(intro upbeat music) >> Hello everyone and welcome to our continued coverage of AWS re:Invent here on theCUBE. My name is Savannah Peterson and I am very excited about the conversation coming up. Not only are we joined by two brilliant minds in the cloud, one of them happens to be a CUBE alumni. Please welcome Mike from AMD and Ali from Dropbox. Ali, welcome back to the show, how you been? >> Thanks Savannah. I'm doing great and really excited to be back on theCUBE. It was great discussion last time and really excited for both re:Invent and also to see how this video turns out. >> Hey, that makes two of us and probably three of us. How are you doing today, Mike? >> Doing great. It's really nice to be getting back to in-person events again and to be out solving problems with customers and partners like Dropbox. >> I know, isn't it? We've all missed each other. Was a lonely couple of years. Mike, I'm going to open it up with you. I'm sure a lot of people are curious. What's new at AMD? >> Well, there's a lot that's new at AMD, so I'll share a subset of what's new and what we've been working on. We've expanded our global coverage in Amazon EC2 with new regions and instance types. So users can deploy any application pretty much anywhere AWS has a presence. Our partner ecosystems for solutions and services has expanded quite a bit. We're currently focused on enabling partners and solutions that focus on cloud cost optimization, modernizing infrastructure, and pushing performance to the limit, especially for HPC. But the biggest buzz, of course, is around AMD's new fourth generation of our EPYC CPU Genoa. It's the world's fastest data center CPU with transformative energy efficiency and that's a really interesting combination, highest performance and most efficient. So on launch day, AWS announced their plans to roll out AMD EPYC Genoa processor-based EC2 instances. So we're pretty excited about that and that's what we'll be working on in the near term. >> Wow, that's a big deal and certainly not a casual announcement. Obviously, power and efficiency hot topics here at re:Invent but also looking at the greater impact on the planet is a big conversation we've been having here as well. So this is exciting and timely and congratulations to you and the team on all that seems to be going on. Ali, what's going on at Dropbox? >> Yeah, thanks Savannah. The Q3 2022 was actually a very strong quarter for Dropbox during a very difficult macroeconomic backdrop. Our focus has continued to be on innovation and this is around both new products and also driving multi-product adoption which is paying a lot of dividends for us, so essentially, bringing products like Dropbox Sign, DocSend, Capture, and other exciting products to our customers. On the infra side, it's all about how do we scale our infrastructure to meet the business needs, right? How do we keep up with the accelerated growth during the pandemic and also leveraging both AMD and AWS for investments in our public cloud? >> Let's talk about the cloud a bit. You are both cloud experts and I'm glad that you brought that up. We'll keep it there with Ali. When, why, and how should users leverage public cloud? >> Yeah, so Dropbox is hybrid cloud which means we are running applications both in private and public cloud and within a unique position to leverage the best of both worlds. And Savannah, this is a decision we continue to reevaluate on a regular basis. And there are really three key factors that come into play here. First is scale and scale, are we operating at a scale where customization is cost-efficient for us? Next is uniqueness. Is our workload unique compared to what the public cloud supports? And lastly, innovation. Do we have the expertise to innovate faster than public cloud or not? So based on these three key factors, we try and balance all of them and then come up with the best option for us at Dropbox. And kind of elaborating over here, things like international storage, we're leveraging public cloud, things like AI and ML, we're leveraging public cloud, but when we talk about Magic Pocket, which is our multi-exabyte storage system, that has the scale which is why we are doing that on our own private cloud. >> Wow, I think you just gave everybody a fantastic framework for thinking about their decision matrix there if nothing else. Mike, is there anything that you'd like to add to that? Anything that AMD considers when contemplating public cloud versus private? >> Yeah, so there's really three main drivers that I see when users consider when, why, and how should they leverage public cloud. Three main drivers: establishing a global footprint, accelerating product release cycles, and efficiently rightsizing infrastructure. So customers looking to establish a global footprint often turn to public cloud deployments to quickly reach their clients in workforces around the world, most importantly with minimal capital expense. I understand Dropbox uses public cloud to establish their global presence scaling out from their core data centers in North America. And then a lot of industries have tremendous pressure to accelerate product release cycles. With public cloud, organizations can immediately deploy new applications without a long site and hardware acquisition cycle and then the associated ongoing maintenance and operational overhead. And the third thing is customers that need to rightsize and dynamically scale their infrastructure and application deployments are drawn to public cloud, for example, customers that have cyclical compute or application load peaks can efficiently deploy in the cloud without overdeploying their on-prem infrastructure for most of the year which is off-peak during those off-peak times. That infrastructure idle time is a waste of resources and OPEX. So scalable rightsizing draws a lot of users to cloud deployment. >> Yeah, wow. I think there's a lot of factors to consider but also it seems like a pretty streamlined process for navigating that or at least you two both made it sound that way. Another hot topic in the space right now is security. Mike, let's start with you a little bit. What are the most important security issues for AMD right now that you can talk about? >> Yeah, sure. So, well, first of all, AWS provides a wide variety of really good security services to protect customers that are working in the cloud. Like from a processor technology perspective, there's three main security aspects to consider, two of which are common practice today and one of which AMD brings significant differentiation and value. The first two are protecting data at rest and data in transit. And these two are part of the prevalent security models of today where AMD provides distinct value and differentiation is in protecting data in use. So EPYC Milan and Genoa processors support a function called SEV-SNP and this enables users to reside and their applications to reside within their own cryptographic context and environment with data integrity protection to accomplish what's called comprehensive confidential computing. Ethics confidential computing solution is hardware-based. So it's easy to leverage, there's no code rewrite required unlike comparable solutions that are software-based that require recoding to a proprietary SDK and come with a significant performance trade-off. So with EPYC processors, you can protect your data at rest, in transit, and most importantly, in use. >> Everybody needs to protect their data everywhere it is. So I love that. That's fantastic to hear and I'm sure gives your customers a lot of confidence. What about over at Dropbox? What security issues are you facing, Ali? >> Yeah, so the first company value at Dropbox is actually being worthy of trust, and what this really means from a security perspective is how do we keep all of our users content safe? And this means keeping everything down to all of the infrastructure hardware secure. So partnering with AMD, which is one of our strongest partners out there, the new security features that AMD have and the hardware are critical for us and we are able to take advantage of some of these best security practices within our compute infrastructure by leveraging AMD's secure ship architecture. >> How important, you just touched on it a little bit, and I want to ask, how important are partnerships like the one you have with each other as you innovate at scale? Ali, you're nodding, I'm going to go to you first. >> Yeah, so like I mentioned, the partnership with with AMD is one of the strongest that we have and it just goes beyond like a regular partnership where it's just buy and sell. We talk about technology together, we talk about innovation together, we talk about partnership together, and for us, as I look look at our hybrid cloud strategy, we would not be able to get the benefits in terms of efficiency, scale, or liability performance without having a strong partner like AMD. >> That's awesome. Mike, anything you want to add there? >> I'd reiterate some of what Ali had to say. One of my favorite parts about my job is getting together with partners and customers to figure out how to optimize their applications and deployments around the world to get the most efficient use of the cloud infrastructure for servers that are based on AMD technology. In many cases, we can find 10% or better performance or cost optimization by working closely with partners like Dropbox. And then in addition, if we keep in lock step together to look at what's coming on the roadmap, by the time the latest and greatest technology is finally deployed, our customers and our partners are ready to take advantage of it. So that's the fun part of the job and I really appreciate the Dropbox's cooperation, optimizing their infrastructure, and using AMD products >> Well, what a synergistic relationship of mutual admiration and support. We love to hear it here in the tech world. Mike, last question for you. What's next for AMD? >> Well, heading into 2023, considering the current challenge macroeconomic environment and geopolitical instability, doing more with less will be top of mind for many CFOs and CEOs in 2023. And AMD can help accomplish that. AMD's EPYC processors, leadership performance, and lower EC2 retail costs can help users reduce costs without impacting performance, or the flip side of that, they can scale capacity without increasing costs. And because of EPYC's higher core counts, really high core density, applications can be deployed with fewer servers or smaller instances that has both economic and environmental benefits that reduce usage costs as well as environmental impacts. And that allows customers to optimize their application and infrastructure spend. And then the second thing that I've seen over the last couple of years and I see this trajectory continuing is increased geographic distribution of our colleagues and workforces is here to stay, people work from everywhere. In modern cross platform, collaboration platforms, that bring teams, tools, and content together have a really important role to play to enable that new, more flexible style of working. And those tools need to be really agile and easy to use. I think Dropbox is really well positioned to enable this new style of working. AMD's really happy to work closely with Dropbox to enable these modern work styles, both on premises, hybrid, and fully in the public cloud. >> Well, it sounds like a very exciting and optimistically, bright future for you all at AMD. We love to hear that here at theCUBE. Ali, what about you? What is 2023 going to hold for Dropbox? >> Yeah, so I think we're going to continue on this journey of transformation where our focus is on new products and also multi-product adoption. And from a cloud perspective, how do we continue to evolve our hybrid cloud so that we remain a competitive advantage for our business and also for our customers? I think right now, Savannah, we're in a very unique position to utilize some of the best AMD technology that's out there and that's both on premise and in the cloud. Some of the AMD Epic processors delivered the performance that we need for our hybrid cloud and we want to continue to leverage these also in public cloud which is the EC2 instances that are powered by AMD in the long run. So overall, Dropbox is looking forward to continue to evaluate some of the AMD's Genoa CPUs that are coming out but also want to continue to grow our EC2 footprint powered by AMD in the long run. >> Fantastic. Well, it sounds like this second showing here on theCUBE is just the tee up for your third and we'll definitely have to have Mike back on for the second time around to hear how things are going. Thank you both so much for taking the time today to join me here. Mike and Ali, it was fantastic getting to chat to you and thank you to our audience for tuning into theCUBE's special coverage of AWS re:Invent. My name's Savannah Peterson and I hope we can learn together soon. (outro upbeat music)

(gentle music) >> Hello and welcome today's session theCUBE presentation of AWS Startup Showcase powered by theCUBE, I'm John Furrier, for your host of theCUBE. This is a session on breaking through with DevOps data analytics tools, cloud management tools with MontyCloud and cloud management migration, I'm your host. Thanks for joining me, I've got two great guests. Venkat Krishnamachari who's the co-founder and CEO of MontyCloud and Shruthi Sreenivasa Murthy, solution architect research computing group St. Louis University. Thanks for coming on to talk about transforming IT, day one day two operations. Venkat, great to see you. >> Great to see you again, John. So in this session, I really want to get into this cloud powerhouse theme you guys were talking about before on our previous Cube Conversations and what it means for customers, because there is a real market shift happening here. And I want to get your thoughts on what solution to the problem is basically, that you guys are targeting. >> Yeah, John, cloud migration is happening rapidly. Not an option. It is the current and the immediate future of many IT departments and any type of computing workloads. And applications and services these days are better served by cloud adoption. This rapid acceleration is where we are seeing a lot of challenges and we've been helping customers with our platform so they can go focus on their business. So happy to talk more about this. >> Yeah and Shruthi if you can just explain your relationship with these guys, because you're a cloud architect, you can try to put this together. MontyCloud is your customer, talk about your solution. >> Yeah I work at the St. Louis University as the solutions architect for the office of Vice President of Research. We can address St. Louis University as SLU, just to keep it easy. SLU is a 200-year-old university with more focus on research. And our goal at the Research Computing Group is to help researchers by providing the right infrastructure and computing capabilities that help them to advance their research. So here in SLU research portfolio, it's quite diverse, right? So we do research on vaccines, economics, geospatial intelligence, and many other really interesting areas, and you know, it involves really large data sets. So one of the research computing groups' ambitious plan is to move as many high-end computation applications from on-prem to the AWS. And I lead all the cloud initiatives for the St. Louis university. >> Yeah Venkat and I, we've been talking, many times on theCUBE, previous interviews about, you know, the rapid agility that's happening with serverless and functions, and, you know, microservices start to see massive acceleration of how fast cloud apps are being built. It's put a lot of pressure on companies to hang on and manage all this. And whether you're a security group was trying to lock down something, or it's just, it's so fast, the cloud development scene is really fun and you're implementing it at a large scale. What's it like these days from a development standpoint? You've got all this greatness in the cloud. What's the DevOps mindset right now? >> SLU is slowly evolving itself as the AWS Center of Excellence here in St. Louis. And most of the workflows that we are trying to implement on AWS and DevOps and, you know, CICD Pipelines. And basically we want it ready and updated for the researchers where they can use it and not have to wait on any of the resources. So it has a lot of importance. >> Research as code, it's like the internet, infrastructure as code is DevOps' ethos. Venkat, let's get into where this all leads to because you're seeing a culture shift in companies as they start to realize if they don't move fast, and the blockers that get in the way of the innovation, you really can't get your arms around this growth as an opportunity to operationalize all the new technology, could you talk about the transformation goals that are going on with your customer base. What's going on in the market? Can you explain and unpack the high level market around what you guys are doing? >> Sure thing, John. Let's bring up the slide one. So they have some content that Act-On tabs. John, every legal application, commercial application, even internal IT departments, they're all transforming fast. Speed has never been more important in the era we are today. For example, COVID research, you know, analyzing massive data sets to come up with some recommendations. They don't demand a lot from the IT departments so that researchers and developers can move fast. And I need departments that are not only moving current workloads to the cloud they're also ensuring the cloud is being consumed the right way. So researchers can focus on what they do best, what we win, learning and working closely with customers and gathering is that there are three steps or three major, you know, milestone that we like to achieve. I would start the outcome, right? That the important milestone IT departments are trying to get to is transforming such that they're directly tied to the key business objectives. Everything they do has to be connected to the business objective, which means the time and you know, budget and everything's aligned towards what they want to deliver. IT departments we talk with have one common goal. They want to be experts in cloud operations. They want to deliver cloud operations excellence so that researchers and developers can move fast. But they're almost always under the, you know, they're time poor, right? And there is budget gaps and that is talent and tooling gap. A lot of that is what's causing the, you know, challenges on their path to journey. And we have taken a methodical and deliberate position in helping them get there. >> Shruthi hows your reaction to that? Because, I mean, you want it faster, cheaper, better than before. You don't want to have all the operational management hassles. You mentioned that you guys want to do this turnkey. Is that the use case that you're going after? Just research kind of being researchers having the access at their fingertips, all these resources? What's the mindset there, what's your expectation? >> Well, one of the main expectations is to be able to deliver it to the researchers as demand and need and, you know, moving from a traditional on-prem HBC to cloud would definitely help because, you know, we are able to give the right resources to the researchers and able to deliver projects in a timely manner, and, you know, with some additional help from MontyCloud data platform, we are able to do it even better. >> Yeah I like the onboarding thing and to get an easy and you get value quickly, that's the cloud business model. Let's unpack the platform, let's go into the hood. Venkat let's, if you can take us through the, some of the moving parts under the platform, then as you guys have it's up at the high level, the market's obvious for everyone out there watching Cloud ops, speed, stablism. But let's go look at the platform. Let's unpack that, do you mind pick up on slide two and let's go look at the what's going on in the platform. >> Sure. Let's talk about what comes out of the platform, right? They are directly tied to what the customers would like to have, right? Customers would like to fast track their day one activities. Solution architects, such as Shruthi, their role is to try and help get out of the way of the researchers, but we ubiquitous around delegating cloud solutions, right? Our platform acts like a seasoned cloud architect. It's as if you've instantly turned on a cloud solution architect that should, they can bring online and say, Hey, I want help here to go faster. Our lab then has capabilities that help customers provision a set of governance contracts, drive consumption in the right way. One of the key things about driving consumption the right way is to ensure that we prevent a security cost or compliance issues from happening in the first place, which means you're shifting a lot of the operational burden to left and make sure that when provisioning happens, you have a guard rails in place, we help with that, the platform solves a problem without writing code. And an important takeaway here, John is that a was built for architects and administrators who want to move fast without having to write a ton of code. And it is also a platform that they can bring online, autonomous bots that can solve problems. For example, when it comes to post provisioning, everybody is in the business of ensuring security because it's a shared model. Everybody has to keep an eye on compliance, that is also a shared responsibility, so is cost optimization. So we thought wouldn't it be awesome to have architects such as Shruthi turn on a compliance bot on the platform that gives them the peace of mind that somebody else and an autonomous bot is watching our 24 by 7 and make sure that these day two operations don't throw curve balls at them, right? That's important for agility. So platform solves that problem with an automation approach. Going forward on an ongoing basis, right, the operation burden is what gets IT departments. We've seen that happen repeatedly. Like IT department, you know, you know this, John, maybe you have some thoughts on this. You know, you know, if you have some comments on how IT can face this, then maybe that's better to hear from you. >> No, well first I want to unpack that platform because I think one of the advantages I see here and that people are talking about in the industry is not only is the technology's collision colliding between the security postures and rapid cloud development, because DevOps and cloud, folks, are moving super fast. They want things done at the point of coding and CICB pipeline, as well as any kind of changes, they want it fast, not weeks. They don't want to have someone blocking it like a security team, so automation with the compliance is beautiful because now the security teams can provide policies. Those policies can then go right into your platform. And then everyone's got the rules of the road and then anything that comes up gets managed through the policy. So I think this is a big trend that nobody's talking about because this allows the cloud to go faster. What's your reaction to that? Do you agree? >> No, precisely right. I'll let Shurthi jump on that, yeah. >> Yeah, you know, I just wanted to bring up one of the case studies that we read on cloud and use their compliance bot. So REDCap, the Research Electronic Data Capture also known as REDCap is a web application. It's a HIPAA web application. And while the flagship projects for the research group at SLU. REDCap was running on traditional on-prem infrastructure, so maintaining the servers and updating the application to its latest version was definitely a challenge. And also granting access to the researchers had long lead times because of the rules and security protocols in place. So we wanted to be able to build a secure and reliable enrollment on the cloud where we could just provision on demand and in turn ease the job of updating the application to its latest version without disturbing the production environment. Because this is a really important application, most of the doctors and researchers at St. Louis University and the School of Medicine and St. Louis University Hospital users. So given this challenge, we wanted to bring in MontyCloud's cloud ops and, you know, security expertise to simplify the provisioning. And that's when we implemented this compliance bot. Once it is implemented, it's pretty easy to understand, you know, what is compliant, what is noncompliant with the HIPAA standards and where it needs an remediation efforts and what we need to do. And again, that can also be automated. It's nice and simple, and you don't need a lot of cloud expertise to go through the compliance bot and come up with your remediation plan. >> What's the change in the outcome in terms of the speed turnaround time, the before and after? So before you're dealing with obviously provisioning stuff and lead time, but just a compliance closed loop, just to ask a question, do we have, you know, just, I mean, there's a lot of manual and also some, maybe some workflows in there, but not as not as cool as an instant bot that solve yes or no decision. And after MontyCloud, what are some of the times, can you share any data there just doing an order of magnitude. >> Yeah, definitely. So the provisioning was never simpler, I mean, we are able to provision with just one or two clicks, and then we have a better governance guardrail, like Venkat says, and I think, you know, to give you a specific data, it, the compliance bot does about more than 160 checks and it's all automated, so when it comes to security, definitely we have been able to save a lot of effort on that. And I can tell you that our researchers are able to be 40% more productive with the infrastructure. And our research computing group is able to kind of save the time and, you know, the security measures and the remediation efforts, because we get customized alerts and notifications and you just need to go in and, you know. >> So people are happier, right? People are getting along at the office or virtually, you know, no one is yelling at each other on Slack, hey, where's? Cause that's really the harmony here then, okay. This is like a, I'm joking aside. This is a real cultural issue between speed of innovation and the, what could be viewed as a block, or just the time that say security teams or other teams might want to get back to you, make sure things are compliant. So that could slow things down, that tension is real and there's some disconnects within companies. >> Yeah John, that's spot on, and that means we have to do a better job, not only solving the traditional problems and make them simple, but for the modern work culture of integrations. You know, it's not uncommon like you cut out for researchers and architects to talk in a Slack channel often. You say, Hey, I need this resource, or I want to reconfigure this. How do we make that collaboration better? How do you make the platform intelligent so that the platform can take off some of the burden off of people so that the platform can monitor, react, notify in a Slack channel, or if you should, the administrator say, Hey, next time, this happens automatically go create a ticket for me. If it happens next time in this environment automatically go run a playbook, that remediates it. That gives a lot of time back that puts a peace of mind and the process that an operating model that you have inherited and you're trying to deliver excellence and has more help, particularly because it is very dynamic footprint. >> Yeah, I think this whole guard rail thing is a really big deal, I think it's like a feature, but it's a super important outcome because if you can have policies that map into these bots that can check rules really fast, then developers will have the freedom to drive as fast as they want, and literally go hard and then shift left and do the coding and do all their stuff on the hygiene side from the day, one on security is really a big deal. Can we go back to this slide again for the other project? There's another project on that slide. You talked about RED, was it REDCap, was that one? >> Yeah. Yeah, so REDCap, what's the other project. >> So SCAER, the Sinfield Center for Applied Economic Research at SLU is also known as SCAER. They're pretty data intensive, and they're into some really sophisticated research. The Center gets daily dumps of sensitive geo data sensitive de-identified geo data from various sources, and it's a terabyte so every day, becomes petabytes. So you know, we don't get the data in workable formats for the researchers to analyze. So the first process is to convert this data into a workable format and keep an analysis ready and doing this at a large scale has many challenges. So we had to make this data available to a group of users too, and some external collaborators with ads, you know, more challenges again, because we also have to do this without compromising on the security. So to handle these large size data, we had to deploy compute heavy instances, such as, you know, R5, 12xLarge, multiple 12xLarge instances, and optimizing the cost and the resources deployed on the cloud again was a huge challenge. So that's when we had to take MontyCloud help in automating the whole process of ingesting the data into the infrastructure and then converting them into a workable format. And this was all automated. And after automating most of the efforts, we were able to bring down the data processing time from two weeks or more to three days, which really helped the researchers. So MontyCloud's data platform also helped us with automating the risk, you know, the resource optimization process and that in turn helped bring the costs down, so it's been pretty helpful then. >> That's impressive weeks to days, I mean, this is the theme Venkat speed, speed, speed, hybrid, hybrid. A lot of stuff happening. I mean, this is the new normal, this is going to make companies more productive if they can get the apps built faster. What do you see as the CEO and founder of the company you're out there, you know, you're forging new ground with this great product. What do you see as the blockers from customers? Is it cultural, is it lack of awareness? Why aren't people jumping all over this? >> Only people aren't, right. They go at it in so many different ways that, you know, ultimately be the one person IT team or massively well-funded IT team. Everybody wants to Excel at what they're delivering in cloud operations, the path to that as what, the challenging part, right? What are you seeing as customers are trying to build their own operating model and they're writing custom code, then that's a lot of need for provisioning, governance, security, compliance, and monitoring. So they start integrating point tools, then suddenly IT department is now having a, what they call a tax, right? They have to maintain the technical debt while cloud service moving fast. It's not uncommon for one of the developers or one of the projects to suddenly consume a brand new resource. And as you know, AWS throws up a lot more services every month, right? So suddenly you're not keeping up with that service. So what we've been able to look at this from a point of view of how do we get customers to focus on what they want to do and automate things that we can help them with? >> Let me, let me rephrase the question if you don't mind. Cause I I didn't want to give the impression that you guys aren't, you guys have a great solution, but I think when I see enterprises, you know, they're transforming, right? So it's not so much the cloud innovators, like you guys, it's really that it's like the mainstream enterprise, so I have to ask you from a customer standpoint, what's some of the cultural things are technical reasons why they're not going faster? Cause everyone's, maybe it's the pandemic's forcing projects to be double down on, or some are going to be cut, this common theme of making things available faster, cheaper, stronger, more secure is what cloud does. What are some of the enterprise challenges that they have? >> Yeah, you know, it might be money for right, there's some cultural challenges like Andy Jassy or sometimes it's leadership, right? You want top down leadership that takes a deterministic step towards transformation, then adequately funding the team with the right skills and the tools, a lot of that plays into it. And there's inertia typically in an existing process. And when you go to cloud, you can do 10X better, people see that it doesn't always percolate down to how you get there. So those challenges are compounded and digital transformation leaders have to, you know, make that deliberate back there, be more KPI-driven. One of the things we are seeing in companies that do well is that the leadership decides that here are our top business objectives and KPIs. Now if we want the software and the services and the cloud division to support those objectives when they take that approach, transformation happens. But that is a lot more easier said than done. >> Well you're making it really easy with your solution. And we've done multiple interviews. I've got to say you're really onto something really with this provisioning and the compliance bots. That's really strong, that the only goes stronger from there, with the trends with security being built in. Shruthi, got to ask you since you're the customer, what's it like working with MontyCloud? It sounds so awesome, you're customer, you're using it. What's your review, what's your- What's your, what's your take on them? >> Yeah they are doing a pretty good job in helping us automate most of our workflows. And when it comes to keeping a tab on the resources, the utilization of the resources, so we can keep a tab on the cost in turn, you know, their compliance bots, their cost optimization tab. It's pretty helpful. >> Yeah well you're knocking projects down from three weeks to days, looking good, I mean, looking real strong. Venkat this is the track record you want to see with successful projects. Take a minute to explain what else is going on with MontyCloud. Other use cases that you see that are really primed for MontyCloud's platform. >> Yeah, John, quick minute there. Autonomous cloud operations is the goal. It's never done, right? It there's always some work that you hands-on do. But if you set a goal such that customers need to have a solution that automates most of the routine operations, then they can focus on the business. So we are going to relentlessly focused on the fact that autonomous operations will have the digital transformation happen faster, and we can create a lot more value for customers if they deliver to their KPIs and objectives. So our investments in the platform are going more towards that. Today we already have a fully automated compliance bot, a security bot, a cost optimization recommendation engine, a provisioning and governance engine, where we're going is we are enhancing all of this and providing customers lot more fluidity in how they can use our platform Click to perform your routine operations, Click to set up rules based automatic escalation or remediation. Cut down the number of hops a particular process will take and foster collaboration. All of this is what our platform is going and enhancing more and more. We intend to learn more from our customers and deliver better for them as we move forward. >> That's a good business model, make things easier, reduce the steps it takes to do something, and save money. And you're doing all those things with the cloud and awesome stuff. It's really great to hear your success stories and the work you're doing over there. Great to see resources getting and doing their job faster. And it's good and tons of data. You've got petabytes of that's coming in. It's it's pretty impressive, thanks for sharing your story. >> Sounds good, and you know, one quick call out is customers can go to MontyCloud.com today. Within 10 minutes, they can get an account. They get a very actionable and valuable recommendations on where they can save costs, what is the security compliance issues they can fix. There's a ton of out-of-the-box reports. One click to find out whether you are having some data that is not encrypted, or if any of your servers are open to the world. A lot of value that customers can get in under 10 minutes. And we believe in that model, give the value to customers. They know what to do with that, right? So customers can go sign up for a free trial at MontyCloud.com today and get the value. >> Congratulations on your success and great innovation. A startup showcase here with theCUBE coverage of AWS Startup Showcase breakthrough in DevOps, Data Analytics and Cloud Management with MontyCloud. I'm John Furrier, thanks for watching. (gentle music)

>> Narrator: From around the globe it's theCUBE! With digital coverage of UiPath Live, the release show. Brought to you by UiPath. >> Hi everybody this is Dave Valenti, welcome back to our RPA Drill Down. Ted Kummert is here he is Executive Vice President for Products and Engineering at UiPath. Ted, thanks for coming on, great to see you. >> Dave, it's great to be here, thanks so much. >> Dave your background is pretty interesting, you started as a Silicon Valley Engineer, they pulled you out, you did a huge stint at Microsoft. You got experience in SAS, you've got VC chops with Madrona. And at Microsoft you saw it all, the NT, the CE Space, Workflow, even MSN you did stuff with MSN, and then the all important data. So I'm interested in what attracted you to UiPath? >> Yeah Dave, I feel super fortunate to have worked in the industry in this span of time, it's been an amazing journey, and I had a great run at Microsoft it was fantastic. You mentioned one experience in the middle there, when I first went to the server business, the enterprise business, I owned our Integration and Workflow products, and I would say that's the first I encountered this idea. Often in the software industry there are ideas that have been around for a long time, and what we're doing is refining how we're delivering them. And we had ideas we talked about in terms of Business Process Management, Business Activity Monitoring, Workflow. The ways to efficiently able somebody to express the business process in a piece of software. Bring systems together, make everybody productive, bring humans into it. These were the ideas we talked about. Now in reality there were some real gaps. Because what happened in the technology was pretty different from what the actual business process was. And so lets fast forward then, I met Madrona Venture Group, Seattle based Venture Capital Firm. We actually made a decision to participate in one of UiPath's fundraising rounds. And that's the first I really came encountered with the company and had to have more than an intellectual understanding of RPA. 'Cause when I first saw it, I said "oh, I think that's desktop automation" I didn't look very close, maybe that's going to run out of runway, whatever. And then I got more acquainted with it and figured out "Oh, there's a much bigger idea here". And the power is that by really considering the process and the implementation from the humans work in, then you have an opportunity really to automate the real work. Not that what we were doing before wasn't significant, this is just that much more powerful. And that's when I got really excited. And then the companies statistics and growth and everything else just speaks for itself, in terms of an opportunity to work, I believe, in one of the most significant platforms going in the enterprise today, and work at one of the fastest growing companies around. It was like almost an automatic decision to decide to come to the company. >> Well you know, you bring up a good point you think about software historically through our industry, a lot of it was 'okay here's this software, now figure out how to map your processes to make it all work' and today the processes, especially you think about this pandemic, the processes are unknown. And so the software really has to be adaptable. So I'm wondering, and essentially we're talking about a fundamental shift in the way we work. And is there really a fundamental shift going on in how we write software and how would you describe that? >> Well there certainly are, and in a way that's the job of what we do when we build platforms for the enterprises, is try and give our customers a new way to get work done, that's more efficient and helps them build more powerful applications. And that's exactly what RPA does, the efficiency, it's not that this is the only way in software to express a lot of this, it just happens to be the quickest. You know in most ways. Especially as you start thinking about initiatives like our StudioX product to what we talk about as enabling citizen developers. It's an expression that allows customers to just do what they could have done otherwise much more quickly and efficient. And the value on that is always high, certainly in an unknown era like this, it's even more valuable, there are specific processes we've been helping automate in the healthcare, in financial services, with things like SBA Loan Processing, that we weren't thinking about six months ago, or they weren't thinking about six months ago. We're all thinking about how we're reinventing the way we work as individuals and corporations because of what's going on with the coronavirus crisis, having a platform like this that gives you agility and mapping the real work to what your computer state and applications all know how to do, is even more valuable in a climate like that. >> What attracted us originally to UiPath, we knew Bobby Patrick CMO, he said "Dave, go download a copy, go build some automations and go try it with some other companies". So that really struck us as wow, this is actually quite simple. Yet at the same time, and so you've of course been automating all these simple tasks, but now you've got real aspiration, you're glomming on to this term of Hyperautomation, you've made some acquisitions, you've got a vision, that really has taken you beyond 'paving the cow path' I sometimes say, of all these existing processes. It's really trying to discover new processes and opportunities for automation, which you would think after 50 or whatever years we've been in this industry, we'd have attacked a lot of it, but wow, seems like we have a long way to go. Again, especially what we're learning through this pandemic. Your thoughts on that? >> Yeah, I'd say Hyperautomation. It's actually a Gartner term, it's not our term. But there is a bigger idea here, built around the core automation platform. So let's talk for a second just what's not about the core platform and then what Hyperautomation really means around that. And I think of that as the bookends of how do I discover and plan, how do I improve my ability to do more automations, and find the real opportunities that I have. And how do I measure and optimize? And that's a lot of what we delivered in 20.4 as a new capability. So let's talk about discover and plan. One aspect of that is the wisdom of the crowd. We have a product we call Automation Hub that is all about that. Enabling people who have ideas, they're the ones doing the work, they have the observation into what efficiencies can be. Enabling them to either with our Ask Capture Utility capture that and document that, or just directly document that. And then, people across the company can then collaborate eventually moving on building the best ideas out of that. So there's capturing the crowd, and then there's a more scientific way of capturing actually what the opportunities are. So we've got two products we introduced. One is process mining, and process mining is about going outside in from the, let's call it the larger processes, more end to end processes in the enterprise. Things like order-to-cash and procure-to-pay, helping you understand by watching the events, and doing the analytics around that, where your bottle necks, where are you opportunities. And then task mining said "let's watch an individual, or group of individuals, what their tasks are, let's watch the log of events there, let's apply some machine learning processing to that, and say here's the repetitive things we've found." And really helping you then scientifically discover what your opportunities are. And these ideas have been along for a long time, process mining is not new. But the connection to an automation platform, we think is a new and powerful idea, and something we plan to invest a lot in going forward. So that's the first bookend. And then the second bookend is really about attaching rich analytics, so how do I measure it, so there's operationally how are my robots doing? And then there's everything down to return on investment. How do I understand how they are performing, verses what I would have spent if I was continuing to do them the old way. >> Yeah that's big 'cause (laughing) the hero reports for the executives to say "hey, this is actually working" but at the same time you've got to take a systems view. You don't want to just optimize one part of the system at the detriment to others. So you talk about process mining, which is kind of discovering the backend systems, ERP and the like, where the task mining it sounds like it's more the collaboration and front end. So that whole system thinking, really applies, doesn't it? >> Yeah. Very much so. Another part of what we talked about then, in the system is, how do we capture the ideas and how do we enable more people to build these automations? And that really gets down to, we talk about it in our company level vision, is a robot for every person. Every person should have a digital assistant. It can help you with things you do less frequently, it can help you with things you do all the time to do your job. And how do we help you create those? We've released a new tool we call StudioX. So for our RPA Developers we have Studio, and StudioX is really trying to enable a citizen developer. It's not unlike the art that we saw in Business Intelligence there was the era where analytics and reporting were the domain of experts, and they produced formalized reports that people could consume. But the people that had the questions would have to work with them and couldn't do the work themselves. And then along comes ClickView and Tableau and Power BI enabling the self services model, and all of a sudden people could do that work themselves, and that enabled powerful things. We think the same arch happens here, and StudioX is really our way of enabling that, citizen developer with the ideas to get some automation work done on their own. >> Got a lot in this announcement, things like document understanding, bring your own AI with AI fabric, how are you able to launch so many products, and have them fit together, you've made some acquisitions. Can you talk about the architecture that enables you to do that? >> Yeah, it's clearly in terms of ambition, and I've been there for 10 weeks, but in terms of ambition you don't have to have been there when they started the release after Forward III in October to know that this is the most ambitious thing that this company has ever done from a release perspective. Just in terms of the surface area we're delivering across now as an organization, is substantive. We talk about 1,000 feature improvements, 100's of discreet features, new products, as well as now our automation cloud has become generally available as well. So we've had muscle building over this past time to become world class at offering SAS, in addition to on-premises. And then we've got this big surface area, and architecture is a key component of how you can do this. How do you deliver efficiently the same software on-premises and in the cloud? Well you do that by having the right architecture and making the right bets. And certainly you look forward, how are companies doing this today? It's really all about Cloud-Native Platform. But it's about an architecture such that we can do that efficiently. So there is a lot about just your technical strategy. And then it's just about a ton of discipline and customer focus. It keeps you focused on the right things. StudioX was a great example of we were led by customers through a lot of what we actually delivered, a couple of the major features in it, certainly the out of box templates, the studio governance features, came out of customer suggestions. I think we had about 100 that we have sitting in the backlog, a lot of which we've already done, and really being disciplined and really focused on what customers are telling. So make sure you have the right technical strategy and architecture, really follow your customers, and really stay disciplined and focused on what matters most as you execute on the release. >> What can we learn from previous examples, I think about for instance SQL Server, you obviously have some knowledge in it, it started out pretty simple workloads and then at the time we all said "wow, it's a lot more powerful to come from below that it is, if a Db2, or an Oracle sort of goes down market", Microsoft proved that, obviously built in the robustness necessary, is there a similar metaphor here with regard to things like governance and security, just in terms of where UiPath started and where you see it going? >> Well I think the similarities have more to do with we have an idea of a bigger platform that we're now delivering against. In the database market, that was, we started, SQL Server started out as more of just a transactional database product, and ultimately grew to all of the workloads in the data platform, including transaction for transactional apps, data warehousing and as well as business intelligence. I see the same analogy here of thinking more broadly of the needs, and what the ability of an integrated platform, what it can do to enable great things for customers, I think that's a very consistent thing. And I think another consistent thing is know who you are. SQL Server knew exactly who it had to be when it entered the database market. That it was going to set a new benchmark on simplicity, TCO, and that was going to be the way it differentiated. In this case, we're out ahead of the market, we have a vision that's broader than a lot of the market is today. I think we see a lot of people coming in to this space, but we see them building to where we were, and we're out ahead. So we are operating from a leadership position, and I'm not going to tell you one's easier that the other, and both you have to execute with great urgency. But we're really executing out ahead, so we've got to keep thinking about, and there's no one's tail lights to follow, we have to be the ones really blazing the trail on what all of this means. >> I want to ask you about this incorporation of existing systems. Some markets they take off, it's kind of a one shot deal, and the market just embeds. I think you guys have bigger aspirations than that, I look at it like a service now, misunderstood early on, built the platform and now really is fundamental part of a lot of enterprises. I also look at things like EDW, which again, you have some experience in. In my view it failed to live up to a lot of it's promises even though it delivered a lot of value. You look at some of the big data initiatives, you know EDW still plugs in, it's the system of record, okay that's fine. How do you see RPA evolving? Are we going to incorporate, do we have to embrace existing business process systems? Or is this largely a do-over in your opinion? >> Well I think it's certainly about a new way of building automation, and it's starting to incorporate and include the other ways, for instance in the current release we added support for long running workflow, it was about human workflow based scenarios, now the human is collaborating with the robot, and we built those capabilities. So I do see us combining some of the old and new way. I think one of the most significant things here, is also that impact that AI and ML based technologies and skills can have on the power of the automations that we deliver. We've certainly got a surface area that, I think about our AI and ML strategy in two parts, that we are building first class first party skills, that we're including in the platform, and then we're building a platform for third parties and customers to bring their what their data science teams have delivered, so those can also be a part of our ecosystem, and part of automations. And so things like document understanding, how do I easily extract data from more structured, semi-structured and completely unstructured documents, accurately? And include those in my automations. Computer vision which gives us an ability to automate at a UI level across other types of systems than say a Windows and a browser base application. And task mining is built on a very robust, multi layer ML system, and the innovation opportunity that I think just consider there, you know continue there. You think it's a macro level if there's aspects of machine learning that are about captured human knowledge, well what exactly is an automation that captured where you're capturing a lot of human knowledge. The impact of ML and AI are going to be significant going out into the future. >> Yeah, I want to ask you about them, and I think a lot of people are just afraid of AI, as a separate thing and they have to figure out how to operationalize it. And I think companies like UiPath are really in a position to embed UI into applications AI into applications everywhere, so that maybe those folks that haven't climbed on the digital bandwagon, who are now with this pandemic are realizing "wow, we better accelerate this" they can actually tap machine intelligence through your products and others as well. Your thoughts on that sort of narrative? >> Yeah, I agree with that point of view, it's AI and ML is still maturing discipline across the industry. And you have to build new muscle, and you build new muscle and data science, and it forces you to think about data and how you manage your data in a different way. And that's a journey we've been on as a company to not only build our first party skills, but also to build the platform. It's what's given us the knowledge that to help us figure out, well what do we need to include here so our customers can bring their skills, actually to our platform, and I do think this is a place where we're going to see the real impact of AI and ML in a broader way. Based on the kind of apps it is and the kind of skills we can bring to bear. >> Okay last question, you're ten weeks in, when you're 50, 100, 200 weeks in, what should we be watching, what do you want to have accomplished? >> Well we're listening, we're obviously listening closely to our customers, right now we're still having a great week, 'cause there's nothing like shipping new software. So right now we're actually thinking deeply about where we're headed next. We see there's lots of opportunities and robot for every person, and that initiative, and so we're launched a bunch of important new capabilities there, and we're going to keep working with the market to understand how we can, how we can add additional capability there. We've just got the GA of our automation cloud, I think you should expect more and more services in our automation cloud going forward. I think this area we talked about, in terms of AI and ML and those technologies, I think you should expect more investment and innovation there from us and the community, helping our customers, and I think you will also see us then, as we talked about this convergence of the ways we bring together systems through integrate and build business process, I think we'll see a convergence into the platform of more of those methods. I look ahead to the next releases, and want to see us making some very significant releases that are advancing all of those things, and continuing our leadership in what we talk about now as the Hyperautomation platform. >> Well Ted, lot of innovation opportunities and of course everybody's hopping on the automation bandwagon. Everybody's going to want a piece of your RPA hide, and you're in the lead, we're really excited for you, we're excited to have you on theCUBE, so thanks very much for all your time and your insight. Really appreciate it. >> Yeah, thanks Dave, great to spend this time with you. >> All right thank you for watching everybody, this is Dave Velanti for theCUBE, and our RPA Drill Down Series, keep it right there we'll be right back, right after this short break. (calming instrumental music)

>> Announcer: Live from San Jose, it's theCUBE. Presenting data, Silicon Valley brought to you by Silicon Angle Media and it's ecosystem partners. >> Welcome back to theCUBE. We are live in San Jose at our event, Big Data SV. I'm Lisa Martin, my co-host is George Gilbert and we are down the street from the Strata Data Conference. We are at a really cool venue: Forager Eatery Tasting Room. Come down and join us, hang out with us, we've got a cocktail par-tay tonight. We also have an interesting briefing from our analysts on big data trends tomorrow morning. I want to welcome back to theCUBE now one of our CUBE VIP's and alumna Tendu Yogurtcu, the CTO at Syncsort, welcome back. >> Thank you. Hello Lisa, hi George, pleasure to be here. >> Yeah, it's our pleasure to have you back. So, what's going on at Syncsort, what are some of the big trends as CTO that you're seeing? >> In terms of the big trends that we are seeing, and Syncsort has grown a lot in the last 12 months, we actually doubled our revenue, it has been really an successful and organic growth path, and we have more than 7,000 customers now, so it's a great pool of customers that we are able to talk and see the trends and how they are trying to adapt to the digital disruption and make data as part of their core strategy. So data is no longer an enabler, and in all of the enterprise we are seeing data becoming the core strategy. This reflects in the four mega trends, they are all connected to enable business as well as operational analytics. Cloud is one, definitely. We are seeing more and more cloud adoption, even our financial services healthcare and banking customers are now, they have a couple of clusters running in the cloud, in public cloud, multiple workloads, hybrid seems to be the new standard, and it comes with also challenges. IT governance as well as date governance is a major challenge, and also scoping and planning for the workloads in the cloud continues to be a challenge, as well. Our general strategy for all of the product portfolio is to have our products following design wants and deploy any of our strategy. So whether it's a standalone environment on Linux or running on Hadoop or Spark, or running on Premise or in the Cloud, regardless of the Cloud provider, we are enabling the same education with no changes to run all of these environments, including hybrid. Then we are seeing the streaming trend, with the connected devices with the digital disruption and so much data being generated, being able to stream and process data on the age, with the Internet of things, and in order to address the use cases that Syncsort is focused on, we are really providing more on the Change Data Capture and near real-time and real-time data replication to the next generation analytics environments and big data environments. We launched last year our Change Data Capture, CDC, product offering with data integration, and we continue to strengthen that vision merger we had data replication, real-time data replication capabilities, and we are now seeing even Kafka database becoming a consumer of this data. Not just keeping the data lane fresh, but really publishing the changes from multiple, diverse set of sources and publishing into a Kafka database and making it available for applications and analytics in the data pipeline. So the third trend we are seeing is around data science, and if you noticed this morning's keynote was all about machine learning, artificial intelligence, deep learning, how to we make use of data science. And it was very interesting for me because we see everyone talking about the challenge of how do you prepare the data and how do you deliver the the trusted data for machine learning and artificial intelligence use and deep learning. Because if you are using bad data, and creating your models based on bad data, then the insights you get are also impacted. We definitely offer our products, both on the data integration and data quality side, to prepare the data, cleanse, match, and deliver the trusted data set for data scientists and make their life easier. Another area of focus for 2018 is can we also add supervised learning to this, because with the premium quality domain experts that we have now in Syncsort, we have a lot of domain experts in the field, we can infuse the machine learning algorithms and connect data profiling capabilities we have with the data quality capabilities recommending business rules for data scientists and helping them automate the mandate tasks with recommendations. And the last but not least trend is data governance, and data governance is almost a umbrella focus for everything we are doing at Syncsort because everything about the Cloud trend, the streaming, and the data science, and developing that next generation analytics environment for our customers depends on the data governance. It is, in fact, a business imperative, and the regulatory compliance use cases drives more importance today than governance. For example, General Data Protection Regulation in Europe, GDPR. >> Lisa: Just a few months away. >> Just a few months, May 2018, it is in the mind of every C-level executive. It's not just for European companies, but every enterprise has European data sourced in their environments. So compliance is a big driver of governance, and we look at governance in multiple aspects. Security and issuing data is available in a secure way is one aspect, and delivering the high quality data, cleansing, matching, the example Hilary Mason this morning gave in the keynote about half of what the context matters in terms of searches of her name was very interesting because you really want to deliver that high quality data in the enterprise, trust of data set, preparing that. Our Trillium Quality for big data, we launched Q4, that product is generally available now, and actually we are in production with very large deployment. So that's one area of focus. And the third area is how do you create visibility, the farm-to-table view of your data? >> Lisa: Yeah, that's the name of your talk! I love that. >> Yes, yes, thank you. So tomorrow I have a talk at 2:40, March 8th also, I'm so happy it's on the Women's Day that I'm talking-- >> Lisa: That's right, that's right! Get a farm-to-table view of your data is the name of your talk, track data lineage from source to analytics. Tell us a little bit more about that. >> It's all about creating more visibility, because for audit reasons, for understanding how many copies of my data is created, valued my data had been, and who accessed it, creating that visibility is very important. And the last couple of years, we saw everyone was focused on how do I create a data lake and make my data accessible, break the data silos, and liberate my data from multiple platforms, legacy platforms that the enterprise might have. Once that happened, everybody started worrying about how do I create consumable data set and how do I manage this data because data has been on the legacy platforms like Mainframe, IMBI series has been on relational data stores, it is in the Cloud, gravity of data originating in the Cloud is increasing, it's originating from mobile. Hadoop vendors like Hortonworks and Cloudera, they are creating visibility to what happens within the Hadoop framework. So we are deepening our integration with the Cloud Navigator, that was our announcement last week. We already have integration both with Hortonworks and Cloudera Navigator, this is one step further where we actually publish what happened to every single granular level of data at the field level with all of the transformations that data have been through outside of the cluster. So that visibility is now published to Navigator itself, we also publish it through the RESTful API, so governance is a very strong and critical initiative for all of the businesses. And we are playing into security aspect as well as data lineage and tracking aspect and the quality aspect. >> So this sounds like an extremely capable infrastructure service, so that it's trusted data. But can you sell that to an economic buyer alone, or do you go in in conjunction with anther solution like anti-money laundering for banks or, you know, what are the key things that they place enough value on that they would spend, you know, budget on it? >> Yes, absolutely. Usually the use cases might originate like anti-money laundering, which is very common, fraud detection, and it ties to getting a single view of an entity. Because in anti-money laundering, you want to understand the single view of your customer ultimately. So there is usually another solution that might be in the picture. We are providing the visibility of the data, as well as that single view of the entity, whether it's the customer view in this case or the product view in some of the use cases by delivering the matching capabilities and the cleansing capabilities, the duplication capabilities in addition to the accessing and integrating the data. >> When you go into a customer and, you know, recognizing that we still have tons of silos and we're realizing it's a lot harder to put everything in one repository, how do customers tell you they want to prioritize what they're bringing into the repository or even what do they want to work on that's continuously flowing in? >> So it depends on the business use case. And usually at the time that we are working with the customer, they selected that top priority use case. The risk here, and the anti-money laundering, or for insurance companies, we are seeing a trend, for example, building the data marketplace, as that tantalize data marketplace concept. So depending on the business case, many of our insurance customers in US, for example, they are creating the data marketplace and they are working with near real-time and microbatches. In Europe, Europe seems to be a bit ahead of the game in some cases, like Hadoop production was slow but certainly they went right into the streaming use cases. We are seeing more directly streaming and keeping it fresh and more utilization of the Kafka and messaging frameworks and database. >> And in that case, where they're sort of skipping the batch-oriented approach, how do they keep track of history? >> It's still, in most of the cases, microbatches, and the metadata is still associated with the data. So there is an analysis of the historical what happened to that data. The tools, like ours and the vendors coming to picture, to keep track, of that basically. >> So, in other words, by knowing what happened operationally to the data, that paints a picture of a history. >> Exactly, exactly. >> Interesting. >> And for the governance we usually also partner, for example, we partner with Collibra data platform, we partnered with ASG for creating that business rules and technical metadata and providing to the business users, not just to the IT data infrastructure, and on the Hadoop side we partner with Cloudera and Hortonworks very closely to complete that picture for the customer, because nobody is just interested in what happened to the data in Hadoop or in Mainframe or in my relational data warehouse, they are really trying to see what's happening on Premise, in the Cloud, multiple clusters, traditional environments, legacy systems, and trying to get that big picture view. >> So on that, enabling a business to have that, we'll say in marketing, 360 degree view of data, knowing that there's so much potential for data to be analyzed to drive business decisions that might open up new business models, new revenue streams, increase profit, what are you seeing as a CTO of Syncsort when you go in to meet with a customer, data silos, when you're talking to a Chief Data Officer, what's the cultural, I guess, not shift but really journey that they have to go on to start opening up other organizations of the business, to have access to data so they really have that broader, 360 degree view? What's that cultural challenge that they have to, journey that they have to go on? >> Yes, Chief Data Officers are actually very good partners for us, because usually Chief Data Officers are trying to break the silos of data and make sure that the data is liberated for the business use cases. Still most of the time the infrastructure and the cluster, whether it's the deployment in the Cloud versus on Premise, it's owned by the IT infrastructure. And the lines of business are really the consumers and the clients of that. CDO, in that sense, almost mitigates and connects to those line of businesses with the IT infrastructure with the same goals for the business, right? They have to worry about the compliance, they have to worry about creating multiple copies of data, they have to worry about the security of the data and availability of the data, so CDOs actually help. So we are actually very good partners with the CDOs in that sense, and we also usually have IT infrastructure owner in the room when we are talking with our customers because they have a big stake. They are like the gatekeepers of the data to make sure that it is accessed by the right... By the right folks in the business. >> Sounds like maybe they're in the role of like, good cop bad cop or maybe mediator. Well Tendu, I wish we had more time. Thanks so much for coming back to theCUBE and, like you said, you're speaking tomorrow at Strata Conference on International Women's Day: Get a farm-to-table view of your data. Love the title. >> Thank you. >> Good luck tomorrow, and we look forward to seeing you back on theCUBE. >> Thank you, I look forward to coming back and letting you know about more exciting both organic innovations and acquisitions. >> Alright, we look forward to that. We want to thank you for watching theCUBE, I'm Lisa Martin with my co-host George Gilbert. We are live at our event Big Data SV in San Jose. Come down and visit us, stick around, and we will be right back with our next guest after a short break. >> Tendu: Thank you. (upbeat music)

>> Announcer: Live from Orlando, Florida. It's the CUBE. Covering Grace Hopper Celebration of Women in Computing. Brought to you by Silicon Angle Media. >> Welcome back everybody. Jeff Frick here with the Cube. We are winding down day three of the Grace Hopper Celebration of Women in Computing in Orlando. It's 18,000, mainly women, a couple of us men hangin' out. It's been a phenomenal event again. It always amazes me to run into first timers that have never been to the Grace Hopper event. It's a must do if you're in this business and I strongly encourage you to sign up quickly 'cause I think it sells out in about 15 minutes, like a good rock concert. But we're excited to have our next guest. She's Rachel Faber Tobac, UX Research at Course Hero. Rachel, great to see you. >> Thank you so much for having me on. >> Absolutely. So, Course Hero. Give people kind of an overview of what Course Hero is all about. >> Yup. So we are an online learning platform and we help about 200 million students and educators master their classes every year. So we have all the notes, >> 200 million. >> Yes, 200 million! We have all the notes, study guides, resources, anything a student would need to succeed in their classes. And then anything an educator would need to prepare for their classes or connect with their students. >> And what ages of students? What kind of grades? >> They're usually in college, but sometimes we help high schoolers, like AP students. >> Okay. >> Yeah. >> But that's not why you're here. You want to talk about hacking. So you are, what you call a "white hat hacker". >> White hat. >> So for people that aren't familiar with the white hat, >> Yeah. >> We all know about the black hat conference. What is a white hat hacker. >> So a "white hat hacker" is somebody >> Sounds hard to say three times fast. >> I know, it's a tongue twister. A white hat hacker is somebody who is a hacker, but they're doing it to help people. They're trying to make sure that information is kept safer rather than kind of letting it all out on the internet. >> Right, right. Like the old secret shoppers that we used to have back in the pre-internet days. >> Exactly. Exactly. >> So how did you get into that? >> It's a very non-linear story. Are you ready for it? >> Yeah. >> So I started my career as a special education teacher. And I was working with students with special needs. And I wanted to help more people. So, I ended up joining Course Hero. And I was able to help more people at scale, which was awesome. But I was interested in kind of more of the technical side, but I wasn't technical. So my husband went to Defcon. 'cause he's a cyber security researcher. And he calls me at Defcon about three years ago, and he's like, Rach, you have to get over here. I'm like, I'm not really technical. It's all going to go over my head. Why would I come? He's like, you know how you always call companies to try and get our bills lowered? Like calling Comcast. Well they have this competition where they put people in a glass booth and they try and have them do that, but it's hacking companies. You have to get over here and try it. So I bought a ticket to Vegas that night and I ended up doing the white hat hacker competition called The Social Engineering Capture the Flag and I ended up winning second, twice in a row as a newb. So, insane. >> So you're hacking, if I get this right, not via kind of hardcore command line assault. You're using other tools. So like, what are some of the tools that are vulnerabilities that people would never think about. >> So the biggest tool that I use is actually Instagram, which is really scary. 60% of the information that I need to hack a company, I find on Instagram via geolocation. So people are taking pictures of their computers, their work stations. I can get their browser, their version information and then I can help infiltrate that company by calling them over the phone. It's called vishing. So I'll call them and try and get them to go to a malicious link over the phone and if I can do that, I can own their company, by kind of presenting as an insider and getting in that way. (chuckling) It's terrifying. >> So we know phishing right? I keep wanting to get the million dollars from the guy in Africa that keeps offering it to me. >> (snickers) Right. >> I don't whether to bite on that or. >> Don't click the link. >> Don't click the link. >> No. >> But that interesting. So people taking selfies in the office and you can just get a piece of the browser data and the background of that information. >> Yep. >> And that gives you what you need to do. >> Yeah, so I'll find a phone number from somebody. Maybe they take a picture of their business card, right? I'll call that number. Test it to see if it works. And then if it does, I'll call them in that glass booth in front of 400 people and attempt to get them to go to malicious links over the phone to own their company or I can try and get more information about their work station, so we could, quote unquote, tailor an exploit for their software. >> Right. Right. >> We're not actually doing this, right? We're white hat hackers. >> Right. >> If we were the bad guys. >> You'd try to expose the vulnerability. >> Right. The risk. >> And what is your best ruse to get 'em to. Who are you representing yourself as? >> Yeah, so. The representation thing is called pre-texting. It's who you're pretending to be. If you've ever watched like, Catch Me If You Can. >> Right. Right. >> With Frank Abagnale Jr. So for me, the thing that works the best are low status pretext. So as a woman, I would kind of use what we understand about society to kind of exploit that. So you know, right now if I'm a woman and I call you and I'm like, I don't know how to trouble shoot your website. I'm so confused. I have to give a talk, it's in five minutes. Can you just try my link and see if it works on your end? (chuckling) >> You know? Right? You know, you believe that. >> That's brutal. >> Because there's things about our society that help you understand and believe what I'm trying to say. >> Right, right. >> Right? >> That's crazy and so. >> Yeah. >> Do you get, do you make money white hacking for companies? >> So. >> Do they pay you to do this or? Or is it like, part of the service or? >> It didn't start that way. >> Right. >> I started off just doing the Social Engineering Capture the Flag, the SECTF at Defcon. And I've done that two years in a row, but recently, my husband, Evan and I, co-founded a company, Social Proof Security. So we work with companies to train them about how social media can impact them from a social engineering risk perspective. >> Right. >> And so we can come in and help them and train them and understand, you know, via a webinar, 10 minute talk or we can do a deep dive and have them actually step into the shoes of a hacker and try it out themselves. >> Well I just thought the only danger was they know I'm here so they're going to go steal my bike out of my house, 'cause that's on the West Coast. I'm just curious and you may not have a perspective. >> Yeah. >> 'Cause you have niche that you execute, but between say, you know kind of what you're doing, social engineering. >> Yeah. >> You know, front door. >> God, on the telephone. Versus kind of more traditional phishing, you know, please click here. Million dollars if you'll click here versus, you know, what I would think was more hardcore command line. People are really goin' in. I mean do you have any sense for what kind of the distribution of that is, in terms of what people are going after? >> Right, we don't know exactly because usually that information's pretty confidential, >> Sure. when a hack happens. But we guess that about 90% of infiltrations start with either a phishing email or a vishing call. So they're trying to gain information so they can tailor their exploits for your specific machine. And then they'll go in and they'll do that like actual, you know, >> Right. >> technical hacking. >> Right. >> But, I mean, if I'm vishing you right and I'm talking to you over the phone and I get you to go to a malicious link, I can just kind of bypass every security protocol you've set up. I don't even a technical hacker, right? I just got into your computer because. >> 'Cause you're in 'Cause I'm in now, yup. >> I had the other kind of low profile way and I used to hear is, you know, you go after the person that's doin' the company picnic. You know Wordpress site. >> Yes. >> That's not thinking that that's an entry point in. You know, kind of these less obvious access points. >> Right. That's something that I talk about a lot actually is sometimes we go after mundane information. Something like, what pest service provider you use? Or what janitorial service you use? We're not even going to look for like, software on your machine. We might start with a softer target. So if I know what pest extermination provider you use, I can look them up on LinkedIn. See if they've tagged themselves in pictures in your office and now I can understand how do they work with you, what do their visitor badges look like. And then emulate all of that for an onsite attack. Something like, you know, really soft, right? >> So you're sitting in the key note, right? >> Yeah. >> Fei-Fei Li is talking about computer visualization learning. >> Right. >> And you know, Google running kagillions of pictures through an AI tool to be able to recognize the puppy from the blueberry muffin. >> Right. >> Um, I mean, that just represents ridiculous exploitation opportunity at scale. Even you know, >> Yeah. >> You kind of hackin' around the Instagram account, can't even begin to touch, as you said, your other thing. >> Right. >> You did and then you did it at scale. Now the same opportunity here. Both for bad and for good. >> I'm sure AI is going to impact social engineering pretty extremely in the future here. Hopefully they're protecting that data. >> Okay so, give a little plug so they'll look you up and get some more information. But what are just some of the really easy, basic steps that you find people just miss, that should just be, they should not be missing. From these basic things. >> The first thing is that if they want to take a picture at work, like a #TBT, right? It's their third year anniversary at their company. >> Right. Right. >> Step away from your work station. You don't need to take that picture in front of your computer. Because if you do, I'm going to see that little bottom line at the bottom and I'm going to see exactly the browser version, OS and everything like that. Now I'm able to exploit you with that information. So step away when you take your pictures. And if you do happen to take a picture on your computer. I know you're looking at computer nervously. >> I know, I'm like, don't turn my computer on to the cameras. >> Don't look at it! >> You're scarin' me Rachel. >> If you do take a picture of that. Then you don't want let someone authenticate with that information. So let's say I'm calling you and I'm like, hey, I'm with Google Chrome. I know that you use Google Chrome for your service provider. Has your network been slow recently? Everyone's network's been slow recently, right? >> Right. Right. >> So of course you're going to say yes. Don't let someone authenticate with that info. Think to yourself. Oh wait, I posted a picture of my work station recently. I'm not going to let them authenticate and I'm going to hang up. >> Interesting. All right Rachel. Well, I think the opportunity in learning is one thing. The opportunity in this other field is infinite. >> Yeah. >> So thanks for sharing a couple of tips. >> Yes. >> And um. >> Thank you for having me. >> Hopefully we'll keep you on the good side. We won't let you go to the dark side. >> I won't. I promise. >> All right. >> Rachel Faber Tobac and I'm Jeff Frick. You're watchin the Cube from Grace Hopper Celebration Women in Computing. Thanks for watching. (techno music)