(gentle music) >> Hi everybody, this is Dave Vellante of TheCUBE. This is day two of Fal.Con 2022, CrowdStrike's big customer event. Over 2000 people here, a hundred sessions, a lot of deep security talk. Amol Kulkarni is here. He's the chief product and engineering officer at CrowdStrike, and we're going to get into it. Amol, thanks for coming to theCUBE. >> Great to be here. >> I enjoyed your keynote today. It was very informative. First of all, how's the show going for you? >> It's going fantastic. I mean, first and foremost, like to be having everyone here in person, after three years, that's just out the world, right? So great to meet and a lot of great conversations across the board with customers, partners. It's been fantastic. >> Yeah, so I want to start with Cloud Native, it's kind of your dogma. This whole, the new acronym is CNAP Cloud Native Application Protection Platform. >> Amol: That's right. >> There's a mouthful. What is that? How does it relate to what you guys are doing? >> Yeah, so CNAP is what Gartner has coined as the term for covering entire cloud security. And they have identified various components in it. The first and foremost is the runtime protection, cloud workload protection, as we call it. Second is posture management. That's CSBM cloud security posture management. Third is CIEM, which we announced today. And then the fourth is shift left, kind of Dev SecOps part of cloud security. And all together Gartner coins that as a solution or a suite, if you will, to cover various aspects of cloud security. >> Okay, so shift left and then shield right. You still got to shield right. Is that where network security comes in? Which is not your main focus, but okay. So now it explains... Gartner is an acronym. Now I get it. But the CIEM announcement cloud infrastructure entitlement management. So you're managing identities. Is that right? Explain that in more detail. >> So, yeah, so I mean, as in the on-premise world, but even more exacerbated in the crowd world you have lots and lots of identities, both human identities and service accounts that are accessing cloud services. And lot of the time the rigor is not there in terms of what permissions those identities are provisioned with. So are they over provisioned? Do they have lots of rights that they should not have? Are they able... Are services able to connect to resources that they should not be able to connect to all of that falls under the entitlement management, the identity entitlement management part. And that's where CIEM comes in. So what we said is, we have a great identity security story for on-premise, right? And now we are applying that to understand identities, the entitlements they have, secrets that are lying around, maybe leaked, or just, available for adversaries to exploit in the cloud security world. So taking all of that into account and giving you... Giving customers a snapshot view of one single view to say; these are the identities, these are their permissions, this is where you can trim them down because these are the dependencies that are present across services. And you see something that's not right from a dependency perspective, you can say, okay, this connection doesn't make sense. There's something malicious going on here. So there's a lot that you can do by having that scope of identities. Be very narrowed down. It's a first step in the zero trust journey for the cloud infrastructure. >> So I have to ask you when you now extend this conversation to the edge, and operations technology. Traditionally the infrastructure has been air gapped by, you know, brute force air gap. Don't worry about it. And maybe hasn't had to worry so much about the hygiene. So now as you... as the business drives and forces essentially digital connect... Digital transformation and connectivity >> Connectivity. Yeah. >> I mean, wow, that's a playground for the hackers. >> You absolutely nailed it. So most of these infrastructure was not designed with security in mind, unfortunately, right? As you said, most of it was air-gapped, disconnected. And now everything is getting to be connected because the updates are being pushed rapidly changes are happening. So, and that really, in some sense has changed the environment in which these devices are operating. The operational technology, industrial control. We had the colonial pipeline breach last year. And, that really opened people's eyes like, Hey, nation state adversaries are going to come after critical infrastructure. And that can... That is going to cause impact directly to the end end users, to the citizens. So we have to protect this infrastructure. And that's why we announced discover for IOT as a new module that looks at and understands all the IOT and industrial control systems assets. >> So that didn't require an architectural change though. Right? That was a capability that you introduced with partners. Right? Am I right about that? You don't have to re-architect anything. It's just... Your architecture fits perfectly into those scenarios. >> Absolutely, absolutely. Yeah, yeah, yeah. You actually... While the pace of change is there, architectural change is almost very difficult, because these are very large systems. They are built up over time. It take an industrial control system. The tracing speed is very different from a laptop. So yeah, you can't impose any architectural change. It has to be seamless from what the customers have. >> You were talking, I want to go back to CNAP. You were talking about the protecting the run time. You can do that with an agent. You had said agent... In your keynote. Agentless solutions don't give you runtime security protection. Can you double click on that and just elaborate? >> Yeah, absolutely. So what agentless solutions today are doing they're essentially tapping into APIs from AWS or Azure CloudTrail, for example and looking at misconfigurations. So that is indeed a challenge. So that is one part of the story, but that only gives you a partial view. Let's say that an attacker attacks and uses a existing credential. A legitimate credential to access one of the cloud services. And from there they escalate the privileges and then now start branching off the, the CSP, and the agentless-only solutions will not catch that. Right? So what you need is you, you need this agentless part but you have to couple that with; seeing the activity that's actually happening the living of the land attacks that cannot be caught by the CSP end-piece. So you need a combination of agentless and agent runtime to give that overall protection. >> What's the indicator of attack for a hacker that's living off the land, meaning using your own tools against you. >> That's right. So the indicators of attack are saying accessing services, for example, that are not normally accessed or escalating privileges. So you come in as a normal user, but then suddenly you have admin privileges because you have escalated those privileges, or you are moving laterally very rapidly from one place to another, or spraying across a lot of services in order to do reconnaissance and understand what is out there. So it's almost like looking for what is an abnormal attack path, abnormal behavior compared to what is normal and the good part is cloud. There's a lot that is normal, right? It's fairly constrained. It's not like a end user who is downloading stuff from the internet. And like doing all sorts of things. Cloud services are fairly constrained, so you can profile and you can figure out where there is a drift from the normal. And that's really the indicator of attack. In some sense, from cloud services >> In a previous life I want to change subjects. In a previous life. I spent a lot of time with CIOs. Helping them look at their application portfolio, understanding what to rationalize, what to get rid of, what to invest in, you know, bringing in new projects, cause you know, it's just you never throw a stuff away in IT. >> There is no obsolescence >> Right. So, but they wanted to... Anytime you go through these rationalization exercises change management is everything. And one of the hardest things to do was to map and understand the business impact of all the dependencies across the portfolio. Cause when application A needs this dataset. If you retire it, you're going to... It has ripple effects. And you talked about that in a security context today when you were talking about the asset graph and the threat graphs giving you the ability to understand those dependencies. Can you add some color to that? >> Absolutely. Absolutely. So what we've done with the asset graph; It's a fundamental piece of technology that we've been building now for some time that complements the thread graph. And the asset graph looks at: Assets, identities, applications, and configuration. All of those aspects. And the interconnections between them. So if a user is accessing an application on a server, all those, and in what role, all of that relationship is tied together in the asset graph. So what that does now is, it gives you an ability to say this application connects to this application. And that's the dependency on that port, for example. So you can now build up a dependency map and then the thread graph, what it does, it looks at the continuous activity that's happening. So if you now take the events that are coming into the thread graph and the graphical representation of those, combine it with the asset graph, you get that full dependency map. And now you can start doing that impact analysis that you talked about. Which is... It's an unsolved problem, right? And that's why security as I said in my keynote is most people do not have their security tools enabled to the highest level or they don't have full coverage just because the pace of change is so rapid. They cannot keep up with it. So we want to enable change management, at a rapid pace where businesses and customers can say; we are confident about the change management, about the change we are going to implement. Because we know what the potential impact would be. We can validate, test it in a smaller subset and then roll it out quickly. And that's the journey we are on. Sort of the theme of my talk was to make IT and security friends again. >> Right, you talked about that gap and bringing those two together. You also had a great quote in there; 'The pace of change and securities is insane.' And so this assets graph capability, dependencies and the threat graph, help you manage that accelerating pace of change. Before I forget, I want to ask you about your interview with Girls Who Code. What was that like? Who'd you interview? I unfortunately couldn't see it. I apologize. >> Yeah, fantastic. So, Reshma Saujani she heads Girls Who Code and she first off had a very very powerful talk just from her own own experiences. And essentially, like, what do we need to do to get more women into computer science first, but then within that, into cybersecurity. and what all have they done with Girls Who Code. So very, I mean, we were very touched at the audience was like super into her talk. And then I had a chance to chat with her for a few minutes, ask her a few questions. Just my view was more like, okay. What can we do together? What can CrowdStrike do in our position, in to attract more women? We've done a lot in terms of tailoring our job descriptions to make sure it's more... Remove the biases. Tuning the interview processes to be more welcoming and Reshma gave an example saying; 'Hey, many of these interviews, they start with a baseball discussion.' And I mean, some women may maybe interested in it but may not all maybe. And so is that the right? Is it a gender kind-of affirming or gender neutral kind-of discussion or do you want to have other topics? So a lot of that is about training the interviewers because most of the interviewers are men, unfortunately. That's the mix we have. And it was a great discussion. I mean, just like very practical. She's very much focused on increasing the number of people and increasing the pipeline which is honestly the biggest problem. Because if we have a lot of candidates we would definitely hire them and essentially improve the diversity. And we've done a great job with our intern program, for example, which has helped significantly improve the diversity on our workforce. >> And, but the gap keeps getting bigger in terms of unfulfilled jobs. That leads me to developers as a constituency. Because you guys are building the security cloud. You're on a mission to do that. And to me, if you have a security cloud, it's got to be programmable. You're going to have developers there. You don't... From what I can tell you have a specific developer platform, but it's organic. It's sort of happening out there. What's the strategy around, I mean, the developer today is so critical in terms of implementing a lot of security strategy and putting it into action. They've got to secure the run time. They got to worry about the APIs. They got to secure the PaaS. They got to secure the containers. Right, and so what's your developer strategy. >> Yeah, so within cloud security, enabling developers to implement DevSecOps as a as a philosophy, as a strategy, is critical. And so we, we have a lot of offerings there on the shift-left side, for example, you talked about securing containers. So we have container image assessment where we plug in into the container repositories to check for vulnerabilities and bad configuration in the container images. We then complement that with the runtime side where our agent can protect the container from runtime violations, from breakouts, for example. So it's a combination. It's a full spectrum, right? From the developer building an application, all the way to the end. Second I'd say is, we are a very much an API first company. So all of the things that you can do from a user interface perspective, you can do from APIs what is enable that is a bunch of partners a rich partner ecosystem that is building using those APIs. So the developers within our partners are leveraging those APIs to build very cool applications. And the manifestation of that is CrowdStrike store where essentially we have as Josh mentioned, in his ski-notes, we have a agent cloud architecture that is very rich. And we said, okay, why can't we open that up for partners to enable them to leverage that architecture for their scenarios? So we have a lot of applications that are built on the CrowdStrike store, leveraging our platform, right. Areas that we are not in, for example. >> And here, describe it. Is there a PaaS layer that's purpose-built for CrowdStrike so that developers can build applications? >> That's a great question. So I'll say that we have a beginnings of a PaaS layer. We definitely talked about CrowdStrike store as being passed for cybersecurity but there's a lot more to do. And we are in the process of building up an application platform so that customers can build the applications for their SOC workflow or IT workflow and and Falcon Fusion is a key part of that. So Falcon Fusion is our automation platform built right into the security cloud. And what that enables customers to do is to define... Encode their business process the way they want and leverage the platform the way they want. >> It seems like a logical next step. Because you're going to enable a consistent experience across the board. And fulfill your promise, your brand promise, and the capabilities that you bring. And this ecosystem will explode once you announce that. >> And that's the notion we talk about of being the sales force of security. >> Right, right. Yeah. That's the next step. Amol, thank you so much. I got to run and wrap. We really appreciate you coming on theCUBE. >> Thank you very much. >> Congratulations on your keynote and all the success and great event. >> Appreciate it. Thank you very much for the time and great chatting with you. >> You're very welcome. All right, keep it right there. We'll be back very shortly to wrap up from Fal.Con 2022. This is Dave Vellante for theCUBE. (soft electronic music)

(upbeat synthesized music) >> Announcer: Live from the Javits Center in New York City, it's The Cube, covering Inforum 2017. Brought to you by Infor. >> Welcome back to The Cube's live coverage of Inforum, I'm your host Rebecca Knight, along with my co-host, Dave Vellante. We're joined by Pam Murphy, she is the Infor COO, thanks so much for coming on the program-- >> Thank you for having us, thank you. >> So you're hosting for the third time, a special session devoted to WIN, the Women's Infor Network. Tell us a little bit about this session and who are the guests and what we can expect. >> Yes, absolutely, so as you said, it's our third year hosting it. It's a very popular session, it's the only non product session of the entire conference and open to everybody, men and women. We always have a fantastic lineup of speakers and this year is no different. So the way we work it is we do a combination of TED Talks and panel sessions so we've got Tan Lee, who's the founder of Emotiv brain augmentation technology. And then we've got Reshma Saujani who's the founder of Girls Who Code. She's done great stuff in terms of pioneering STEM and getting girls to code. So she's going to talk us through her work, if you will, in training so many girls to code and how she wants girls to adopt, and behaviors she wants them to exhibit in this industry. And then we've got what will be I'm sure a lively panel with Ambassador Susan Rice and Farah Pandith and we're going to be talking about the government's ability to manage the terrorism that we're seeing today and we're going to be talking counter terrorism, we're going to be talking about what lessons are we learning from what's going on in Europe and what is the role in technology in helping curb terrorism. So that's going to be an exciting and interesting session. And then we're going to have Dr. Jill Biden come in and hopefully lighten up the session and talk about resilience and leadership today, so very exciting, very much looking forward to it. It's 11 AM tomorrow morning in the Special Events Hall, and hopefully it will be good if not better than the last two years. >> Rebecca: And we're going to have many of those guests on our program >> Yes. >> after that too. So why, what is the purpose of it? It sounds like a great session and it's going to be enlightening and exciting to hear all those women talk, but what is your goal in gathering this group of women? >> I guess I should go back to the founding of WIN. So I started WIN probably over four or five years ago at this point and its purpose was to just galvanize and bring women together, allow forum in which they could mentor each other and where we could work on the advancement of women within the organization. It's something that as I traveled through the offices, people have been asking me a lot to create that forum, create that environment and so we've got hundreds of WIN chapters around the globe with thousands of women participating. So we have very regular sessions and we talk about topics that are relevant to women and also just about advancing their careers and given that at a forum we have so many thousands and thousands of not only our own Infor WIN members but also customers, we just thought it was a great opportunity to have one of our sessions at Inforum and invite inspiring female speakers to come and talk to us about their experiences, how they got to be where they are, the challenges that they met along the way. So what's interesting is that the only WIN or female aspect of the session is the fact that every speaker on stage is female. Outside of that, that's where the relevance ends in the sense that it really is talking to topics that is applicable to everyone. So that's why it is just a topic and an audience that appeals to everybody, men, female, old, and young. >> So these sessions are always interesting and inspiring. What kind of impact have they had? Can you share with us any results? >> Absolutely, so we have, first of all they're very inspirational for everybody attending and I've had customers, not only our own employees, but I've had customers reach out to me and say that they were inspired by a story and it caused them to take action and change in their life. And before they may have felt something but they heard from somebody else saying that how they overcame it and it caused them to honestly take change within their own lives and their own organizations. So for customers, partners, whoever's attending, it just, to hear from someone else, you often have the perception with these speakers that they have this fantastic upbringing, fantastic education, they're successful because it's a function of that. Well actually that's not often the case. People have had a hard upbringing or they've met a lot of challenges around the way and it's how they overcame those challenges and the resilience that they brought into the mix is what inspires people. So really that's what I would say people get out of it, and often spawning from that, we often end up as well tailoring programs or development techniques which we feel would be of benefit to folks beyond that. So one of our speakers last year prompted a big thought about diversity and how we should be dealing with ways in which we may be dismissive of certain topics or abrasive to people, so it's thought provoking and it inspires action, which is obviously what we want to get out of it. >> We funded a nonprofit initiative last year in partner with another journalism outfit, The GroundTruth, to study women in tech and we presented at the, we had The Cube at the Grace Hopper Conference and some of the things that came out of that, I wanted to comment, chief data officers actually have a disproportionately higher percentage of women, maybe it's 'cause it's such a thankless job and they're (laughing) wiling to take it on. And then we found cyber bullying had a very negative effect on the participation of women in tech which is about 17% of the women. And then of course the salary disparity, one of the areas that we found was most egregious was Cambridge, Mass, now this is supposed to be a progressive, relatively liberal area. >> Our hometown. >> And it was huge, our hometown, very high disparity of low participation of women in tech. Any thoughts on that data and what kind of progress you'd like to see us make as an industry? >> I'm hopeful of the fact that the next generation will look back on where technology is now from the perspective of the low representation of women and that whole diversity factor and look on it as being a non-issue. I'm hopeful in the sense that, I don't think it's going to be as pronounced as we have it now. I think we're doing a far better job of going out to colleges, to institutions, and enabling girls and providing girls with coding courses. So I'm hoping it's not going to be a longterm issue for us. From our perspective, to your point, we look at the various line of businesses and functions within our organization and we see where is the disparity arising and where do we need to focus? And so interestingly enough, if you look at G&A functions or if you look at marketing functions, it's 50/50, right, in terms of representation, but there's definitely certain functions where either the nature of what they're doing or if it's a high travel related function, meaning you're away for long periods of time, there are certainly the areas I think which don't have as equal distribution in terms of men, and for those really, we've been working on creating programs to ease those burdens that may be had, or else promote them positively where it literally is an unconscious bias, if you will. It's a long topic, for sure, that I could go on about for a long period of time but I just think it's constant, looking at unconscious biases, it's looking at ways in which we feel that there's fairness, if you will, into the equation. And a lot of the time I honestly feel that it's not conscious, if you will, and it therefore just needs to be looked at specifically at ways and means in which that could be addressed or tackled. >> So as a successful woman in technology, COO at a major technology company, what advice do you have for that young woman who wants to get into technology but is dispirited by the headlines and by what appears to be a very macho culture where there is vast salary discrepancies? >> Yeah, it's unfortunate that that has come out all too much more frequently and with volume in the last six months for the companies that we're aware of. But I would say, I personally haven't experienced that, and I'm personally of the view that, by the way, I never meant to end up in this industry, so I look back and think how on Earth did I actually get here, but I think you have to be willing to take risks and you have to be wiling to dismiss a lot of what you hear and look on the fact that there is a lot of very successful women, even within Infor. Since we started WIN, we have had a huge increase in the amount of SVPs and VPs within our organization. I think it's something like a 60% increase in terms of who we have. There is so much more women in very, very senior roles now than we've ever had before, so I'm hopeful that it is changing. I hope that some recent coverage and recent events have not, will not create a longterm impact, but I think people just need to look and see with the tech industry booming, with the way in which people are being compensated, that it's a good industry in which you can be very successful and do great things. >> Dave: And cloud helps. >> Yeah. >> It does. >> Yeah. >> There are far more women at application oriented shows than there are infrastructure oriented, 'cause hardware guys are hardware guys. I don't know why, like mechanics, other than Mona Lisa Vito, mostly hardware people. But let's shift gears a little bit and talk about the global alliances. You are running that initiative here. These are folks that we haven't typically seen at Inforum but they're coming out of the wood works, what's going on, what's driving that? >> Yeah first of all we have a fantastic base of existing partners who had great successes in implementing Infor applications for their customers and so but with the growth that we've been seeing, honestly, in our business, over the last number of years, we just need to have more and more delivery capacity to create more choice for our customers as to who they can go to to implement our software. And if you think about the move to the cloud and if you think about digitalization and the fact that every customer is becoming more consumed and obsessed with technology because it's changing their businesses so fundamentally, they do want the option and the choice of having the large global system integrators, digital integrators, that they can go to do massive transformation work and business process re-engineering and program management and change management. And so for us it was important to form good reliances with the Deloittes, the Accentures, the Caps, and the Grant Thorntons in order to provide that larger ecosystem of transformational services that we can offer to our customers. So it's great, they're all platinum sponsors here at Inforum this year and there's over a hundred very senior executives and managing directors from those four. And we're just very excited about the extent and pace to which they're building out Infor practices, so it's great. >> I have to ask you, so don't hate me for saying this, but those guys love to pig out on big complicated ERP implementations that take two and three years. Is that world just going away and it's moving toward more of a digital transformation and a whole new line of thinking and that's why there's a good fit with Infor or is it something else? >> I think they understand and know that the older days of a company spending $100 million on an ERP implementation are gone, that's really not acceptable anymore. It's absolutely not our strategy, as you know from being here at the conference, our strategy is around creating industry specific end to end suites which don't require modifications and which are purpose built for the cloud. And so that is very clear to them and they understand that and are embracing the concept because they realize that cloud is an enabler, it's just another deployment method, but fundamentally it's about helping the customers take advantage of that technology and transform their businesses and to do that, it requires a lot more than software. And so they're changing, our industry is changing. Steve talked to the point of the stage today that the cost of technology is becoming very low and that therefore the permeation of technology in everything we do is going to be so prevalent. So it's understood and for them, it's more about helping our customers get to that digital age and being able to transform their businesses to cope with the changing technology. >> Are you satisfied with the pace? >> Pace of? >> Of the change, of getting people to the cloud. Do you feel there is, is the momentum there? >> Well we've seen huge growth in our sector. We have completely tipped the balances. I would have said, obviously it's been coming, it's like Salesforce.com and companies who basically do certain applications in the cloud and for us, we're different because we have complete end to end suites in the cloud, mission critical applications. And so our business has grown enormously over the course of the last three years and I think now it's mainstream, if you will. And so we're very pleased and happy. We have a lot of customers who have made, obviously we have over 8,400 customers now already there. And the pace is increasing. And it's just a continuous effort for the customers who haven't gone already, helping them understand what they need to do to get there, and that's what we've been doing in spades for the last couple of years. >> Great, well Pam Murphy, thanks so much for joining us. >> Thank you. >> We really appreciate it. >> Thank you. >> I'm Rebecca Knight, for Dave Vallente, we will have more from The Cube's coverage of Inforum 2017 just after this. (upbeat synthesized music)