>> Announcer: From Austin, Texas it's theCube, covering Pure Storage Accelerate 2019. Brought to you by Pure Storage. >> Howdy from Austin, Lisa Martin with Dave Vellante we are on day one of our coverage of Pure Accelerate 2019. Welcoming a couple of guests to theCube. One is an alumni, Nathan Hall, VP of America's Systems Engineering from Pure, Nathan welcome back to theCube. >> Thanks, thanks very much. >> Lisa: And you brought a buddy from Cisco. We have Tom Sutliff, director of systems engineering and the America's data center, welcome to the Cube Tom. >> Thanks for having me. >> Dave: It's howdy you all. >> Howdy you all, okay. Thank you, it took the wicked smart guy from Boston to figure that out. >> A local. >> All right, so you all, let's talk about Cisco and Pure, you guys have been partners now since, Nathan we were chatting, since about the IPO, about four years ago. Let's start with you Nathan, our Pure guy. The Cisco, Pure partnership evolution, better together? What have you done over those last five years that sets you up for another first that you're going to share with us today? >> Sure, so it's a deep relationship that's only getting deeper and it's really at all levels. It starts with the executive alignment and think about Charlie Giancarlo from Cisco we've got a lot of just common, cross pollination there. But now it extends, certainly the field level, Tom and I are doing a lot of planning together in terms of having our teams go after common use cases. But now it extends to engineering as well, we had a UCS director plugin that we've had for some time now but Pure is now first in terms of having integration into Cisco intersight, so we are first and only to have storage integration of the Cisco intersight so that Cisco and Pure customers can really manage their environment from one console, so a lot of simplicity, just single SaaS interface for managing everything. >> Tom why Pure, why first with them? >> Well you know Nathan he articulated it well, we can look at the executive level, we talked about Charlie, but even, you know all of our Cisco executives but also to the engineering. We started really strong with the field sales teams but even if you look at the little things that our customers notice but a lot of people may not like the internal development of validated design guides, use cases. We churn them out with Pure as our top ecosystem partner, more than anybody and there's a lot of work being done, our customers see that and it's really helped drive our goal to market together it's really a very strong strategy. >> So there's a CVD around this is that right? >> Yeah there's many there's 22 right now and we're churning them out about one or two a quarter. With some vendors we might put out some initially we might do one or two things well, we do a lot of things well I guess you could say we do 22 things well with the CVD's but more than that. >> So this really started in the field if I understand correctly is that right? [Nathan] - Yes. >> So I always look for these deals and say is it a Barney deal, you know Barney deal I love you, you love me. And if there's real engineering going on then you say okay it's beyond a Barney deal. So it starts in the field with what, hey we should you know a customer wants us to work together and then how does the partnership evolve into where you're putting engineering resources and what does that look like? >> I think a lot of it evolves from just showing progress and showing success. If you look at, we just have a lot of common goals and from a portfolio perspective we fill in a lot of each others gaps so that's really where it started was having the success in the field and that drove, we should actually make greater investments in terms of engineering development, those 22 CVD's, the intersight integration, et cetera. >> So we were talking earlier about CI, HCI for audience members who it's kind of nuanced, how do you guys look at the intersection of those two? >> I say it's another better together story, for example we have a recent joint customer win where essentially across their entire SAP landscape we have Cisco hyper flex the HX managing the database portion, we have FlashStack with Pure Storage managing the Hanna portion, and really it all comes down to single console which is intersight. So we're really able to provide the best type of infrastructure for the right workload at the right time but all make it look like one single experience to the customer. >> So from a customer conversation perspective let's go back to you know we've talked about now this exciting new first engineering alignment. Going back to the field where customers have a multitude of workloads, SAP, Oracle, Microsoft, FEEdi, and there's FlashStack like 31 flavors of FlashStack right. What's that conversation like in terms of CI versus HCI when you guys come into play? Obviously FlashStack being I mentioned a number of flavors of that have been around for awhile, how do you help the customers determine what infrastructure is optimal for their workloads and their business objectives? >> You know there's a clear delineation between a hyper convergence, our HX platform, a hyper flex platform, and the converged infrastructure that we have with FlashStacks. If you look at a FlashStack it's an all in one solution, compute, fabric, storage. It's more for tier one apps, something that's you know scalable, something that's a highly dense tier one application. Latency obviously plays into this you know, I'd say it's a little less with the hyper flex platform and hyper convergence, much easier to stand up, much quicker to stand up within a half an hour. It's a storage play it does many of the similar same things but you know we're kind of closing the gap on both of them because even what you would call that smaller platform that started off at more tier one, excuse me tier two and tier three is now moving into the tier one space so. But it's really about scalability, ease of use, some of them are stronger in some markets like maybe a higher enterprise. But we can sell them across anywhere whether it be public sector, commercial, mid market, smaller customers. But they each have use cases that they fit in very well. >> This morning in the key notes we heard a lot about API's, I want to get into Multi Cloud in a second but before I do we talk a lot about infrastructures code, DevOps, we heard a lot about Kubernetes, a little bit about Kubernetes this morning. And the Cisco DevNet I've often said on theCUBE that they're the only large established company that's figured out how to do something for developers. Now does your partnership extend into sort of infrastructures code, how does that all sort of go through? Is DevNet a play here or even on the roadmap? >> Nathan: So from DevNet can you take that one? >> Well I can say yes it is a play, if you take a look at all of our solutions, primarily the compute and the fabric solutions, programmability is really a key function that we have and the customers can go in and they can actually working with our API's, API's that we work with separate with other vendors too that are dedicated to other vendors. It is a key thing and DevNet became to the forefront probably about five years ago and it was really built off of that development effort so that's critical for us going forward here there's a lot that we're doing I know we're going to talk about intersight and some other things where that was a key element of it. >> Yeah so this is important. You were at Cisco Live. >> And Cisco DevNet. >> And we were in the DevNet zone and you remember, you had many many booths, very specialized, then you have CCIE's learning python, learning how to program infrastructure for new use cases, edge comes in. Anything you'd add Nathan to sort of programmability? >> So I think just from day one from Pure Storage just having our restful API interface, having code.purestorage.com we've tried to make it as much automatable as possible, as easy for to really create a community of developers that can create these integrations very quickly, and honestly evidence of that is in intersight itself. How quickly we got that integration happening is because of that restful API interface. We were able to take the kind of AI Ops of Pure One and bring it into intersight, be able to get intersight to talk to Pure Storage very easily because of that strength of API first. >> What do we need to know about intersight? Add some color there, what is it, how's it work, what's the kind of history and how do you guys turn what you're doing in integration into customer value? >> So if I look at, going back to your comments around why converge versus hyper converge, it's often really a story of simplicity right? Customers want something simple for the data center, they know they can get it out in the Cloud but they can't always run their workloads out in the external Cloud. So simplicity is for intersight, no matter what it is, if it's converged or hyper converged, if it's Pure Storage, being able to have single interface to monitor your infrastructure, lifecycle it, to get really specific imagine a VMware administrator is able to in that single console, provision storage from Pure to a UCS server, format it for VMware ESX and VMFS, and in that single console so doesn't have to go to a bunch of different consoles, gets that Cloud like experience and that's what intersight delivers. So you get that simplicity whether its converged or hyper converged with intersight. >> Whether it's in the Cloud, it's the Edge, it's the Branch, Hybrid Cloud, instead of having to manage it I think that Nathan just hit on these single clusters of storage, compute, what have you. These can all be managed from one single console world wide no matter where they sit. >> So I want to talk about Multi Cloud if we can. So if I look at the players in Multi Cloud, the big whales, VMware, Red Hat, Google, Microsoft, and Cisco, you partner with all of those pretty much I think. AWS is not on the list but you figure they're kind of the facto part of the Multi Cloud scene but they're not going after Multi Cloud, Cisco was a relatively new entrant there. You got companies that have a Cloud like Microsoft and Google that want to participate, you've got companies that don't have a Cloud like Cisco that want to participate, where does Pure fit in to that Multi Cloud opportunity and how does it relate to the partnership? >> Well I think where we found a solid partnership with Cisco and Multi Cloud is the same approach to Multi Cloud and that is I'd call it open Multi Cloud. As opposed to having, forcing a single type of hyper visor on one side or a single Cloud, external Cloud on the other side, how do we make certain that our customers can run any app, anywhere? How do we appear and provide the data fabric having the most efficient amenity of fabric out there to kind of get around the data gravity problems of moving workloads, and we do that now with Pure Flash right on premises, Cloud block store out in the Cloud, our ability to Cloud snap to Azure, to AWS, and that's part of the story. The other part of the story is the fabric and the compute. So with ACI anywhere really that compeletes the any workload anywhere story, and keeping it open so it's not just one hyper visor or one Cloud provider on the other side. >> So you be the data plane in that equation, with the management of that data plane, and Cisco is the overall management framework the control plane I guess we could call that. Is that the right way to think about it? >> I'd say part of the control plane and the network fabric as well, and we're part of essentially the consistent data services no matter where you go. So really upleveling for example EBS to an enterprise grade of storage that it wasn't before, now we have something that whether you're on hardware on premises or in the cloud, you can run that monolithic application in places you couldn't do it before. >> So let's look at this in the real world in a customer environment, talk to me about whatever kind of whether it's a bank or an airline or what have you, what are the business benefits that, we'll use delta Airlines as an example, what would they get out of this if they think of all of the things that they need to achieve internally and be able to deliver to their customers? What's that you know TCO, ROI, what are all those sexy things that you guys are delivering? >> So I'd say they get essentially a lot of the barriers to getting the TCO you want for a given workload are based on compatibility. Maybe you want to run it out in Amazon but you can't get it there because it's this massive monolithic gap, the sync would take days, the SLA out there isn't quite what you want. Now being able to provide a consistent experience no matter where that data plane is, you get that choice. You can go and evaluate AWS or Azure and say that's ultimately the right TCO for my application and I know it could run out there because I've essentially standardized my data fabric anywhere, and it's the same story essentially now with ACI anywhere as well. So the ability to keep essentially the fundamental elements of the application, the infrastructure around it consistent no matter where it is, freeze that IT decision maker to put it in the right place. You don't have to be constrained by compatibility anymore. >> So internal operations can be dialed way up which means those folks are free to resources to work on other higher value projects, and the customer on the other end who doesn't know any of this stuff is under the hood is getting what they need when they want it. >> Exactly, yeah you can manage if you look at ACI you can manage the automation of the applications across the network fabric again wherever it may be, and there's robustness there, there's telemetry, there's measurements. So instead of just looking at the application you look at the robustness of that on the network and the network here us absolutely critical, none of this is going to run I think as Nathan hit on that it could be in the Cloud, it could be in the Branch, you still want the same level of performance the SLA, the five nines and that's where the network comes in that's what's critical. >> Well and the security piece as well. >> Absolutely. >> You guys are largely coming at the Multi Cloud from of course the network strength that you have but you've also got a security angle there because you can go deep packet inspection and that's a sweet spot for you guys. >> Tom: Absolutely. >> Talk about security and it's importance and so on. >> Well I think the security I mean one of the big plays that we have with ACI and with Tetration is being able to look in literally billions of packets a second and being able to track and make realtime decisions on any type of threat, threat defense that's built right in. So normally obviously you have firewall and you try to keep everything out but a lot of what will happen a lot of the penetration security hack happens inside. So this is able to look at all of the flows, at every single packet the flow of the application and the information to see if there's a threat in real time. It takes a lot of processing power a lot of storage and a lot of capacity but you know that's a Tetration product and it's a huge play, our security team is actually out selling that in addition to the data center teams. >> So is Wallingford Yankee's country or Red Sox country? >> Oh it's right on the border so I've got my in laws Yankee's, my parents Redsox, so it's very difficult at home. >> You're a Pat's fan of course, did you feel dirty watching the game on Sunday or? >> Tom: No not at all. >> Oh you felt good? >> Maybe 19 and O this year we'll see. >> And you're Switzerland in this whole debate? >> I try to be it's hard. >> Well you know this company is Warrior's so we can talk NBA too. >> You bet! >> There's a really interesting NBA season coming up now. Not so much for our team but. (laughter) >> Lisa: You never know! >> You never know. >> I had to try to be Switzerland too cause I was the West Coaster with the East Coaster boss, you know how it goes. So Tom last question for you, whole bunch of announcements that came out of Pure today as we look at all of the partnerships that Pure has we talked about that, that Cisco has as well, what are some of the things that as a partner as a valued strategic partner, that Cisco hears when they hear Pure talking about delivering everything as a service and what they're doing with AI and dialing up things there, what is Ciscos reaction to that news? >> Well the thing with Pure and it preceded this conference but you know I really heard it with the new announcements and Nate and I we have a lot of things we're going to work with our systems engineers on in the Americas, it's just the innovation which is pretty incredible. You know you kind of have the big four products here but primarily with the Flash arrays the CI platforms, the Flash blades, what's going on with Pure one, that's going to be critical going forward and we have very similar messages with Multi Cloud. We talked about the validated designs, this is really going to lead us to almost like it's kind of funny when you have an innovative partner you can do reboots every year and people don't think you're just throwing work at them or what have you. It's like now we really innovated again, 12, 15 months later we're going to hit this again and come at it. And so Pure is probably one of the only partners we have that type of relationship with. >> Alright well guys thank you so much for joining Dave and me on theCUBE today we appreciate it. We look forward to following the evolution of this Cisco Pure partnership, thanks for your time. >> Thank you. >> Thank you guys. >> For Dave Vellante, I'm Lisa Martin, you're watching theCUBE ya'll from Pure Accelerate in Austin, Texas. (upbeat music)

>> Announcer: Live from Washington, DC it's theCube covering .conf 2017 brought to you by Splunk. >> Welcome back here on theCube the flagship broadcast for Silicon Angle TV, glad to have you here at .conf 2017 along with Dave Vellante, John Walls. We are live in Washington, DC and balmy Washington, DC. It's like 88 here today, really hot. >> It's cooler here than it is in Boston, I here. >> Yeah, right, but we're not used to it this time of year. Brad Medairy now joins us he's an SVP at Booz Allen Hamilton and Brad, thank you for being with us. >> Dave: And another Redskins fan I heard. >> Another Redskins fan. >> It was a big night wasn't it? Sunday night, I mean we haven't had many of those in the last decade or so. >> Yeah, yeah, I became a Redskins fan in 1998 and unfortunately a little late after the three or four superbowls. >> John: That's a long dry spell, yeah. >> Are you guys Nats fans? >> Oh, huge Nats fan, I don't know, how about Brad, I don't want to speak for you. >> I've got a soft spot in my heart for the Nats, what's the story with that team? >> Well, it's just been post-season disappointment, but this year. >> This is the year. >> This is the year, although-- >> Hey, if the Redsox and the Cubs can do it. >> I hate to go down the path, but Geos worry me a little bit, but we can talk about it offline. >> Brad: Yeah, let's not talk about DC Sports. >> Three out of five outings now have not been very good, but anyway let's take care of what we can. Cyber, let's talk a little cyber here. I guess that's your expertise, so pretty calm, nothing going on these days, right? >> It's a boring field, you know? Boring field, yeah. >> A piece of cake. So you've got clients private sector, public sector, what's kind of the cross-pollination there? I mean, what are there mutual concerns, and what do you see from them in terms of common threats? >> Yeah, so at Booz Allen we support both federal and commercial clients, and we have a long history in cyber security kind of with deep roots in the defense and the intelligence community, and have been in the space for years. What's interesting is I kind of straddle both sides of the fence from a commercial and a federal perspective, and the commercial side, some of the major breaches really force a lot of these organizations to quickly get religion, and early on everything was very compliance driven and now it's much more proactive and the need to be much more both efficient and effective. The federal space is, I think in many cases, catching up, and so I've done a lot of work across .mil and there's been a lot of investment across .mil, and very secure, .gov, you know, is still probably a fast follower, and one of the things that we're doing is bringing a lot of commercial best practices into the government space and the government's quickly moving from a compliance-based approach to cyber security to much more proactive, proactive defense. >> Can you get, it's almost like a glacier sometimes, right, I mean there's a legacy mindset, in a way, that government does it's business, but I would assume that events over the past year or two have really prompted them along a little bit more. >> I mean there's definitely been some highly publicized events around breaches across .gov, and I think there's a lot of really progressive programs out there that are working to quickly you know, remediate a lot of these issues. One of the programs we're involved in is something called CDM that's run out of DHS, Continuous Diagnostic and Mitigation, and it's a program really designed to up-armor .gov, you know to increase situational awareness and provide much more proactive reporting so that you can get real-time information around events and postures of the network, so I think there's a lot of exciting activities and I think DHS and partnership with the federal agencies is really kind of spearheading that. >> So if we can just sort of lay out the situation in the commercial world and see how it compares to what's going on in gov. Product creep, right, there's dozens and dozens and dozens of products that have been installed, security teams are just sort of overwhelmed, overworked, response is too slow, I've seen data from, whatever, 190 days to 350 days, to identify an infiltration, nevermind remediate it, and so, it's a challenge, so what's happening in your world and how can you guys help? >> Yeah, you know it's funny, I love going out to the RSA conference and, you know, I watch a lot of folks in the space, walking around with a shopping cart and they meet all these great vendors and they have all these shiny pebbles and they walk away with the silver bullet, right, and so if they implement this tool or technology, they're done, right? And I think we all know, that's not the case, and so over the years I think that we've seen a lot of, a lot of organizations, both federal and commercial, try to solve a lot of the problems through, you know, new technology solutions, whether it's the next best intrusion detection, or if it's endpoint, you know, the rage now is EDR, MDR, and so, but the problem is at the end of the day, the adversaries live in the seams, and in the world that I grew up in focused a lot around counter-terrorism. We took a data-centric approach to finding advanced adversaries, and one of the reasons that the Booz Allen has strategically partnered with Splunk is we believe that, you know, in a data-centric approach to cyber, and Splunk as a platform allows us to quickly integrate data, independent of the tools because the other thing with these tool ecosystems is all these tools work really well within their own ecosystem, but as soon as you start to mix and match best of breed tools and capabilities, they tend to not play well together. And so we use Splunk as that integration hub to bring together the data that allows us to bring our advanced trade-craft and tech-craft around hunting, understanding of the adversaries to be able to fuse that data and do advanced detection and help our clients be a lot more proactive. >> So cyber foresight is the service that you lead with? >> Yeah, you know, one of the things, having a company that's been, Booz Allen I think now is 103 years old, with obvious deep roots in the federal government, and so we have a pedigree in defense and intelligence, and we have a lot of amazing analysts, a lot of amazing, what we call, tech-craft, and what we did was, this was many many years ago, and we're probably one of the best kept secrets in threat intelligence, but after maybe five or six years ago when you started to see a lot of the public breaches in the financial services industry, a lot of the financial service clients came to us and said, "Hey, Booz Allen, you guys understand the threat, you understand actors, you understand TTPs, help educate us around what these adversaries are doing. Why are they doing it, how are they doing it, and how can we get out in front of it?" So the question has always been, you know, how can we be more proactive? And so we started a capability that we, or we developed a capability called cyber foresight where we provided some of our human intelligence analysts and applied them to open-source data and we were providing threat intelligence as a service. And what's funny is today you see a lot of the cyber threat intelligence landscape is fairly crowded, when I talk to clients they affectionately refer to people that provide threat intelligence as beltway book reporters, which I love. (laughter) But for us, you know, we've lived in that space for so many years we have the analysts, the scale, the tradecraft, the tools, the technologies, and we feel that we're really well positioned to be able to provide clients with the insights. You know, early on when we were working heavily in the financial services sector, the biggest challenge a lot of our clients had in threat intelligence was, what do I do with it? Okay, so you're going to send me, what we call a Spot Report, and so hey we know this nation-state actor with this advanced set of TTPs is targeting my organization, so what, right? I'm the CISO, I'm the CIO, should I resign? Should I jump out the window? (laughter) What do I do? I know these guys are coming after me, how do I actually operationalize that? And so what we've spent a lot of time thinking about and investing in is how to operationalize threat intelligence, and when we started, you kind of think of it as a pitcher and a catcher, right? You know, so the threat intelligence provider throws those insights, but the receiver needs to be able to catch that information, be able to put it in context, process it, and then operationalize it, implement it within their enterprise to be able to stop those advanced threats. And so one of the reasons that we gravitated toward Splunk, Splunk is a platform, Splunk is becoming really, in our mind, one of the defacto repositories for IT and cyber data across our client space, so when you take that, all those insights that Splunk has around the cyber posture and the infrastructure of an enterprise, and you overlay the threat intelligence with that, it gives us the ability to be able to quickly operationalize that intelligence, and so what does that mean? So, you know, when a security operator is sitting at a console, they're drowning in data, and, you know, analysts, we've investigated tons of commercial breaches and in most cases what we see is the analyst, at some point, had a blinking red light on their screen that was an indicator of that particular breach. The problem is, how do you filter through the noise? That's a problem that this whole industry, it's a signal to noise ratio issue. >> So you guys bring humans to that equation, human intelligence meets analytics and machine intelligence, and your adversary has evolved, and I wonder if you can talk about that, it's gone from sort of hacktivists to organized crime and nation-states, so they've become much more sophisticated. How have the humans sort of evolved as well that your bridge to bear? >> Yeah, I mean certainly the bear to entry is lower, and so now we're seeing ransomware as a service, we're seeing attacks on industrial control systems, on IOT devices, you know, financial services now is extremely concerned about building control systems because if you can compromise and build a control system you can get into potentially laterally move into the enterprise network. And so our analysts now not only are traditional intelligence analysts that understand adversaries and TTPs, but they also need to be technologists, they need to have reverse engineering experience, they need to be malware analysts, they need to be able to look at attack factors in TTPs to be able to put all the stuff in context, and again it goes back to being able to operationalize this intelligence to get value out of it quickly. >> They need to have imaginations, right? I mean thinking like the bad guys, I guess. >> Yeah, I mean we spend a lot of time, we've started up a new capability called Dark Labs and it's our way to be able to unlock some of those folks that think like bad guys and be able to unleash them to look at the world through a different lens, and be able to help provide clients insights into attack factors, new TTPs, and it's fascinating to watch those teams work. >> How does social media come into play here? Or is that a problem at all, or is that a consideration for you at all? >> Well, you know, when we look at a lot of attacks, what's kind of interesting with the space now is you look at nation-state and nation-state activists and they have sophisticated TTPs. In general they don't have to use them. Nation-states haven't even pulled out their quote "good stuff" yet because right now, for the most part they go with low-hanging fruit, low-hanging fruit being-- >> Just pushing the door open, right? >> Yeah, I mean, why try to crash through the wall when you can just, you know, the door's not locked? And so, you know, when you talk about things like social media whether it's phishing, whether it's malware injected in images, or on Facebook, or Twitter, you know, the majority of tacts are either driven through people, or driven through just unpatched systems. And so, you know, it's kind of cliche, but it really starts with policies, training of the people in your organization, but then also putting some more proactive monitoring in place to be able to kind of start to detect some of those more advanced signatures for some of the stuff that's happening in social media. >> It's like having the best security system in the world, but you left your front door unlocked. >> That's right, that's right. >> So I wonder if, Brad, I don't know how much you can say, but I wonder if you could comment just generally, like you said, we haven't seen their best pitch yet, we had Robert Gates on, and when I was interviewing him he said, "You know, we have great offensive posture and security, but we have to be super careful how we use it because when it comes to critical infrastructure we have the most to lose." And when you think about the sort of aftermath of Stuxnet, when basically the Iranians said hey we can do this too, what's the general sort of philosophy inside the beltway around offense versus defense? >> You know, I think from, that's a great question. From an offensive cyber perspective I think where the industry is going is how do you take offensive tradecraft and apply it to defensive? And so by that I mean, think about we take folks that have experience thinking like a bad guy, but unleash them in a security operation center to do things like advanced hunting, and so what they'll do is take large sets of data and start doing hypothesis driven analytics where they'll be able to kind of think like a bad guy and then they'll have developers or techies next to them building different types of analytics to try to take their mind and put it into an analytic that you can run over a set of data to see, hey, is there an actor on your network performing like that? And so I think we see in the space now a lot of focus around hunting and red teaming, and I think that's kind of the industry's way of trying to take some of that offensive mentality, but then apply it on the defensive side. >> Dave: It just acts like kind of Navy Seal operations in security. >> Right, right, yeah. I mean the challenge is there's a finite set of people in the world that really, truly have that level of tradecraft so the question is, how do you actually deliver that at any level of scale that can make a difference across this broader industry. >> So it's the quantity of those skill sets, and they always say that the amazing thing, again I come back to Stuxnet, was that the code was perfect. >> Brad: Yeah. >> The antivirus guy said, "We've never seen anything like that where the code is just perfect." And you're saying it's just a quantity of skills that enables that, that's how you know it's nation-state, obviously, something like that. >> Yeah, I mean the level of expertise, the skill set, the time it take to be able to mature that tradecraft is many many years, and so I think that when we can crack the bubble of how we can take that expertise, deliver it in a defensive way to provide unique insights that, and do that at scale because just taking one of those folks into an organization doesn't help the whole, right? How can you actually kind of operationalize that to be able to deliver that treadecraft through things like analytics as a service, through manage, detection, and response, at scale so that one person can influence many many organizations at one time. >> And, just before we go, so cyber foresight is available today, it's something you're going to market with. >> Yeah, we just partnered with Splunk, it's available as a part of Splunk ES, it's an add-on, and it provides our analysts the ability to provide insights and be able to operationalize that within Splunk, we're super excited about it and it's been a great partnership with Splunk and their ES team. >> Dave: So you guys are going to market together on this one. >> We are partnered, we're going to market together, and delivering the best of our tradecraft and our intelligence analysts with their platform and product. >> Dave: Alright, good luck with it. >> Hey, thank you, thank you very much, guys. >> Good pair, that's for sure, yeah. Thank you, Brad, for being with us here, and Monday night, let's see how it goes, right? >> Yeah, I'm optimistic. >> Very good, alright. Coach Brad Medairy joining us with his rundown on what's happening at Booz Allen. Back with more here on theCube, you're watching live .conf 2017.