's a, there's a major effort amongst CIOs and CISOs to try to make security not a blocker because it use to be, it still is. "Okay, I got this great initiative." Eh, give it to the SecOps pros, and let them take it for a while before we can go to market. And so a huge challenge now is to simplify, automate, AI comes in, the whole supply chain security, so the, so the companies can not be facing so much friction. And that is non-trivial. I don't think we're anywhere close there, but I think the goal is by, within the next several years, we're going to be in a position, that security, we heard today, is, wasn't designed in to the initial internet protocols. It was bolted on. And so increasingly, the fundamental architecture of the internet, the Cloud, et cetera, is, is seeing designed in security, and, and that is an imperative, or else business is going to come to a grinding halt. >> Right. It's no longer, the bolt no longer works. Yves, what's your perspective on Cloud Native Security, where it stands today? What's in it for customers, whether we're talking about banks, or hospitals, or retailers, what do you think? >> I think when we, when we look at security in the, in the modern world, is we need to as, as Dave mentioned, we need to rethink how we apply it. Very often, security in the past has been always bolted on in the end. If we continue to do that, it'll become more and more difficult, because as companies evolve, and as companies want to bring products and software to market in a much faster and faster way, it's getting more and more difficult if we bolt on the security process at the end. It's like, developers build something and then someone checks security. That's not going to work any longer. Especially if we also consider now the changes in the industry. We had Stack Overflow over the last 10 years. If I would've had Stack Overflow 15, 20, what, 25 years ago when I was a developer, it would've changed a hell lot. Looking at it now, and looking at it what we had in the last few weeks, it's like where nearly all of my team members say is like finally I don't need any script kiddies anymore because I can't go to (indistinct) who writes the code for me. Which is on one end great, because it enables us to solve certain problems in a much higher pace. But the challenge with that is, if the people who just copy and past that code, don't understand the implications of that code, we have a much higher risk continuously. And what people thought was, is challenging with Stack Overflow. Imagine that something in one of these AI engines, is actually going ballistic, and it creates holes in nearly every one of these applications. And trust me, there will be enough developers who are going to use these tools to develop codes, the same as students in university are going to take this to write their essays and everything else. And so it's really important that every developer team basically has a security person within their team, and not a security at the end. So we build something, we check it, go through QA, and then it goes to security. Security needs to be at the forefront. And I think that's where we see Cloud Native Security Con, where we see AWS. I saw it during re:Invent already where they said is like, we have reinforced next year. I think this becomes more and more of a topic, and I think companies, as much as it is become a norm that you have a firewall and everything else, it needs to become a norm that when you are doing software development, and every development team needs to have a security person on that needs to be trained. >> I love that chat comment Dave, 'cause you and I were talking about this. And I think that is going to be the issue. Do we need security chat for the chat bot? And there's like a, like a recursive model there. The biases are built in. I think, and I think our interview with the Palo Alto Network's co-founder, Dave, when he talked about zero trust as a structured way to start things, but he was referencing that with Cloud, there's a chance to rethink or do a do-over in security. So, I think this is kind of to me, where this is all going. And I think you asked Pat Gelsinger what, year 2013, 2014, can, is security a do over? I think we're in that do over time. >> He said yes. >> He said yes. (laughing) He was right. But yeah, eight years later... But this is, how do you, zero trust gives you some structure, but how do you organize and redo security? Because to me, I think that's what's happening here. >> And John you heard, Zuk at Palo Alto Network said, "Yeah, the, the words security and architecture, they don't go together historically." And so it is a total, total retake. >> Well is that because there's too many tools out there and- >> Yeah. For sure. >> Yeah, well, first of all, a lot of hardware. And then yeah, a lot of tools. You even see IIOT and industry 40, you see IOT security coming up as another stove pipe, and that's not the right approach. And, and so- >> Well let me, let me ask you a question Dave, and Yves, if you don't mind. 'Cause I was just riffing on this yesterday about this. In the ML space, you're seeing the ML models, you're seeing proprietary models versus open source. Is security going to go down this proprietary security methods and open source? Because that's interesting, because the CNCF is run by the the Linux Foundation. So you can almost maybe see a model where there's more proprietary security methods than open source. Or is it, is that a non-issue? >> I would, I would, let me, if I, if I jump in here first, I think the last, especially last five or 10 years have clearly shown the, the whole and, and I invested early on in the, in the end 90s in several open source startups in the Bay area. So, I'm well behind the whole open source idea and, and mid (indistinct) and others back then several times. But the point is, I think what we have seen is open source is not in general, more secure or less secure, because code is too complex nowadays. You have millions of lines of code, and it's not that either one way or the other is going to solve it. The ways I think we are going to look at it is more is what's the role to market, because only because something is open source doesn't necessarily mean it's going to be available for everyone. And the same for proprietary source from that perspective, even though everybody mixes licensing and payments and all that all the time, but it doesn't necessarily have anything to do with it. But I think as we are going through it, and when we also look at the industry, security industry over the last 10 plus years has been primarily hardware focused. And a lot of these vendors have done a good business out of selling hardware boxes, putting software on top of it. Whereas in reality, those were still X86 standard boxes in the end. So it was not that we had specific security ethics or anything like that in there anymore. And so overall, the question of the market is going to change. And as we are looking into Cloud Native, think about someone like an AWS, do you really envision them to have a hardware box of every supplier in their data center, and that in every availability zone in every region? Same for Microsoft, same for Google, etc? So we need to have new ways on how we can apply security. And that applies both on the backend services, but also on the front end side. >> And if I, and if I could chime in, I think the, the good, I think the answer is, is, is no and yes. And what I mean by that is if you take, antivirus and known malware, I mean pretty much anybody today can, can solve that problem, it's the unknown malware. So I think the yes part of the answer is yes, it's, it's going to be proprietary, but in the sense we're going to use open source tooling, and then apply that in a proprietary way with, with specific algorithms and unique architectures that are going to solve problems. For example, XDR with, with unknown malware. So, and that's the, that's the hard part. As somebody said, I think this morning at the keynote, it's, it's all the stuff that, that the SecOps team couldn't find. That's the really hard part. >> (laughs) Well the question will be will, is the new IP, the ability to feed ChatGPT some magical spelled insertion query string that does the job, that's unique, that might be the new IP, the the question to ask. >> Well, that's what the hackers are going to do. And I, they're on offense. (John laughs) And the offense knows what play is coming. So, they're going to start. >> So guys, let's take this conversation up a level. I want to get your perspectives on what's in this for me as a customer? We know security is a board level conversation. We talk about this all the time. We also know that they're based on, I think David, was the conversations that you and I had, with Palo Alto Networks at Ignite in December. There's a, there's a lack of alignment between the executives and the board from a security perspective. When we talk about Cloud Native Security, we all talked about the value in that, what's in it for customers? I want to get your perspectives on should this be a board level conversation, and if so, how do you advise organizations, whether it is a hospital, or a bank, or an organization that is really affected by things like ransomware? How should they be thinking about this from an organizational perspective? >> Well, I'll start first, because we had this conversation during our Super Cloud event last month, and this comes up a lot. And this is, the CEO board level. Yes it is a board level conversation for security, as is application development as in terms of transforming their business to be competitive, not to be on the wrong side of history with this wave coming. So I think that's more of a management. But the issue is, they tell their people, "Go do it." And they're like, 'cause they get sold on the idea of, "Hey, won't you transform your business, and everything's going to be data driven, and machine learning's going to power your apps, get new customers, be profitable." "Oh, sign me up for that." When you have to implement this, it's really hard. And I think the core issue is, where are companies in their life cycle of the ability to execute and architect this thing properly as Dave said, Nick Zuk said, "You can't have architecture and security, you need platforms." So, I think the re-platforming, and the re-factoring of business is a big factor, and that's got to get down into the, the organizational shifts and the people to do it. So are there skills? Do I do a managed service? How do I architect it? Are there more services? Are there developers doing applications that are going to be more agile? So, this is not an easy thing. And to move a business from IT operations that is proven, to be positioned for this enablement, is just really difficult. And it's expensive. And if you screw it up, you could be, could be on the wrong side of things. So, to me, that's the big issue is, you sell the dream and then you got to implement it. And that's really difficult. >> Yves, give us your perspective on, based on John's comments, how do organizations shift so dramatically? There's a cultural element there as well, but there's also organizations that are, have competitive competitors in the rear view mirror, and there's time to waste. What are your thoughts on that? >> I think that's exactly the point. It's like, as an organization, you need to take the decision between the time, the risk, and all the other elements we have into this game. Because you can try to achieve 100% security, but that's exactly the same as trying to, to protect gold or anything else 100%. It's most likely not going to be from a risk perspective anyway sensible. And that's the same from a corporational perspective. When you look at building new internet services, or IOT services, or any kind of new shopping experience or whatever else, you need to balance out between the risks and the advantages out of it. And you also need to be accepting that you potentially on the way make mistakes, but then it's more important than ever that you are able to quickly fix any mistakes, and to adjust to anything what's happening in the market. Because as we are building all these new Cloud Native applications, and build up all these skill sets, one of the big scenarios is we are far more depending on individual building blocks. These building blocks come out of open source communities, which have a much different way. When we look back in software development, back then we had application servers from Oracle, Web Logic, whatsoever, they had a release cycles of every three to six months. As now we have to deal with open source, where sometimes release cycles are on a four week schedule, in between security patches. So you need to be much faster in adopting that, checking that, implementing that, getting things to work. So there is a security stretch from that perspective. There is a speech stretch on the other thing companies have to deal with, and on the other side it's always a measurement between the risk, and the security you can afford. Because reality is, you will not be 100% protected no matter what you do. So, you need to balance out what you as an organization can actually build on. But I think, coming back also to the point, it's on the bot level nowadays. It's like nearly every discussion we have with companies nowadays as they move into the Cloud, especially also here in Europe where for the last five years, it was always, it's like "It's data privacy." Data privacy is no longer, I mean, yes, for certain people, it's still the point, but for many more people it's like, "How protected is my data?" "What do we do in case of ransomware attack?" "What do we do in case of a denial of service?" All of these things become more vulnerable, where in the past you were discussing these things with a becking page, or, or like a stock exchange. They were, it's like, "What the hell is going to happen if we have a denial of service?" Now all of the sudden, this now affects nearly everyone in their storefronts and everything else, because everything is depending on it. >> Yeah, I think you're right on. You think about how cultural change occurs, it's bottom ups or, bottom up, top down or middle out. And what, what's happened with security is the people in the security team cared about it, they were the, everybody said, "Oh, it's their problem." And then it just did an end run to the board, kind of mid, early last decade. And then the board sort of pushed that down. And the line of business is realizing, "Holy cow. My business, my EBIT can be dramatically affected by this, so I care." Now it's this whole house, cultural team sport. I know it's sort of a, a cliche, but it, it's true. Everybody actually is beginning to care about security because the risks are now so high, and it's going to affect not only the bottom line of the company, the bottom line of the business, their job, it's, it's, it's virtually everywhere. It's a huge cultural shift that we're seeing. >> And that's a big challenge for organizations in any industry. And Yves, you talked about ransomware service. Every industry across the globe is vulnerable to this. But how can, maybe John, we'll start with you. How can Cloud Native Security help organizations if they're able to embrace it, operationally, culturally, dial down some of the vulnerabilities that just seem to keep growing? >> Well, I mean that's the big question. The breaches are, are critical. The governances also could be a way that anchors down growth. So I think the balance between the governance compliance piece of it is key, but making the developers faster and more productive is the key to me. And I think having the security paradigm where they're not blockers, as Dave said, is critical. So I love the whole shift left, but now that we have more data focused initiatives around how that, you can use data to understand the security issues, I think data and security are together, and I think there's a going to be a data operating system model emerging, where data and security will be almost one thing. And that will be set up by the security teams, and the data teams together. And that will feed guardrails into the developer environment. So the developer should feel no pain at all in doing this. So I think the best practice will end up being what we're seeing with supply chain, security, with making sure code's verified. And you're going to see the container, security side completely address has been, and KubeCon, we just, I asked Scott Johnson, the CEO of Docker, and I asked him directly, "Are you guys all tight on container security?" He said, yes, but other people are suggesting that's not true. There's a lot of issues with the container security. So, there's all kinds of areas where there's holes. So Cloud Native is cool on one hand, and very relevant, but if it's not shored up, it's going to be a problem. But I, so I think that's where the action will be, at the developer pipeline, in the containers, and the data. So, that will be very relevant, and if companies nail that, they'll be faster, they'll have better apps, and that'll be the differentiator. And again, if they don't on this next wave, they're going to be driftwood. >> Dave, how do they prevent becoming driftwood? >> Well, I think Cloud has had a huge impact. And a Cloud's by no means a panacea, but let's face it, it's dramatically improved a lot of companies security posture. Now there's still that shared responsibility. Even though an S3 bucket is encrypted, it's still your responsibility to make sure that it doesn't get decrypted by somebody who has access to it. So there are things like that, but to Yve's earlier point, that can be, that's done through software now, it's done through best practices. Those best practices can be shared. So the way you, you don't become driftwood, is you start to, you step back, rethink that security architecture as we were talking about earlier, take advantage of the Cloud, take advantage of Cloud Native, and all the, the rapid pace of innovation that's occurring there, and you don't use, it's called before, The audit is the last line of defense. That's no longer a check box item. "Oh yeah, we're in compliance." It's, this is a business imperative, and because we're going to reduce our expected loss and reduce our business risk. That's part of the business case today. >> Yeah. >> It's a huge, critically important part of the business case. Yves, question for you. If you're in an elevator with a CEO, a CFO, and a CISO, and they're talking about security and Cloud Native Security, what's your value proposition to them on a, on a say a 32nd elevator ride? >> Difficult story. I think at the moment, the most important part is, we need to get people to work together, and we need to train people to work more much better together. I think that's the overall most important part for all of these solutions, because in the end, security is always a person issue. If, we can have the best tools in the industry, as long as we don't get all of these teams to work together, then we have a problem. If the security team is always seen as the end of the solution to fix everything, that's not going to work because they always are the bad guys in the game. And so we need to bring the teams together. And once we have the teams work together, I think we have a far better track on, on maintaining security. >> John and Dave, I want to get your perspectives on what Yves just said. In all the experience that the two of you have as industry analysts here on "theCUBE," Wikibon, Siliconangle Media. How do you advise organizations to get those teams together? As Eve said, that alignment is critical, but John, we'll start with you, then Dave go to you. What's your advice for organizations that need to align those teams and really don't have a lot of time to wait to do it? >> (chuckling) That's a great question. I think, I think that's everyone pays hundreds of thousands of millions of dollars to get that advice from these consultants, organizations out there doing the transformations. But I think it comes down to personnel and commitment. I think if there's a C-level commitment to the effort, you'll see the institutional structure change. So you can see really getting behind it with their, with their wallet and their, and their support of either getting more personnel to support and assist, or manage services, or giving the power to the teams to execute and doing it in a way that, that's, that's well known and best practices. Start small, build out the pilots, build the platform, and then start getting it right. And I think that's the key. Not the magic wand, the old model of rolling out stuff in, in six month cycles. It's really, get the proof points, double down and change the culture, but also execute and have real metrics. And changing the architecture, like having more penetration tests as a service. Doing pen tests is like a joke now. So that doesn't make any sense. You got to have that built in almost every day, and every minute. So, these kinds of new techniques have to be implemented and have to be tried. So that's why these communities are growing. That's why I like what open source has been doing, and I like the open source as the place to have these conversations, because that's where the action will be for new stuff. And I think people will implement open source like they did before, but with different ways, better testing, better supply chain on the software side, verifying code. So, I see open source actually getting a tailwind from this, not a headwind. So, I'm bullish on the open source piece here on, on all levels, machine learning- >> Lisa, my answer is intramural sports. And it's 'cause I think it's cultural. And what I mean by that, is you take your your best and brightest security, and this is what frankly, a lot of CISOs do, an examples is Lena Smart, MongoDB. Take your best and brightest security pros, make them captains of the intramural teams, and pair them up with pods of individuals across the organization, which is most people who don't know anything about security, and put them together, so that they can, they, so that the folks that understand security can, can realize how little people know, what, what, what, how, what the worst practices that are out there in the reverse, how they can cross pollinate. And they do that on a regular basis, I know at Mongo and other companies. And that kind of cultural assimilation is a starting point for how you get security awareness up to your question around making it a team sport. >> Absolutely critical. Yves, I want to kind of wrap things with you. We've got a couple of minutes left. When you're really looking at the Cloud Native community, the growth of it, we talked about earlier in the program, Cloud Native Security Con being now extracted and elevated out of KubeCon, what are your thoughts on the groundswell that this community is generating around Cloud Native Security, the benefits that organizations will achieve from it? >> I think overall, when we have these securities conferences, or these security arms a bit spread out and separated out of the main conference, it helps to a certain degree, because especially in the security space, when you look at at other like black hat or white hat conferences and things like that in the past, although they were not focused on Cloud Native, a lot of these security folks didn't feel well taken care of in any of the other conferences because they were always these, it's like they are always blocking us, they're always making us problems, and all these kinds of things. Now that we really take the Cloud Native piece and the security piece together, or like AWS does it with re:Inforce, I think we will see more and more that people understand is that security is a permanent topic we need to cover, but we need to bring different people together, because security also has compliance and a lot of other components in there. So we will see at these conferences moving forward, also a different audience. It's not going to be only the Cloud Native developers. And if I see some of these security audiences, I can't really imagine them to really be at KubeCon because there is too much other things going on. And you couldn't really see much of that at re:Invent because re:Invent by itself has become a complete monster of a conference. It covers too many topics. And so having this very, very important security piece separated, also gives the opportunity, I think, that we can bring in the security people, but also have the type of board level discussions potentially, between the leaders of the industry, to also discuss on how we can evolve, how we can make things better, and how, how we can actually, yeah, evolve our industry for it. Because let's face it, that threat is not going to go away. It's, it's a business. And one of the last security conferences I was on, on the ransomware part, it was one of the topics someone said is like, "Look, currently on average, it takes a hacker group roughly around they said 15 to 20 K to break into a company, and they on average make 100K. It's a business, let's face it. And it's a business we don't like. And ethically, it's no discussion that this is not good, but that's something which is happening. People are making money with it. And as long as that's going to go on, and we have enough countries where these people can hide, it's going to stay and survive. And so, with that being said, it's important for us to really build an industry around this. But I also think it's good that we have separate conferences. In the past we had more the RSA conference, which tried to cover all of these areas. But that is not really fitting Cloud Native and everything else. So I think it's good that we have these new opportunities, the Cloud Native one, but also what AWS brings up for someone. >> Yves, you just nailed it. It just comes down to simple math. It's a fraction. Revenue over cost. And if you could increase the hacker's cost, increase the denominator, their ROI will go down. And that is the game. >> Great point, Dave. What I'm hearing guys, and we can talk about technology for days and days. I know all of you. But there's, there's a big component that, that the elevation of Cloud Native Security, on its own as standalone is critical, as is the people component. You guys all talked about that. We talked about the cultural change necessary for that. Hopefully what we're seeing with Cloud Native Security Con 23, this first event is going to give us more insight over the next couple of days, and the next months or so, as to how this elevation, and how the people can come together to really help organizations from a math perspective as, as Dave talked about, really dial down the risks there, understand more of the vulnerabilities so that ransomware as a service is not as lucrative as it is today. Guys, so much appreciate your time, really breaking down Cloud Native Security, the value in it from different perspectives, and what your thoughts are on where it's going. Thanks so much for your time. >> All right. Thanks. >> Thanks, Lisa. >> Thank you. >> Thanks, Yves. >> All right. For my guests, I'm Lisa Martin. You're watching theCUBE's day one coverage of Cloud Native Security Con 23. Thanks for watching. (rousing music)

(upbeat music) >> Hey everyone and welcome to theCUBE's coverage day one of CloudNativeSecurityCon '23. Lisa Martin here with John Furrier and Dave Vellante. Dave and John, great to have you guys on the program. This is interesting. This is the first inaugural CloudNativeSecurityCon. Formally part of KubeCon, now a separate event here happening in Seattle over the next couple of days. John, I wanted to get your take on, your thoughts on this being a standalone event, the community, the impact. >> Well, this inaugural event, which is great, we love it, we want to cover all inaugural events because you never know, there might not be one next year. So we were here if it happens, we're here at creation. But I think this is a good move for the CNCF and the Linux Foundation as security becomes so important and there's so many issues to resolve that will influence many other things. Developers, machine learning, data as code, supply chain codes. So I think KubeCon, Kubernetes conference and CloudNativeCon, is all about cloud native developers. And it's a huge event and there's so much there. There's containers, there's microservices, all that infrastructure's code, the DevSecOps on that side, there's enough there and it's a huge ecosystem. Pulling it as a separate event is a first move for them. And I think there's a toe in the water kind of vibe here. Testing the waters a little bit on, does this have legs? How is it organized? Looks like they took their time, thought it out extremely well about how to craft it. And so I think this is the beginning of what will probably be a seminal event for the open source community. So let's listen to the clip from Priyanka Sharma who's a CUBE alumni and executive director of the CNCF. This is kind of a teaser- >> We will tackle issues of security together here and further on. We'll share our experiences, successes, perhaps more importantly, failures, and help with the collecting of understanding. We'll create solutions. That's right. The practitioners are leading the way. Having conversations that you need to have. That's all of you. This conference today and tomorrow is packed with 72 sessions for all levels of technologists to reflect the bottoms up, developer first nature of the conference. The co-chairs have selected these sessions and they are true blue practitioners. >> And that's a great clip right there. If you read between the lines, what she's saying there, let's unpack this. Solutions, we're going to fail, we're going to get better. Linux, the culture of iterating. But practitioners, the mention of practitioners, that was very key. Global community, 72 sessions, co-chairs, Liz Rice and experts that are crafting this program. It seems like very similar to what AWS has done with re:Invent as their core show. And then they have re:Inforce which is their cloud native security, Amazon security show. There's enough there, so to me, practitioners, that speaks to the urgency of cloud native security. So to me, I think this is the first move, and again, testing the water. I like the vibe. I think the practitioner angle is relevant. It's very nerdy, so I think this is going to have some legs. >> Yeah, the other key phrase Priyanka mentioned is bottoms up. And John, at our predictions breaking analysis, I asked you to make a prediction about events. And I think you've nailed it. You said, "Look, we're going to have many more events, but they're going to be smaller." Most large events are going to get smaller. AWS is obviously the exception, but a lot of events like this, 500, 700, 1,000 people, that is really targeted. So instead of you take a big giant event and there's events within the event, this is going to be really targeted, really intimate and focused. And that's exactly what this is. I think your prediction nailed it. >> Well, Dave, we'll call to see the event operating system really cohesive events connected together, decoupled, and I think the Linux Foundation does an amazing job of stringing these events together to have community as the focus. And I think the key to these events in the future is having, again, targeted content to distinct user groups in these communities so they can be highly cohesive because they got to be productive. And again, if you try to have a broad, big event, no one's happy. Everyone's underserved. So I think there's an industry concept and then there's pieces tied together. And I think this is going to be a very focused event, but I think it's going to grow very fast. >> 72 sessions, that's a lot of content for this small event that the practitioners are going to have a lot of opportunity to learn from. Do you guys, John, start with you and then Dave, do you think it's about time? You mentioned John, they're dipping their toe in the water. We'll see how this goes. Do you think it's about time that we have this dedicated focus out of this community on cloud native security? >> Well, I think it's definitely time, and I'll tell you there's many reasons why. On the front lines of business, there's a business model for security hackers and breaches. The economics are in favor of the hackers. That's a real reality from ransomware to any kind of breach attacks. There's corporate governance issues that's structural challenges for companies. These are real issues operationally for companies in the enterprise. And at the same time, on the tech stack side, it's been very slow movement, like glaciers in terms of security. Things like DNS, Linux kernel, there are a lot of things in the weeds in the details of the bowels of the tech world, protocol levels that just need to be refactored. And I think you're seeing a lot of that here. It was mentioned from Brian from the Linux Foundation, mentioned Dan Kaminsky who recently passed away who found that vulnerability in BIND which is a DNS construct. That was a critical linchpin. They got to fix these things and Liz Rice is talking about the Linux kernel with the extended Berkeley Packet Filtering thing. And so this is where they're going. This is stuff that needs to be paid attention to because if they don't do it, the train of automation and machine learning is going to run wild with all kinds of automation that the infrastructure just won't be set up for. So I think there's going to be root level changes, and I think ultimately a new security stack will probably be very driven by data will be emerging. So to me, I think this is definitely worth being targeted. And I think you're seeing Amazon doing the same thing. I think this is a playbook out of AWS's event focus and I think that's right. >> Dave, what are you thoughts? >> There was a lot of talk in, again, I go back to the progression here in the last decade about what's the right regime for security? Should the CISO report to the CIO or the board, et cetera, et cetera? We're way beyond that now. I think DevSecOps is being asked to do a lot, particularly DevOps. So we hear a lot about shift left, we're hearing about protecting the runtime and the ops getting much more involved and helping them do their jobs because the cloud itself has brought a lot to the table. It's like the first line of defense, but then you've really got a lot to worry about from a software defined perspective. And it's a complicated situation. Yes, there's less hardware, yes, we can rely on the cloud, but culturally you've got a lot more people that have to work together, have to share data. And you want to remove the blockers, to use an Amazon term. And the way you do that is you really, if we talked about it many times on theCUBE. Do over, you got to really rethink the way in which you approach security and it starts with culture and team. >> Well the thing, I would call it the five C's of security. Culture, you mentioned that's a good C. You got cloud, tons of issues involved in cloud. You've got access issues, identity. you've got clusters, you got Kubernetes clusters. And then you've got containers, the fourth C. And then finally is the code itself, supply chain. So all areas of cloud native, if you take out culture, it's cloud, cluster, container, and code all have levels of security risks and new things in there that need to be addressed. So there's plenty of work to get done for sure. And again, this is developer first, bottoms up, but that's where the change comes in, Dave, from a security standpoint, you always point this out. Bottoms up and then middle out for change. But absolutely, the imperative is today the business impact is real and it's urgent and you got to pedal as fast as you can here, so I think this is going to have legs. We'll see how it goes. >> Really curious to understand the cultural impact that we see being made at this event with the focus on it. John, you mentioned the four C's, five with culture. I often think that culture is probably the leading factor. Without that, without getting those teams aligned, is the rest of it set up to be as successful as possible? I think that's a question that's- >> Well to me, Dave asked Pat Gelsinger in 2014, can security be a do-over at VMWorld when he was the CEO of VMware? He said, "Yes, it has to be." And I think you're seeing that now. And Nick from the co-founder of Palo Alto Networks was quoted on theCUBE by saying, "Zero Trust is some structure to give to security, but cloud allows for the ability to do it over and get some scale going on security." So I think the best people are going to come together in this security world and they're going to work on this. So you're going to start to see more focus around these security events and initiatives. >> So I think that when you go to the, you mentioned re:Inforce a couple times. When you go to re:Inforce, there's a lot of great stuff that Amazon puts forth there. Very positive, it's not that negative. Oh, the world is falling, the sky is falling. And so I like that. However, you don't walk away with an understanding of how they're making the CISOs and the DevOps lives easier once they get beyond the cloud. Of course, it's not Amazon's responsibility. And that's where I think the CNCF really comes in and open source, that's where they pick up. Obviously the cloud's involved, but there's a real opportunity to simplify the lives of the DevSecOps teams and that's what's critical in terms of being able to solve, or at least keep up with this never ending problem. >> Yeah, there's a lot of issues involved. I took some notes here from some of the keynote you heard. Security and education, training and team structure. Detection, incidents that are happening, and how do you respond to that architecture. Identity, isolation, supply chain, and governance and compliance. These are all real things. This is not like hand-waving issues. They're mainstream and they're urgent. Literally the houses are on fire here with the enterprise, so this is going to be very, very important. >> Lisa: That's a great point. >> Some of the other things Priyanka mentioned, exposed edges and nodes. So just when you think we're starting to solve the problem, you got IOT, security's not a one and done task. We've been talking about culture. No person is an island. It's $188 billion business. Cloud native is growing at 27% a year, which just underscores the challenges, and bottom line, practitioners are leading the way. >> Last question for you guys. What are you hoping those practitioners get out of this event, this inaugural event, John? >> Well first of all, I think this inaugural event's going to be for them, but also we at theCUBE are going to be doing a lot more security events. RSA's coming up, we're going to be at re:Inforce, we're obviously going to be covering this event. We've got Black Hat, a variety of other events. We'll probably have our own security events really focused on some key areas. So I think the thing that people are going to walk away from this event is that paying attention to these security events are going to be more than just an industry thing. I think you're going to start to see group gatherings or groups convening virtually and physically around core issues. And I think you're going to start to see a community accelerate around cloud native and open source specifically to help teams get faster and better at what they do. So I think the big walkaway for the customers and the practitioners here is that there's a call to arms happening and this is, again, another signal that it's worth breaking out from the core event, but being tied to it, I think that's a good call and I think it's a well good architecture from a CNCF standpoint and a worthy effort, so I give it a thumbs up. We still don't know what it's going to look like. We'll see what day two looks like, but it seems to be experts, practitioners, deep tech, enabling technologies. These are things that tend to be good things to hear when you're at an event. I'll say the business imperative is obvious. >> The purpose of an event like this, and it aligns with theCUBE's mission, is to educate and inspire business technology pros to action. We do it in theCUBE with free content. Obviously this event is a for-pay event, but they are delivering some real value to the community that they can take back to their organizations to make change. And that's what it's all about. >> Yep, that is what it's all about. I'm looking forward to seeing over as the months unfold, the impact that this event has on the community and the impact the community has on this event going forward, and really the adoption of cloud native security. Guys, great to have you during this keynote analysis. Looking forward to hearing the conversations that we have on theCUBE today. Thanks so much for joining. And for my guests, for my co-hosts, John Furrier and Dave Vellante. I'm Lisa Martin. You're watching theCUBE's day one coverage of CloudNativeSecurityCon '23. Stick around, we got great content on theCUBE coming up. (upbeat music)

(upbeat music) >> Hello, everyone, from Palo Alto, Lisa Martin here. This is The Cube's coverage of CloudNativeSecurityCon, the inaugural event. I'm here with John Furrier in studio. In Boston, Dave Vellante joins us, and our guest, Liz Rice, one of our alumni, is joining us from Seattle. Great to have everyone here. Liz is the Chief Open Source officer at Isovalent. She's also the Emeritus Chair Technical Oversight Committee at CNCF, and a co-chair of this new event. Everyone, welcome Liz. Great to have you back on theCUBE. Thanks so much for joining us today. >> Thanks so much for having me, pleasure. >> So CloudNativeSecurityCon. This is the inaugural event, Liz, this used to be part of KubeCon, it's now its own event in its first year. Talk to us about the importance of having it as its own event from a security perspective, what's going on? Give us your opinions there. >> Yeah, I think security was becoming so- at such an important part of the conversation at KubeCon, CloudNativeCon, and the TAG security, who were organizing the co-located Cloud Native Security Day which then turned into a two day event. They were doing this amazing job, and there was so much content and so much activity and so much interest that it made sense to say "Actually this could stand alone as a dedicated event and really dedicate, you know, all the time and resources of running a full conference, just thinking about cloud native security." And I think that's proven to be true. There's plenty of really interesting talks that we're going to see. Things like a capture the flag. There's all sorts of really good things going on this week. >> Liz, great to see you, and Dave, great to see you in Boston Lisa, great intro. Liz, you've been a CUBE alumni. You've been a great contributor to our program, and being part of our team, kind of extracting that signal from the CNCF cloud native world KubeCon. This event really kind of to me is a watershed moment, because it highlights not only security as a standalone discussion event, but it's also synergistic with KubeCon. And, as co-chair, take us through the thought process on the sessions, the experts, it's got a practitioner vibe there. So we heard from Priyanka early on, bottoms up, developer first. You know KubeCon's shift left was big momentum. This seems to be a breakout of very focused security. Can you share the rationale and the thoughts behind how this is emerging, and how you see this developing? I know it's kind of a small event, kind of testing the waters it seems, but this is really a directional shift. Can you share your thoughts? >> Yeah I'm just, there's just so many different angles that you can consider security. You know, we are seeing a lot of conversations about supply chain security, but there's also runtime security. I'm really excited about eBPF tooling. There's also this opportunity to talk about how do we educate people about security, and how do security practitioners get involved in cloud native, and how do cloud native folks learn about the security concepts that they need to keep their deployments secure. So there's lots of different groups of people who I think maybe at a KubeCon, KubeCon is so wide, it's such a diverse range of topics. If you really just want to focus in, drill down on what do I need to do to run Kubernetes and cloud native applications securely, let's have a really focused event, and just drill down into all the different aspects of that. And I think that's great. It brings the right people together, the practitioners, the experts, the vendors to, you know, everyone can be here, and we can find each other at a smaller event. We are not spread out amongst the thousands of people that would attend a KubeCon. >> It's interesting, Dave, you know, when we were talking, you know, we're going to bring you in real quick, because AWS, which I think is the bellweather for, you know, cloud computing, has now two main shows, AWS re:Invent and re:Inforce. Security, again, broken out there. you see the classic security events, RSA, Black Hat, you know, those are the, kind of, the industry kind of mainstream security, very wide. But you're starting to see the cloud native developer first with both security and cloud native, kind of, really growing so fast. This is a major trend for a lot of the ecosystem >> You know, and you hear, when you mention those other conferences, John you hear a lot about, you know, shift left. There's a little bit of lip service there, and you, we heard today way more than lip service. I mean deep practitioner level conversations, and of course the runtime as well. Liz, you spent a lot of time obviously in your keynote on eBPF, and I wonder if you could share with the audience, you know, why you're so excited about that. What makes it a more effective tool compared to other traditional methods? I mean, it sounds like it simplifies things. You talked about instrumenting nodes versus workloads. Can you explain that a little bit more detail? >> Yeah, so with eBPF programs, we can load programs dynamically into the kernel, and we can attach them to all kinds of different events that could be happening anywhere on that virtual machine. And if you have the right knowledge about where to hook into, you can observe network events, you can observe file access events, you can observe pretty much anything that's interesting from a security perspective. And because eBPF programs are living in the kernel, there's only one kernel shared amongst all of the applications that are running on that particular machine. So you don't- you no longer have to instrument each individual application, or each individual pod. There's no more need to inject sidecars. We can apply eBPF based tooling on a per node basis, which just makes things operationally more straightforward, but it's also extremely performant. We can hook these programs into events that typically very lightweight, small programs, kind of, emitting an event, making a decision about whether to drop a packet, making a decision about whether to allow file access, things of that nature. There's super fast, there's no need to transition between kernel space and user space, which is usually quite a costly operation from performance perspective. So eBPF makes it really, you know, it's taking the security tooling, and other forms of tooling, networking and observability. We can take these tools into the kernel, and it's really efficient there. >> So Liz- >> So, if I may, one, just one quick follow up. You gave kind of a space age example (laughs) in your keynote. When, do you think a year from now we'll be able to see, sort of, real world examples in in action? How far away are we? >> Well, some of that is already pretty widely deployed. I mean, in my keynote I was talking about Cilium. Cilium is adopted by hundreds of really big scale deployments. You know, the users file is full of household names who've been using cilium. And as part of that they will be using network policies. And I showed some visualizations this morning of network policy, but again, network policy has been around, pretty much since the early days of Kubernetes. It can be quite fiddly to get it right, but there are plenty of people who are using it at scale today. And then we were also looking at some runtime security detections, seeing things like, in my example, exfiltrating the plans to the Death Star, you know, looking for suspicious executables. And again, that's a little bit, it's a bit newer, but we do have people running that in production today, proving that it really does work, and that eBPF is a scalable technology. It's, I've been fascinated by eBPF for years, and it's really amazing to see it being used in the real world now. >> So Liz, you're a maintainer on the Cilium project. Talk about the use of eBPF in the Cilium project. How is it contributing to cloud native security, and really helping to change the dials on that from an efficiency, from a performance perspective, as well as a, what's in it for me as a business perspective? >> So Cilium is probably best known as a networking plugin for Kubernetes. It, when you are running Kubernetes, you have to make a decision about some networking plugin that you're going to use. And Cilium is, it's an incubating project in the CNCF. It's the most mature of the different CNIs that's in the CNCF at the moment. As I say, very widely deployed. And right from day one, it was based on eBPF. And in fact some of the people who contribute to the eBPF platform within the kernel, are also working on the Cilium project. They've been kind of developed hand in hand for the last six, seven years. So really being able to bring some of that networking capability, it required changes in the kernel that have been put in place several years ago, so that now we can build these amazing tools for Kubernetes operators. So we are using eBPF to make the networking stack for Kubernetes and cloud native really efficient. We can bypass some of the parts of the network stack that aren't necessarily required in a cloud native deployment. We can use it to make these incredibly fast decisions about network policy. And we also have a sub-project called Tetragon, which is a newer part of the Cilium family which uses eBPF to observe these runtime events. The things like people opening a file, or changing the permissions on a file, or making a socket connection. All of these things that as a security engineer you are interested in. Who is running executables who is making network connections, who's accessing files, all of these operations are things that we can observe with Cilium Tetragon. >> I mean it's exciting. We've chatted in the past about that eBPF extended Berkeley Packet Filter, which is about the Linux kernel. And I bring that up Liz, because I think this is the trend I'm trying to understand with this event. It's, I hear bottoms up developer, developer first. It feels like it's an under the hood, infrastructure, security geek fest for practitioners, because Brian, in his keynote, mentioned BIND in reference the late Dan Kaminsky, who was, obviously found that error in BIND at the, in DNS. He mentioned DNS. There's a lot of things that's evolving at the silicone, kernel, kind of root levels of our infrastructure. This seems to be a major shift in focus and rightfully so. Is that something that you guys talk about, or is that coincidence, or am I just overthinking this point in terms of how nerdy it's getting in terms of the importance of, you know, getting down to the low level aspects of protecting everything. And as we heard also the quote was no software secure. (Liz chuckles) So that's up and down the stack of the, kind of the old model. What's your thoughts and reaction to that? >> Yeah, I mean I think a lot of folks who get into security really are interested in these kind of details. You know, you see write-ups of exploits and they, you know, they're quite often really involved, and really require understanding these very deep detailed technical levels. So a lot of us can really geek out about the details of that. The flip side of that is that as an application developer, you know, as- if you are working for a bank, working for a media company, you're writing applications, you shouldn't have to be worried about what's happening at the kernel level. This might be kind of geeky interesting stuff, but really, operationally, it should be taken care of for you. You've got your work cut out building business value in applications. So I think there's this interesting, kind of dual track going on almost, if you like, of the people who really want to get involved in those nitty gritty details, and understand how the underlying, you know, kernel level exploits maybe working. But then how do we make that really easy for people who are running clusters to, I mean like you said, nothing is ever secure, but trying to make things as secure as they can be easily, and make things visual, make things accessible, make things, make it easy to check whether or not you are compliant with whatever regulations you need to be compliant with. That kind of focus on making things usable for the platform team, for the application developers who deliver apps on the platform, that's the important (indistinct)- >> I noticed that the word expert was mentioned, I mentioned earlier with Priyanka. Was there a rationale on the 72 sessions, was there thinking around it or was it kind of like, these are urgent areas, they're obvious low hanging fruit. Was there, take us through the selection process of, or was it just, let's get 72 sessions going to get this (Liz laughs) thing moving? >> No, we did think quite carefully about how we wanted to, what the different focus areas we wanted to include. So we wanted to make sure that we were including things like governance and compliance, and that we talk about not just supply chain, which is clearly a very hot topic at the moment, but also to talk about, you know, threat detection, runtime security. And also really importantly, we wanted to have space to talk about education, to talk about how people can get involved. Because maybe when we talk about all these details, and we get really technical, maybe that's, you know, a bit scary for people who are new into the cloud native security space. We want to make sure that there are tracks and content that are accessible for newcomers to get involved. 'Cause, you know, given time they'll be just as excited about diving into those kind of kernel level details. But everybody needs a place to start, and we wanted to make sure there were conversations about how to get started in security, how to educate other members of your team in your organization about security. So hopefully there's something for everyone. >> That education piece- >> Liz, what's the- >> Oh sorry, Dave. >> What the buzz on on AI? We heard Dan talk about, you know, chatGPT, using it to automate spear phishing. There's always been this tension between security and speed to market, but CISOs are saying, "Hey we're going to a zero trust architecture and that's helping us move faster." Will, in your, is the talk on the floor, AI is going to slow us down a little bit until we figure it out? Or is it actually going to be used as an offensive defensive tool if I can use that angle? >> Yeah, I think all of the above. I actually had an interesting chat this morning. I was talking with Andy Martin from Control Plane, and we were talking about the risk of AI generated code that attempts to replicate what open source libraries already do. So rather than using an existing open source package, an organization might think, "Well, I'll just have my own version, and I'll have an AI write it for me." And I don't, you know, I'm not a lawyer so I dunno what the intellectual property implications of this will be, but imagine companies are just going, "Well you know, write me an SSL library." And that seems terrifying from a security perspective, 'cause there could be all sorts of very slightly different AI generated libraries that pick up the same vulnerabilities that exist in open source code. So, I think we're going to go through a pretty interesting period of vulnerabilities being found in AI generated code that look familiar, and we'll be thinking "Haven't we seen these vulnerabilities before? Yeah, we did, but they were previously in handcrafted code and now we'll see the same things being generated by AI." I mean, in the same way that if you look at an AI generated picture and it's got I don't know, extra fingers, or, you know, extra ears or something that, (Dave laughs) AI does make mistakes. >> So Liz, you talked about the education, the enablement, the 72 sessions, the importance of CloudNativeSecurityCon being its own event this year. What are your hopes and dreams for the practitioners to be able to learn from this event? How do you see the event as really supporting the growth, the development of the cloud native security community as a whole? >> Yeah, I think it's really important that we think of it as a Cloud Native Security community. You know, there are lots of interesting sort of hacker community security related community. Cloud native has been very community focused for a long time, and we really saw, particularly through the tag, the security tag, that there was this growing group of people who were, really wanted to work at that intersection between security and cloud native. And yeah, I think things are going really well this week so far, So I hope this is, you know, the first of many additions of this conference. I think it will also be interesting to see how the balance between a smaller, more focused event, compared to the giant KubeCon and cloud native cons. I, you know, I think there's space for both things, but whether or not there will be other smaller focus areas that want to stand alone and justify being able to stand alone as their own separate conferences, it speaks to the growth of cloud native in general that this is worthwhile doing. >> Yeah. >> It is, and what also speaks to, it reminds me of our tagline here at theCUBE, being able to extract the signal from the noise. Having this event as a standalone, being able to extract the value in it from a security perspective, that those practitioners and the community at large is going to be able to glean from these conversations is something that will be important, that we'll be keeping our eyes on. >> Absolutely. Makes sense for me, yes. >> Yeah, and I think, you know, one of the things, Lisa, that I want to get in, and if you don't mind asking Dave his thoughts, because he just did a breaking analysis on the security landscape. And Dave, you know, as Liz talking about some of these root level things, we talk about silicon advances, powering machine learning, we've been covering a lot of that. You've been covering the general security industry. We got RSA coming up reinforced with AWS, and as you see the cloud native developer first, really driving the standards of the super cloud, the multicloud, you're starting to see a lot more application focus around latency and kind of controlling that, These abstraction layer's starting to see a lot more growth. What's your take, Dave, on what Liz and- is talking about because, you know, you're analyzing the horses on the track, and there's sometimes the old guard security folks, and you got open source continuing to kick butt. And even on the ML side, we've been covering some of these foundation models, you're seeing a real technical growth in open source at all levels and, you know, you still got some proprietary machine learning stuff going on, but security's integrating all that. What's your take and your- what's your breaking analysis on the security piece here? >> I mean, to me the two biggest problems in cyber are just the lack of talent. I mean, it's just really hard to find super, you know, deep expertise and get it quickly. And I think the second is it's just, it's so many tools to deal with. And so the architecture of security is just this mosaic and a mess. That's why I'm excited about initiatives like eBPF because it does simplify things, and developers are being asked to do a lot. And I think one of the other things that's emerging is when you- when we talk about Industry 4.0, and IIoT, you- I'm seeing a lot of tools that are dedicated just to that, you know, slice of the world. And I don't think that's the right approach. I think that there needs to be a more comprehensive view. We're seeing, you know, zero trust architectures come together, and it's going to take some time, but I think that you're going to definitely see, you know, some rethinking of how to architect security. It's a game of whack-a-mole, but I think the industry is just- the technology industry is doing a really really good job of, you know, working hard to solve these problems. And I think the answer is not just another bespoke tool, it's a broader thinking around architectures and consolidating some of those tools, you know, with an end game of really addressing the problem in a more comprehensive fashion. >> Liz, in the last minute or so we have your thoughts on how automation and scale are driving some of these forcing functions around, you know, taking away the toil and the muck around developers, who just want stuff to be code, right? So infrastructure as code. Is that the dynamic here? Is this kind of like new, or is it kind of the same game, different kind of thing? (chuckles) 'Cause you're seeing a lot more machine learning, a lot more automation going on. What's, is that having an impact? What's your thoughts? >> Automation is one of the kind of fundamental underpinnings of cloud native. You know, we're expecting infrastructure to be written as code, We're expecting the platform to be defined in yaml essentially. You know, we are expecting the Kubernetes and surrounding tools to self-heal and to automatically scale and to do things like automated security. If we think about supply chain, you know, automated dependency scanning, think about runtime. Network policy is automated firewalling, if you like, for a cloud native era. So, I think it's all about making that platform predictable. Automation gives us some level of predictability, even if the underlying hardware changes or the scale changes, so that the application developers have something consistent and standardized that they can write to. And you know, at the end of the day, it's all about the business applications that run on top of this infrastructure >> Business applications and the business outcomes. Liz, we so appreciate your time talking to us about this inaugural event, CloudNativeSecurityCon 23. The value in it for those practitioners, all of the content that's going to be discussed and learned, and the growth of the community. Thank you so much, Liz, for sharing your insights with us today. >> Thanks for having me. >> For Liz Rice, John Furrier and Dave Vellante, I'm Lisa Martin. You're watching the Cube's coverage of CloudNativeSecurityCon 23. (electronic music)

(upbeat music beginning) >> From the Cube Studios in Palo Alto and Boston, bringing you data-driven insights from the Cube and ETR, this is "Breaking Analysis" with Dave Vellante. >> Making predictions about the future of enterprise tech is more challenging if you strive to lay down forecasts that are measurable. In other words, if you make a prediction, you should be able to look back a year later and say, with some degree of certainty, whether the prediction came true or not, with evidence to back that up. Hello and welcome to this week's Wikibon Cube Insights, powered by ETR. In this breaking analysis, we aim to do just that, with predictions about the macro IT spending environment, cost optimization, security, lots to talk about there, generative AI, cloud, and of course supercloud, blockchain adoption, data platforms, including commentary on Databricks, snowflake, and other key players, automation, events, and we may even have some bonus predictions around quantum computing, and perhaps some other areas. To make all this happen, we welcome back, for the third year in a row, my colleague and friend Eric Bradley from ETR. Eric, thanks for all you do for the community, and thanks for being part of this program. Again. >> I wouldn't miss it for the world. I always enjoy this one. Dave, good to see you. >> Yeah, so let me bring up this next slide and show you, actually come back to me if you would. I got to show the audience this. These are the inbounds that we got from PR firms starting in October around predictions. They know we do prediction posts. And so they'll send literally thousands and thousands of predictions from hundreds of experts in the industry, technologists, consultants, et cetera. And if you bring up the slide I can show you sort of the pattern that developed here. 40% of these thousands of predictions were from cyber. You had AI and data. If you combine those, it's still not close to cyber. Cost optimization was a big thing. Of course, cloud, some on DevOps, and software. Digital... Digital transformation got, you know, some lip service and SaaS. And then there was other, it's kind of around 2%. So quite remarkable, when you think about the focus on cyber, Eric. >> Yeah, there's two reasons why I think it makes sense, though. One, the cybersecurity companies have a lot of cash, so therefore the PR firms might be working a little bit harder for them than some of their other clients. (laughs) And then secondly, as you know, for multiple years now, when we do our macro survey, we ask, "What's your number one spending priority?" And again, it's security. It just isn't going anywhere. It just stays at the top. So I'm actually not that surprised by that little pie chart there, but I was shocked that SaaS was only 5%. You know, going back 10 years ago, that would've been the only thing anyone was talking about. >> Yeah. So true. All right, let's get into it. First prediction, we always start with kind of tech spending. Number one is tech spending increases between four and 5%. ETR has currently got it at 4.6% coming into 2023. This has been a consistently downward trend all year. We started, you know, much, much higher as we've been reporting. Bottom line is the fed is still in control. They're going to ease up on tightening, is the expectation, they're going to shoot for a soft landing. But you know, my feeling is this slingshot economy is going to continue, and it's going to continue to confound, whether it's supply chains or spending. The, the interesting thing about the ETR data, Eric, and I want you to comment on this, the largest companies are the most aggressive to cut. They're laying off, smaller firms are spending faster. They're actually growing at a much larger, faster rate as are companies in EMEA. And that's a surprise. That's outpacing the US and APAC. Chime in on this, Eric. >> Yeah, I was surprised on all of that. First on the higher level spending, we are definitely seeing it coming down, but the interesting thing here is headlines are making it worse. The huge research shop recently said 0% growth. We're coming in at 4.6%. And just so everyone knows, this is not us guessing, we asked 1,525 IT decision-makers what their budget growth will be, and they came in at 4.6%. Now there's a huge disparity, as you mentioned. The Fortune 500, global 2000, barely at 2% growth, but small, it's at 7%. So we're at a situation right now where the smaller companies are still playing a little bit of catch up on digital transformation, and they're spending money. The largest companies that have the most to lose from a recession are being more trepidatious, obviously. So they're playing a "Wait and see." And I hope we don't talk ourselves into a recession. Certainly the headlines and some of their research shops are helping it along. But another interesting comment here is, you know, energy and utilities used to be called an orphan and widow stock group, right? They are spending more than anyone, more than financials insurance, more than retail consumer. So right now it's being driven by mid, small, and energy and utilities. They're all spending like gangbusters, like nothing's happening. And it's the rest of everyone else that's being very cautious. >> Yeah, so very unpredictable right now. All right, let's go to number two. Cost optimization remains a major theme in 2023. We've been reporting on this. You've, we've shown a chart here. What's the primary method that your organization plans to use? You asked this question of those individuals that cited that they were going to reduce their spend and- >> Mhm. >> consolidating redundant vendors, you know, still leads the way, you know, far behind, cloud optimization is second, but it, but cloud continues to outpace legacy on-prem spending, no doubt. Somebody, it was, the guy's name was Alexander Feiglstorfer from Storyblok, sent in a prediction, said "All in one becomes extinct." Now, generally I would say I disagree with that because, you know, as we know over the years, suites tend to win out over, you know, individual, you know, point products. But I think what's going to happen is all in one is going to remain the norm for these larger companies that are cutting back. They want to consolidate redundant vendors, and the smaller companies are going to stick with that best of breed and be more aggressive and try to compete more effectively. What's your take on that? >> Yeah, I'm seeing much more consolidation in vendors, but also consolidation in functionality. We're seeing people building out new functionality, whether it's, we're going to talk about this later, so I don't want to steal too much of our thunder right now, but data and security also, we're seeing a functionality creep. So I think there's further consolidation happening here. I think niche solutions are going to be less likely, and platform solutions are going to be more likely in a spending environment where you want to reduce your vendors. You want to have one bill to pay, not 10. Another thing on this slide, real quick if I can before I move on, is we had a bunch of people write in and some of the answer options that aren't on this graph but did get cited a lot, unfortunately, is the obvious reduction in staff, hiring freezes, and delaying hardware, were three of the top write-ins. And another one was offshore outsourcing. So in addition to what we're seeing here, there were a lot of write-in options, and I just thought it would be important to state that, but essentially the cost optimization is by and far the highest one, and it's growing. So it's actually increased in our citations over the last year. >> And yeah, specifically consolidating redundant vendors. And so I actually thank you for bringing that other up, 'cause I had asked you, Eric, is there any evidence that repatriation is going on and we don't see it in the numbers, we don't see it even in the other, there was, I think very little or no mention of cloud repatriation, even though it might be happening in this in a smattering. >> Not a single mention, not one single mention. I went through it for you. Yep. Not one write-in. >> All right, let's move on. Number three, security leads M&A in 2023. Now you might say, "Oh, well that's a layup," but let me set this up Eric, because I didn't really do a great job with the slide. I hid the, what you've done, because you basically took, this is from the emerging technology survey with 1,181 responses from November. And what we did is we took Palo Alto and looked at the overlap in Palo Alto Networks accounts with these vendors that were showing on this chart. And Eric, I'm going to ask you to explain why we put a circle around OneTrust, but let me just set it up, and then have you comment on the slide and take, give us more detail. We're seeing private company valuations are off, you know, 10 to 40%. We saw a sneak, do a down round, but pretty good actually only down 12%. We've seen much higher down rounds. Palo Alto Networks we think is going to get busy. Again, they're an inquisitive company, they've been sort of quiet lately, and we think CrowdStrike, Cisco, Microsoft, Zscaler, we're predicting all of those will make some acquisitions and we're thinking that the targets are somewhere in this mess of security taxonomy. Other thing we're predicting AI meets cyber big time in 2023, we're going to probably going to see some acquisitions of those companies that are leaning into AI. We've seen some of that with Palo Alto. And then, you know, your comment to me, Eric, was "The RSA conference is going to be insane, hopping mad, "crazy this April," (Eric laughing) but give us your take on this data, and why the red circle around OneTrust? Take us back to that slide if you would, Alex. >> Sure. There's a few things here. First, let me explain what we're looking at. So because we separate the public companies and the private companies into two separate surveys, this allows us the ability to cross-reference that data. So what we're doing here is in our public survey, the tesis, everyone who cited some spending with Palo Alto, meaning they're a Palo Alto customer, we then cross-reference that with the private tech companies. Who also are they spending with? So what you're seeing here is an overlap. These companies that we have circled are doing the best in Palo Alto's accounts. Now, Palo Alto went and bought Twistlock a few years ago, which this data slide predicted, to be quite honest. And so I don't know if they necessarily are going to go after Snyk. Snyk, sorry. They already have something in that space. What they do need, however, is more on the authentication space. So I'm looking at OneTrust, with a 45% overlap in their overall net sentiment. That is a company that's already existing in their accounts and could be very synergistic to them. BeyondTrust as well, authentication identity. This is something that Palo needs to do to move more down that zero trust path. Now why did I pick Palo first? Because usually they're very inquisitive. They've been a little quiet lately. Secondly, if you look at the backdrop in the markets, the IPO freeze isn't going to last forever. Sooner or later, the IPO markets are going to open up, and some of these private companies are going to tap into public equity. In the meantime, however, cash funding on the private side is drying up. If they need another round, they're not going to get it, and they're certainly not going to get it at the valuations they were getting. So we're seeing valuations maybe come down where they're a touch more attractive, and Palo knows this isn't going to last forever. Cisco knows that, CrowdStrike, Zscaler, all these companies that are trying to make a push to become that vendor that you're consolidating in, around, they have a chance now, they have a window where they need to go make some acquisitions. And that's why I believe leading up to RSA, we're going to see some movement. I think it's going to pretty, a really exciting time in security right now. >> Awesome. Thank you. Great explanation. All right, let's go on the next one. Number four is, it relates to security. Let's stay there. Zero trust moves from hype to reality in 2023. Now again, you might say, "Oh yeah, that's a layup." A lot of these inbounds that we got are very, you know, kind of self-serving, but we always try to put some meat in the bone. So first thing we do is we pull out some commentary from, Eric, your roundtable, your insights roundtable. And we have a CISO from a global hospitality firm says, "For me that's the highest priority." He's talking about zero trust because it's the best ROI, it's the most forward-looking, and it enables a lot of the business transformation activities that we want to do. CISOs tell me that they actually can drive forward transformation projects that have zero trust, and because they can accelerate them, because they don't have to go through the hurdle of, you know, getting, making sure that it's secure. Second comment, zero trust closes that last mile where once you're authenticated, they open up the resource to you in a zero trust way. That's a CISO of a, and a managing director of a cyber risk services enterprise. Your thoughts on this? >> I can be here all day, so I'm going to try to be quick on this one. This is not a fluff piece on this one. There's a couple of other reasons this is happening. One, the board finally gets it. Zero trust at first was just a marketing hype term. Now the board understands it, and that's why CISOs are able to push through it. And what they finally did was redefine what it means. Zero trust simply means moving away from hardware security, moving towards software-defined security, with authentication as its base. The board finally gets that, and now they understand that this is necessary and it's being moved forward. The other reason it's happening now is hybrid work is here to stay. We weren't really sure at first, large companies were still trying to push people back to the office, and it's going to happen. The pendulum will swing back, but hybrid work's not going anywhere. By basically on our own data, we're seeing that 69% of companies expect remote and hybrid to be permanent, with only 30% permanent in office. Zero trust works for a hybrid environment. So all of that is the reason why this is happening right now. And going back to our previous prediction, this is why we're picking Palo, this is why we're picking Zscaler to make these acquisitions. Palo Alto needs to be better on the authentication side, and so does Zscaler. They're both fantastic on zero trust network access, but they need the authentication software defined aspect, and that's why we think this is going to happen. One last thing, in that CISO round table, I also had somebody say, "Listen, Zscaler is incredible. "They're doing incredibly well pervading the enterprise, "but their pricing's getting a little high," and they actually think Palo Alto is well-suited to start taking some of that share, if Palo can make one move. >> Yeah, Palo Alto's consolidation story is very strong. Here's my question and challenge. Do you and me, so I'm always hardcore about, okay, you've got to have evidence. I want to look back at these things a year from now and say, "Did we get it right? Yes or no?" If we got it wrong, we'll tell you we got it wrong. So how are we going to measure this? I'd say a couple things, and you can chime in. One is just the number of vendors talking about it. That's, but the marketing always leads the reality. So the second part of that is we got to get evidence from the buying community. Can you help us with that? >> (laughs) Luckily, that's what I do. I have a data company that asks thousands of IT decision-makers what they're adopting and what they're increasing spend on, as well as what they're decreasing spend on and what they're replacing. So I have snapshots in time over the last 11 years where I can go ahead and compare and contrast whether this adoption is happening or not. So come back to me in 12 months and I'll let you know. >> Now, you know, I will. Okay, let's bring up the next one. Number five, generative AI hits where the Metaverse missed. Of course everybody's talking about ChatGPT, we just wrote last week in a breaking analysis with John Furrier and Sarjeet Joha our take on that. We think 2023 does mark a pivot point as natural language processing really infiltrates enterprise tech just as Amazon turned the data center into an API. We think going forward, you're going to be interacting with technology through natural language, through English commands or other, you know, foreign language commands, and investors are lining up, all the VCs are getting excited about creating something competitive to ChatGPT, according to (indistinct) a hundred million dollars gets you a seat at the table, gets you into the game. (laughing) That's before you have to start doing promotion. But he thinks that's what it takes to actually create a clone or something equivalent. We've seen stuff from, you know, the head of Facebook's, you know, AI saying, "Oh, it's really not that sophisticated, ChatGPT, "it's kind of like IBM Watson, it's great engineering, "but you know, we've got more advanced technology." We know Google's working on some really interesting stuff. But here's the thing. ETR just launched this survey for the February survey. It's in the field now. We circle open AI in this category. They weren't even in the survey, Eric, last quarter. So 52% of the ETR survey respondents indicated a positive sentiment toward open AI. I added up all the sort of different bars, we could double click on that. And then I got this inbound from Scott Stevenson of Deep Graham. He said "AI is recession-proof." I don't know if that's the case, but it's a good quote. So bring this back up and take us through this. Explain this chart for us, if you would. >> First of all, I like Scott's quote better than the Facebook one. I think that's some sour grapes. Meta just spent an insane amount of money on the Metaverse and that's a dud. Microsoft just spent money on open AI and it is hot, undoubtedly hot. We've only been in the field with our current ETS survey for a week. So my caveat is it's preliminary data, but I don't care if it's preliminary data. (laughing) We're getting a sneak peek here at what is the number one net sentiment and mindshare leader in the entire machine-learning AI sector within a week. It's beating Data- >> 600. 600 in. >> It's beating Databricks. And we all know Databricks is a huge established enterprise company, not only in machine-learning AI, but it's in the top 10 in the entire survey. We have over 400 vendors in this survey. It's number eight overall, already. In a week. This is not hype. This is real. And I could go on the NLP stuff for a while. Not only here are we seeing it in open AI and machine-learning and AI, but we're seeing NLP in security. It's huge in email security. It's completely transforming that area. It's one of the reasons I thought Palo might take Abnormal out. They're doing such a great job with NLP in this email side, and also in the data prep tools. NLP is going to take out data prep tools. If we have time, I'll discuss that later. But yeah, this is, to me this is a no-brainer, and we're already seeing it in the data. >> Yeah, John Furrier called, you know, the ChatGPT introduction. He said it reminded him of the Netscape moment, when we all first saw Netscape Navigator and went, "Wow, it really could be transformative." All right, number six, the cloud expands to supercloud as edge computing accelerates and CloudFlare is a big winner in 2023. We've reported obviously on cloud, multi-cloud, supercloud and CloudFlare, basically saying what multi-cloud should have been. We pulled this quote from Atif Kahn, who is the founder and CTO of Alkira, thanks, one of the inbounds, thank you. "In 2023, highly distributed IT environments "will become more the norm "as organizations increasingly deploy hybrid cloud, "multi-cloud and edge settings..." Eric, from one of your round tables, "If my sources from edge computing are coming "from the cloud, that means I have my workloads "running in the cloud. "There is no one better than CloudFlare," That's a senior director of IT architecture at a huge financial firm. And then your analysis shows CloudFlare really growing in pervasion, that sort of market presence in the dataset, dramatically, to near 20%, leading, I think you had told me that they're even ahead of Google Cloud in terms of momentum right now. >> That was probably the biggest shock to me in our January 2023 tesis, which covers the public companies in the cloud computing sector. CloudFlare has now overtaken GCP in overall spending, and I was shocked by that. It's already extremely pervasive in networking, of course, for the edge networking side, and also in security. This is the number one leader in SaaSi, web access firewall, DDoS, bot protection, by your definition of supercloud, which we just did a couple of weeks ago, and I really enjoyed that by the way Dave, I think CloudFlare is the one that fits your definition best, because it's bringing all of these aspects together, and most importantly, it's cloud agnostic. It does not need to rely on Azure or AWS to do this. It has its own cloud. So I just think it's, when we look at your definition of supercloud, CloudFlare is the poster child. >> You know, what's interesting about that too, is a lot of people are poo-pooing CloudFlare, "Ah, it's, you know, really kind of not that sophisticated." "You don't have as many tools," but to your point, you're can have those tools in the cloud, Cloudflare's doing serverless on steroids, trying to keep things really simple, doing a phenomenal job at, you know, various locations around the world. And they're definitely one to watch. Somebody put them on my radar (laughing) a while ago and said, "Dave, you got to do a breaking analysis on CloudFlare." And so I want to thank that person. I can't really name them, 'cause they work inside of a giant hyperscaler. But- (Eric laughing) (Dave chuckling) >> Real quickly, if I can from a competitive perspective too, who else is there? They've already taken share from Akamai, and Fastly is their really only other direct comp, and they're not there. And these guys are in poll position and they're the only game in town right now. I just, I don't see it slowing down. >> I thought one of your comments from your roundtable I was reading, one of the folks said, you know, CloudFlare, if my workloads are in the cloud, they are, you know, dominant, they said not as strong with on-prem. And so Akamai is doing better there. I'm like, "Okay, where would you want to be?" (laughing) >> Yeah, which one of those two would you rather be? >> Right? Anyway, all right, let's move on. Number seven, blockchain continues to look for a home in the enterprise, but devs will slowly begin to adopt in 2023. You know, blockchains have got a lot of buzz, obviously crypto is, you know, the killer app for blockchain. Senior IT architect in financial services from your, one of your insight roundtables said quote, "For enterprises to adopt a new technology, "there have to be proven turnkey solutions. "My experience in talking with my peers are, "blockchain is still an open-source component "where you have to build around it." Now I want to thank Ravi Mayuram, who's the CTO of Couchbase sent in, you know, one of the predictions, he said, "DevOps will adopt blockchain, specifically Ethereum." And he referenced actually in his email to me, Solidity, which is the programming language for Ethereum, "will be in every DevOps pro's playbook, "mirroring the boom in machine-learning. "Newer programming languages like Solidity "will enter the toolkits of devs." His point there, you know, Solidity for those of you don't know, you know, Bitcoin is not programmable. Solidity, you know, came out and that was their whole shtick, and they've been improving that, and so forth. But it, Eric, it's true, it really hasn't found its home despite, you know, the potential for smart contracts. IBM's pushing it, VMware has had announcements, and others, really hasn't found its way in the enterprise yet. >> Yeah, and I got to be honest, I don't think it's going to, either. So when we did our top trends series, this was basically chosen as an anti-prediction, I would guess, that it just continues to not gain hold. And the reason why was that first comment, right? It's very much a niche solution that requires a ton of custom work around it. You can't just plug and play it. And at the end of the day, let's be very real what this technology is, it's a database ledger, and we already have database ledgers in the enterprise. So why is this a priority to move to a different database ledger? It's going to be very niche cases. I like the CTO comment from Couchbase about it being adopted by DevOps. I agree with that, but it has to be a DevOps in a very specific use case, and a very sophisticated use case in financial services, most likely. And that's not across the entire enterprise. So I just think it's still going to struggle to get its foothold for a little bit longer, if ever. >> Great, thanks. Okay, let's move on. Number eight, AWS Databricks, Google Snowflake lead the data charge with Microsoft. Keeping it simple. So let's unpack this a little bit. This is the shared accounts peer position for, I pulled data platforms in for analytics, machine-learning and AI and database. So I could grab all these accounts or these vendors and see how they compare in those three sectors. Analytics, machine-learning and database. Snowflake and Databricks, you know, they're on a crash course, as you and I have talked about. They're battling to be the single source of truth in analytics. They're, there's going to be a big focus. They're already started. It's going to be accelerated in 2023 on open formats. Iceberg, Python, you know, they're all the rage. We heard about Iceberg at Snowflake Summit, last summer or last June. Not a lot of people had heard of it, but of course the Databricks crowd, who knows it well. A lot of other open source tooling. There's a company called DBT Labs, which you're going to talk about in a minute. George Gilbert put them on our radar. We just had Tristan Handy, the CEO of DBT labs, on at supercloud last week. They are a new disruptor in data that's, they're essentially making, they're API-ifying, if you will, KPIs inside the data warehouse and dramatically simplifying that whole data pipeline. So really, you know, the ETL guys should be shaking in their boots with them. Coming back to the slide. Google really remains focused on BigQuery adoption. Customers have complained to me that they would like to use Snowflake with Google's AI tools, but they're being forced to go to BigQuery. I got to ask Google about that. AWS continues to stitch together its bespoke data stores, that's gone down that "Right tool for the right job" path. David Foyer two years ago said, "AWS absolutely is going to have to solve that problem." We saw them start to do it in, at Reinvent, bringing together NoETL between Aurora and Redshift, and really trying to simplify those worlds. There's going to be more of that. And then Microsoft, they're just making it cheap and easy to use their stuff, you know, despite some of the complaints that we hear in the community, you know, about things like Cosmos, but Eric, your take? >> Yeah, my concern here is that Snowflake and Databricks are fighting each other, and it's allowing AWS and Microsoft to kind of catch up against them, and I don't know if that's the right move for either of those two companies individually, Azure and AWS are building out functionality. Are they as good? No they're not. The other thing to remember too is that AWS and Azure get paid anyway, because both Databricks and Snowflake run on top of 'em. So (laughing) they're basically collecting their toll, while these two fight it out with each other, and they build out functionality. I think they need to stop focusing on each other, a little bit, and think about the overall strategy. Now for Databricks, we know they came out first as a machine-learning AI tool. They were known better for that spot, and now they're really trying to play catch-up on that data storage compute spot, and inversely for Snowflake, they were killing it with the compute separation from storage, and now they're trying to get into the MLAI spot. I actually wouldn't be surprised to see them make some sort of acquisition. Frank Slootman has been a little bit quiet, in my opinion there. The other thing to mention is your comment about DBT Labs. If we look at our emerging technology survey, last survey when this came out, DBT labs, number one leader in that data integration space, I'm going to just pull it up real quickly. It looks like they had a 33% overall net sentiment to lead data analytics integration. So they are clearly growing, it's fourth straight survey consecutively that they've grown. The other name we're seeing there a little bit is Cribl, but DBT labs is by far the number one player in this space. >> All right. Okay, cool. Moving on, let's go to number nine. With Automation mixer resurgence in 2023, we're showing again data. The x axis is overlap or presence in the dataset, and the vertical axis is shared net score. Net score is a measure of spending momentum. As always, you've seen UI path and Microsoft Power Automate up until the right, that red line, that 40% line is generally considered elevated. UI path is really separating, creating some distance from Automation Anywhere, they, you know, previous quarters they were much closer. Microsoft Power Automate came on the scene in a big way, they loom large with this "Good enough" approach. I will say this, I, somebody sent me a results of a (indistinct) survey, which showed UiPath actually had more mentions than Power Automate, which was surprising, but I think that's not been the case in the ETR data set. We're definitely seeing a shift from back office to front soft office kind of workloads. Having said that, software testing is emerging as a mainstream use case, we're seeing ML and AI become embedded in end-to-end automations, and low-code is serving the line of business. And so this, we think, is going to increasingly have appeal to organizations in the coming year, who want to automate as much as possible and not necessarily, we've seen a lot of layoffs in tech, and people... You're going to have to fill the gaps with automation. That's a trend that's going to continue. >> Yep, agreed. At first that comment about Microsoft Power Automate having less citations than UiPath, that's shocking to me. I'm looking at my chart right here where Microsoft Power Automate was cited by over 60% of our entire survey takers, and UiPath at around 38%. Now don't get me wrong, 38% pervasion's fantastic, but you know you're not going to beat an entrenched Microsoft. So I don't really know where that comment came from. So UiPath, looking at it alone, it's doing incredibly well. It had a huge rebound in its net score this last survey. It had dropped going through the back half of 2022, but we saw a big spike in the last one. So it's got a net score of over 55%. A lot of people citing adoption and increasing. So that's really what you want to see for a name like this. The problem is that just Microsoft is doing its playbook. At the end of the day, I'm going to do a POC, why am I going to pay more for UiPath, or even take on another separate bill, when we know everyone's consolidating vendors, if my license already includes Microsoft Power Automate? It might not be perfect, it might not be as good, but what I'm hearing all the time is it's good enough, and I really don't want another invoice. >> Right. So how does UiPath, you know, and Automation Anywhere, how do they compete with that? Well, the way they compete with it is they got to have a better product. They got a product that's 10 times better. You know, they- >> Right. >> they're not going to compete based on where the lowest cost, Microsoft's got that locked up, or where the easiest to, you know, Microsoft basically give it away for free, and that's their playbook. So that's, you know, up to UiPath. UiPath brought on Rob Ensslin, I've interviewed him. Very, very capable individual, is now Co-CEO. So he's kind of bringing that adult supervision in, and really tightening up the go to market. So, you know, we know this company has been a rocket ship, and so getting some control on that and really getting focused like a laser, you know, could be good things ahead there for that company. Okay. >> One of the problems, if I could real quick Dave, is what the use cases are. When we first came out with RPA, everyone was super excited about like, "No, UiPath is going to be great for super powerful "projects, use cases." That's not what RPA is being used for. As you mentioned, it's being used for mundane tasks, so it's not automating complex things, which I think UiPath was built for. So if you were going to get UiPath, and choose that over Microsoft, it's going to be 'cause you're doing it for more powerful use case, where it is better. But the problem is that's not where the enterprise is using it. The enterprise are using this for base rote tasks, and simply, Microsoft Power Automate can do that. >> Yeah, it's interesting. I've had people on theCube that are both Microsoft Power Automate customers and UiPath customers, and I've asked them, "Well you know, "how do you differentiate between the two?" And they've said to me, "Look, our users and personal productivity users, "they like Power Automate, "they can use it themselves, and you know, "it doesn't take a lot of, you know, support on our end." The flip side is you could do that with UiPath, but like you said, there's more of a focus now on end-to-end enterprise automation and building out those capabilities. So it's increasingly a value play, and that's going to be obviously the challenge going forward. Okay, my last one, and then I think you've got some bonus ones. Number 10, hybrid events are the new category. Look it, if I can get a thousand inbounds that are largely self-serving, I can do my own here, 'cause we're in the events business. (Eric chuckling) Here's the prediction though, and this is a trend we're seeing, the number of physical events is going to dramatically increase. That might surprise people, but most of the big giant events are going to get smaller. The exception is AWS with Reinvent, I think Snowflake's going to continue to grow. So there are examples of physical events that are growing, but generally, most of the big ones are getting smaller, and there's going to be many more smaller intimate regional events and road shows. These micro-events, they're going to be stitched together. Digital is becoming a first class citizen, so people really got to get their digital acts together, and brands are prioritizing earned media, and they're beginning to build their own news networks, going direct to their customers. And so that's a trend we see, and I, you know, we're right in the middle of it, Eric, so you know we're going to, you mentioned RSA, I think that's perhaps going to be one of those crazy ones that continues to grow. It's shrunk, and then it, you know, 'cause last year- >> Yeah, it did shrink. >> right, it was the last one before the pandemic, and then they sort of made another run at it last year. It was smaller but it was very vibrant, and I think this year's going to be huge. Global World Congress is another one, we're going to be there end of Feb. That's obviously a big big show, but in general, the brands and the technology vendors, even Oracle is going to scale down. I don't know about Salesforce. We'll see. You had a couple of bonus predictions. Quantum and maybe some others? Bring us home. >> Yeah, sure. I got a few more. I think we touched upon one, but I definitely think the data prep tools are facing extinction, unfortunately, you know, the Talons Informatica is some of those names. The problem there is that the BI tools are kind of including data prep into it already. You know, an example of that is Tableau Prep Builder, and then in addition, Advanced NLP is being worked in as well. ThoughtSpot, Intelius, both often say that as their selling point, Tableau has Ask Data, Click has Insight Bot, so you don't have to really be intelligent on data prep anymore. A regular business user can just self-query, using either the search bar, or even just speaking into what it needs, and these tools are kind of doing the data prep for it. I don't think that's a, you know, an out in left field type of prediction, but it's the time is nigh. The other one I would also state is that I think knowledge graphs are going to break through this year. Neo4j in our survey is growing in pervasion in Mindshare. So more and more people are citing it, AWS Neptune's getting its act together, and we're seeing that spending intentions are growing there. Tiger Graph is also growing in our survey sample. I just think that the time is now for knowledge graphs to break through, and if I had to do one more, I'd say real-time streaming analytics moves from the very, very rich big enterprises to downstream, to more people are actually going to be moving towards real-time streaming, again, because the data prep tools and the data pipelines have gotten easier to use, and I think the ROI on real-time streaming is obviously there. So those are three that didn't make the cut, but I thought deserved an honorable mention. >> Yeah, I'm glad you did. Several weeks ago, we did an analyst prediction roundtable, if you will, a cube session power panel with a number of data analysts and that, you know, streaming, real-time streaming was top of mind. So glad you brought that up. Eric, as always, thank you very much. I appreciate the time you put in beforehand. I know it's been crazy, because you guys are wrapping up, you know, the last quarter survey in- >> Been a nuts three weeks for us. (laughing) >> job. I love the fact that you're doing, you know, the ETS survey now, I think it's quarterly now, right? Is that right? >> Yep. >> Yep. So that's phenomenal. >> Four times a year. I'll be happy to jump on with you when we get that done. I know you were really impressed with that last time. >> It's unbelievable. This is so much data at ETR. Okay. Hey, that's a wrap. Thanks again. >> Take care Dave. Good seeing you. >> All right, many thanks to our team here, Alex Myerson as production, he manages the podcast force. Ken Schiffman as well is a critical component of our East Coast studio. Kristen Martin and Cheryl Knight help get the word out on social media and in our newsletters. And Rob Hoof is our editor-in-chief. He's at siliconangle.com. He's just a great editing for us. Thank you all. Remember all these episodes that are available as podcasts, wherever you listen, podcast is doing great. Just search "Breaking analysis podcast." Really appreciate you guys listening. I publish each week on wikibon.com and siliconangle.com, or you can email me directly if you want to get in touch, david.vellante@siliconangle.com. That's how I got all these. I really appreciate it. I went through every single one with a yellow highlighter. It took some time, (laughing) but I appreciate it. You could DM me at dvellante, or comment on our LinkedIn post and please check out etr.ai. Its data is amazing. Best survey data in the enterprise tech business. This is Dave Vellante for theCube Insights, powered by ETR. Thanks for watching, and we'll see you next time on "Breaking Analysis." (upbeat music beginning) (upbeat music ending)

>>Good afternoon, friends. My name is Savannah Peterson here in the Cube Studios live from Detroit, Michigan, where we're at Cuban and Cloud Native Foundation, Cloud Native Con all week. Our last interview of the day served me a real treat and one that I wasn't expecting. It turns out that I am in the presence of two caddies. It's a literal episode of Caddy Shack up here on Cube. John Furrier. I don't think the audience knows that you were a caddy. Tell us about your caddy days. >>I used to caddy when I was a kid at the local country club every weekend. This is amazing. Double loops every weekend. Make some bang, two bags on each shoulder. Caddying for the members where you're going. Now I'm >>On show. Just, just really impressive >>Now. Now I'm caddying for the cube where I caddy all this great content out to the audience. >>He's carrying the story of emerging brands and established companies on their cloud journey. I love it. John, well played. I don't wanna waste any more of this really wonderful individual's time, but since we now have a new trend of talking about everyone's Twitter handle here on the cube, this may be my favorite one of the day, if not Q4 so far. Drew, not reply. AKA Drew ne Drew Nielsen, excuse me, there is here with us from Teleport. Drew, thanks so much for being here. >>Oh, thanks for having me. It's great to be here. >>And so you were a caddy on a whole different level. Can you tell us >>About that? Yeah, so I was in university and I got tired after two years and didn't have a car in LA and met a pro golfer at a golf course and took two years off and traveled around caddying for him and tried to get 'em through Q School. >>This is, this is fantastic. So if you're in school and your parents are telling you to continue going to school, know that you can drop out and be a caddy and still be a very successful television personality. Like both of the gentlemen at some point. >>Well, I never said my parents like >>That decision, but we'll keep our day jobs. Yeah, exactly. And one of them is Cloud Native Security. The hottest topic here at the show. Yep. I want to get into it. You guys are doing some really cool things. Are we? We hear Zero Trust, you know, ransomware and we even, I even talked with the CEO of Dockets morning about container security issues. Sure. There's a lot going on. So you guys are in the middle of teleport. You guys have a unique solution. Tell us what you guys got going on. What do you guys do? What's the solution and what's the problem you solve? >>So Teleport is the first and only identity native infrastructure access solution in the market. So breaking that down, what that really means is identity native being the combination of secret list, getting rid of passwords, Pam Vaults, Key Vaults, Yeah. Passwords written down. Basically the number one source of breach. And 50 to 80% of breaches, depending on whose numbers you want to believe are how organizations get hacked. >>But it's not password 1 23 isn't protecting >>Cisco >>Right >>Now. Well, if you think about when you're securing infrastructure and the second component being zero trust, which assumes the network is completely insecure, right? But everything is validated. Resource to resource security is validated, You know, it assumes work from anywhere. It assumes the security comes back to that resource. And we take the combination of those two into identity, native access where we cryptographically ev, validate identity, but more importantly, we make an absolutely frictionless experience. So engineers can access infrastructure from anywhere at any time. >>I'm just flashing on my roommates, checking their little code, changing Bob login, you know, dongle essentially, and how frustrating that always was. I mean, talk about interrupting workflow was something that's obviously necessary, but >>Well, I mean, talk about frustration if I'm an engineer. Yeah, absolutely. You know, back in the day when you had these three tier monolithic applications, it was kind of simple. But now as you've got modern application development environments Yeah, multi-cloud, hybrid cloud, whatever marketing term around how you talk about this, expanding sort of disparate infrastructure. Engineers are sitting there going from system to system to machine to database to application. I mean, not even a conversation on Kubernetes yet. Yeah. And it's just, you know, every time you pull an engineer or a developer to go to a vault to pull something out, you're pulling them out for 10 minutes. Now, applications today have hundreds of systems, hundreds of microservices. I mean 30 of these a day and nine minutes, 270 minutes times 60. And they also >>Do the math. Well, there's not only that, there's also the breach from manual error. I forgot to change the password. What is that password? I left it open, I left it on >>Cognitive load. >>I mean, it's the manual piece. But even think about it, TR security has to be transparent and engineers are really smart people. And I've talked to a number of organizations who are like, yeah, we've tried to implement security solutions and they fail. Why? They're too disruptive. They're not transparent. And engineers will work their way around them. They'll write it down, they'll do a workaround, they'll backdoor it something. >>All right. So talk about how it works. But I, I mean, I'm getting the big picture here. I love this. Breaking down the silos, making engineers lives easier, more productive. Clearly the theme, everyone they want, they be gonna need. Whoever does that will win it all. How's it work? I mean, you deploying something, is it code, is it in line? It's, >>It's two binaries that you download and really it starts with the core being the identity native access proxy. Okay. So that proxy, I mean, if you look at like the zero trust principles, it all starts with a proxy. Everything connects into that proxy where all the access is gated, it's validated. And you know, from there we have an authorization engine. So we will be the single source of truth for all access across your entire infrastructure. So we bring machines, engineers, databases, applications, Kubernetes, Linux, Windows, we don't care. And we basically take that into a single architecture and single access platform that essentially secures your entire infrastructure. But more importantly, you can do audit. So for all of the organizations that are dealing with FedRAMP, pci, hipaa, we have a complete audit trail down to a YouTube style playback. >>Oh, interesting. We're we're California and ccpa. >>Oh, gdpr. >>Yeah, exactly. It, it, it's, it's a whole shebang. So I, I love, and John, maybe you've heard this term a lot more than I have, but identity native is relatively new to me as as a term. And I suspect you have a very distinct way of defining identity. How do you guys define identity internally? >>So identity is something that is cryptographically validated. It is something you have. So it's not enough. If you look at, you know, credentials today, everyone's like, Oh, I log into my computer, but that's my identity. No, it's not. Right. Those are attributes. Those are something that is secret for a period of time until you write it down. But I can't change my fingerprint. Right. And now I >>Was just >>Thinking of, well no, perfect case in point with touch ID on your meth there. Yeah. It's like when we deliver that cryptographically validated identity, we use these secure modules in like modern laptops or servers. Yeah. To store that identity so that even if you're sitting in front of your computer, you can't get to it. But more importantly, if somebody were to take that and try to be you and try to log in with your fingerprint, it's >>Not, I'm not gonna lie, I love the apple finger thing, you know, it's like, you know, space recognition, like it's really awesome. >>It save me a lot of time. I mean, even when you go through customs and they do the face scan now it actually knows who you are, which is pretty wild in the last time you wanna provide ones. But it just shifted over like maybe three months ago. Well, >>As long as no one chops your finger off like they do in the James Bond movies. >>I mean, we try and keep it a light and fluffy here on the queue, but you know, do a finger teams, we can talk about that >>Too. >>Gabby, I was thinking more minority report, >>But you >>Knows that's exactly what I, what I think of >>Hit that one outta bounds. So I gotta ask, because you said you're targeting engineers, not IT departments. What's, is that, because I in your mind it is now the engineers or what's the, is always the solution more >>Targeted? Well, if you really look at who's dealing with infrastructure on a day-to-day basis, those are DevOps individuals. Those are infrastructure teams, Those are site reliability engineering. And when it, they're the ones who are not only managing the infrastructure, but they're also dealing with the code on it and everything else. And for us, that is who is our primary customer and that's who's doing >>It. What's the biggest problem that you're solving in this use case? Because you guys are nailing it. What's the problem that your identity native solution solves? >>You know, right out of the backs we remove the number one source of breach. And that is taking passwords, secrets and, and keys off the board. That deals with most of the problem right there. But there are really two problems that organizations face. One is scaling. So as you scale, you get more secrets, you get more keys, you get all these things that is all increasing your attack vector in real time. Oh >>Yeah. Across teams locations. I can't even >>Take your pick. Yeah, it's across clouds, right? Any of it >>On-prem doesn't. >>Yeah. Any of it. We, and we allow you to scale, but do it securely and the security is transparent and your engineers will absolutely love it. What's the most important thing about this product Engineers. Absolutely. >>What are they saying? What are some of those examples? Anecdotally, pull boats out from engineering. >>You're too, we should have invent, we should have invented this ourselves. Or you know, we have run into a lot of customers who have tried to home brew this and they're like, you know, we spend an in nor not of hours on it >>And IT or they got legacy from like Microsoft or other solutions. >>Sure, yeah. Any, but a lot of 'em is just like, I wish I had done it myself. Or you know, this is what security should be. >>It makes so much sense and it gives that the team such a peace of mind. I mean, you never know when a breach is gonna come, especially >>It's peace of mind. But I think for engineers, a lot of times it deals with the security problem. Yeah. Takes it off the table so they can do their jobs. Yeah. With zero friction. Yeah. And you know, it's all about speed. It's all about velocity. You know, go fast, go fast, go fast. And that's what we enable >>Some of the benefits to them is they get to save time, focus more on, on task that they need to work on. >>Exactly. >>And get the >>Job done. And on top of it, they answer the audit and compliance mail every time it comes. >>Yeah. Why are people huge? Honestly, why are people doing this? Because, I mean, identity is just such an hard nut to crack. Everyone's got their silos, Vendors having clouds have 'em. Identity is the most fragmented thing on >>The planet. And it has been fragmented ever since my first RSA conference. >>I know. So will we ever get this do over? Is there a driver? Is there a market force? Is this the time? >>I think the move to modern applications and to multi-cloud is driving this because as those application stacks get more verticalized, you just, you cannot deal with the productivity >>Here. And of course the next big thing is super cloud and that's coming fast. Savannah, you know, You know that's Rocket. >>John is gonna be the thought leader and keyword leader of the word super cloud. >>Super Cloud is enabling super services as the cloud cast. Brian Gracely pointed out on his Sunday podcast of which if that happens, Super Cloud will enable super apps in a new architectural >>List. Please don't, and it'll be super, just don't. >>Okay. Right. So what are you guys up to next? What's the big hot spot for the company? What are you guys doing? What are you guys, What's the idea guys hiring? You put the plug in. >>You know, right now we are focused on delivering the best identity, native access platform that we can. And we will continue to support our customers that want to use Kubernetes, that want to use any different type of infrastructure. Whether that's Linux, Windows applications or databases. Wherever they are. >>Are, are your customers all of a similar DNA or are you >>No, they're all over the map. They range everything from tech companies to financial services to, you know, fractional property. >>You seem like someone everyone would need. >>Absolutely. >>And I'm not just saying that to be a really clean endorsement from the Cube, but >>If you were doing DevOps Yeah. And any type of forward-leaning shift, left engineering, you need us because we are basically making security as code a reality across your entire infrastructure. >>Love this. What about the team dna? Are you in a scale growth stage right now? What's going on? Absolutely. Sounds I was gonna say, but I feel like you would have >>To be. Yeah, we're doing, we're, we have a very positive outlook and you know, even though the economic time is what it is, we're doing very well meeting. >>How's the location? Where's the location of the headquarters now? With remote work is pretty much virtual. >>Probably. We're based in downtown Oakland, California. >>Woohoo. Bay area representing on this stage right now. >>Nice. Yeah, we have a beautiful office right in downtown Oakland and yeah, it's been great. Awesome. >>Love that. And are you hiring right now? I bet people might be. I feel like some of our cube watchers are here waiting to figure out their next big play. So love to hear that. Absolutely love to hear that. Besides Drew, not reply, if people want to join your team or say hello to you and tell you how brilliant you looked up here, or ask about your caddy days and maybe venture a guest to who that golfer may have been that you were CAD Inc. For, what are the best ways for them to get in touch with you? >>You can find me on LinkedIn. >>Great. Fantastic. John, anything else >>From you? Yeah, I mean, I just think security is paramount. This is just another example of where the innovation has to kind of break through without good identity, everything could cripple. Then you start getting into the silos and you can start getting into, you know, tracking it. You got error user errors, you got, you know, one of the biggest security risks. People just leave systems open, they don't even know it's there. So like, I mean this is just, just identity is the critical linchpin to, to solve for in security to me. And that's totally >>Agree. We even have a lot of customers who use us just to access basic cloud consoles. Yeah. >>So I was actually just gonna drive there a little bit because I think that, I'm curious, it feels like a solution for obviously complex systems and stacks, but given the utility and what sounds like an extreme ease of use, I would imagine people use this for day-to-day stuff within their, >>We have customers who use it to access their AWS consoles. We have customers who use it to access Grafana dashboards. You know, for, since we're sitting here at coupon accessing a Lens Rancher, all of the amazing DevOps tools that are out there. >>Well, I mean true. I mean, you think about all the reasons why people don't adopt this new federated approach or is because the IT guys did it and the world we're moving into, the developers are in charge. And so we're seeing the trend where developers are taking the DevOps and the data and the security teams are now starting to reset the guardrails. What's your >>Reaction to that? Well, you know, I would say that >>Over the top, >>Well I would say that you know, your DevOps teams and your infrastructure teams and your engineers, they are the new king makers. Yeah. Straight up. Full stop. >>You heard it first folks. >>And that's >>A headline right >>There. That is a headline. I mean, they are the new king makers and, but they are being forced to do it as securely as possible. And our job is really to make that as easy and as frictionless as possible. >>Awesome. >>And it sounds like you're absolutely nailing it. Drew, thank you so much for being on the show. Thanks for having today. This has been an absolute pleasure, John, as usual a joy. And thank all of you for tuning in to the Cube Live here at CU Con from Detroit, Michigan. We look forward to catching you for day two tomorrow.

>>Okay. We're back at the area in Las Vegas, Falcon 22. You're watching the cube. My name is Dave Valante. Michael cent is here. He's the chief technology officer at CrowdStrike. Michael. Good to see you. Thanks. Thanks >>For >>Having me. Yeah. So this is your first time I think, on the cube. It is, and, and it's really a pleasure. I've been following you, watching you very closely. You're, you know, quite prominent and, and, you know, very articulate. I loved your keynote talking about what is XDR. I think you guys are gonna do really well in that space, cuz you've got clarity of vision and execution. Talk about some of the announcements that you made this week, particularly interested in, in insight. XDR what's that all about? >>Yeah. So I've been talking about XDR for a while and trying to help push the right narrative. There's a lot of marketing in the industry with XDR. So we've been talking a lot about what it, what it means that the benefit that it provides from a technology perspective, what you need in the architecture. So we firmly believe it's a philosophy and we build all of our technology to work together, but it's bringing in third parties. And that was really a lot of the, the announcements. My keynote was to show everybody the work that we've been doing to bring in data from Zscaler and Proofpoint. And we talked about bringing in data from a whole range of different vendors, firewall vendors, and we've been doing XDR use cases for a long time. So a big part of our strategy is to make security easy. And we've been doing a lot of XDR use cases with our Falcon insight module. So the announcement that I made was to relaunch Falcon insight as insight XDR and it means all of our close to 20,000 customers have access to the product. >>So that gets bundled right in it's like SAS automatically part of the portfolio >>Log off on Friday, come back on Monday and you're good to go. >>And then, and you, you just, you just called out Zscaler and Proofpoint you, I think you also mentioned Palo Alto network, Cisco for net as well. You're pulling in telemetry from, yeah, >>We've got a, we got a long map of, of people that we're integrating with. We talked about Cisco, we talked about for drop and for net, we announced that we're gonna be pulling in telemetry from, from Palo and a range of other vendors, Microsoft and others. And that's what XDR is about. It's about first party and third party integration and making all of the telemetry work together. >>I was talking to George about this yesterday is I think there's a lot of confusion. Sometimes when you have the dogma of cloud native, you know, snowflake, same thing, no, we're not doing OnPrem. This is hybrid. People think that that you're excluding on-prem data, but you're not, you can ingest on-prem data, right? >>We absolutely are not excluding on-prem. We will support and, and secure every workload, whether it's on-prem or in the cloud, whether it's connected to the internet or offline, a lot of the, the indicators of attack and the, and the detection techniques that we have are on the sensor itself. So you don't have to be connected anywhere for that capability to work. You get the benefit when you connect to the cloud of the additional visibility, the additional protection, but the core capabilities on the sensor that we have >>Given that you guys started 11 years ago, plus two days now, and you had that dogma cloud cloud, first cloud cloud, only Nate cloud native. Was there ever a point where you're like, you know, boy, we might be missing some of the market, you know? And, and you, you, you held true to your principles. Two part question. Did you ever question that and by focusing all your resources on cloud, what, what has that given you? >>It's there's been a Eliza focus on having a, a native cloud platform. It's easy to say cloud native. And if you look at a lot of the vendors in the industry today, if you are a, a customer and you ask them, Hey, can you gimme an on-premise product? I'm not gonna buy your product. They've got an on premise product. The problem is when you have two different versions, you end up having compromise. You have to manage two code bases, impact to your engineering team. Their features are different customers. Ultimately are the ones that miss out because if I have the on-prem version or if the cloud version, I may not get the same capability for us, it's been very clear. It's been a laser focus to be a cloud and cloud only from day one. >>You've renamed humo. I gotta stop using humo. I guess it's not called log scale, Falcon, complete log scale. You're bringing together security and observability. Although you're not doing the full spectrum of observability, you're just sort of focusing on, you know, part of it. Can you explain that? >>Yeah. So first of all, we did rebrand and bring the homeo brand closer to a crowd strike by renaming it Falcon log scale. And just to be clear, it's not just the rebranding of the name. We've been spending a lot of time. We made that acquisition in March of, of last year, and we've been doing a lot of work on the technology. We built out long, the Falcon long term retention. We built a whole bunch of capability into the product. So now was the right time to rebrand it as Falcon log scale. And at the same time, we also announced Falcon complete log scale. And it's part of the complete franchise. And that's where customers can get the value and the benefit of log scale, but they don't have to set it up. They don't have to manage it. They leave that to us. >>So you get pretty much involved in, in the, the M and a activity. You talked on stage yesterday about reify and, and what's going on there. You guys got, obviously gotta, still do that. You, but you made investments this week. You announced investments in salt security, the API specialist, and, and also Vanta compliance automation. What's the thinking behind that, you know, explain actually the fund that you guys are sprinkling around as a strategic investor and why those companies. Yeah. >>So there's two, two parts that, that I'm involved in on that part of my team. One is the M and a team. And one is the Falcon fund side of the business. Obviously two very different things. The, the M and a part of CrowdStrike, we're always looking to see for every technology space that we want to get into, you know, what is the best option build by a partner? Sometimes it's built sometimes it's a, it's a hybrid approach of build and partner. Other times we go down the path of M and a, and I was super excited about reify, great company, great technology. And as you said, we made announcements to we're investing as part of the fund into, into van and salt. We, we, we are very blessed. We're very fortunate to have achieved a lot of success in a short period of time. And we think we've got an opportunity to help fledgling companies to help them guide through the process of setting up the company, helping them with engineering principles and guidelines, helping them with the go to market perspective. So the fund is really about that. It's finding the next cybersecurity company working closely together, and it's been a huge success. You had banter and salt on earlier, and there's so much excitement about what they do. >>Yeah. I mean, it's clear, clear, compliment to what you guys are doing. I want to ask you about your lightweight agent. There, there are other firms that say they have a lightweight agent too. You know, what, what makes your lightweight agent so different? So special? >>Yeah. I've never seen a PowerPoint presentation. That's wrong. It's very easy to, to say your lightweight agent is, is, you know, super lightweight. And many times when you look at them, they're, they're not lightweight. They take a lot of effort to install. They need reboots. If you've got security, that's part of the operating system. If you've got security that requires to reboot, you can't go to a bank and say, Hey, you've got a hundred thousand machines. We're gonna install all of this technology, but you've gotta reboot it once, twice, three times. So what ends up happening is you see deployment cycles that go on for 12 months. I've spoken to organizations here this week that said we had budgeted to roll out your product in 18 months because of what we experienced in the past. And we did it in seven weeks. That's a lightweight agent with no reboot. And then you look at the updates. You look at the CPU resource utilization. So again, very easy to say lightweight. I haven't seen anything like what we've built at crowd strike. >>How do you keep an agent lightweight when you're both acquiring in companies and adding modules? I think you're, you're over 20 modules now. How, how is it that the, the agent can remain so lightweight? >>So we spent a lot of time building out the agent cloud architecture that we have, the, the concept of our agent is very different. It's not collecting data, storing it, trying to sell, send it up. We have a smart agent with smart filtering built in. So we're very careful in terms of the data that we collect, but think of the aperture on a camera. You know, if you wanna let more light in you, you widen the aperture. It's the same as our, our agent. If we wanna bring in more telemetry, we, we widen that aperture. So we're very efficient on the network. And we collect data. When machine process runs, we collect that telemetry. We use it in different ways, but we collect once and reuse it many times. So it's the same agent for NextGen AV for EDR, for our spotlight vulnerability management module. And when we're looking at M M and a, so coming back to your, your question, we will look at technology. And if we can't bring that technology and incorporate it into the agent that we already have, we won't acquire it. Worst thing in security is complexity. When you give an organization, 1, 2, 3, 5 plus agents, and then they have 3, 4, 5 plus management consoles. It's too hard when they're under attack. >>Well, it's like my, my business partner co-host John furrier says is that as an industry, we tend to solve complexity with more complexity. And it's, that's problematic. Can you talk about your, your threat graph? Like, what is that? Is it a, is it a graph database? Is it a purpose built? Is it a time series, database, a combination? What, what is >>That? Yeah, it is a graph database. When we, when, when the company was started, obviously the vision was to crowdsource telemetry from so many machines from millions of devices around the world. And the thesis at the time was as that capability scales out, there's nothing commercially available that will be able to ingest all of that data. And today we are processing over 7 trillion events every single week. We, we can't go and get something off the shelf. So we've had to build the, the technology from the ground up. That's the first part. Secondly, there is a temporal element to this. There's a time element. And we, we have an ontology built where we track the relationship between all the telemetry that we get. The reason why I believe we stand alone in EDI is because of that time element, the relationship that we have, and we just have so much context that makes it easy for the threat hunter speed and, and ease of use is critical in cyber. >>So you see in data in the database world, everything's kind of converging with all this function, you know, 11 years ago, these were pretty rudimentary. I shouldn't say rudimentary, but immature markets they've come a long way. If you had to start, if, if those capabilities that are there today with graph databases and time series databases were available in, in 2010, would you have used off the shelf technology, or would you have still developed your >>Own? We would've done the same thing that we've done today. >>And, and why can you explain what that, what that is it a performance thing? Is it just control? >>Yeah, look, it, it, it's everything that I talked about before, the, the benefit that you get from the approach that we've taken and the scalability that the requirements that we need, we still today, there's nothing that we can, we can go and get off the shelf that can scale and give us the performance that we need that can give us the ability to, to have that relationship data, the ontology of, of what we have in the platform and the way that we inter operate with all of the different modules that just wouldn't exist. We wouldn't have that capability. And what you'd find is we'd be pretty much the same as every other vendor where they have on-prem solutions, they have hybrid hosted solutions. And when you have those trade offs, you see it in the product. >>Yeah. So the, the point is you're very focused on the purpose of your, your proprietary technology. You're not trying to serve the all things to all people. You used the term yesterday in your keynote, which it, it caught my attention. You used the term ground truth, and it has very specific meaning. Can you explain what you meant by what is ground truth, you know, in the world? And what, what, what does it mean to CrowdStrike? Yeah, >>I was talking about ground truth as it relates to the acquisition of reify and the big thing for us, we wanted to bring additional capability to the platform, to give our customers external and internal visibility of all their assets and all their vulnerabilities. What's important with us, with our agent is today, we give you a single source of truth. When we put that agent onto a device, we tell you everything about the hardware. We tell you everything about who's logged in. We tell you everything about the applications that are running the relationships between the, of the device and the application. We're not a CMDB. We feed CMDB with information that is instant, that is live. And when we look at reify, it broadens again, I'll use the same word. It broadens the aperture. It gives us more visibility around what's going on. So we're, we're super excited about that because having information about all of your assets, all of your users, the applications they use, whether they're vulnerable, how you need to protect them, having it at your finger fingertips, it's a game changer >>Contract, can CrowdStrike be a generational company. And what do you have to do to ensure that that outcome occurs? We, >>We, I think we absolutely are. And, and we're we're path paving a path to, you know, really continuing to build out that platform. I said, in my keynote that I think we're at an early innings. I, if you buy, for example, as a customer, our insight module, cuz you wanna start with EDR, you've got 21 modules to go yesterday. Today we, we talked about discover 2.0, we talked about discover for IOT. I talked about the, the repository acquisition, a whole range of technology built on that single cloud agent architecture. And we've heard the success stories here this week from customers that have just gotten so much benefit. They've rolled out one agent and they've turned off eight or nine from other security vendors. So absolutely we can be a generational company with what we're doing. What >>Are the blockers to customers turning on those additional modules? Cause not, not all customers are using our modules. Is it that they've made an investment in an alternative technology and they're sort of hugging onto it or are there other technical blockers? Yes. >>It many times it's the investment, right? So if you've made a, an investment in the company, you've got a year to go, you might wanna sweat that asset. But typically what we find is the benefit that we have. It's a very simple conversation. If we can give people a cost and a technology benefit, they're gonna make the transition to move. There's so many technical benefits. We talked about the single agent, but the actual features of the modules themselves. But the big thing for us is we've done over 4,700 business value assessments where we sit down with an organization and we look at what they have. We look at what their spend is. We look at their FTEs, we look at the security outcomes that they get. And then we come out with a model that shows them technology and business value. And that's what really drives them to make the switch. >>So the business value in that VVA is not just a, a reduction in expected loss. That's part of it, better security you're gonna, you know, be, be, be lower your risk. But you're saying it's also the labor associated with that. Yeah, >>Absolutely. It's it's how do you operationalize the solution? How many people do you need? How long does it take you to respond? You know, how do you interact with third parties with your suppliers is taking in all of that data. We've spent a long time building out that model and it's, it's proving to be very successful customers. Love it. Is >>That, is that sort of novel ROI thinking in the security business or I'm trying to think of, I mean, I know for years it would watch art. Coviello stand up at RSA and tell us how, how this year's worse than last year. And so, but, but, but I never really heard, you know, a strong business case that would resonate with the, with the P and L manager, other than, you know, we gotta do this or we're gonna get hacked and you're gonna be screwed. Is that new thinking? Or am I, did I just miss it? >>I don't know if I wanna size new thinking. I think what happened, what changed was 10, 15 years ago at a conference you'd stand up and everybody would tell you ransomwares up and fishing is up. And at the end of it, people are trying to work out. Is that good? Or is that bad? It went up 20% based off what that doesn't work anymore. Everyone, you know, got tired of that. And a few of us have been doing it for a while. I I'm, I'm sort of two and a half decades into this. And if you, if you try to use that model of scaring people, they switch off, they want to understand the benefit. You know, the break in the car is so you can go and stop safely when you need it. And I look at security the same way we want to accelerate the company. We want to help companies do their job, but security is there to make sure they don't get into trouble. >>Yeah. It's like having two security guards by your side, right? I mean, they're gonna help you get through the crowd and move forward. So Michael, thanks so much for coming to the cube. Thanks for having me your time. You're you're very welcome. All right. Keep it right there. After this short break, Dave ante will be back with the cube live coverage from Falcon 22 at the area in Las Vegas.

>>Welcome back everyone to the Cube's live coverage of VMware Explorer, 2022. I'm John furrier with Dave Valante host of the cube. We're here on the ground floor, Moscone west two sets Walter Wall coverage. Three days. We heard Laura Heisman, the senior vice president and CMO of VMware, put it all together. Great to see you. Nice, thanks for, to see you for spending time outta your very busy week. >>It is a busy week. It is a great week. >>So a lot of people were anticipating what world was gonna look like. And then the name changed to VMware Explorer. This is our 12th year covering VMware's annual conference, formerly known ASM world. Now VMware Explorer, bold move, but Raghu teased it out on his keynote. Some reason behind it, expand on, on the thought process. The name change, obviously multi-cloud big headline here. vSphere eight partnerships with cloud hyperscale is a completely clear direction for VMware. Take us through why the name changed. Exactly, exactly. And why it's all coming together. Think he kind of hinted that he kinda said exactly, you know, exploring the new things, blah, blah, blah. Yeah. But take us through that. You've architected it. >>Yeah. It is a, a change of, we have a great past at VMware and we're looking to our future at the same time. And so when you come back from a pandemic and things changing, and you're really looking at the expansion of the business now is the time because it wasn't just to come back to what we were doing before. And every company should be thinking about that, but it's what are we gonna do to actually go forward? And VMware itself is on our own journey as expanding in more into the cloud, our multi-cloud leadership and everything that we're doing there. And we wanted to make sure that our audience was able to explore that with us. And so it was the perfect opportunity we're back live. And VMware Explorer is for everyone. That's been coming Tom world for so many years. We love our community and expanding it to our new communities that maybe don't have that legacy and that history and have them here with us at >>VMware. You did a great job. I love the event here. Love how it turned out. And, and a lot of interesting things happened along the way. Prior to this event you had we're coming outta the pandemic. So it's the first face to face yes. Of the VMware community coming together, which this is an annual right of passage for everyone in the customer base. Broadcom buys VMware. No, no, if you name change it to VMware Explorer and then Broadcom buys VMware. So announces, announces the, the buyout. So, and all the certainty, uncertainty kind of hanging around it. You had to navigate those waters, take us through, what was that like? How did you pull it off? It was a huge success. Yeah, because everyone showed up. Yeah. It's, it's, it's the same event, different name, >>It's >>Same vibe. >>The only thing constant is change. Right? And so it's the, we've gotta focus on the business and our VMware customers and our partners and our community at large. And so it's really keeping the eye on what we're trying to communicate to our community. And this is for our VMware community. The VMO community is here in spades. It is wonderful to have the VMO community here. We have tons of different customers, new customers, old customers, and it's just being able to share everything VMware. And I think people are just excited about that. It's great energy on the show floor and all >>Around. And it's not like you had years to plan it. I mean, you basically six months in you, you went, you said you went on a six month listening tour the other day. What was the number one question you got on that listening tour? >>Well, definitely about the name change was one, but I would say also, it's not just the question. It was the ask of, we have we're in what we call our chapter three here. And it's really our move into multicloud and helping all of our customers with their complexities. >>So virtualization, private cloud, and now multi-cloud correct. The third chapter. >>Yeah. And the, the question and the ask is how do we let our customers and partners know what this is, help us Laura. Like that was the number one ask to me of help us explain it. And that was my challenge and opportunity coming into explore, and really to explain everything about our, if you watched the gen session yesterday, these was, was going through our multiple different chapters where we are helping our customers with their multi-cloud strategies. And so it is been that evolution gets us today and it doesn't end today. It starts today. And we keep going, >>Like, like a lot of companies, obviously in you in this new role, you inherited a hybrid world and, and you've got, you got two years of virtual under your belt, and now you're running a completely different event from that standpoint. How does the sort of the COVID online translate into new relationships and how you're cultivating those? What's that dynamic like? >>Well, let's start with how happy everyone is to see each other in person. No doubt. Yeah. It is amazing just to see people, the high fives in the hallways, the hugs, oh, some people just the fist pump, whatever people mats are there masks aren't there, right? It is something of where everyone's comfort level, but it is really just about getting everyone together and thinking about how do, how was it before the pandemic? You don't necessarily just wanna repeat coming back. And so how do you think about this from an in-person event? People have been sitting behind their screens. How do we engage and how are we interactive? Knowing that attention spans are probably a little bit shorter. People are used to getting up and going get their coffee. We have coffee in the conference rooms, right? Things like that, making the experience just a really great one for everyone. So they're comfortable back in person, but I mean, honestly the energy and seeing people's smiles on their faces, it's wonderful to be back in person. >>It's interesting, you know, the cube, we've had some transformations ourselves with the pandemic and, and living through and getting back to events, but hybrid cloud and hybrid events is now the steady state. So, and in a way it's kind of interesting how hybrid cloud and now multi-cloud the digital aspect of integrating into the physical events is now key. First class citizen thinking. Yeah. For CMOs, you guys did a great job of preserving the, the, the, the best part of it, which is face to face people seeing each other and now bringing in the digital and then extending this. So that it's an always on kind of explore. Is that the thinking behind it? Yes. What's your vision on where you go next? Because if it's not, it's not one and done and see you next year. No anymore, because no, the pandemic showed us that hybrid and digital and physical together. If design as first class citizens with each other. Yeah. One sub-optimize me obviously face to face is better than digital, but if you can't make it, it shouldn't be a bad experience. >>No, not at all. Good's your vision. And, and we're in a point where not everyone's gonna come back, that everyone has what's going on with their life. And so you have to think about it as in person and online, it's not necessarily even hybrid. And so it's, what's the experience for people that are here, you know, over 10,000 people here, you wanna be sure that that is a great experience for them. And then our viewers online, we wanna be sure that they're able to, to know what's going on, stay in touch with everything VMware and enjoy that. So the gen session that was live, we have a ton of on demand content. And this is just the start. So now we go on to essentially multiple other VMware explorers around the world. >>It's interesting. The business model of events is so tickets driven or sponsorship on site on the location that you can get almost addicted to the, no, we don't wanna do digital and kind of foreclose that you guys embraced the, the combo. So what's the attendance. I mean, probably wasn't as big as when everyone was physical. Yep. What are some of the numbers? Can you give us some D data on attendance? Some of the stats around the show, cuz obviously people showed up and drove. Yes. It wasn't a no show. That's sure a lot of great stuff here >>We have. So it's over 10,000 people that are registered and we see them here. The gen session was packed. They're walking the show floor and then I don't have the numbers yet for our online viewership, but everything that we're doing to promote it online, if anyone missed it online, the gen session is already up and they'll see more sessions going live as well as all the on demand content so that everyone can stay in the loop of what's happening. And all of our announcements, >>You're obviously not disappointed. Were you surprised? A little nervous. >>So I will say one thing that we learned from others, thank goodness others have gone before us. So as far as coming back in person is the big change is actually registration happens closer to the event, right. Is a very big change from pre so, >>So it's at the end. Yes. >>The last three weeks. And we had been told that from peers at RSA and other conferences, that that's what happens. So we were prepared for that, but people wanna know what's going on in the world. Yeah. Right. You wanna have that faith before you buy that ticket and book your travel. And so that has definitely been one of the biggest changes and one that I think that will maybe continue to see here. So that was probably the biggest thing that changed as far as what to expect as registration. But we planned for this. We knew it was not going to be as big in the past and that that's gonna be, I think the new norm, >>I think you're right. I think a lot of last minute decisions, you know, sometimes people >>Wanna know, I mean, it's, what's gonna happen another gonna be outbreak or, I mean, I think people have gotten trained to be disappointed >>Well and be flexible >>With COVID I and, and, and weirded out by things. So people get anxiety on the COVID you've seen that. Yeah. >>Yeah. Yeah. I wanna ask you about the developer messaging cause that's one of the real huge takeaways. It was so strong. And you said the other day in the analyst session, the developers of the Kings and the Queens now, you know, we, when we hear developers, we think we pictured Steve Bama running around on stage developers develop, but it's different. It's a different vibe here. It it's like you're serving the Kings in the, in the Queens with, through partnerships and embracing open source. Can you talk a little bit about how you approached or, and you are approaching developer messages? Yeah, >>I, so, you know, I came from GitHub and so developers have been on my mind for many years now. And so joining VMware, I got to join this great world of enterprise software background and my developer background. And we have such an opportunity to really help our developer community understand the benefits of VMware to make them heroes just like we made sort of virtualization professionals heroes in the past, we can do the same thing with developers. We wanna be sure that we're speaking with our developer community. That was very much on stage as well as many of the sessions. And so our, we think about that with our products and what we're doing as far as product development and helping developers be able to test and learn with our products. And it's really thinking about the enterprise developer and how can we help them be successful. >>And I think, I think the beautiful thing about that message is, is that the enterprises that you guys have that great base with, they're all pretty much leaned into cl cloud native and they see it and it's starting to see the hybrid private cloud public cloud. And now with edge coming, it's pretty much a mandate that cloud native drive the architecture and that came clear in the messaging. So I have to ask you on the activations, you guys have done how much developer ops customer base mix are you seeing transfer over? Because the trend that we're seeing is is that it operations and that's generic. I'll say that word generically, but you know, your base is it almost every company has VMware. So they're also enabling inside their company developers. So how much is developer percentage to ops or is they blending in, it's almost a hundred percent, which how would you see >>That it's growing? So it's definitely growing. I wouldn't say it's a hundred percent, but it is growing. And it is one where every company is thinking about their developer. There's not enough developers in the world per the number of job openings out there. Everyone wants to innovate fast and they need to be able to invest in their developers. And we wanna be able to give them the tools to be able to do that. Cuz you want your developers to be happy and make it easier to do their jobs. And so that's what we're committed to really being able to help them do. And so we're seeing an uptick there and we're seeing, you'll see that with our product announcements and what we're doing. And so it's growing. >>The other thing I want to ask you, we saw again, we saw a lot of energy on the customer vibe. We're getting catching that here, cuz the sessions are right behind us and upstairs the floor, we've heard comments like the ecosystem's back. I mean not to anywhere, but there was a definitely an ecosystem spring to the step. If you will, amongst the partners, can you share what's happening here? Observations things that you've noticed that have been cool, that that can highlight some trends in the partner side of it. Yeah. What's going on with partners. >>Yeah. I mean our partners are so important to us. We're thrilled that they're here with us here. The expo floor, it is busy and people are visiting and reuniting and learning from each other and everything that you want to happen on the expo floor. And we've done special things throughout the week. For example, we have a whole hyperscaler day essentially happening where we wanna highlight some of the hyperscalers and let them be able to, to share with all of our attendees what they're doing. So we've given them more time within the sessions as well. And so you'll see our partner ecosystem all over the place, not just on the expo >>Floor, a lot of range of partners. Dave, you got the hyperscalers, you have the big, the big whales and cloud whales. And then you have now the second tier we call 'em super cloud type customer and partners. And you got the multi-cloud architecture, developing a lot of moving parts that are changing and growing and evolving. How do you view that? How you just gonna ride the wave? Are you watching it? Are you gonna explore it through more, you know, kind of joint marketing. I mean, what's your, how do you take this momentum that you have? And by the way, a lot of stuff's coming outta the oven. I was talking with Joan last night at the, at the press analyst event. And there's a lot of stuff coming outta the VMware oven product wise that hasn't hit the market yet. Yep. That's that's that's I mean, you can't really put a number on that sales yet, but it's got value. Yep. So you got that happening. You got this momentum behind you, you just ride the wave and what's the strategy. Well, >>It is all about how do we pass to the partner, right? So it is about the partner relationship. And we think about that our partner community is huge to us at VMware. I'm sure you've been hearing that from everyone you've been speaking to. So it's not even it's ride the wave, but it's embrace. Got it. It's embrace our partners. We need their help, our customer base. We do touch everybody and we need them to be able to support us and share what it is that we're doing from our product E evolution, our product announcements. So it's continuous education. It's there in educating us. It's definitely a two way relationship and really what we're even to get done here at explore together. It's progress that you can't always do on a zoom or a teams call or a WebEx call. You can't do that in two weeks, two years sometimes. And we're able to even have really great conversations >>Here and, and your go to market is transforming as well. You, you guys have talked about how you're reaching many different touchpoints. We've talked about developers. I mean, the other thing we've seen at events, we talked about the last minute, you know, registrations. The other thing we've seen is a lot more senior members of audiences. And now part of that is maybe okay, maybe some of the junior folks can't travel, they can't get, but, but, but why is it that the senior people come, they, they maybe they wouldn't have come before maybe because they're going through digital transformations. They wanna lean in and understand it better. But it seemed, I know you had an executive summit, you know, on day zero and Hawk 10 was here and, and so forth. So, okay. I get that. But it seems in talking to the partners, they're like, wow, the quality of the conversations that we're having has really been up leveled compared to previous years in other conferences. >>So yeah. Yeah. I think it's that they're all thinking about their transformation as well. We had the executive summit on day zero for us Monday, right? And it was a hundred plus executives invited in for a day who have stayed because they wanna hear what's going on. When I joined VMware, I said, VMware has a gift that so many companies are jealous of because we have relationships with the executives and that's what every company's startup to large company wants. And they're, they're really trusted customers of ours. And so we haven't been together and they want to be here to be able to know what's going on and join us in the meetings. And we have tons of meetings happening throughout >>The event and they're loyal and they're loyal. They're absolutely, they're active, active in a good way. They'll give you great feedback, candid feedback. Sometimes, you know, you might not wanna hear, but it's truthful. They're rare, engaging feedback gift. And they stay with you and they're loyal and they show up and they learn they're in sessions. So all good stuff. And then we only have about a minute left. Laura. I want to get your thoughts and, and end the segment with your explanation to the world around explore. What's next? What does it mean? What's gonna happen next? What does this brand turn into? Yeah. How do you see this unfolding? How do people, how should people view the VMware Explorer event brand and future activities? >>Yeah. VMware Explorer. This is just the start. So we're after this, we're going to Brazil, Barcelona, Singapore, China, and Japan. And so it is definitely a momentum that we're going on. The brand is unbelievable. It is so beautiful. We're exploring with it. We can have so much fun with this brand and we plan to continue to have fun with this brand. And it is all about the, the momentum with our sales team and our customers and our partners. And just continuing what we're doing, this is, this is just the beginning. It's not the, it's a global >>Brand explore >>Global. Absolutely. Absolutely. >>All right, Dave, that's gonna be great for the cube global activities. There you go, Laura. Great to see you. Thank you for coming on. I know you're super busy. Final question. It's kind of the trick question. What's your favorite aspect of the event? Pick a favorite child. What's going on here? Okay. In your mind, what's the most exciting thing about this event that that's near and dear to >>Your heart? So first it's hearing the feedback from the customers, but I do have to say my team as well. I mean, huge shout out to my team. They are the hub and spoke of all parts of explore. Yeah. VMware Explorer. Wouldn't be here without them. And so it's great to see it all coming >>Together. As they say in the scoring and the Olympics, the degree of difficulty for this event, given all the things going on, you guys did an amazing job. >>We witnessed >>To it. Congratulations. Thank you. Thank you for a great booth here. It looks beautiful. Thanks for coming. Wonderful. >>Thank you for >>Having me. Okay. The cues live coverage here on the floor of Moscone west I'm Trevor Dave. Valante two sets, three days. Stay with us for more live coverage. We'll be right back.

(bright upbeat music) >> Welcome, everyone, to this Cube conversation. It's part of our season two, episode four of the ongoing AWS Startup Showcase Series. Today's theme, "Cybersecurity: Detect and Protect Against Threats." I'm your host, Lisa Martin. I've got one of our alumni back with us. Rakesh Narasimhan joins me, President and CEO of Anitian. Rakesh, it's great to have you back on the program. >> Thank you very much. Pleasure to be here. >> So some congratulations are in order. I see that Anitian was recently awarded nine global InfoSec awards at RSA conference just this year including couple great titles here hot company and security company of the year. Talk to the audience who knows Anitian what is it doing to enable and empower the digital transformation for enterprises that are, I mean, we've been talking about the acceleration of digital transformation. How is Anitian an enabler of that? >> Thank you again for the opportunity. I think the big change that we brought to the table in Anitian is really what is typically a very manual, complex time consuming and quite expensive process. We've just brought software innovations to it and really that's customers who are trying to do compliance or security in the cloud which just provide a platform that basically accelerates a customer's application migration to cloud. And so that ability is the software innovation that we were able to bring to the space and that just wasn't there before. And so we're just happy that we took the opportunity to innovate there and just bring it to the customers. >> So let's now talk to and address those AWS customers. When you're talking to prospects, existing AWS customers what do you say are the differentiators that makes Anitian so unique when in AWS. >> That's a great question. I think the biggest innovation, the biggest thing that we bring to the table is really an acceleration and timeline and completion of their application. So if you're a customer and you're trying to get into a new market for compliance, for example or you're trying to basically get a new application up and running in a secure environment in either one of those cases, we have a product offering a platform offering that enables you to quickly get up and running and get to production. And that's been the reason why we've enjoyed enormous success in the marketplace in the AWS customer base. >> One of the areas where I see that an Anitian has been very successful is in helping cloud software vendors get FedRAMP compliance and be able to access what is a huge federal market. How are you able to do that? >> Yeah, I think the big thing that we focused on was you have a complete class of SaaS vendors out there who provide enormous innovation that they bring to the marketplace but the government market in general has not been able to participate in it because it again, like I said, it's very complex. It takes time and it's very expensive. And so we focused on that opportunity to really make it easier for all these cloud service providers to be able to bring their innovations to the government market, for example, with FedRAMP and so we help with the automation and the acceleration with our platform offering on top of cloud providers like AWS, and that enables the SaaS provider to offer that opportunity that hitherto is not available to now make it available in the government marketplace. And that's a huge buyer, if you will their budgets are huge. They're still buying even on a downturn in the market even as commercial vendors, who look at that, that market everybody's nervous about it. But if you look at the government market they have budget, they're buying and that needs to be provided to the install base. And so we help make that happen. >> How does that make you unique from a competitive perspective to be able to accelerate veteran for AWS customers in particular? >> I think the biggest issue has always been three things, right? It's complex, it's time consuming but most importantly, how quickly can a company make their software innovations available to a large market has always been sort of the challenge especially in the federal market. So we basically pre-engineering a platform taking care of all the requirements of the standard in compliance and security and then essentially help the customer bring that innovation on top of the AWS environment and making that available to the customers and record time. That's the reason why we're able to enjoy the success. Historically, the space has been very very focused on a lot of consulting folks really providing consulting on an hourly basis. We thought of actually bringing a software oriented approach just like people buy email, they buy service and then all the innovations that come along with it for the subscription that you pay. It's a very similar concept we brought to this space prior to this, either people did it themselves or they hired a lot of consulting folks to tell them what to do. And that could take a long time and then not just time and expense but every single time they made a change they would still, again, have to go redo all that work. We just brought a platform approach which is well understood by now in the industry you pay a subscription, you buy a platform and all the innovations come along for them. So that's huge productivity, time to market but most importantly it enables them to achieve their revenue goals because they're trying to get to market and service the customer, right? So we help them accomplish that in record time. >> So you are really impacting your customer's bottom line. You've been very successful in helping AWS public sector customers to accelerate FedRAMP. As you talked about FedRAMP compliance how are you now switching gears to focus on the AWS commercial customers and even enterprise DevOps teams to be able to accelerate cloud application security? >> Yeah, I think, again we started from a place of humility, if you will. You know, there's a lot of vendors a lot of folks make a lot of claims. We wanted to make sure that we first we're very good at doing something. And that's something was really go after the federal market and the success we achieved in that marketplace had a few insights for ourselves which was people really struggle in all kinds of environments, not just public sector. And what we found is that commercial customers are also trying to go to cloud. They're also dealing with the issues of security in securing their environments. And it's really the DevOps and DevSecOps folks on whom this burden falls. And they have to answer to so many different constituencies in an enterprise company. And so we time and time again while we did the work in FedRAMP we learned that, you know it's not just about compliance. It's also about securing on a base of standards. So how could we provide the same pre-engineered environment for DevOps and DevSecops teams to be able to run that environment for their applications that became an 'aha' for us because we were running into it all the time in the public sector side. So we went and talked to a few customers and said, 'Hey, how about we do the same thing on the commercial side for you?' And I wish I could take credit for this but it's actually not true. It's actually customers who came to us and said, 'Hey you did this really well for us in public sector side. Could you provide the same thing for us in the commercial side?' where it's not about all the documentation and all the audits and things that happen on the compliance side of the house. I just want you to provide an environment so that our DevOps teams could just operate in that environment and Devs can work on it. Can you do that? And we'll pay you. And that was born really our idea of secure cloud enterprise. Our primary offering historically has been secure cloud compliance with a compliance business if you will, where people could go into market and have a completely new market to go after. Whereas in the enterprise side we brought those innovations, those learnings and brought it to a commercial market. And so that's the new product, if you will, that we're launching to service that customer base, if you will. >> So if I'm an AWS customer when do I know it's time to contact Anitian and say, 'Guys we need help and we think you're the right ones to help us accelerate.' >> Yeah, I think it's re really straightforward if you are a customer commercial SaaS vendor, if you will, that runs an AWS and you want to go after a new market then you come to us and we can help you quickly get to all the compliance standards so that you can go sell in the government marketplace. That's an offering we already have, or you are a a brand new company and B2B company and you're developing an application and you want a pre-engineered environment that passes all the security standards so that you don't have to worry about it. You have a subscription to AWS and you have a subscription to us. And then that basically provides you a secure environment in which you can start developing your applications and start developing, deploying them much like your DevOps cycle would work. So we provide that basis already for you. So if you're a customer on the B2B side and you're going to cloud to get your applications to the marketplace on AWS, we're a great solution for you to actually have that engineered platform in place already. So those are the two areas where you can contact us and we can help you out. >> And talk to me about when you are in customer conversations especially as we've had such challenging times the last couple of years, how have those customer conversations changed and evolved? Are you seeing an acceleration up the C-suite stack? Is this a key priority for the CEO and his or her team? >> Yeah, I think it's a phenomenal point. I think security's always been top of mind for folks, not just the C-suite, but in boardrooms as well. But you know, the key thing we found is that even in a down market, sometimes in the environment that is playing out in the macro environment. I think the thing that has not changed is people are still trying to figure out how to make their dollar go further. And how do I get a better return on investment? So if you look at our compliance business that growth is all about that market is growing. There's still opportunity, and people are still having budgets and spending. So commercial companies are still trying to figure out how can I extend my market reach into new markets? So that's an area that the C-suite is really interested in. Funny enough, you would think in the cyber world it's a CSOs who are the ones who actually are looking for solutions from us that certainly an audience but CEOs and CROs are the folks who really clamor for our solution because it is their ability to enter a new market and go after a new budget that can grow their business and have an ROI pretty quickly. That's the ability for them to make that decision. So it's very pertinent to their buying behavior that we have aligned ourselves to very simply put by engaging us. They get to go after a new market to establish a new line of revenue they didn't have before. So that's always interesting to any C-suite member as you can imagine. And that's the compliance side. >> Absolutely establishing new revenue streams is huge and that's a big competitive differentiator. We've seen a lot of customers that weren't able in any industry to do that during the challenging pandemic times. And that is a game changer for organizations across industries. >> Exactly, exactly. And wishing that play out, not just on that side, but even on the commercial side where people are also trying to figure out how do I basically make sure it's pre-done so that it's one less thing for me to have to worry about so that I can be more productive. I can get to market pretty quickly which means I can, again, deliver to my customers quickly which means revenue for them as well. So we are the security business, but really if you notice we're solving a business problem for our customers and we're aligned to their ROI so that it's relatively easier for them to make a decision. They certainly get security in compliance but the bigger benefit for them is to grow their business itself. So we are trying to accelerate that momentum for them. >> That's critical, and I'm sure your customers really appreciate the impact that you're having on their growth, their ability to deliver to what I can only presume is their demanding customers. As one of the things I know that's been in short supply the last couple of years, is patience and tolerance. Is there Rakesh a customer story that you think really articulates the value of what Anitian is delivering? Maybe a favorite customer story that you mentioned when you're giving talks? >> Sure, sure. We really have a very customer base across the landscape. If you think about our compliance business, Smartsheet is a great example who partnered early. They were not even in the cloud before. And then that's a great example with AWS where the three of us work together to offer Smartsheet the collaboration software public SaaS company, if you will, who really established themselves and differentiated themselves in the marketplace by offering that on AWS. And we helped them accomplish their FedRAMP itself not just for once, but you know they've been great customers of ours multiple renewals over the years and every single year that the business that they get on the federal sizes increased because of the work that they did first with us. And so, you know, we've look for more opportunities with them, certainly on that part. And increasingly we start thinking about where else can we help them grow? Because typically most customers have a thing to solve on a compliance standard, but it turns out that the compliance journey is, you know some companies are trying to do Socto to be able to even sell. Then you want to do electronic commerce. You might have to do PCI or you want to sell under the federal government. You'll have to do FedRAMP and FedRAMP has moderate, high but depending on the customers you have, including DOD and once you get to DOD, they'll ask for IL4 and IL5. So these are different compliance regimes. If you will think of them as a journey and we want to be the company that provides a seamless progression for customers as they're on that journey so that we can actually deliver something of value. We're not interested in nickel and diamond customers and charging them by the hour, we're a platform player. We want to make sure that they use it to basically get their ROI and growth happening. And we just take care of the hard part of making sure that they're in compliance, right? And similarly, we're bringing the same idea like Smartsheet. I told you about to a commercial marketplace of customers who can do the same thing for commercial apps in the cloud. And so that gives us a very clean way for customers to really become not just productive, but satisfy their customers quickly and hence grow their business. And we celebrate that collaboration and all of that happens because of AWS and our ability to focus on those customers >> Sounds like a great partnership and definite synergy there on I know, and, you know as well, how customer obsessed in their own words AWS. Speaking of customers one more question for you in terms of being on that journey that compliance journey, which isn't a destination, right? It's probably a zigzaggy path. Do you work with customers that both haven't started the process to FedRAMP plans or those that maybe have with a competitor are running into roadblocks? Are those both routes to market for you? >> Yeah, we interestingly enough historically we used to see a lot of folks who have tried to do it themselves and found it hard or for a variety of reasons they just gave up. And so they would come to us. We have also examples of customers who have tried to go down the consulting path and has not worked and come to us so that it's sort of a broken project. We start from there, but a majority of our business is people who've gotten a contract from one of the agencies. Then they're like, 'oh now what!' We need to get this done before September. And so what's the quickest way to get there. And generally that's where we can help you because we are the best, fastest way to get there. And so we get that mix of customers people who have already tried hasn't worked out people who have tried with other folks hasn't worked out, but a majority of the folks are people who don't even know, you know how to go about doing it, but they know they have to do it in order for them to keep the customer that they've won one of the agencies, if you will. So that has given us a very healthy perspective on how to help customers of different kinds in that journey. The other thing is, you know, we've grown tremendously in the last couple of years. And the other thing we learned is every customer is different. And we tried to bring a very common approach to addressing this problem. Even though customers come in all shapes and forms we have startup companies in, you know early forms of maturity. And we have like really iconic, you know unicorn companies who we've helped go through FedRAMP. So the gamut is large, but you know we're learning a lot by doing this. And I think that's the key thing for me. I want our company to be one that is growing with innovation, but at the same time keeping flexibility in our approach so that we are not just learning new things, we're delivering on the harder problems our customers are facing. Cause I think that's where software innovation can really play a big differentiating role. And that's the reason why I always enjoyed being at Anitian and growing the business and keeping the company really, fast moving and innovative. >> Speaking of being fast moving and innovative here we are coming up on the fourth quarter of calendar year 22, what's next for Anitian? What are some of the exciting things that have you pumped up? Have you mojo going for what's next for the rest of the year? >> Yeah, I think a big portion of my enthusiasm for the company and the road ahead is I think it's rare if you look at the industry, oftentimes you see companies that start out with a single solution and then are able to grow from there. One of the best advantages Anitian has is this platform centric approach to do compliance on the journey I talked about. So if you think about that journey every customer that is going to cloud has this challenge that, they either have to comply do a bunch of standards, one or many. And then how do I do that in a platform approach in a common way so that I don't have to worry about it. I play a subscription and I am just protected by that. And I actually get the marketplace. So that's a tremendous journey we are on. We've only done a few of them and we have a whole new set of compliance standards coming on our platform. So that's one way, look forward to that. The other one I'm really looking forward to is the commercial customers. There's a huge opportunity for people to really know that they're sitting on top of a very secure environment in AWS. And how do I quickly propel myself into the marketplace so that I can be differentiated. I can get to market quickly but I can also make sure my innovations are getting to the marketplace as a customer, right? So I think I'm really excited about the things we are bringing to market just not just this year, but next year early next year on the compliance side, as well as the commercial side, that'll actually differentiate us and make it a lasting part of a customer's journey. And that's, I think the best thing you can hope for building a lasting company where your innovations are powering the productivity of your customers in a meaningful manner. And I always feel proud of the team. You mentioned the awards, but honestly more than anything else, we've put together a great team. And the team does a tremendous job with a very good ecosystem of partners. And our humility is it's not just us it's the ecosystem together. And the partnership with Amazon that helps us be the company we are able to be. We live in really story times and we're lucky to be part of this opportunity if you will. >> Yeah better together. That ecosystem is incredibly powerful. Thank you so much Rakesh for talking about what's going on at Anition, how you're helping customers, accelerate FedRAMP compliance, what you're doing in the commercial space and how you're helping your customers really improve their bottom line. We thank you so much for partnering with the Cube for season two, episode four of the AWS startup showcase. >> My pleasure. Thank you very much. >> And we want to thank you for watching but keep it right here for more action on the Cube which as you know, is your leader in tech coverage. I'm Lisa Martin. See you next time. (lively music)

(upbeat music) >> Okay, welcome back everyone. CUBE's coverage here in Boston, Massachusetts, AWS re:inforce 22, security conference. It's AWS' big security conference. Of course, theCUBE's here, all the reinvent, reese, remars, reinforced. We cover 'em all now and the summits. I'm John Furrier, my host Dave Vellante. We have IDC weighing in here with their analysts. We've got some great guests here, Jay Bretzmann research VP at IDC and Philip Bues research manager for Cloud security. Gentlemen, thanks for coming on. >> Thank you. >> Appreciate it. Great to be here. >> Appreciate coming. >> Got a full circle, right? (all laughing) Security's more interesting than storage, isn't it? (all laughing) >> Dave and Jay worked together. This is a great segment. I'm psyched that you guys are here. We had Crawford and Matt Eastwood on at HPE Discover a while back and really the data you guys are getting and the insights are fantastic. So congratulations to IDC. You guys doing great work. We appreciate your time. I want to get your reaction to the event and the keynotes. AWS has got some posture and they're very aggressive on some tones. Some things that we didn't hear. What's your reaction to the keynote? Share your assessment. >> So, you know, I manage two different research services at IDC right now. They are both Cloud security and identity and digital security, right? And what was really interesting is the intersection between the two this morning, because every one of those speakers that came on had something to say about identity or least privileged access, or enable MFA, or make sure that you control who gets access to what and deny explicitly. And it's always been a challenge a little bit in the identity world because a lot of people don't use MFA. And in RSA, that was another big theme at the RSA conference, MFA everywhere. Why don't they use it? Because it introduces friction and all of a sudden people can't get their jobs done. And the whole point of a network is letting people on to get that data they want to get to. So that was kind of interesting, but as we have in the industry, this shared responsibility model for Cloud computing, we've got shared responsibility for between Philip and I. (Philip laughing) I have done in the past more security of the Cloud and Philip is more security in the Cloud. >> So yeah. >> And now with Cloud operation Super Cloud, as we call it, you have on premises, private Cloud coming back, or hasn't really gone anywhere, all that on premises, Cloud operations, public Cloud, and now edge exploding with new requirements. It's really an ops challenge right now. Not so much dev. So the sec and op side is hot right now. >> Yeah, well, we've made this move from monolithic to microservices based applications. And so during the keynote this morning, the announcement around the GuardDuty Malware Protection component, and that being built into the pricing of current GuardDuty, I thought was really key. And there was also a lot of talk about partnering in security certifications, which is also so very important. So we're seeing this move towards filling in that talent gap, which I think we're all aware of in the security industry. >> So Jake, square the circle for me. So Kirk Coofell talked about Amazon AWS identity, where does AWS leave off, and companies like Okta or Ping identity or Cybertruck pickup, how are they working together? Does it just create more confusion and more tools for customers? We know the overused word of seamless. >> Yeah, yeah. >> It's never seamless, so how should we think about that? >> So, identity has been around for 35 years or something like that. Started with the mainframes and all that. And if you understand the history of it, you make more sense to the current market. You have to know where people came from and the baggage they're carrying, 'cause they're still carrying a lot of that baggage. Now, when it comes to the Cloud Service providers, they're more an accommodation from the identity standpoint. Let's make it easy inside of AWS to let you single sign on to anything in the Cloud that they have, right? Let's also introduce an additional MFA capability to keep people safer whenever we can and provide people with tools, to get into those applications somewhat easily, while leveraging identities that may live somewhere else. So there's a whole lot of the world that is still active, directory-centric, right? There's another portion of companies that were born in the Cloud that were able to jump on things like Okta and some of the other providers of these universal identities in the Cloud. So, like I said, if you understand where people came from in the beginning, you start to say, "Yeah, this makes sense." >> It's interesting you talk about mainframe. I always think about Rack F, you know. And I say, "Okay, who did what, when, where?" And you hear about a lot of those themes. So what's the best practice for MFA, that's non-SMS-based? Is it you got to wear something around your neck, is it to have sort of a third party authenticator? What are people doing that you guys would recommend? >> Yeah, one quick comment about adoption of MFA. If you ask different suppliers, what percent of your base that does SSO also does MFA, one of the biggest suppliers out there, Microsoft will tell you it's under 25%. That's pretty shocking. All the messaging that's come out about it. So another big player in the market was called Duo, Cisco bought them. >> Yep. >> And because they provide networks, a lot of people buy their MFA. They have probably the most prevalent type of MFA, it's called Push. And Push can be a red X and a green check mark to your phone, it can be a QR code, somewhere, it can be an email push as well. So that is the next easiest thing to adopt after SMS. And as you know, SMS has been denigrated by NIST and others saying, it's susceptible to man and middle attacks. It's built on a telephony protocol called SS7. Predates anything, there's no certification either side. The other real dynamic and identity is the whole adoption of PKI infrastructure. As you know, certificates are used for all kinds of things, network sessions, data encryption, well, identity increasingly. And a lot of the consumers and especially the work from anywhere, people these days have access through smart devices. And what you can do there, is you can have an agent on that smart device, generate your private key and then push out a public key and so the private key never leaves your device. That's one of the most secure ways to- >> So if our SIM card gets hacked, you're not going to be as vulnerable? >> Yeah, well, the SIM card is another challenge associated with the older ways, but yeah. >> So what do you guys think about the open source connection and they mentioned it up top. Don't bolt on security, implying shift left, which is embedding it in like sneak companies, like sneak do that. Very container oriented, a lot of Kubernetes kind of Cloud native services. So I want to get your reaction to that. And then also this reasoning angle they brought up. Kind of a higher level AI reasoning decisions. So open source, and this notion of AI reasoning. or AI reason. >> And you see more open source discussion happening, so you have your building maintaining and vetting of the upstream open source code, which is critical. And so I think AWS talking about that today, they're certainly hitting on a nerve, as you know, open source continues to proliferate. Around the automated reasoning, I think that makes sense. You want to provide guide rails and you want to provide roadmaps and you want to have sort of that guidance as to, okay, what's a correlation analysis of different tools and products? And so I think that's going to go over really well, yeah. >> One of the other key points about open source is, everybody's in a multi-cloud world, right? >> Yeah. >> And so they're worried about vendor lock in. They want an open source code base, so that they don't experience that. >> Yeah, and they can move the code around, and make sure it works well on each system. Dave and I were just talking about some of the dynamics around data control planes. So they mentioned encrypt everything which is great and I message by the way, I love that one. But oh, and he mentioned data at rest. I'm like, "What about data in flight? "Didn't hear that one." So one of the things we're seeing with SuperCloud, and now multi-cloud kind of as destinations of that, is that in digital transformation, customers are leaning into owning their data flows. >> Yeah. >> Independent of say the control plane aspects of what could come in. This is huge implications for security, where sharing data is huge, even Schmidt on stage said, we have billions and billions of things happening that we see things that no one else sees. So that implies, they're sharing- >> Quad trillion. >> Trillion, 15 zeros. (Jay laughs) >> 15 zeros. >> So that implies they're sharing that or using that pushing that into something. So sharing is huge with cyber security. So that implies open data, data flows. How do you guys see this evolving? I know it's kind of emerging, but it's becoming a nuanced point, that's critical to the architecture. >> Well, yeah, I think another way to look at that is the sharing of intelligence and some of the recent directives, from the executive branch, making it easier for private companies to share data and intelligence, which I think strengthens the cyber community overall. >> Depending upon the supplier, it's either an aggregate level of intelligence that has been anonymized or it's specific intelligence for your environment that everybody's got a threat feed, maybe two or three, right? (John laughs) But back to the encryption point, I mean, I was working for an encryption startup for a little while after I left IBM, and the thing is that people are scared of it. They're scared of key management and rotation. And so when you provide- >> Because they might lose the key. >> Exactly. >> Yeah. >> It's like shooting yourself in the foot, right? So that's when you have things like, KMS services from Amazon and stuff that really help out a lot. And help people understand, okay, I'm not alone in this. >> Yeah, crypto owners- >> They call that hybrid, the hybrid key, they don't know how they call the data, they call it the hybrid. What was that? >> Key management service? >> The hybrid- >> Oh, hybrid HSM, correct? >> Yeah, what is that? What is that? I didn't get that. I didn't understand what he meant by the hybrid post quantum key agreement. >> Hybrid post quantum key exchange. >> AWS never made a product name that didn't have four words in it. (John laughs) >> But he did reference the new NIST algos. And I think I inferred that they were quantum proof or they claim to be, and AWS was testing those. >> Correct, yeah. >> So that was kind of interesting, but I want to come back to identity for a second. So, this idea of bringing traditional IAM and Privileged Access Management together, is that a pipe dream, is that something that is actually going to happen? What's the timeframe, what's your take on that? >> So, there are aspects of privilege in every sort of identity. Back when it was only the back office that used computers for calculations, right? Then you were able to control how many people had access. There were two types of users, admins and users. These days, everybody has some aspect of- >> It's a real spectrum, really. >> Yeah. >> Granular. >> You got the C-suite, the finance people, the DevOps people, even partners and whatever. They all need some sort of privileged access, and the term you hear so much is least-privileged access, right? Shut it down, control it. So, in some of my research, I've been saying that vendors who are in the PAM space, Privilege Access Management space, will probably be growing their suites, playing a bigger role, building out a stack, because they have the expertise and the perspective that says, "We should control this better." How do we do that, right? And we've been seeing that recently. >> Is that a combination of old kind of antiquated systems meets for proprietary hyper scale, or kind of like build your own? 'Cause I mean, Amazon, these guys, Facebook, they all build their own stuff. >> Yes, they do. >> Then enterprises buy services from general purpose identity management systems. >> So as we were talking about knowing the past and whatever, Privileged Access Management used to be about compliance reporting. Just making sure that I knew who accessed what? And could prove it, so I didn't fail at all. >> It wasn't a critical infrastructure item. >> No, and now these days, what it's transitioning into, is much more risk management, okay. I know what our risk is, I'm ahead of it. And the other thing in the PAM space, was really session monitor. Everybody wanted to watch every keystroke, every screen's scrape, all that kind of stuff. A lot of the new Privileged Access Management, doesn't really require that. It's a nice to have feature. You kind of need it on the list, but is anybody really going to implement it? That's the question, right. And then if you do all that session monitoring, does anybody ever go back and look at it? There's only so many hours in the day. >> How about passwordless access? (Jay laughs) I've heard people talk about that. I mean, that's as a user, I can't wait but- >> Well, it's somewhere we want to all go. We all want identity security to just disappear and be recognized when we log in. So the thing with passwordless is, there's always a password somewhere. And it's usually part of a registration action. I'm going to register my device with a username password, and then beyond that I can use my biometrics, right? I want to register my device and get a private key, that I can put in my enclave, and I'll use that in the future. Maybe it's got to touch ID, maybe it doesn't, right? So even though there's been a lot of progress made, it's not quote, unquote, truly passwordless. There's a group, industry standards group called Fido. Which is Fast Identity Online. And what they realized was, these whole registration passwords, that's really a single point of failure. 'Cause if I can't recover my device, I'm in trouble. So they just did new extension to sort of what they were doing, which provides you with much more of like an iCloud vault that you can register that device in and other devices associated with that same identity. >> Get you to it if you have to. >> Exactly. >> I'm all over the place here, but I want to ask about ransomware. It may not be your wheelhouse. But back in the day, Jay, remember you used to cover tape. All the backup guys now are talking about ransomware. AWS mentioned it today and they showed a bunch of best practices and things you can do. Air gaps wasn't one of them. I was really surprised 'cause that's all every anybody ever talks about is air gaps and a lot of times that air gap could be a guess to the Cloud, I guess, I'm not sure. What are you guys seeing on ransomware apps? >> We've done a lot of great research around ransomware as a service and ransomware, and we just had some data come out recently, that I think in terms of spending and spend, and as a result of the Ukraine-Russia war, that ransomware assessments rate number one. And so it's something that we encourage, when we talk to vendors and in our services, in our publications that we write about taking advantage of those free strategic ransomware assessments, vulnerability assessments, as well and then security and training ranked very highly as well. So, we want to make sure that all of these areas are being funded well to try and stay ahead of the curve. >> Yeah, I was surprised to not see air gaps on the list, that's all everybody talks about. >> Well, the old model for air gaping in the land days, the novel days, you took your tapes home and put them in the sock drawer. (all laughing) >> Well, it's a form of air gap. (all laughing) >> Security and no one's going to go there and clean out. >> And then the internet came around and ruined it. >> Guys, final question we want to ask you, guys, we kind of zoom out, great commentary by the way. Appreciate it. We've seen this in many markets, a collection of tools emerge and then there's its tool sprawl. So cyber we're seeing the trend now where mon goes up on stage of all the ecosystems, probably other vendors doing the same thing where they're organizing a platform on top of AWS to be this super platform, for super Cloud capability by building a more platform thing. So we're saying there's a platform war going on, 'cause customers don't want the complexity. I got a tool but it's actually making it more complex if I buy the other tool. So the tool sprawl becomes a problem. How do you guys see this? Do you guys see this platform emerging? I mean tools won't go away, but they have to be easier. >> Yeah, we do see a consolidation of functionality and services. And we've been seeing that, I think through a 2020 Cloud security survey that we released that was definitely a trend. And that certainly happened for many companies over the last six to 24 months, I would say. And then platformization absolutely is something we talk and write about all the time so... >> Couple of years ago, I called the Amazon tool set an erector set because it really required assembly. And you see the emphasis on training here too, right? You definitely need to go to AWS University to be competent. >> It wasn't Lego blocks yet. >> No. >> It was erector set. >> Yeah. >> Very good distinction. >> Loose. >> And you lose a few. (chuckles) >> But still too many tools, right? You see, we need more consolidation. It's getting interesting because a lot of these companies have runway and you look at sale point at stock prices held up 'cause of the Thoma Bravo acquisition, but all the rest of the cyber stocks have been crushed especially the high flyers, like a Sentinel-1 one or a CrowdStrike, but just still M and A opportunity. >> So platform wars. Okay, final thoughts. What do you, think is happening next? What's your outlook for the next year or so? >> So, in the identity space, I'll talk about, Philip can cover Cloud for us. It really is more consolidation and more adoption of things that are beyond simple SSO. It was, just getting on the systems and now we really need to control what you're able to get to and who you are. And do it as transparently as we possibly can, because otherwise, people are going to lose productivity. They're not going to be able to get to what they want. And that's what causes the C-suite to say, "Wait a minute," DevOps, they want to update the product every day. Make it better. Can they do that or did security get in the way? People, every once in a while call security, the Department of No, right? >> They ditch it on stage. They want to be the Department of Yes. >> Exactly. >> Yeah. >> And the department that creates additional value. If you look at what's going on with B2C or CIAM, consumer oriented identity, that is all about opening up new direct channels and treating people like their old friends, not like you don't know them, you have to challenge them. >> We always say, you want to be in the boat together, it sinks or not. >> Yeah. Exactly. >> Philip I'm glad- >> Okay, what's your take? What's your outlook for the year? >> Yeah, I think, something that we've been seeing as consolidation and integration, and so companies looking at from built time to run time, investing in shift left infrastructure is code. And then also in the runtime detection, makes perfect sense to have both the agent and agent lists so that you're covering any of the gaps that might exist. >> Awesome, Jay Phillip, thanks for coming on "theCUBE" with IDC and sharing your- >> Oh, our pleasure- >> Perspective, commentary and insights and outlook. Appreciate it. >> You bet. >> Thank you. >> Okay, we've got the great direction here from IDC analyst here on the queue. I'm John Furrier, Dave Vellante. Be back more after this short break. (bright upbeat music)

>>Okay, welcome back everyone. Cube's coverage here in Boston, Massachusetts, AWS reinforced 22, the security conference. It's ADOS big security conference. Of course, the cubes here, all the reinvent res re Mars reinforce. We cover 'em all now and the summits. I'm John. Very my host, Dave ante have IDC weighing in here with their analysis. We've got some great guests here, Jay Brisbane, research VP at IDC and Philip who research managed for cloud security. Gentlemen, thanks for coming on. Thank you. Appreciate it. Great >>To, to be here. I appreciate the got the full >>Circle, right? Just, security's more interesting >>Than storage. Isn't it? >>Dave, Dave and Jay worked together. This is a, a great segment. I'm psyched that you guys are here. We had Crawford and Matt Eastwood on at HPE discover a while back and really the, the, the data you guys are getting and the insights are fantastic. So congratulations to IDC. You guys doing great work. We appreciate your time. I wanna get your reaction to the event and the keynotes. AWS has got some posture and they're very aggressive on some tones. Some things that they didn't, we didn't hear. What's your reaction to the keynote, share your, your assessment. >>So, you know, I managed two different research services at IDC right now. They are both cloud security and identity and, and digital security. Right. And what was really interesting is the intersection between the two this morning, because every one of those speakers that came on had something to say about identity or least privileged access, or, you know, enable MFA, or make sure that you, you know, control who gets access to what and deny explicitly. Right? And it's always been a challenge a little bit in the identity world because a lot of people don't use MFA. And in RSA, that was another big theme at the RSA conference, right? MFA everywhere. Why don't they use it because it introduces friction and all of a sudden people can't get their jobs done. Right. And the whole point of a network is letting people on to get that data they want to get to. So that was kind of interesting, but, you know, as we have in the industry, this shared responsibility model for cloud computing, we've got shared responsibility for between Philip and I, I have done in the ke past more security of the cloud and Philip is more security in the cloud, >>So yeah. And it's, and now with cloud operation, super cloud, as we call it, you have on premises, private cloud coming back, or hasn't really gone anywhere, all that on premises, cloud operations, public cloud, and now edge exploding with new requirements. Yeah. It's really an ops challenge right now. Not so much dev. So the sick and op side is hot right now. >>Yeah. Well, we've made this move from monolithic to microservices based applications. And so during the keynote this morning, the announcement around the guard duty malware protection component, and that being built into the pricing of current guard duty, I thought was, was really key. And there was also a lot of talk about partnering in security certifications. Yeah. Which is also so very important. So we're seeing this move towards filling in that talent gap, which I think we're all aware of in the security industry. >>So Jake square, the circle for me. So Kirk, Coel talked about Amazon AWS identity, where does AWS leave off and, and companies like Okta or ping identity or crock pickup, how are they working together? Does it just create more confusion and more tools for customers? We, we have, we know the over word overused word of seamless. Yeah. Yeah. It's never seamless. So how should we think about that? >>So, you know, identity has been around for 35 years or something like that started with the mainframes and all that. And if you understand the history of it, you make more sense to the current market. You have to know where people came from and the baggage they're carrying, cuz they're still carrying a lot of that baggage. Now, when it comes to the cloud service providers, they're more an accommodation from the identity standpoint, let's make it easy inside of AWS to let you single sign on to anything in the cloud that they have. Right. Let's also introduce an additional MFA capability to keep people safer whenever we can and, you know, provide people the tools to, to get into those applications somewhat easily, right. While leveraging identities that may live somewhere else. So, you know, there's a whole lot of the world that is still active directory centric, right? There's another portion of companies that were born in the cloud that were able to jump on things like Okta and some of the other providers of these universal identities in the cloud. So, you know, like I said, you, if you understand where people came from in the beginning, you start to, to say, yeah, this makes sense. >>It's, it's interesting. You talk about mainframe. I, I always think about rack F you know, and I say, okay, who did what, when, where, yeah. And you hear about a lot of those themes. What, so what's the best practice for MFA? That's, that's non SMS based. Is it, you gotta wear something around your neck, is it to have sort of a third party authenticator? What are people doing that is that, that, that you guys would recommend? >>Yeah. One quick comment about adoption of MFA. You know, if you ask different suppliers, what percent of your base that does SSO also does MFA one of the biggest suppliers out there Microsoft will tell you it's under 25%. That's pretty shocking. Right? All the messaging that's come out about it. So another big player in the market was called duo. Cisco bought them. Yep. Right. And because they provide networks, a lot of people buy their MFA. They have probably the most prevalent type of MFA it's called push. Right. And push can be, you know, a red X and a green check mark to your phone. It can be a QR code, you know, somewhere, it can be an email push as well. So that is the next easiest thing to adopt after SMS. And as you know, SMS has been denigrated by N and others saying, you know, it's susceptible to man and middle attacks. >>It's built on a telephony protocol called SS seven. Yep. You know, predates anything. There's no certification, either side. The other real dynamic and identity is the whole adoption of PKI infrastructure. As you know, certificates are used for all kinds of things, network sessions, data encryption, well identity increasingly, and a lot of the, you know, consumers and especially the work from anywhere, people these days have access through smart devices. Right. And what you can do there is you can have an agent on that smart device, generate your private key and then push out a public key. And so the private key never leaves your device. That's one of the most secure ways to, so if your >>SIM card gets hacked, you're not gonna be as at vulnerable >>Or as vulnerable. Well, the SIM card is another, you know, challenge associated with the, the older waste. But yeah. Yeah. >>So what do you guys think about the open source connection and, and they, they mentioned it up top don't bolt on security implying shift left, which is embedding it in like sneak companies, like sneak do that, right. Container oriented, a lot of Kubernetes kind of cloud native services. So I wanna get your reaction to that. And then also this reasoning angle, they brought up kind of a higher level AI reasoning decisions. So open source and this notion of AI reasoning >>Automation. Yeah. And, and you see more open source discussion happening, right. So you, you know, you have your building maintaining and vetting of the upstream open source code, which is critical. And so I think AWS talking about that today, they're certainly hitting on a nerve as, you know, open source continues to proliferate around the automated reasoning. I think that makes sense. You know, you want to provide guiderails and you want to provide roadmaps and you wanna have sort of that guidance as to okay. What's the, you know, a correlation analysis of different tools and products. And so I think that's gonna go over really well. >>Yeah. One of the other, you know, key points of what open source is, everybody's in a multi-cloud world, right? Yeah. And so they're worried about vendor lockin, they want an open source code base so that they don't experience that. >>Yeah. And they can move the code around and make sure it works well on each system. Dave and I were just talking about some of the dynamics around data control planes. So yeah. They mentioned encrypt everything, which is great. And I message, by the way, I love that one, but oh. And he mentioned data at rest. I'm like, what about data in flight? Didn't hear that one. So one of the things we're seeing with super cloud, and now multi-cloud kind of, as destinations of that, is that in digital transformation, customers are leaning into owning their data flows. >>Yeah. >>Independent of say the control plane aspects of what could come in. This is huge implications for security, where sharing data is huge. Even Schmidt on Steve said we have billions and billions of things happening that we see things that no one else else sees. So that implies, they're >>Sharing quad trillion, >>Trillion, 15 zeros trillion. Yeah. 15 >>Zeros, 15 zeros. Yeah. >>So that implies, they're sharing that or using that, pushing that into something. So sharing's huge with cyber security. So that implies open data, data flows. What do, how do you guys see this evolving? I know it's kind of emerging, but it's becoming a, a nuanced point that's critical to the architecture. >>Well, I, yeah, I think another way to look at that is the sharing of intelligence and some of the recent directives, you know, from the executive branch, making it easier for private companies to share data and intelligence, which I think strengthens the cyber community overall, >>Depending upon the supplier. Right? Yeah. It's either an aggregate level of intelligence that has been, you know, anonymized or it's specific intelligence for your environment that, you know, everybody's got a threat feed, maybe two or three, right. Yeah. But back to the encryption point, I mean, I was working for an encryption startup for a little while. Right after I left IBM. And the thing is that people are scared of it. Right. They're scared of key management and rotation. And so when you provide, >>Because they might lose the key. >>Exactly. Yeah. It's like shooting yourself in the foot. Right. So that's when you have things like, you know, KMS services from Amazon and stuff, they really help out a lot and help people understand, okay, I'm not alone in this. >>Yeah. Crypto >>Owners, they call that hybrid, the hybrid key, they call the, what they call the, today. They call it the hybrid. >>What was that? The management service. Yeah. The hybrid. So hybrid HSM, correct. >>Yeah. What is that? What is that? I didn't, I didn't get that. I didn't understand what he meant by the hybrid post hybrid, post quantum key agreement. Right. That still notes >>Hybrid, post quantum key exchange, >>You know, AWS never made a product name that didn't have four words in it, >>But he did, but he did reference the, the new N algos. And I think I inferred that they were quantum proof or the claim it be. Yeah. And AWS was testing those. Correct. >>Yeah. >>So that was kind of interesting, but I wanna come back to identity for a second. Okay. So, so this idea of bringing traditional IAM and, and privilege access management together, is that a pipe dream, is that something that is actually gonna happen? What's the timeframe, what's your take on that? >>So, you know, there are aspects of privilege in every sort of identity back when, you know, it was only the back office that used computers for calculations, right? Then you were able to control how many people had access. There were two types of users, admins, and users, right? These days, everybody has some aspect of, >>It's a real spectrum, really >>Granular. You got the, you know, the C suite, the finance people, the DevOps, people, you know, even partners and whatever, they all need some sort of privileged access. And the, the term you hear so much is least privileged access. Right? Shut it down, control it. So, you know, in some of my research, I've been saying that vendors who are in the Pam space privilege access management space will probably be growing their suites, playing a bigger role, building out a stack because they have, you know, the, the expertise and the, and the perspective that says we should control this better. How do we do that? Right. And we've been seeing that recently, >>Is that a combination of old kind of antiquated systems meets for proprietary hyperscale or kind of like build your own? Cause I mean, Amazon, these guys, they Facebook, they all build their own stuff. >>Yes. They >>Do enterprises buy services from general purpose identity management systems. >>So as we were talking about, you know, knowing the past and whatever privileged access management used to be about compliance reporting. Yeah. Right. Just making sure that I knew who accessed what and could prove it. So I didn't fail in art. It wasn't >>A critical infrastructure item. >>No. And now these days, what it's transitioning into is much more risk management. Okay. I know what our risk is. I'm ahead of it. And the other thing in the Pam space was really session monitor. Right. Everybody wanted to watch every keystroke, every screen's scrape, all that kind of stuff. A lot of the new privilege access Mon management doesn't really require that it's nice to have feature. You kind of need it on the list, but is anybody really gonna implement it? That's the question. Right. And then, you know, if, if you do all that session monitor, does anybody ever go back and look at it? There's only so many hours in the day. >>How about passwordless access? You know? Right. I've heard people talk about that. Yeah. I mean, that's as a user, I can't wait, but >>It's somewhere we want to all go. Yeah. Right. We all want identity security to just disappear and be recognized when we log in. So the, the thing with password list is there's always a password somewhere and it's usually part of a registration, you know, action. I'm gonna register my device with a username password. And then beyond that, I can use my biometrics. Right. I wanna register my device and get a private key that I can put in my enclave. And I'll use that in the future. Maybe it's gotta touch ID. Maybe it doesn't. Right. So even though there's been a lot of progress made, it's not quote unquote, truly passwordless, there's a group industry standards group called Fido. Right. Which is fast identity online. And what they realized was these whole registration passwords. That's really a single point of failure. Cuz if I can't recover my device, I'm in trouble. Yeah. So they just did a, a new extension to sort of what they were doing, which provides you with much more of a, like an iCloud vault, right. That you can register that device in and other devices associated with that same iPad that you can >>Get you to it. If you >>Have to. Exactly. I had >>Another have all over the place here, but I, I want to ask about ransomware. It may not be your wheelhouse. Yeah. But back in the day, Jay, remember you used to cover tape. All the, all the backup guys now are talking about ransomware. AWS mentioned it today and they showed a bunch of best practices and things you can do air gaps. Wasn't one, one of 'em. Right. I was really surprised cuz that's all, every anybody ever talks about is air gaps. And a lot of times that air gaps that air gap could be a guess to the cloud. I guess I'm not sure. What are you guys seeing on ransomware >>Apps? You know, we've done a lot of great research around ransomware as a service and ransomware and, and you know, we just had some data come out recently that I think in terms of spending and, and spend and in as a result of the Ukraine, Russia war, that ransomware assessments rate number one. And so it's something that we encourage, you know, when we talk to vendors and in our services, in our publications that we write about taking advantage of those free strategic ransomware assessments, vulnerability assessments, right. As well, and then security and training ranked very highly as well. So we wanna make sure that all of these areas are being funded well to try and stay ahead of the curve. >>Yeah. I was surprised that not the air gaps on the list, that's all everybody >>Talks about. Well, you know, the, the old model for air gaping in the, the land days, the Noel days, you took your tapes home and put 'em in the sock drawer. >>Well, it's a form of air gap security and no one's gonna go there >>Clean. And then the internet came around >>Guys. Final question. I want to ask you guys, we kind zoom out. Great, great commentary by the way. Appreciate it. As the, we've seen this in many markets, a collection of tools emerge and then there's it's tool sprawl. Oh yeah. Right? Yeah. So cyber we're seeing trend now where Mon goes up on stage of all the E probably other vendors doing the same thing where they're organizing a platform on top of AWS to be this super platform. If you super cloud ability by building more platform thing. So we're saying there's a platform war going on, cuz customers don't want the complexity. Yeah. I got a tool, but it's actually making it more complex if I buy the other tool. So the tool sprawl becomes a problem. How do you guys see this? Do you guys see this platform emerging? I mean, tools won't go away, but they have to be >>Easier. Yeah. We do see a, a consolidation of functionality and services. And we've been seeing that, I think through a 20, 20 flat security survey that we released, that that was definitely a trend. And you know, that certainly happened for many companies over the last six to 24 months, I would say. And then platformization absolutely is something we talk 'em right. About all the time. So >>More M and a couple of years ago, I called the, the Amazon tool set in rector set. Yeah. Because it really required assembly. Yeah. And you see the emphasis on training here too, right? Yeah. You definitely need to go to AWS university to be competent. It >>Wasn't Lego blocks yet. No, it was a rector set. Very good distinction rules, you know, and, and you lose a few. It's >>True. Still too many tools. Right. You see, we need more consolidation. That's getting interesting because a lot of these companies have runway and you look, you look at sale point, its stock prices held up cuz of the Toma Bravo acquisition, but all the rest of the cyber stocks have been crushed. Yeah. You know, especially the high flyers, like a Senti, a one or a crowd strike, but yeah, just still M and a opportunity >>Itself. So platform wars. Okay. Final thoughts. What do you thinks happening next? What's what's your outlook for the, the next year or so? >>So in the, in the identity space, I'll talk about Phillip can cover cloud force. You know, it really is more consolidation and more adoption of things that are beyond simple SSO, right. It was, you know, just getting on the systems and now we really need to control what you're able to get to and who you are and do it as transparently as we possibly can because otherwise, you know, people are gonna lose productivity, right. They're not gonna be able to get to what they want. And that's what causes the C-suite to say, wait a minute, you know, DevOps, they want to update the product every day. Right. Make it better. Can they do that? Or did security get in the way people every once in a while I'll call security, the department of no, right? Yeah. Well, >>Yeah. They did it on stage. Yeah. They wanna be the department of yes, >>Exactly. And the department that creates additional value. If you look at what's going on with B to C or C IAM, consumer identity, that is all about opening up new direct channels and treating people like, you know, they're old friends, right. Not like you don't know 'em you have to challenge >>'em we always say you wanna be in the boat together. It sinks or not. Yeah. Right. Exactly. >>Phillip, >>Okay. What's your take? What's your outlook for the year? >>Yeah. I think, you know, something that we've been seeing as consolidation and integration, and so, you know, companies looking at from built time to run time investing in shift left infrastructure is code. And then also in the runtime detection makes perfect sense to have both the agent and agentless so that you're covering any of the gaps that might exist. >>Awesome. Jerry, Phillip, thanks for coming on the queue with IDC and sharing >>Your oh our pleasure perspective. >>Commentary, have any insights and outlook. Appreciate it. You bet. Thank you. Okay. We've got the great direction here from IDC analyst here on the queue. I'm John for a Dave, we're back more after this shirt break.

(inspiring music) >> Announcer: theCUBE presents HPE Discover 2022. Brought to you by HPE. >> Welcome back to theCUBE's coverage of HPE Discover 2022, from the Venetian in Las Vegas, the first Discover since 2019. I really think this is my 14th Discover, when you include HP, when you include Europe. And I got to say this Discover, I think has more energy than any one that I've ever seen, about 8,000 people here. Really excited to have one of HPE's longstanding partners, Veeam CTO, Danny Allen is here, joined by David Harvey, Vice President of Strategic Alliances at Veeam. Guys, good to see you again. It was just earlier, let's see, last month, we were together out here. >> Yeah, just a few weeks ago. It's fantastic to be back and what it's telling us, technology industry is coming back. >> And the events business, of course, is coming back, which we love. I think the expectations were cautious. You saw it at VeeamON, a little more than you expected, a lot of great energy. A lot of people, 'cause it was last month, it was their first time out, >> Yes. >> in two years. Here, I think people have started to go out more, but still, an energy that's palpable. >> You can definitely feel it. Last night, I think I went to four consecutive events and everyone's out having those discussions and having conversations, it's good to be back. >> You guys hosted the Storage party last night, which is epic. I left at midnight, I took a picture, it was still packed. I said, okay, time to go, nothing good happens after midnight kids. David, talk about the alliance with HPE, how it's evolved, and where you see it going? >> I appreciate it, and certainly this, as you said, has been a big alliance for us. Over 10 years or so, fantastic integrations across the board. And you touched on 2019 Discover. We launched with GreenLake at that event, we were one of the launch partners, and we've seen fantastic growth. Overall, what we're excited about, is that continuation of the movement of the customer's buying patterns in line with HPE's portfolio and in line with Veeam. We continue to be with all their primary, secondary storage, we continue to be a spearhead position with GreenLake, which we're really excited about. And we're also really excited to hear from HPE, unfortunately under NDA, some of their future stuff they're investing in, which is a really nice invigoration for what they're doing for their portfolio. And we see that being a big deal for us over the next 24 months. >> Your relationship with HPE predates the HP, HPE split. >> Mmm. >> Yes. >> But it was weird, because they had Data Protector, and that was a quasi-competitor, or really not, but it was a competitor, a legacy competitor, of what you guys have, kind of modern data protection I think is the tagline, if I got it right. Post the split, that was an S-curve moment, wasn't it, in terms of the partnership? >> It really was. If you go back 10 years, we did our first integration sending data to StoreOnce and we had some blueprints around that. But now, if you look what we have, we have integrations on the primary side, so, 3PAR, Primera, Nimble, all their top-tier storage, we can manage the snapshots. We have integration on the target side. We integrate with Catalyst in the movement of data and the management of data. And, as David alluded to, we integrate with GreenLake. So, customers who want to take this as a consumption model, we integrate with that. And so it's been, like you said, the strongest relationship that we have on the technology alliance side. >> So, V12, you announced at VeeamON. What does that mean for HPE customers, the relationship? Maybe you guys could both talk about that. >> Technology side, to touch on a few things that we're doing with them, ransomware has been a huge issue. Security's been a big theme, obviously, at the conference, >> Dave: Yeah, you bet. and one of the things we're doing in V12 is adding immutability for both StoreOnce and StoreEver. So, we take the features that our partners have, immutability being big in the security space, and we integrate that fully into the product. So a customer checks a box and says, hey, I want to make sure that the data is secure. >> Yeah, and also, it's another signification about the relationship. Every single release we've done has had HPE at the heart of it, and the same thing is being said with V12. And it shows to our customers, the continual commitment. Relationships come and go. They're hard, and the great news is, 10 years has proven that we get through good times and tricky situations, and we both continue to invest, et cetera. And I think there's a lot of peace of mind and the revenue figures prove that, which is what we're really excited about. >> Yeah I want to come back to that, but just to follow up, Danny, on that immutability, that's a feature that you check? It's service within GreenLake, or within Veeam? How does that all work? >> We have immutability now depending on the target. We introduced the ability to send data, for example, into S3 two years ago, and make it immutable when you send it to an S3 or S3 compatible environment. We added, in Version 11, the ability to take a Linux repository and make it, and harden it, essentially make it immutable. But what we're doing now is taking our partner systems like StoreOnce, like StoreEver, and when we send data there, we take advantage of an API flag or whatever it happens to be, that it makes the data, when it's written to that system, can't be deleted, can't be encrypted. Now, what does that mean for a customer? Well, we do all the hard work in the back end, it's just a check box. They say, I want to make it immutable, and we manage how long it's immutable. Because if you made everything immutable forever, that's hugely expensive, right? So, it's all about, how long is that immutable before you age it out and make sure the new data coming in is immutable. >> Dave: It's like an insurance policy, you have that overlap. >> Yes. >> Right, okay. And then David, you mentioned the revenue, Lou bears that out. I got the IDC guys comin' on later on today. I'll ask 'em about that, if that's their swim lane. But you guys are basically a statistical tie, with Dell for number one? Am I getting that right? And you're growing at a faster rate, I believe, it's hard to tell 'cause I don't think Dell reports on the pace of its growth within data protection. You guys obviously do, but is that right? It's a statistical tie, is it? >> Yeah, hundred percent. >> Yeah, statistical tie for first place, which we're super excited about. When I joined Veeam, I think we were in fifth place, but we've been in the leader's quadrant of the Gartner Magic- >> Cause and effect there or? (panelists laughing) >> No, I don't think so. >> Dave: Ha, I think maybe. >> We've been on a great trajectory. But statistical tie for first place, greatest growth sequentially, and year-over-year, of all of the data protection vendors. And that's a testament not just to the technology that we're doing, but partnerships with HPE, because you never do this, the value of a technology is not that technology alone, it's the value of that technology within the ecosystem. And so that's why we're here at HPE Discover. It's our joint technology solutions that we're delivering. >> What are your thoughts or what are you seeing in the field on As-a-service? Because of course, the messaging is all about As-a-service, you'd think, oh, a hundred percent of everything is going to be As-a-service. A lot of customers, they don't mind CapEx, they got good, balance sheet, and they're like, hey, we'll take care of this, and, we're going to build our own little internal cloud. But, what are you seeing in the market in terms of As-a-service, versus, just traditional licensing models? >> Certainly, there's a mix between the two. What I'd say, is that sources that are already As-a-service, think Microsoft 365, think AWS, Azure, GCP, the cloud providers. There's a natural tendency for the customer to want the data protection As-a-service, as well for those. But if you talk about what's on premises, customers who have big data centers deployed, they're not yet, the pendulum has not shifted for that to be data protection As-a-service. But we were early to this game ourselves. We have 10,000, what we call, Veeam Cloud Service Providers, that are offering data protection As-a-service, whether it be on premises, so they're remotely managing it, or cloud hosted, doing data protection for that. >> So, you don't care. You're providing the technology, and then your customers are actually choosing the delivery model. Is that correct? >> A hundred percent, and if you think about what GreenLake is doing for example, that started off as being a financial model, but now they're getting into that services delivery. And what we want to do is enable them to deliver it, As-a-service, not just the financial model, but the outcome for the customer. And so our technology, it's not just do backup, it's do backup for a multi-tenant, multi-customer environment that does all of the multi-tenancy and billing and charge back as part of that service. >> Okay, so you guys don't report on this, but I'm going to ask the question anyway. You're number one now, let's call you, let's declare number one, 'cause we're well past that last reporting and you're growin' faster. So go another quarter, you're now number one, so you're the largest. Do you spend more on R&D in data protection than any other company? >> Yes, I'm quite certain that we do. Now, we have an unfair advantage because we have 450,000 customers. I don't think there's any other data protection company out there, the size and scope and scale, that we have. But we've been expanding, our largest R&D operation center's in Prague, it's in Czech Republic, but we've been expanding that. Last year it grew 40% year on year in R&D, so big investment in that space. You can see this just through our product space. Five years ago, we did data protection of VMware only, and now we do all the virtual environments, all the physical environments, all the major cloud environments, Kubernetes, Microsoft 365, we're launching Salesforce. We announced that at VeeamON last month and it will be coming out in Q3. All of that is coming from our R&D investments. >> A lot of people expect that when a company like Insight, a PE company, purchases a company like Veeam, that one of the things they'll dial down is R&D. That did not happen in this case. >> No, they very much treat us as a growth company. We had 22% year-over-year growth in 2020, and 25% year-over-year last year. The growth has been tremendous, they continue to give us the freedom. Now, I expect they'll want returns like that continuously, but we have been delivering, they have been investing. >> One of my favorite conversations of the year was our supercloud conversation, which was awesome, thank you for doing that with me. But that's clearly an area of focus, what we call supercloud, and you don't use that term, I know, you do sometimes, but it's not your marketing, I get that. But that is an R&D intensive effort, is it not? To create that common experience. And you see HPE, attempting to do that as well, across all these different estates. >> A hundred percent. We focus on three things, I always say, our differentiators, simplicity, flexibility, and reliability. Making it simple for the customers is not an easy thing to do. Making that checkbox for immutability? We have to do a lot behind the scenes to make it simple. Same thing on flexibility. We don't care if they're using 3PAR, Primera, Nimble, whatever you want to choose as the primary storage, we will take that out of your hands and make it really easy. You mentioned supercloud. We don't care what the cloud infrastructure, it can be on GreenLake, it can be on AWS, can be on Azure, it can be on GCP, it can be on IBM cloud. It is a lot of effort on our part to abstract the cloud infrastructure, but we do that on behalf of our customers to take away that complexity, it's part of our platform. >> Quick follow-up, and then I want to ask a question of David. I like talking to you guys because you don't care where it is, right? You're truly agnostic to it all. I'm trying to figure out this repatriation thing, cause I hear a lot of hey, Dave, you should look into repatriation that's happened all over the place, and I see pockets of it. What are you seeing in terms of repatriation? Have customers over-rotated to the cloud and now they're pullin' back a little bit? Or is it, as I'm claiming, in pockets? What's your visibility on that? >> Three things I see happening. There's the customers who lifted up their data center, moved it into the cloud and they get the first bill. >> (chuckling) Okay. >> And they will repatriate, there's no question. If I talk to those customers who simply lifted up and moved it over because the CIO told them to, they're moving it back on premises. But a second thing that we see is people moving it over, with tweaks. So they'll take their SQL server database and they'll move it into RDS, they'll change some things. And then you have people who are building cloud-native, they're never coming back on premises, they are building it for the cloud environment. So, we see all three of those. We only really see repatriation on that first scenario, when they get that first bill. >> And when you look at the numbers, I think it gets lost, 'cause you see the cloud is growing so fast. So David, what are the conversations like? You had several events last night, The Veeam party, slash Storage party, from HPE. What are you hearing from your alliance partners and the customers at the event. >> I think Danny touched on that point, it's about philosophy of evolution. And I think at the end of the day, whether we're seeing it with our GSI alliances we've got out there, or with the big enterprise conversations we're having with HPE, it's about understanding which workloads they want to move. In our mind, the customers are getting much smarter in making that decision, rather than experimenting. They're really taking a really solid look. And the work we're doing with the GSIs on workplace modernization, data center transformation, they're really having that investment work up front on the workloads, to be able to say, this works for me, for my personality and my company. And so, to the point about movement, it's more about decisive decision at the start, and not feeling like the remit is, I have to do one thing or another, it's about looking at that workflow position. And that's what we've seen with the revenue part as well. We've seen our movement to GreenLake tremendously grow in the last 18 months to two years. And from our GSI work as well, we're seeing the types of conversations really focus on that workload, compared to, hey, I just need a backup solution, and that's really exciting. >> Are you having specific conversations about security, or is it a data protection conversation still, (David chuckles) that's an adjacency to security? >> That's a great question. And I think it's a complex one, because if you come to a company like Veeam, we are there, and you touched on it before, we provide a solution when something has happened with security. We're not doing intrusion detection, we're not doing that barrier position at the end of it, but it's part of an end-to-end assumption. And I don't think that at this particular point, I started in security with RSA and Check Point, it was about layers of protection. Now it's layers of protection, and the inevitability that at some point something will happen, so about the recovery. So the exciting conversations we're having, especially with the big enterprises, is not about the fear factor, it's about, at some point something's going to occur. Speed of recovery is the conversation. And so for us, and your question is, are they talking to us about security, or more, the continuity position? And that's where the synergy's getting a lot simpler, rather than a hard demark between security and backup. >> Yeah, when you look at the stock market, everything's been hit, but security, with the exception of Okta, 'cause it got that weird benign hack, but security, generally, is an area that CIOs have said, hey, we can't really dial that back. We can maybe, some other discretionary stuff, we'll steal and prioritize. But security seems to be, and I think data protection is now part of that discussion. You're not a security company. We've seen some of your competitors actually pivot to become security companies. You're not doing that, but it's very clearly an adjacency, don't you think? >> It's an adjacency, and it's a new conversation that we're having with the Chief Information Security Officer. I had a meeting an hour ago with a customer who was hit by ransomware, and they got the call at 2:00 AM in the morning, after the ransomware they recovered their entire portfolio within 36 hours, from backups. Didn't even contact Veeam, I found out during this meeting. But that is clearly something that the Chief Information Security Officer wants to know about. It's part of his purview, is the recovery of that data. >> And they didn't pay the ransom? >> And they did not pay the ransom, not a penny. >> Ahh, we love those stories. Guys, thanks so much for coming on theCUBE. Congratulations on all the success. Love when you guys come on, and it was such a fun event at VeeamON. Great event here, and your presence is, was seen. The Veeam green is everywhere, so appreciate your time. >> Thank you. >> Thanks, Dave. >> Okay, and thank you for watching. This is Dave Vellante for John Furrier and Lisa Martin. We'll be back right after this short break. You're watching theCUBE's coverage of HPE Discover 2022, from Las Vegas. (inspiring music)

(bright upbeat music) >> Hello, everyone, and welcome to this #CUBEConversation here in Palo Alto, California. I'm John Furrier, host of "theCUBE." We have the co-founder and CTO of Armis here, Nadir Izrael. Thanks for coming on. Appreciate it. Armis is hot company, RSA, we just happened. Last week, a lot of action going on. Thanks for coming on. >> Thank you for having me. Sure. >> I love CTOs and co-founders. One, you have the entrepreneurial DNA, also technical in a space with cyber security, that is the hottest most important area. It's always been important, but now more than ever, as the service areas are everywhere, tons of attacks, global threats. You got national security at every level, and you got personal liberties for privacy, and other things going on for average citizens. So, important topic. Talk about Armis? Why did you guys start this company? What was the motivation? Give a quick commercial what you guys do, and then we'll get into some of the questions around, who you guys are targeting. >> Sure, so yeah, I couldn't agree more about the importance of cybersecurity, especially I think in these days. And given some of the geopolitical changes happening right now, more than ever, I would say that if we go back 6.5 years or so, when Armis was founded, we at the time talked to dozens of different CIOs, CSOs, it managers. And every single one of them told us the same thing. And this was at least to me surprising at the time. We have no idea what we have. We have no idea what the assets that are connected to our network, or our environment are. At the time, when we started Armis, we thought this was simply, let's call it the other devices. IOT, OT, all kinds of different buzzwords that were kind of flying around at the time, and really that's, what we should focus on. But with time, what we understood, it's actually a problem of scale. Organizations are growing massively. The diversity of different assets they have to deal with is incredible. And if 6.5 or 7 years ago, it was all about just growth of actual physical devices, these days it's virtual, it's containerized, it's cloud-based. It's actually quite insane. And organizations find themselves really quickly dealing with billions of assets within their environment, but no real way to see, account for them, and be able to manage them. That's what Armis is here to solve. It's here to bring back visibility and order into the mix. It's here to bring a complete map of everything within the organization, and the ability to manage different security processes on top of that. And it couldn't have come, I think at a better time for organizations, because the ability to manage these days, the attack surface of an organization, understand where are different weak spots, what way to invest in? They start and end with a complete asset map, and that's really what we're here to solve. >> As I look at your story and understand what you guys are doing, certainly, a lot of great momentum at RSA. But also digging under the hood, you guys really crack the code with on the scale side as well. And also it's lockstep with the environment. If you look at the trends that we've been covering on "theCUBE," system on chip, you're seeing a lot of Silicon action going on, on all the hyperscalers. You're starting to see, again, you mentioned IOT devices and OT, IP enabled processors. I mean, that's basically you can run multi-threaded applications on a light bulb, basically. So, you have these new things going on that are just popping in into the environment. Just people are hanging them on the network. So, anything on the network is risk and that's happening massively, so I see that. But also you guys have this contextualization capability, scope the problem statement for us? How hard is it to do this? Because you got tons of challenges. What's the scale of the problem that you guys have been solving? 'Cause it's not easy. I mean, it's not network management, not just doing auto discovery, there's a lot of secret sauce there, scope the problem? >> Okay, so first of all, just to get a measure of how difficult this is, organizations have been trying to solve this for the better part of the last two decades. I think even when the problem was way smaller, they've still been struggling with being able to do this. It's an age old problem, that for the most part, I got to say that when I describe the problem the way that I did, usually, what the reaction from clients are, "Yes, I'd love for you to solve that." "I just heard this pitch from like five other vendors and I've yet to solve this problem. So, how do you do it?" So, as I kind of scope this, it's also a measure of just basically, how do you go about solving a complex situation where, to kind of list out some of the bold claims here in what I said. Number one, it's the ability to just fingerprint and be able to understand what your assets are. Secondly, being able to do it with very dirty data, if you will. I would say, in many cases, solutions that exist today, basically tell clients, or tell the users, were as good as the data that you provide us. And because the data isn't very good, the results aren't very good. Armis aspires to do something more than that. It aspires to create a logically perfect map of your assets despite being hindered by incomplete and basically wrong data, many times. And third, the ability to infer things about the environment where no source data even exists. So, to all of that, really Armis' approach is pretty straightforward, and it relies on something that we call our collective intelligence. We basically use the power and scale of these masses to our advantage, and not just as a shortcoming. What I mean by that, is Armis today tracks overall, over 2 billion assets worldwide. That's an astounding number. And it thanks to the size of some of the organization that we work with. Armis proudly serves today, for instance, over 35 of Fortune 100. Some of those environments, let me tell you, are huge. So, what Armis basically does, is really simple. It uses thousands, tens of thousands, hundreds of thousands sometimes, of instances of the same device and same assets to basically figure out what it is. Figure out how to fingerprint it best. Figure out how to marry conflicting data sources about it and figure out what's the right host name? What's the right IP address? What are all the different details that you should know about it? And be able to basically find the most minimalist fingerprints for different attributes of an asset in a changing environment. It's something that works really, really well. It's something that we honestly, may have applied to this problem, but it's not something that we fully invented. It's been used effectively to solve other problems as well. For instance, if you think about any kind of mapping software. And I use that analogy a lot. But if you think about mapping software, I happened to work for Google in the past, and specifically on Google Map. So, I know quite a bit about how to solve similar problems. But I can tell you that you think about something like a mapping software, it takes very dirty, incomplete data from lots of different sources, and creates not a pixel perfect map, but a logically perfect map for the use cases you need it to be. And that's exactly what Armis strives to do. Build the Google Maps, if you will, of your organization, or the kind of real time map of everything, and be able to supply that or project that for different business processes. >> Yeah, I love the approach, and I love that search analogy. Discover is a big part of mapping as you know, and reasoning in there with the metadata you have and the dirty data is critical. And by the way, we love bold statements on "theCUBE," because as long as you can back 'em up, then we'll dig into that. But let's back up some of those bold claims. Okay, you have a lot of devices, you've got the collective intelligence. How do you manage the real time nature of devices changing in real time? 'Cause if you do fingerprint on it, and you got some characteristics of the assets in the map, what happens in real time? How fast are you guys managing that? What's the process for that? >> So, very quickly, I think another quick analogy I like to use, because I think it orients people around kind of how Armis operates, is imagine that Armis is kind of like a Shazam for assets. We take different attributes coming from your environment, and we match it up, that collective intelligence to figure out what that asset is. So, we recognize an asset based off of its behavioral fingerprint, or based off of different attributes, figure out what it is. Now, if you take something that recognizes tunes on the radio or anything like that, it's built pretty similarly. Once you have access to different sources. Once we see real environments that introduce new devices or new assets, Armis is immediately learning. It's immediately taking those different queues, those different attributes and learning from them. And to your point, even if something changes its behavioral fingerprint. For instance, it gets updated, a new patch rolls out, something that changes a meaningful aspect of how that asset operates, Armis sees so many environments, and so much these days that it reacts in almost real time to the introduction of these new things. A patch rolls out, it starts changing multiple devices and multiple different environments around the world, Armis is already learning and adapting this model for the new type of asset and device out there. It works very quickly, and it's part of the effectiveness of being able to operate at the scale that we do. >> Well, Nadir, you guys got a great opportunity there at Armis. And as co-founder, you must be pretty pumped, actually working hard, stay up to date, and got a great, great opportunity there. How was RSA this year? And what's your take on the landscape? Because you're kind of in this, I call the new category of lockstep with an environment. Obviously, there's no perimeter, everyone knows that. Service area is the whole internet, basically, distributed computing paradigms and understanding things like discovery and mapping data that you guys are doing. And it's a data problem as well. It's a lot of problems that you guys are solving. But the industry's got some old beggars, as I still hear endpoint protection, zero trust. I hear trust, if you're talking about supply chain, software supply chain, S bombs, you mentioned in a previous interview. You got software supply chain issues with open source, 'cause everything's open source now on infrastructure, so that's happening. How do you manage all that? I mean, is it zero trust or is it trust? 'Cause as you hear, I hear you talking about Armis, it's like, you got to have trusted components in there and you got to trust the data. So, that's not zero trust, that's trust. So, where zero trust and trust solve? What's your take on that? How do you resolve? What's your reaction to that? >> Usually, I wait for someone else to bring up the zero trust buzzword before I touch on that. So, because to your point, it's such an overused buzzword. But let me try and tackle that for a second. First of all, I think that Armis treats assets in a way as, let's call it the vessels of everything. And what I mean by that, is that at a very atomic aspect, assets are the atoms of the environment. They're the vessels of everything. They're the vessels of vulnerabilities. There's the vessels of actual attacks. Like something, some asset needs to exist for something to happen. And every aspect of trust or zero trust, or anything like that applies to basically assets. Now, to your point, Armis, ironically, or like a lot of security tools, I think it assists greatly or even manages a zero trust policy within the environment. It provides the asset intelligence into the mix of how to manage an effective zero trust policy. But in essence, you need to trust Armis, right? I mean, Armis is a critical function now within your environment. And there has to be a degree of trust, but I would say, trust but verified. And that's something that I think the security industry as a whole is evolving into quite a bit, especially post events like solar, winds, or other things that happened in recent years. Armis is a SaaS platform. And in being a SaaS platform, there is an inherent aspect of trust and risk that you take on as a security organization. I think anyone who says differently, is either lying or mistaken. I mean, there are no foolproof, a 100% systems out there. But to mitigate some of that risk, we adhere to a very strict risk in security policy on our end. What that means, is we're incredibly transparent about every aspect of our own environment. We publish to our clients our latest penetration test reports. We publish our security controls and policies. We're very transparent about the different aspects we're involve in our own environment. We give our clients access to our own internal security organization, our own CSO, to be able to provide them with all the security controls they need. And we take a very least privileged approach in how we deploy Armis within an environment. No need for extra permissions. Everything read-only unless there is an explicit reason to do else... I think differently within the environment. And something that we take very seriously, is also anything that we deploy within the environment, should be walled off, except for whatever lease privilege that we need. On top of that, I'd add one more thing that adds, I think a lot of peace of mind to our clients. We are FeRAMP ready, and soon to be certified, We work with DOD clients within the U.S kind of DOD apparatus. And I think that this gives a lot of peace of mind to our clients, even commercial clients, because they know that we need to adhere to hundreds of different security controls that are monitored and government by U.S federal agencies. And that I think gives a lot of extra security measures, a lot of knowledge that this risk is being mitigated and controlled, and governed by different agencies. >> Good stuff there. Also at RSA, you kind of saw people come back together face-to-face, which is great. A lot of kind of similar, everyone kind of knows each other in the security business, but it's getting bigger. What was the big takeaways from you for the folks watching here that didn't get to go to RSA this year? What was the most important stories that came out of RSA this year? Just generally across the industry, from your perspective that people should pay attention to? >> First of all, I think that people were just really happy to get back together. I think it was a really fun RSA. I think that people had a lot of energy and excitement, and they love just walking around. I am obviously, somewhat biased here, but I will say, I've heard from other people too, that our event there, and the formal party that was there was by far the kind of the the talk of the show. And we were fortunate to do that with Sentinel One. with Torque who are both great partners of ours, and, of course, Insight partners. I think a lot of the themes that have come up during RSA, are really around some of the things that we already talked about, visibility as a driver for business processes. The understanding of where do assets and tax surfaces, and things like that play in. But also, I think that everything was, in light of macroeconomics and geopolitics that are kind of happening in the background, that no one can really avoid that. On the one hand, if we look at macroeconomics, obviously, markets are going through quite a shake up right now. And especially, when you talk about tech, the one thing that was really, really evident though, is it's cybersecurity is, I think market-wise just faring way better than others because the demand is absolutely there. I think that no one has slowed down one bit on buying and arming themselves, I'd say, with defensive solutions for cybersecurity. And the reason, is that the threats are there. I mean, we're all very, very much aware of that. And even in situations where companies are spending less on other things, they're definitely spending on cybersecurity, because the toll on the industry is going up significantly year by year, which really ties into also the geopolitics. One of the themes that I've heard significantly, is all the buzz around different initiatives coming from both U.S federal agencies, as well as different governing bodies around anything, from things like shields up in critical infrastructure, all the way to different governance aspects of the TSA. Or even the SCC on different companies with regards to what are they doing on cyber? If some of the initiatives coming from the SCC on public companies come out the way that they are right now, cyber security companies will elevate... Well, sorry, companies in general, would actually elevate cyber security to board level discussions on a regular basis. And everyone wants to be ready to answer effectively, different questions there. And then on top of all of that, I think we're all very aware of, I think, and not to be too doom and gloom here, but the geopolitical aspect of things. It's very clear that we could be facing a very significant and very different cyber warfare aspect than anything that we've seen before in the coming months and years. I think that one of the things you could hear a lot of companies and clients talk about, is the fact that it used to be that you could say, "Look, if a nation state is out to get me, then a nation state is out to get me, and they're going to get me. And I am out to protect myself from common criminals, or cybersecurity criminals, or things like that." But it's no longer the case. I mean, you very well might be attacked by a nation state, and it's no longer something that you can afford to just say, "Yeah, we'll just deal with that if that happens." I think some of the attacks on critical infrastructure in particular have proven to us all, that this is a very, very important topic to deal with. And companies are paying a lot of attention to what can give them visibility and control over their extended attack surface, and anything in between. >> Well, we've been certainly ringing the bell for years. I've been a hawk on this for many, many years, saying we're at cyber war, well below everyone else. So, we've been pounding our fist on the table saying, it's not just a national security issue. Finally, they're waking up and kind of figuring out countermeasures. But private companies don't have their own, they should have their own militia basically. So, what's the role of government and all this? So, all this is about competency and actually understanding what's going on. So, the whole red line, lowering that red line, the adversaries have been operating onside our infrastructure for years. So, the industrial IOT side has been aware of this for years, now it's being streamed, right? So, what do we do? Is the government going to come in and help, and bring some cyber militia to companies to protect their business? I mean, if troops dropped on our shores, I'm sure the government would react, right? So, where is that red line, Nadir? Where do you see the gap being filled? Certainly, people will defend their companies, they have assets obviously. And then, you critical infrastructure on the industrial side is super important, that's the national security issue. What do we do? What's the action here? >> That is such a difficult question. Such a good question I think to tackle, I think, there are similarities and there are differences, right? On the one hand, we do and should expect the government to do more. I think it should do more in policy making. I mean, really, really work to streamline and work much faster on that. And it would do good to all of us because I think that ultimately, policy can mean that the third party vendors that we use are more secure, and in turn, our own organizations are more secure in how they operate. But also, they hold our organizations accountable. And in doing so, consumers who use different services feel safer as well because basically, companies are mandated to protect data, to protect themselves, and do everything else. On the other hand, I'd say that government's support on this is difficult. I think the better way to look at this, is imagine for a second, no troops landing on our kind of shores, if you will. But imagine instead, a situation where Americans are spread all over the world and expect the government to protect them in any country, or in any situation they're at. I think that depicts maybe a little better, how infrastructure looks like today. If you look at multinational companies, they have offices everywhere. They have assets spread out everywhere. They have people working from everywhere around the world. It's become an attack surface, that I think you said this earlier, or in a different interview as well. There's no more perimeter to speak of. There are no more borders to this virtual country, if you will. And so, on the one hand, we do expect our government to do a lot. But on the other hand, we also need to take responsibility as companies, and as vendors, and as suppliers of services, we need to take accountability and take responsibility for the assets that we deploy and put in place. And we should have a very security conscious mind in doing this. >> Yeah. >> So, I think tricky government policy aspect to tackle. I think the government should be doing more, but on the other hand, we should absolutely be pointing internally at where can we do better as companies? >> And the asset understanding the context of what's critical asset too, can impact how you protect it, defend it, and ensure it, or manage it. I mean, this is what people want. It's a data problem in flight, at rest, and in action. So, Armis, you guys are doing a great job there. Congratulations, Nadir on the venture, on your success. I love the product, love the approach. I think it scales nicely with the industry where it's going. So, especially with the intelligent edge booming, and it's just so much happening, you guys are in the middle of it. Thanks for coming on "theCUBE." Appreciate it. >> Thank you so much. As I like to say, it takes a village, and there's so many people in the company who make this happen. I'm just the one who gets to take credit for it. So, I appreciate the time today and the conversation. And thank you for having me. >> Well, we'll check in with you. You guys are right there with us, and we'll be in covering you guys pretty deeply. Thanks for coming on. Appreciate it. Okay, it's #CUBEConversation here in Palo Alto. I'm John Furrier. Thanks for watching. Clear. (bright upbeat music)

>>Hello, and welcome to the cube conversation here in Palo Alto, California. I'm John furier host of the cube. We got a great guest, a chief information security officer CISO, Alex Shukman who's with Colgate Paul mall of company, Alex. Thanks for coming on this cube conversation. >>Thanks for having me, >>John. So fresh off the heels of RSA in San Francisco was quite the spectacle people back in person. Um, a lot of great conversations, kind of the old conversations, moving to the new, uh, really good to see, but CISO, the CISO agenda was clear on everyone's mind, more attacks, no surface area. Perimeter's dead. You got cloud native shift left, SBOs open sourced, supply chain and technology. Uh, software's now open source. How do you deal with that? A lot of complicated issues all through the prism of constantly being hacked with ransomware, everything else going on, you're in the middle of it. You gotta protect manufacturing assets, people, assets, intellectual property, you're in the middle of it. What's, what's the view. What's your current scope, the problem that you're dealing with every day. >>Yeah, it's really interesting world we live in today. Um, and, and definitely, uh, you know, the key topics were jumping around in RSA. Um, you know, everyone seems to be really trying to understand the, the environment better. And, you know, I, I think in the past we saw a lot of attacks against financial sector, a a lot of, of tax against critical infrastructure, but now many of us in the private sector, uh, especially in the non-critical manufacturing areas, you know, we're seeing the same thing that those industries have seen for many years. And so the criminals are getting, you know, less picky about their targets and, and they're targeting, uh, publicly traded companies, as much as they're targeting critical infrastructure. They're not as, uh, picky as they used to be. >>Yeah. You know, you see healthcare, financial services, uh, manufacturing, um, all there, intellectual, property's a big one, but you have, you know, now as you guys have your business, you're dealing with a global, um, borderless environment. You know, that's a big thing. You also have service providers probably work with. So you gotta have the business operations run modern in a modern way at the same time, protect in the modern way. What is the top agenda item for you in your sector, in, in manufacturing, in this area? What's the main high level, um, important task that you usually face every day? >>Yeah. When we talk to a lot of our, our peer companies or peers in the security industry, uh, especially in, in, at RSA, you know, a lot of 'em are very focused on their, their us business, a as well as you know, how to protect themselves. You know, I think one of the things that's really interesting about FGI Pala is that we are a global company and we really do have operations everywhere, uh, both from an, an office presence, a business presence, as well as manufacturing. So, you know, everything that, that those companies have to deal with who are primarily us based, and maybe they're aligning with some us intelligence, uh, we have to, to really incorporate global threats into our security program. Uh, and, and I think that's one of the really interesting things about Colgate, especially for people, uh, maybe who are familiar with our products, cuz they grew up using them. Mm-hmm <affirmative>, uh, you know, we have products, uh, all over the world and depending on which area you're in, you know, we are the one security team who's responsible for protecting the entire Colgate world. >>How has the pandemic pulled forward issues or highlighted more necessity around certain areas? Obviously the work from home thing is pretty obvious for many people and who would've thought you'd have to provision a hundred percent VPNs or whatever endpoint protection. Um, what, how has that affected you, your, your area, your company and your sector, um, how has the pandemic impacted your security? >>Yeah, and I think this is a really interesting topic. You've I I've heard many other people, uh, talk about their response to the COVID 19 pandemic over the last few years. Um, you know, I, I think the, the, the best way to answer it from, from my personal perspective is if, if you were prepared for remote work or you were prepared for a partially remote workforce, then you really could have been very prepared for the pandemic. So even prior to the pandemic, you had people traveling on business and you needed to provide system access, but in a secure way, you had people doing short term assignments, you had a remote sales force and you had a number of different, especially being a global company, uh, people working out of an office, that's not their traditional office. Mm-hmm <affirmative>. If, if you look at all the security prepared, preparedness that you need to do to enable all that, it's not that much different than the pandemic, except that it's really on steroids and it's gone a hundred times further. >>It makes everyone work harder. Yeah. You have to prepare for the a hundred percent scenario, not, you know, not some, uh, um, estimate, um, good, good call out. And the other thing too, is that there's also these, these markets where it gets pulled forward, but then pulls back when the pandemic is over. Have you seen any of that as we kind of come into our third year of, I guess, hybrid being steady state, what has kind of gone away, fell off the plate? What's been, what's the steady state. How do you, have you seen anything kind of go back? >>Yeah, I, I think one of the things that kind of seems to ping pong back and forth is, is our ability to really rely on suppliers to, to deliver it equipment. So, you know, being a, a global company we're, we have employees all over the world, we have it infrastructure that we're supporting across the globe. And, and as you see, different countries go into lockdowns, as you see different suppliers faced with, with different pressures, you know, that seems to be something that kind of ebbs and flows over the last few years, uh, being able to get laptops, being able to get multiple devices, being able to get communications equipment. So, um, you know, I think some of those industries are still trying to evolve, uh, post pandemic. Right. >>You know, I always, I always like to ask the question privately, but I won't do it on camera, how much budget you have and how much you spend on cyber. Um, but you know, generally speaking, I think it's pretty safe to say the number's going up and up, um, cuz of the threats and you got more vectors coming in, but on the question of what tools and platforms work best for you, what are you looking for? What works best from your perspective, as you evaluate new things, right? You gotta look at the new, then you gotta keep up with the state of the art to, to be ahead of the bad guys and obvious you take risk management very seriously, as well as prepare. Right. So what are some of the tools that work for you? What do you see out there that that's getting your attention? >>Yeah, you know, I, I look at a lot of different vendor solutions. I think, uh, that's pretty prevalent in our industry. I look for solutions from large names, suppliers that have been around for a number of years, but I also like to, to look at startup companies who are really trying to innovate and, and make a solution, that number one is easy to implement. And number two is, is easy to keep working. If, if we're spending more time keeping a solution working than we are using the solution. I think that's one of the pain points that than other security, uh, programs are, are fighting with. You know, we try to really avoid those types of solutions, put something in, make sure that it works well so that we can really focus on getting the value out of the solution versus trying to keep it running. >>You know, the old SAS equation, helping the enterprise get better at the old enterprise playbook, which was how do you solve complexity by adding more complexity and, you know, lock in or, you know, <laugh> more costs, hidden costs under the water, so to speak or the shark fan or the iceberg, uh, cost of ownership. I mean, so it's a time to value shift, um, cuz your time's valuable and you've got staff and the hiring's not easy. This is a huge point. >>Yeah. We're a manufacturing organization. Obviously our, our goal as a company is to produce, to sell to consumers. You know, it is a cost center. We're trying to be as efficient as possible yet still support our business and keep it safe. So, uh, if we're investing in a security solution or if we're investing in, in a, a vendor solution that that does provide some layer of protection, you know, we wanna make sure that that's efficient as possible for us and, and that we get value out of it immediately. Uh, you know, that's always the, the hardest thing to try to find a solution that, that fits your business, but also delivers value to your organization. >>You know, it's interesting, you mention it as a cost center and you're talking about cyber security, which is the, the jewels of the company. You're talking about the criticality of the business model. One hat could really take down companies. So you, you it's really offense you're it's profit center in inherently. If you look at it that way. Um, and a lot of people are looking at this this way because you're a private company, you're not a government, you don't have a militia, you got cyber protection issues. So there's a real trend for CISOs to come together. And we're seeing this, uh, about sharing for instance, you know, sharing a threat information. So there's been a big movement in the CISO community. Uh, and I'm curious to get your reaction to this and what your conversations are, where sharing is really about collective intelligence and winning and ex and helping each other. And there's this, it's a, it's a, it's an enable user enablement, a CISO enablement kind of vibe. How do you have those conversations? What is, uh, when you huddle with your CISO buddies and friends and colleagues, what's the conversations like, is this sharing thing real is how do you do it effectively? Is it data rooms? Is it, how do you protect the information? Can you share your perspective on that? Cause this is a kind of a real cutting edge area right now. >>Yeah, I think in the, in the public sector, especially in, in, uh, in the government side, as well as critical manufacturing, critical infrastructure, you know, they really do it best in class and have done it for years out, out of necessity. Uh, what's really nice to see, especially on CS a and some of the latest initiatives like shields up is, is a lot more public private sharing going on. There's a lot more information available to us as a private company. Who's not part of, of the DIB or any of the intelligence community, but at the same time, we need to protect ourselves from the bad guys as much as they do. So, you know, I like the fact that that we're seeing CS a do more and more outreach to connect public and private sector, plus there's more and more sharing initiatives going on in the ISAC communities and making sure that barrier is low and, and they're, they're sharing, uh, threat Intel IOCs, but in a safe way among a, a community of security practitioners, security practitioners are, are great at sharing. They just need the permission to do so. >>Exactly. And then getting that, getting that mindset of, we're not just a cost setter, we're a critical division or group that protects the assets. And I think that's where I seen security elevate from the it world where yeah, King's born in it, cuz that's where that, where everything is, assets are all there. And then as assets change it, you guys have a lot of operational technology called OT on your manufacturing. You gotta deal with that. Now that's usually locked down. Pretty good. Right. <laugh> so as you bring OT and it together, you guys are in the middle of that industrial I OT world. >>Yeah. What's really interesting about my, uh, career at Colgate. I I've been here for, for 25 years and uh, actually the majority of my career has been in it supporting business applications, uh, either for our sales force or our manufacturing organization, our finance and HR teams. So I really got a, a good partnership with our business teams and really understood what they were trying to deliver. Then in the last few years, when I shifted over security, it really helped me bridge that gap and understand, you know, what the business systems are doing, what the OT systems are doing and then how to best secure them. >>Yeah, it's interesting. It's it kind of goes away. It's everything now it's digital, right? Digital digitization, digital transformation. This is what what's awesome. And this is what I love about the cloud scale and it's about bringing the two worlds together and the hybrid is a steady state. Now, both workforce and environment, Alex. Great to get your perspective. Um, thanks for sharing, um, insight here on the cube. Final question, give a plug for what you're working on. What's the cool projects you got going. If you can share a little bit without getting confidential information out there, what's going on at Colgate? Uh what's on your plate. What are you excited about? Put a plug. Are you looking for hiring, give a quick plug for what you got working on? >>I mean, we have a great team. Uh, we've been growing the team steadily, uh, building out our, our security program. Uh, you know, we're always looking to hire new talent, uh, from different industries. Uh, we've been very focused on making sure that that we're building a diverse talent group inside my security program. So I'm not just looking for, uh, security practitioners. Who've been doing this for 25 years, but I've been hiring from various places like, uh, infrastructure service provider consultants, pen testers, and really trying to build, uh, uh, the best team possible. >>Yeah, just as a side to real quick note is I was chatting with a friend of mine the other day were old, old Foggie. Um, the young guns have never racked gear before. Right. They don't, they've never loaded Linux on a box. So, you know, as you start hiring some of the young talent, what's it like, what are they coming in? Obviously they probably probably have a broader CS perspective. Maybe they're probably more familiar, but you know, some of the different really rack gear all. So what is it like, what, what are some of the new, new, new young folks looking at right now? What's the, what's the skill. >>Yeah, they they're, they're used to cloud consoles and right clicking to, uh, to spin up a computer. And in an our day we unboxed the computer, put racks on, you know, had to plug in power and network and figure out, uh, you know, the right way to, to, to hook everything up and even load an OS. I mean, uh, you know, you're right out of, uh, university today, you, you probably right. Click spin up a, uh, an image in, in one of the public clouds and the OS boom comes up automatically for you, like imagine. So they >>Probably are like fish to water on the, on the dashboards and the, on some of the security challenges I can imagine they have a nice fit there, >>But at the same time, uh, you know, they have a great understanding of, uh, containers. They have a great understanding of server list. So you can really, uh, kind of marry the, the old school technology with some of the new ways of working. >>Yeah. Great stuff. Great. We'll have to do a segment on, uh, on talent and what the new roles are. A lot of openings, a lot of new opportunities. It really is a great time to be in this new digital, I don't know what the call it's nearly not it anymore. It's just digital transformation. Uh, it's just, it's just the way it is. Thanks for coming on. Appreciate it, Alex. Thanks for your time. >>Thanks a lot, John. Okay. Take >>Care. Just a cube conversation here in Palo Alto. I'm John fur host of the cube. Thanks for watching.