(upbeat music) >> Hello and welcome today's session of the cube presentation of the 80 best startup showcase. The next big thing in security featuring Anitian for the security track. I'm your host John Furrier. We're here with the CEO of Anitian, Rakesh Narasimhan, and Aditya Muppavarapu global segment leader of Dev ops for 80 minutes partner network, Rakesh, Aditya, Thanks for coming on. Appreciate it. >> Thank you very much, John. Pleasure is mine. >> So this is the track session. We're going to get into the, the into the details on the leadership of digital transformation and dev sec ops automation, cloud security and compliance. So let's get started. But first Rakesh, we last talked you guys had some awards, RSA conference, 2021, virtual. You guys got some serious awards. Give us the update. >> Yeah, thank you very much, John. Yeah, we were, you know, humbled to be recognized. You know, industry recognition is always a great thing. We deliver value for customers and the industry is recognizing it. So at the RSA conference, we got seven different awards you know, very excited that we were chosen for, you know publishers choice and security company of the year editor's choice and blood security and heart company in cloud security automation. So really thrilled about the recognition thanks. >> Awesome. Seven awards. I mean, RSA is obviously a show that's in transition itself. They're transforming no longer part of Dell technologies now kind of on their own kind of speaks to the wave we're in. So congratulations on the success. They're hot startup here in security track. Give us a quick overview what you guys are enabling because this transformation is everywhere. It's in every sector, it's in every vertical dev sec ops shifting left, you know day two operations get ops. All. This is all talking to one thing, developer, productivity programmable infrastructure with security. Rakesh give us a quick overview of >> Yeah. Exactly. Right. John, I think there's a big shift happening obviously to the cloud and, you know, affects every one of our lives in productivity in enterprise applications, consumers you name it. There's a huge change happening, but central to that theme is security. And so it's one of the areas we focus on Anitian is the fastest way for both existing and new applications to be developed in the cloud. And so we make sure that you can get there fastest time to value and time to revenue pretty quickly by providing the best secure and compliance environment for you. That's really the core of what we do as a company. And we look forward to helping all of our customers and the industry >> Aditya you're a global segment lead at AWS partner network. You seeing on successful companies, you've got a winner here, obviously a success story. I want to get your take on this because this is a trend in cloud native scale, you know, heart, you know horizontally scalable, large scale, but shifting left, okay. Get ops big topics where code is being inspected in real time. People want automation. So I've got to ask you, what does shift left mean to to being out there and this in the security world? What does that mean? >> So, instead of applying your security and compliance guard rails only in production, we also need to apply them across your application development and delivery cycles. Instead of having one gate that becomes a bottleneck we should have multiple checkpoints at various stages. This provides a fast feedback for the developers while they're still in the context of developing that feature. So it's easier and less expensive fix the issues and what it is not is this doesn't mean you move all your focus to dev and ignore production. It also doesn't mean developers are now responsible for security and you can get rid of your security teams. We needed a process and a mechanism in place to leverage the expertise off the security teams and offer their services to the developers very early on in the development cycles, thereby enabling and empowering developers to write secure and compliant code >> I mean, to me not to put my old school hat on, but it's, you know I think to me, I view it as security at the point of coding right at the point of, I don't want to say point of sale but the point of writing the code and the old days it used to be like a patches and getting updates and provisioned into, into production. Same that kind of concept. But as a developer, that's kind of the focus is getting the latest knowledge either through tools and technologies to make it easier for me as a developer to inject at the point of code. Is that right? >> That's right. Yeah. >> So what makes Anitian so different and what's successful within AWS? That's, what's the why the success there? Can you share with us why they're so unique in AWS? >> So I think the biggest case for that is really you know, security, oftentimes security is thought of as an impediment sometimes actually believe it or not. So the configuration, the management, the deployment all of that, you got to be able to do and you got to be able to do that at scale. The great thing about the cloud at is scale and a big portion of that is automation. So what we at Anitian have done is taken that lifecycle of taking, you know applications on a variety of states. If you will, if you're trying to get to production you're trying to do one of two things. You're either you're trying to get into a compliance standard, like Fed Ramp you want a very predictable process, or you're just trying to get an application secure pretty quickly. So how can you do either one of those things becomes the challenge and we help you do that by having a pre-engineered environment where configuration defining deployment all that becomes very consistent and very predictable which means we've automated it in a way that it can scale. You can sort of almost have this regularly happening and not just one application with multiple applications for any company. That is, I think the biggest obstacle that has happened for a lot of folks in the enterprise for sure, to try to get to production and keep that cycle going continuously. And we help with that in a big way. That's one of the reasons why we're having a lot of adoption customers working with partners of course and getting industry recognition for it. >> Yeah. I mean, this is one of the benefits of cloud. I want to get you guys both reaction to this, where as things get going, it's kind of like that, you're you you got to take advantage. You can take advantage of all these solutions. So how many of his customer, I want to look for solutions that help me move the ball forward, not backwards right? So, or help me move the ball forward without building anything that I don't need or that's already been built. So here it sounds like if I get this right Anitian is saying, Hey if you're an Amazon customer I can accelerate you with Fed Ramp compliance. So you don't have to spend all these cycle times getting ready or hiring or operationalizing it is that right? I mean, is that the value proposition? >> They're very accurate, John. So what happens is, you know, we're working with Amazon web services, who's really innovated quite a bit in building all the building blocks, if you will. And so, you know, we're standing on the shoulders of giants if you will, to basically get the max level of automation and acceleration happen. So that just like customers have gotten used to not having to buy servers, but guide, compute and storage. If you will, now they're able to secure and also become compliant with the services that we offer. That level of acceleration I think is needed. If you believe that there's going to be a lot more cloud applications, lot more cloud. If you're going to achieve scale, you've got to automate. And if you want to automate, but secure as well you need a mechanism to doing that. That's really where Anitian comes in, if you will. >> Yeah. And I think Fedramp to me is just a great low hanging fruit example because everyone wants to get into the public sector market. They know how hard it is. Kind of like, you know, we want to do it, but stand in line we've got to get some resources. I'm not kind of get that. But the question I want to get to you Rakesh and Aditya is the bigger picture, which is, as you said more cloud applications are coming. So customers in the enterprise have, have or are building fast dev ops teams accelerate the security paradigm. How do you help those, those folks? Because that's really kind of where the action's going. The puck is going to go there too. Right? So beyond Fed Ramp there's other things >> Right? So I think, I think the way we approached it is really, there's like at least two different sets of customers, right? In the federal market itself. You just think about a commercial SAS companies who are trying to enter the, the, the, the the public sector market. Well, you need to clear a standard like Fed Ramp. So we're the fastest way to not just complete it but be able to start selling and producing revenue. That'd be market per using that functionality. If you will, to that market. Similarly, there's a lot of public sector organizations who are trying to move to the cloud because they have traditionally developed applications and architectures based on what they've done over the last 20 plus years. Well guess what, they're also trying to migrate. So how do you help both commercial companies as well as public sector companies transition, if you will to the cloud in a secure way, but also meeting a public standard. We're helping both those organizations to do that migration and that journey if you will, but it's premised on with pre-engineered it, it's the fastest way for you to get there for you to be able to provide your capability and functionality to the larger marketplace. That's one of the main reasons why I think the productivity jump is enormously high because that's how you get to larger marketplace, if you will, to serve that market >> Aditya. So they have to change your title from global segment leader, dev ops to dev sec ops 80 of his partner network here with this solution in a way it's kind of becoming standard. >> Yeah. Security is getting him embedded into all of your development and delivery life cycle. So that dev sec Ops is becoming more and more critical with customers migrating to the cloud and modernizing their applications. >> How much has automation playing into this? Because one of the things we're talking about fueling digital transformation is the automation component of the security piece here Rakesh How important is automation and what how do you set yourself up for that to be successful? >> That's big question. I think that the big key to that is automation. I think automation is there in general in the cloud space. People expect it, frankly. But I think that the key thing what we have done is pre-integrated not just our platform but a variety of the partner ecosystem are on AWS. And so when a customer is looking forward to taking an application and going to the cloud they're not just getting functionality from us and AWS but also a lot of partner functionality around it so that they don't have to build it. Remember this discussion we had earlier about how do you jumpstart that? Well, it's, it's, it's really, instead of them having the best of breed assemble we've pre done it for them, which means it's predictable, it's consistent it's configured correctly. They can rely on it. That allows us to be able to help them move faster which means they can go serve larger markets and obviously make money around it. >> Rakesh, I got to follow up on that and ask you specifically around this business model. Obviously cloud has become great service. Everyone kind of knows that and then kind of sees the edge coming next and all these other issues that are going to provide more opportunities. But I got to ask you for your company what industries and business models are you disrupting? >> Yeah, I think primarily to we're a classic example of software eating the world, right? Primarily what happens is most of the folks that certainly in the compliance arena are really trying to figure out how to do it themselves, right? And then that's primarily the group of people who are sort of trying to figure that out. And then there's a class of who do consulting who are trying to consult with you and what you should do. And we have taken a very software oriented approach built on Amazon that we will not only help you fast forward that but also, you know, get you compliant but also keep you compliant because it's a cycle much like in other industries you've seen there used to be a time when people that email and they used to run email servers and ran the email servers and backups and things of that nature that transitioned over time where people procure that service from somebody else. And it's still a secure, it's still a scalable and they can rely on that service without having to be in that business if you will. So we see us disrupting the consulting and do it yourself world to actually providing a dependable service out there that you can rely on for security and compliance. >> Awesome. Aditya, I got to ask you on the Amazon side obviously you see a lot of it there. What are some of the challenges that you see with security? >> One of the main challenges I see that is that the landscape itself is rapidly changing. As customers are migrating to the cloud and modernizing what used to be a simple monolithic application running on a server and a office or a data center is now distributed hybrid and spans across development practices like microservices managed services, packaged applications, et cetera and also in the infrastructure platform choices have dramatically increased to from on-prem to call data centers, to edge computing, IOT VMs containers, serverless a lot more options. All these leads to more complexity and it increased the number of threat vectors exponentially though this advancement was great from a usability perspective. It now created a whole slew of challenges. This, this is complex. It's very hard to keep up. It's not something you set and forget. One needs to make sure you have the right guardrails in place to make sure you're continuously compliant with with your own policies are also with regulatory compliance frameworks that are needed for your business. Like GDPR, PCI, DSS, Nast, HIPAA Sox, Fed Ramp, et cetera >> For Rakesh. We're specifically on the dev ops efficiency with Amazon. What do you guys, what's your top few value proposition points? You say >> Biggest value proposition honestly is keeping and maintaining security while you're in compliance at scale with speed. I think those are big issues for companies. Like if you, if you're a company you're trying to be in the cloud, you want to enter the federal market. For example, you got to get that quickly. So what could take a lot of money? 18 - 24 months, our prawn malleable we've just completely automated back. And so within a quarter, depending on quickly the two organizations can work. We can get you into the marketplace. That that speed is of enormous value to companies. But also to remember that as Aditya pointed out there's a lot of complexity in the kind of architecture that is evolved but we have to feel like people like in the issue of what we can help customers would is as much as you take advantage of all the cloud style architecture providing the simplicity of providing security consistently and providing compliance consistently quickly. I think there'll always be a value for that because people are always trying to get faster and cheaper quicker. And I think we're able to do that. But remember, security is not just about fast. It's got to be secure, right? We got to be effective, not just efficient but I think that's a big value prop that we're able to bring to the table on AWS. >> Well I want to go, I got you here. I'll see what showcasing you guys as the hot startup who is your customer on Amazon? I'll see, you have customers that sell in marketplace for fedramp. That's a huge, that's the people who are in business to sell software but also other enterprises as well. Right? So could you just quickly break down your customers? And then when do they know it's time to call a Anitian? >> Yeah, so we have two large groups of customers. If you will. Certainly the commercial segment, as well as in the public sector and the commercial side, you have lots of companies in the cyber security enterprise collaboration as a little robotic process automation, all those categories of companies in the commercial environment they're trying to enter the public sector federal market to go sell their services. Well, you have to get compliant. We are the fastest path to get you there time to value type of revenue we can accomplish for you. That's a group of customers we, we have in market. And then we have the other side, which is a lot of government agencies who are themselves trying to migrate to the cloud. So if you're trying to get your applications for sure once on hybrid or on-premise, and you're trying to go to the AWS cloud, well, we're a great way for you to have a pre-engineered environment into which you can move in. So not only are you secure it's, pre-built, it can scale to the cloud that you're in front of migrate to. So we have both those particular sites if you will, of the marketplace. And then in market, we have lots of agencies, big and small and the government side, but also all these categories in the commercial side that I mentioned >> For Rakesh, Anitian's helping a lot of companies sell them to the public sector market. How big is the public sector federal market >> Right? Yeah. Billions of dollars. More than $250 billion is what people say but it's a very large market, but, but remember it's any any commercial SAS company who's trying to go into that federal market is a target market. We can help that customer get in into that market. >> And just real quick, their choice alternative to not working with the Anitian is what? months the pain. And what's the heavy lift as Andy Jassy would say the heavy lifting, undifferentiated lifting a lot of paperwork, a lot of hoops to jump through. Good. Can you just paint a picture of the paths with, and without >> There's three key areas that I think customers or, you know companies have to do, A. they have to understand the standard B. They have to really figure out the technology the integration, the partners, and the platform itself. It's a lift to basically get all of that together and then actually produce the documentation produce all the configuration and in a repeatable way. And that's just to get one application up there. Well, guess what? Not only do you need to get that up there you need to keep that compliant. And then our future standards come in. You need to go upgrade to that. So the best way for me to describe that is either you you come to the Anitian and we make that age just a service that is subscribed to to keep you compliant and grow or you can try to build it yourself, or you try to go get consulting companies to tell you what to do. You still have to do the work. So those are your sort of choices, if you will, which is one of the reasons why we're enjoying the growth we are because we're making it easy and productive for for companies to get there faster. >> Aditya, I want to get to you real quick. Obviously AWS partnering, they're also known as APN. You guys see some of the best hot startups. They all kind of have the same pattern like this. They do something that's hard. They make it easier. They go faster, more. Cost-effective what's the pattern in this cloud-scale world as startups. We're going to be featuring, you know, every as much as we can hot startups coming out of your network, there's a pattern here. What would you say? They are? Well as the DevOps obviously cloud native, besides iterate, move faster. What's the pattern you're seeing for the successful companies. >> It's like, like Andy's says, it's figuring out how to continuously reinvent yourself is the key to stay successful in this market. >> Awesome. For Rakesh, real big success. Congratulations on your awards. I got to ask you, we're asking all the, all the companies this question, what is your defining contribution to the future of cloud scale? >> Great question. I think when I think about what can be accomplished in the future, not just in the past, I think cloud is a huge phenomenon that has completely up-ended the architecture for all sorts of things commercial government, you know, consumer and enterprise. If you will, I would think we would be humbly the people who will ensure that lots of B2B companies and government organizations are able to move to the cloud and are able to be secure and compliant because I believe that there'll be more and more of that happening in the cloud. And the more that is available, just like the commercial world is takes advantage of all those features. I feel like public government organizations also can accomplish the same things very quickly because of folks like us, which means you have a larger segment of population that you can support. That's only going to make the planet more successful. I'm a big optimist when it comes to tech. I know there's a lot of folks who would look down upon tech or I'll think about it as not great. I'm a very big optimist around tech improving people's lives. And I think we have our own humble role in enabling that to happen in the security and compliance >> Well, anything, in my opinion I'm really a big fan of your work and your team. Anything that could bring great innovation into the public sector faster and more effective as good win for society. So I think it's a great mission. Thanks for, for sharing and congratulations on your awards and thanks for being part of our 80 best startup showcase. Appreciate it Rakesh thank you >> Thank you. >> Okay. This is the cube coverage of 80 startup showcase. I'm John for your host of the cube. This is the next big thing in security Anitian in the security track. Thanks for watching. (Up beat music)