(light music) >> Hi everybody. Welcome to this Cube Conversation. I'm really pleased to announce a collaboration with Rob Strechay. He's a guest cube analyst, and we'll be working together to extract the signal from the noise. Rob is a long-time product pro, working at a number of firms including AWS, HP, HPE, NetApp, Snowplow. I did a stint as an analyst at Enterprise Strategy Group. Rob, good to see you. Thanks for coming into our Marlboro Studios. >> Well, thank you for having me. It's always great to be here. >> I'm really excited about working with you. We've known each other for a long time. You've been in the Cube a bunch. You know, you're in between gigs, and I think we can have a lot of fun together. Covering events, covering trends. So. let's get into it. What's happening out there? We're sort of exited the isolation economy. Things were booming. Now, everybody's tapping the brakes. From your standpoint, what are you seeing out there? >> Yeah. I'm seeing that people are really looking how to get more out of their data. How they're bringing things together, how they're looking at the costs of Cloud, and understanding how are they building out their SaaS applications. And understanding that when they go in and actually start to use Cloud, it's not only just using the base services anymore. They're looking at, how do I use these platforms as a service? Some are easier than others, and they're trying to understand, how do I get more value out of that relationship with the Cloud? They're also consolidating the number of Clouds that they have, I would say to try to better optimize their spend, and getting better pricing for that matter. >> Are you seeing people unhook Clouds, or just reduce maybe certain Cloud activities and going maybe instead of 60/40 going 90/10? >> Correct. It's more like the 90/10 type of rule where they're starting to say, Hey I'm not going to get rid of Azure or AWS or Google. I'm going to move a portion of this over that I was using on this one service. Maybe I got a great two-year contract to start with on this platform as a service or a database as a service. I'm going to unhook from that and maybe go with an independent. Maybe with something like a Snowflake or a Databricks on top of another Cloud, so that I can consolidate down. But it also gives them more flexibility as well. >> In our last breaking analysis, Rob, we identified six factors that were reducing Cloud consumption. There were factors and customer tactics. And I want to get your take on this. So, some of the factors really, you got fewer mortgage originations. FinTech, obviously big Cloud user. Crypto, not as much activity there. Lower ad spending means less Cloud. And then one of 'em, which you kind of disagreed with was less, less analytics, you know, fewer... Less frequency of calculations. I'll come back to that. But then optimizing compute using Graviton or AMD instances moving to cheaper storage tiers. That of course makes sense. And then optimize pricing plans. Maybe going from On Demand, you know, to, you know, instead of pay by the drink, buy in volume. Okay. So, first of all, do those make sense to you with the exception? We'll come back and talk about the analytics piece. Is that what you're seeing from customers? >> Yeah, I think so. I think that was pretty much dead on with what I'm seeing from customers and the ones that I go out and talk to. A lot of times they're trying to really monetize their, you know, understand how their business utilizes these Clouds. And, where their spend is going in those Clouds. Can they use, you know, lower tiers of storage? Do they really need the best processors? Do they need to be using Intel or can they get away with AMD or Graviton 2 or 3? Or do they need to move in? And, I think when you look at all of these Clouds, they always have pricing curves that are arcs from the newest to the oldest stuff. And you can play games with that. And understanding how you can actually lower your costs by looking at maybe some of the older generation. Maybe your application was written 10 years ago. You don't necessarily have to be on the best, newest processor for that application per se. >> So last, I want to come back to this whole analytics piece. Last June, I think it was June, Dev Ittycheria, who's the-- I call him Dev. Spelled Dev, pronounced Dave. (chuckles softly) Same pronunciation, different spelling. Dev Ittycheria, CEO of Mongo, on the earnings call. He was getting, you know, hit. Things were starting to get a little less visible in terms of, you know, the outlook. And people were pushing him like... Because you're in the Cloud, is it easier to dial down? And he said, because we're the document database, we support transaction applications. We're less discretionary than say, analytics. Well on the Snowflake earnings call, that same month or the month after, they were all over Slootman and Scarpelli. Oh, the Mongo CEO said that they're less discretionary than analytics. And Snowflake was an interesting comment. They basically said, look, we're the Cloud. You can dial it up, you can dial it down, but the area under the curve over a period of time is going to be the same, because they get their customers to commit. What do you say? You disagreed with the notion that people are running their calculations less frequently. Is that because they're trying to do a better job of targeting customers in near real time? What are you seeing out there? >> Yeah, I think they're moving away from using people and more expensive marketing. Or, they're trying to figure out what's my Google ad spend, what's my Meta ad spend? And what they're trying to do is optimize that spend. So, what is the return on advertising, or the ROAS as they would say. And what they're looking to do is understand, okay, I have to collect these analytics that better understand where are these people coming from? How do they get to my site, to my store, to my whatever? And when they're using it, how do they they better move through that? What you're also seeing is that analytics is not only just for kind of the retail or financial services or things like that, but then they're also, you know, using that to make offers in those categories. When you move back to more, you know, take other companies that are building products and SaaS delivered products. They may actually go and use this analytics for making the product better. And one of the big reasons for that is maybe they're dialing back how many product managers they have. And they're looking to be more data driven about how they actually go and build the product out or enhance the product. So maybe they're, you know, an online video service and they want to understand why people are either using or not using the whiteboard inside the product. And they're collecting a lot of that product analytics in a big way so that they can go through that. And they're doing it in a constant manner. This first party type tracking within applications is growing rapidly by customers. >> So, let's talk about who wins in that. So, obviously the Cloud guys, AWS, Google and Azure. I want to come back and unpack that a little bit. Databricks and Snowflake, we reported on our last breaking analysis, it kind of on a collision course. You know, a couple years ago we were thinking, okay, AWS, Snowflake and Databricks, like perfect sandwich. And then of course they started to become more competitive. My sense is they still, you know, compliment each other in the field, right? But, you know, publicly, they've got bigger aspirations, they get big TAMs that they're going after. But it's interesting, the data shows that-- So, Snowflake was off the charts in terms of spending momentum and our EPR surveys. Our partner down in New York, they kind of came into line. They're both growing in terms of market presence. Databricks couldn't get to IPO. So, we don't have as much, you know, visibility on their financials. You know, Snowflake obviously highly transparent cause they're a public company. And then you got AWS, Google and Azure. And it seems like AWS appears to be more partner friendly. Microsoft, you know, depends on what market you're in. And Google wants to sell BigQuery. >> Yeah. >> So, what are you seeing in the public Cloud from a data platform perspective? >> Yeah. I think that was pretty astute in what you were talking about there, because I think of the three, Google is definitely I think a little bit behind in how they go to market with their partners. Azure's done a fantastic job of partnering with these companies to understand and even though they may have Synapse as their go-to and where they want people to go to do AI and ML. What they're looking at is, Hey, we're going to also be friendly with Snowflake. We're also going to be friendly with a Databricks. And I think that, Amazon has always been there because that's where the market has been for these developers. So, many, like Databricks' and the Snowflake's have gone there first because, you know, Databricks' case, they built out on top of S3 first. And going and using somebody's object layer other than AWS, was not as simple as you would think it would be. Moving between those. >> So, one of the financial meetups I said meetup, but the... It was either the CEO or the CFO. It was either Slootman or Scarpelli talking at, I don't know, Merrill Lynch or one of the other financial conferences said, I think it was probably their Q3 call. Snowflake said 80% of our business goes through Amazon. And he said to this audience, the next day we got a call from Microsoft. Hey, we got to do more. And, we know just from reading the financial statements that Snowflake is getting concessions from Amazon, they're buying in volume, they're renegotiating their contracts. Amazon gets it. You know, lower the price, people buy more. Long term, we're all going to make more money. Microsoft obviously wants to get into that game with Snowflake. They understand the momentum. They said Google, not so much. And I've had customers tell me that they wanted to use Google's AI with Snowflake, but they can't, they got to go to to BigQuery. So, honestly, I haven't like vetted that so. But, I think it's true. But nonetheless, it seems like Google's a little less friendly with the data platform providers. What do you think? >> Yeah, I would say so. I think this is a place that Google looks and wants to own. Is that now, are they doing the right things long term? I mean again, you know, you look at Google Analytics being you know, basically outlawed in five countries in the EU because of GDPR concerns, and compliance and governance of data. And I think people are looking at Google and BigQuery in general and saying, is it the best place for me to go? Is it going to be in the right places where I need it? Still, it's still one of the largest used databases out there just because it underpins a number of the Google services. So you almost get, like you were saying, forced into BigQuery sometimes, if you want to use the tech on top. >> You do strategy. >> Yeah. >> Right? You do strategy, you do messaging. Is it the right call by Google? I mean, it's not a-- I criticize Google sometimes. But, I'm not sure it's the wrong call to say, Hey, this is our ace in the hole. >> Yeah. >> We got to get people into BigQuery. Cause, first of all, BigQuery is a solid product. I mean it's Cloud native and it's, you know, by all, it gets high marks. So, why give the competition an advantage? Let's try to force people essentially into what is we think a great product and it is a great product. The flip side of that is, they're giving up some potential partner TAM and not treating the ecosystem as well as one of their major competitors. What do you do if you're in that position? >> Yeah, I think that that's a fantastic question. And the question I pose back to the companies I've worked with and worked for is, are you really looking to have vendor lock-in as your key differentiator to your service? And I think when you start to look at these companies that are moving away from BigQuery, moving to even, Databricks on top of GCS in Google, they're looking to say, okay, I can go there if I have to evacuate from GCP and go to another Cloud, I can stay on Databricks as a platform, for instance. So I think it's, people are looking at what platform as a service, database as a service they go and use. Because from a strategic perspective, they don't want that vendor locking. >> That's where Supercloud becomes interesting, right? Because, if I can run on Snowflake or Databricks, you know, across Clouds. Even Oracle, you know, they're getting into business with Microsoft. Let's talk about some of the Cloud players. So, the big three have reported. >> Right. >> We saw AWSs Cloud growth decelerated down to 20%, which is I think the lowest growth rate since they started to disclose public numbers. And they said they exited, sorry, they said January they grew at 15%. >> Yeah. >> Year on year. Now, they had some pretty tough compares. But nonetheless, 15%, wow. Azure, kind of mid thirties, and then Google, we had kind of low thirties. But, well behind in terms of size. And Google's losing probably almost $3 billion annually. But, that's not necessarily a bad thing by advocating and investing. What's happening with the Cloud? Is AWS just running into the law, large numbers? Do you think we can actually see a re-acceleration like we have in the past with AWS Cloud? Azure, we predicted is going to be 75% of AWS IAS revenues. You know, we try to estimate IAS. >> Yeah. >> Even though they don't share that with us. That's a huge milestone. You'd think-- There's some people who have, I think, Bob Evans predicted a while ago that Microsoft would surpass AWS in terms of size. You know, what do you think? >> Yeah, I think that Azure's going to keep to-- Keep growing at a pretty good clip. I think that for Azure, they still have really great account control, even though people like to hate Microsoft. The Microsoft sellers that are out there making those companies successful day after day have really done a good job of being in those accounts and helping people. I was recently over in the UK. And the UK market between AWS and Azure is pretty amazing, how much Azure there is. And it's growing within Europe in general. In the states, it's, you know, I think it's growing well. I think it's still growing, probably not as fast as it is outside the U.S. But, you go down to someplace like Australia, it's also Azure. You hear about Azure all the time. >> Why? Is that just because of the Microsoft's software state? It's just so convenient. >> I think it has to do with, you know, and you can go with the reasoning they don't break out, you know, Office 365 and all of that out of their numbers is because they have-- They're in all of these accounts because the office suite is so pervasive in there. So, they always have reasons to go back in and, oh by the way, you're on these old SQL licenses. Let us move you up here and we'll be able to-- We'll support you on the old version, you know, with security and all of these things. And be able to move you forward. So, they have a lot of, I guess you could say, levers to stay in those accounts and be interesting. At least as part of the Cloud estate. I think Amazon, you know, is hitting, you know, the large number. Laws of large numbers. But I think that they're also going through, and I think this was seen in the layoffs that they were making, that they're looking to understand and have profitability in more of those services that they have. You know, over 350 odd services that they have. And you know, as somebody who went there and helped to start yet a new one, while I was there. And finally, it went to beta back in September, you start to look at the fact that, that number of services, people, their own sellers don't even know all of their services. It's impossible to comprehend and sell that many things. So, I think what they're going through is really looking to rationalize a lot of what they're doing from a services perspective going forward. They're looking to focus on more profitable services and bringing those in. Because right now it's built like a layer cake where you have, you know, S3 EBS and EC2 on the bottom of the layer cake. And then maybe you have, you're using IAM, the authorization and authentication in there and you have all these different services. And then they call it EMR on top. And so, EMR has to pay for that entire layer cake just to go and compete against somebody like Mongo or something like that. So, you start to unwind the costs of that. Whereas Azure, went and they build basically ground up services for the most part. And Google kind of falls somewhere in between in how they build their-- They're a sort of layer cake type effect, but not as many layers I guess you could say. >> I feel like, you know, Amazon's trying to be a platform for the ecosystem. Yes, they have their own products and they're going to sell. And that's going to drive their profitability cause they don't have to split the pie. But, they're taking a piece of-- They're spinning the meter, as Ziyas Caravalo likes to say on every time Snowflake or Databricks or Mongo or Atlas is, you know, running on their system. They take a piece of the action. Now, Microsoft does that as well. But, you look at Microsoft and security, head-to-head competitors, for example, with a CrowdStrike or an Okta in identity. Whereas, it seems like at least for now, AWS is a more friendly place for the ecosystem. At the same time, you do a lot of business in Microsoft. >> Yeah. And I think that a lot of companies have always feared that Amazon would just throw, you know, bodies at it. And I think that people have come to the realization that a two pizza team, as Amazon would call it, is eight people. I think that's, you know, two slices per person. I'm a little bit fat, so I don't know if that's enough. But, you start to look at it and go, okay, if they're going to start out with eight engineers, if I'm a startup and they're part of my ecosystem, do I really fear them or should I really embrace them and try to partner closer with them? And I think the smart people and the smart companies are partnering with them because they're realizing, Amazon, unless they can see it to, you know, a hundred million, $500 million market, they're not going to throw eight to 16 people at a problem. I think when, you know, you could say, you could look at the elastic with OpenSearch and what they did there. And the licensing terms and the battle they went through. But they knew that Elastic had a huge market. Also, you had a number of ecosystem companies building on top of now OpenSearch, that are now domain on top of Amazon as well. So, I think Amazon's being pretty strategic in how they're doing it. I think some of the-- It'll be interesting. I think this year is a payout year for the cuts that they're making to some of the services internally to kind of, you know, how do we take the fat off some of those services that-- You know, you look at Alexa. I don't know how much revenue Alexa really generates for them. But it's a means to an end for a number of different other services and partners. >> What do you make of this ChatGPT? I mean, Microsoft obviously is playing that card. You want to, you want ChatGPT in the Cloud, come to Azure. Seems like AWS has to respond. And we know Google is, you know, sharpening its knives to come up with its response. >> Yeah, I mean Google just went and talked about Bard for the first time this week and they're in private preview or I guess they call it beta, but. Right at the moment to select, select AI users, which I have no idea what that means. But that's a very interesting way that they're marketing it out there. But, I think that Amazon will have to respond. I think they'll be more measured than say, what Google's doing with Bard and just throwing it out there to, hey, we're going into beta now. I think they'll look at it and see where do we go and how do we actually integrate this in? Because they do have a lot of components of AI and ML underneath the hood that other services use. And I think that, you know, they've learned from that. And I think that they've already done a good job. Especially for media and entertainment when you start to look at some of the ways that they use it for helping do graphics and helping to do drones. I think part of their buy of iRobot was the fact that iRobot was a big user of RoboMaker, which is using different models to train those robots to go around objects and things like that, so. >> Quick touch on Kubernetes, the whole DevOps World we just covered. The Cloud Native Foundation Security, CNCF. The security conference up in Seattle last week. First time they spun that out kind of like reinforced, you know, AWS spins out, reinforced from reinvent. Amsterdam's coming up soon, the CubeCon. What should we expect? What's hot in Cubeland? >> Yeah, I think, you know, Kubes, you're going to be looking at how OpenShift keeps growing and I think to that respect you get to see the momentum with people like Red Hat. You see others coming up and realizing how OpenShift has gone to market as being, like you were saying, partnering with those Clouds and really making it simple. I think the simplicity and the manageability of Kubernetes is going to be at the forefront. I think a lot of the investment is still going into, how do I bring observability and DevOps and AIOps and MLOps all together. And I think that's going to be a big place where people are going to be looking to see what comes out of CubeCon in Amsterdam. I think it's that manageability ease of use. >> Well Rob, I look forward to working with you on behalf of the whole Cube team. We're going to do more of these and go out to some shows extract the signal from the noise. Really appreciate you coming into our studio. >> Well, thank you for having me on. Really appreciate it. >> You're really welcome. All right, keep it right there, or thanks for watching. This is Dave Vellante for the Cube. And we'll see you next time. (light music)

(upbeat music) >> Hello everyone, welcome back to theCUBE's coverage of Cloud Native SecurityCon North America 2023. Obviously, CUBE's coverage with our CUBE Center Report. We're not there on the ground, but we have folks and our CUBE Alumni there. We have entrepreneurs there. Of course, we want to be there in person, but we're remote. We've got Ben Hirschberg, CTO and Co-Founder of Armo, a cloud native security startup, well positioned in this industry. He's there in Seattle. Ben, thank you for coming on and sharing what's going on with theCUBE. >> Yeah, it's great to be here, John. >> So we had written on you guys up on SiliconANGLE. Congratulations on your momentum and traction. But let's first get into what's going on there on the ground? What are some of the key trends? What's the most important story being told there? What is the vibe? What's the most important story right now? >> So I think, I would like to start here with the I think the most important thing was that I think the event is very successful. Usually, the Cloud Native Security Day usually was part of KubeCon in the previous years and now it became its own conference of its own and really kudos to all the organizers who brought this up in, actually in a short time. And it wasn't really clear how many people will turn up, but at the end, we see a really nice turn up and really great talks and keynotes around here. I think that one of the biggest trends, which haven't started like in this conference, but already we're talking for a while is supply chain. Supply chain is security. I think it's, right now, the biggest trend in the talks, in the keynotes. And I think that we start to see companies, big companies, who are adopting themselves into this direction. There is a clear industry need. There is a clear problem and I think that the cloud native security teams are coming up with tooling around it. I think for right now we see more tools than adoption, but the adoption is always following the tooling. And I think it already proves itself. So we have just a very interesting talk this morning about the OpenSSL vulnerability, which was I think around Halloween, which came out and everyone thought that it's going to be a critical issue for the whole cloud native and internet infrastructure and at the end it turned out to be a lesser problem, but the reason why I think it was understood that to be a lesser problem real soon was that because people started to use (indistinct) store software composition information in the environment so security teams could look into, look up in their systems okay, what, where they're using OpenSSL, which version they are using. It became really soon real clear that this version is not adopted by a wide array of software out there so the tech surface is relatively small and I think it already proved itself that the direction if everyone is talking about. >> Yeah, we agree, we're very bullish on this move from the Cloud Native Foundation CNCF that do the security conference. Amazon Web Services has re:Invent. That's their big show, but they also have re:Inforce, the security show, so clearly they work together. I like the decoupling, very cohesive. But you guys have Kubescape of Kubernetes security. Talk about the conversations that are there and that you're hearing around why there's different event what's different around KubeCon and CloudNativeCon than this Cloud Native SecurityCon. It's not called KubeSucSecCon, it's called Cloud Native SecurityCon. What's the difference? Are people confused? Is it clear? What's the difference between the two shows? What are you hearing? >> So I think that, you know, there is a good question. Okay, where is Cloud Native Computing Foundation came from? Obviously everyone knows that it was somewhat coupled with the adoption of Kubernetes. It was a clear understanding in the industry that there are different efforts where the industry needs to come together without looking be very vendor-specific and try to sort out a lot of issues in order to enable adoption and bring great value and I think that the main difference here between KubeCon and the Cloud Native Security Conference is really the focus, and not just on Kubernetes, but the whole ecosystem behind that. The way we are delivering software, the way we are monitoring software, and all where Kubernetes is only just, you know, maybe the biggest clog in the system, but, you know, just one of the others and it gives great overview of what you have in the whole ecosystem. >> Yeah, I think it's a good call. I would add that what I'm hearing too is that security is so critical to the business model of every company. It's so mainstream. The hackers have a great business model. They make money, their costs are lower than the revenue. So the business of hacking in breaches, ransomware all over the place is so successful that they're playing offense, everyone's playing defense, so it's about time we can get focus to really be faster and more nimble and agile on solving some of these security challenges in open source. So I think that to me is a great focus and so I give total props to the CNC. I call it the event operating system. You got the security group over here decoupled from the main kernel, but they work together. Good call and so this brings back up to some of the things that are going on so I have to ask you, as your startup as a CTO, you guys have the Kubescape platform, how do you guys fit into the landscape and what's different from your tools for Kubernetes environments versus what's out there? >> So I think that our journey is really interesting in the solution space because I think that our mode really tries to understand where security can meet the actual adoption because as you just said, somehow we have to sort out together how security is going to be automated and integrated in its best way. So Kubescape project started as a Kubernetes security posture tool. Just, you know, when people are really early in their adoption of Kubernetes systems, they want to understand whether the installation is is secure, whether the basic configurations are look okay, and giving them instant feedback on that, both in live systems and in the CICD, this is where Kubescape came from. We started as an open source project because we are big believers of open source, of the power of open source security, and I can, you know I think maybe this is my first interview when I can say that Kubescape was accepted to be a CNCF Sandbox project so Armo was actually donating the project to the CNCF, I think, which is a huge milestone and a great way to further the adoption of Kubernetes security and from now on we want to see where the users in Armo and Kubescape project want to see where the users are going, their Kubernetes security journey and help them to automatize, help them to to implement security more fast in the way the developers are using it working. >> Okay, if you don't mind, I want to just get clarification. What's the difference between the Armo platform and Kubescape because you have Kubescape Sandbox project and Armo platform. Could you talk about the differences and interaction? >> Sure, Kubescape is an open source project and Armo platform is actually a managed platform which runs Kubescape in the cloud for you because Kubescape is part, it has several parts. One part is, which is running inside the Kubernetes cluster in the CICD processes of the user, and there is another part which we call the backend where the results are stored and can be analyzed further. So Armo platform gives you managed way to run the backend, but I can tell you that backend is also, will be available within a month or two also for everyone to install on their premises as well, because again, we are an open source company and we are, we want to enable users, so the difference is that Armo platform is a managed platform behind Kubescape. >> How does Kubescape differ from closed proprietary sourced solutions? >> So I can tell you that there are closed proprietary solutions which are very good security solutions, but I think that the main difference, if I had to pick beyond the very specific technicalities is the worldview. The way we see that our user is not the CISO. Our user is not necessarily the security team. From our perspective, the user is the DevOps and the developers who are working on the Kubernetes cluster day to day and we want to enable them to improve their security. So actually our approach is more developer-friendly, if I would need to define it very shortly. >> What does this risk calculation score you guys have in Kubscape? That's come up and we cover that in our story. Can you explain to the folks how that fits in? Is it Kubescape is the platform and what's the benefit, what's the purpose? >> So the risk calculation is actually a score we are giving to clusters in order for the users to understand where they are standing in the general population, how they are faring against a perfect hardened cluster. It is based on the number of different tests we are making. And I don't want to go into, you know, the very specifics of the mathematical functions, but in general it takes into account how many functions are failing, security tests are failing inside your cluster. How many nodes you are having, how many workloads are having, and creating this number which enables you to understand where you are standing in the global, in the world. >> What's the customer value that you guys pitching? What's the pitch for the Armo platform? When you go and talk to a customer, are they like, "We need you." Do they come to you? Is it word of mouth? You guys have a strategy? What's the pitch? What's so appealing to the customers? Why are they enthusiastic about you guys? >> So John, I can tell you, maybe it's not so easy to to say the words, but I nearly 20 years in the industry and though I've been always around cyber and the defense industry and I can tell you that I never had this journey where before where I could say that the the customers are coming to us and not we are pitching to customers. Simply because people want to, this is very easy tool, very very easy to use, very understandable and it very helps the engineers to improve security posture. And they're coming to us and they're saying, "Well, awesome, okay, how we can like use it. Do you have a graphical interface?" And we are pointing them to the Armor platform and they are falling in love and coming to us even more and we can tell you that we have a big number of active users behind the platform itself. >> You know, one of the things that comes up every time at KubeCon and Cloud NativeCon when we're there, and we'll be in Amsterdam, so folks watching, you know, we'll see onsite, developer productivity is like the number one thing everyone talks about and security is so important. It's become by default a blocker or anchor or a drag on productivity. This is big, the things that you're mentioning, easy to use, engineering supporting it, developer adoption, you know we've always said on theCUBE, developers will be the de facto standards bodies by their choices 'cause developers make all the decisions. So if I can go faster and I can have security kind of programmed in, I'm not shifting left, it's just I'm just having security kind of in there. That's the dream state. Is that what you guys are trying to do here? Because that's the nirvana, everyone wants to do that. >> Yeah, I think your definition is like perfect because really we had like this, for a very long time we had this world where we decoupled security teams from developers and even for sometimes from engineering at all and I think for multiple reasons, we are more seeing a big convergence. Security teams are becoming part of the engineering and the engineering becoming part of the security and as you're saying, okay, the day-to-day world of developers are becoming very tangled up in the good way with security, so the think about it that today, one of my developers at Armo is creating a pull request. He's already, code is already scanned by security scanners for to test for different security problems. It's already, you know, before he already gets feedback on his first time where he's sharing his code and if there is an issue, he already can solve it and this is just solving issues much faster, much cheaper, and also you asked me about, you know, the wipe in the conference and we know no one can deny the current economic wipe we have and this also relates to security teams and security teams has to be much more efficient. And one of the things that everyone is talking, okay, we need more automation, we need more, better tooling and I think we are really fitting into this. >> Yeah, and I talked to venture capitalists yesterday and today, an angel investor. Best time for startup is right now and again, open source is driving a lot of value. Ben, it's been great to have you on and sharing with us what's going on on the ground there as well as talking about some of the traction you have. Just final question, how old's the company? How much funding do you have? Where you guys located? Put a plug in for the company. You guys looking to hire? Tell us about the company. Were you guys located? How much capital do you have? >> So, okay, the company's here for three years. We've passed a round last March with Tiger and Hyperwise capitals. We are located, most of the company's located today in Israel in Tel Aviv, but we have like great team also in Ukraine and also great guys are in Europe and right now also Craig Box joined us as an open source VP and he's like right now located in New Zealand, so we are a really global team, which I think it's really helps us to strengthen ourselves. >> Yeah, and I think this is the entrepreneurial equation for the future. It's really great to see that global. We heard that in Priyanka Sharma's keynote. It's a global culture, global community. >> Right. >> And so really, really props you guys. Congratulations on Armo and thanks for coming on theCUBE and sharing insights and expertise and also what's happening on the ground. Appreciate it, Ben, thanks for coming on. >> Thank you, John. >> Okay, cheers. Okay, this is CUB coverage here of the Cloud Native SecurityCon in North America 2023. I'm John Furrier for Lisa Martin, Dave Vellante. We're back with more of wrap up of the event after this short break. (gentle upbeat music)

(energetic music plays) >> Lisa: Hey everyone, we're so glad you're here with us. theCUBE is covering Cloud Native Security Con 23. Lisa Martin here with John Furrier. This is our second day of coverage of the event. We've had some great conversations with a lot of intellectual, exciting folks, as you know cuz you've been watching. John and I are very pleased to welcome back one of our alumni to theCUBE Taylor Dolezal joins us the head of ecosystem at CNCF. Taylor, welcome back to theCUBE. Great to see you. >> Taylor: Hey everybody, great to see you again. >> Lisa: So you are on the ground in Seattle. We're jealous. We've got fomo as John would say. Talk to us about, this is a inaugural event. We were watching Priyanka keynote yesterday. Seemed like a lot of folks there, 72 sessions a lot of content, a lot of discussions. What's the buzz, what's the reception of this inaugural event from your perspective? >> Taylor: So it's been really fantastic. I think the number one thing that has come out of this conference so far is that it's a wonderful chance to come together and for people to see one another. It's, it's been a long time that we've kind of had that opportunity to be able to interact with folks or you know, it's just a couple months since last Cube Con. But this is truly a different vibe and it's nice to have that focus on security. We're seeing a lot of folks within different organizations work through different problems and then finally have a vendor neutral space in which to talk about all of those contexts and really raise everybody up with all this new knowledge and new talking points, topics, and different facets of knowledge. >> John: Taylor, we were joking on our yesterday's summary of the keynotes, Dave Vellante and I, and the guests, Lisa and I, about the CNCF having an event operating system, you know, very decoupled highly cohesive events, strung together beautifully through the Linux Foundation, you know, kind of tongue in cheek but it was kind of fun to play on words because it's a very technical community. But the business model of, of hackers is booming. The reality of businesses booming and Cloud Native is the preferred developer environment for the future application. So the emphasis, it's very clear that this is a good move to do and targeting the community around security's a solid move. Amazon's done it with reinforce and reinvent. We see that Nice segmentation. What's the goal? Because this is really where it connects to Cube Con and Cloud Native Con as well because this shift left there too. But here it's very much about hardcore Cloud Native security. What's your positioning on this? Am I getting it right or is there is that how you guys see it? >> Taylor: Yeah, so, so that's what we've see that's what we were talking about as well as we were thinking on breaking this event out. So originally this event was a co-located event during the Cube Con windows in both Europe and North America. And then it just was so consistently popular clearly a topic that people wanted to talk, which is good that people want to talk of security. And so when we saw this massive continued kind of engagement, we wanted to break this off into its own conference. When we were going through that process internally, like you had mentioned the events team is just phenomenal to work with and they, I love how easy that they make it for us to be able to do these kinds of events too though we wanted to talk through how we differentiate this event from others and really what's changed for us and kind of how we see this space is that we didn't really see any developer-centric open source kinds of conferences. Ones that were really favoring of the developer and focus on APIs and ways in which to implement these things across all of your workloads within your organization. So that's truly what we're looking to go for here during these, all of these sessions. And that's how it's been playing out so far which has been really great to see. >> John: Taylor, I want to ask you on the ecosystem obviously the built-in ecosystem at CNCF.IO with Cube Cons Cloud Cons there, this is a new ecosystem opportunity to add more people that are security focused. Is their new entrance coming into the fold and what's been the reaction? >> Taylor: So short answer is yes we've seen a huge uptick across our vendor members and those are people that are creating Cloud offerings and selling those and working with others to implement them as well as our end users. So people consuming Cloud Native projects and using them to power core parts of their business. We have gotten a lot of data from groups like IBM and security, IBM security and put 'em on institute. They gave us a cost of data breach report that Priyanka mentioned and talked about 43% of those organizations haven't started or in the early stages of updating security practices of their cloud environments and then here on the ground, you know, talking through some best practices and really sharing those out as well. So it's, I've gotten to hear pieces and parts of different conversations and and I'm certain we'll hear more about those soon but it's just really been great to, to hear everybody with that main focus of, hey, there's more that we can do within the security space and you know, let's let's help one another out on that front just because it is such a vast landscape especially in the security space. >> Lisa: It's a huge landscape. And to your point earlier, Taylor it's everyone has the feeling that it's just so great to be back together again getting folks out of the silos that they've been operating in for such a long time. But I'd love to get some of your, whatever you can share in terms of some of the Cloud Native security projects that you've heard about over the last day or so. Anything exciting that you think is really demonstrating the value already and this inaugural event? >> Taylor: Yes, so I I've been really excited to hear a lot of, personally I've really liked the talks around EBPF. There are a whole bunch of projects utilizing that as far as runtime security goes and actually getting visibility into your workloads and being able to see things that you do expect and things that you don't expect and how to remediate those. And then I keep hearing a lot of talks about open policy agents and projects like Caverno around you know, how do we actually automate different policies or within regulated industries, how do we actually start to solve those problems? So I've heard even more around CNCF projects and other contexts that have come up but truly most of them have been around the telemetry space EBPF and, and quite a few others. So really great to, to see all those projects choosing something to bind to and making it that much more accessible for folks to implement or build on top of as well. >> John: I love the reference you guys had just the ChatGPT that was mentioned in the keynote yesterday and also the reference to Dan Kaminsky who was mentioned on the reference to DNS and Bind, lot of root level security going on. It seems like this is like a Tiger team event where all the top alpha security gurus come together, Priyanka said, experts bottoms up, developer first practitioners, that's the vibe. Is that kind of how you guys want it to be more practitioners hardcore? >> Taylor: Absolutely, absolutely. I think that when it comes to security, we really want to help. It's definitely a grassroots movement. It's great to have the people that have such a deep understanding of certain security, just bits of knowledge really when it comes to EBPF. You know, we have high surveillance here that we're talking things through. Falco is here with Sysdig and so it it's great to have all of these people here, though I have seen a good spread of folks that are, you know, most people have started their security journey but they're not where they want to be. And so people that are starting at a 2 0 1, 3 0 1, 4 0 1 level of understanding definitely seeing a good spread of knowledge on that front. But it's really, it's been great to have folks from all varying experiences, but then to have the expertise of the folks that are writing these specifications and pushing the boundaries of what's possible with security to to ensure that we're all okay and updated on that front too, I think was most notable yesterday. Like you had said >> Lisa: Sorry Taylor, when we think of security, again this is an issue that, that organizations in every industry face, nobody is immune to this. We can talk about the value in it for the hackers in terms of ransomware alone for example. But you mentioned a stat that there's a good amount of organizations that are really either early in their security journeys or haven't started yet which kind of sounds a bit scary given the landscape and how much has changed in the last couple of years. But it sounds like on the good news front it isn't too late for organizations. Talk a little bit about some of the recommendations and best practices for those organizations who are behind the curve knowing that the next attack is going to happen. >> Taylor: Absolutely. So fantastic question. I think that when it comes to understanding the fact that people need to implement security and abide by best practices, it's like I I'm sure that many of us can agree on that front, you know, hopefully all of us. But when it comes to actually implementing that, that's I agree with you completely. That's where it's really difficult to find where where do I start, where do I actually look at? And there are a couple of answers on that front. So within the CNTF ecosystem we have a technical action group security, so tag security and they have a whole bunch of working groups that cover different facets of the Cloud Native experience. So if you, for example, are concerned about runtime security or application delivery concerns within there, those are some really good places to find people knowledgeable about, that even when the conference isn't going on to get a sense of what's going on. And then TAG security has also published recently version two of their security report which is free accessible online. They can actually look through that, see what some of the recent topics are and points of focus and of interest are within our community. There are also other organizations like Open SSF which is taking a deeper dive into security. You know, initially kind of having a little bit more of an academic focus on that space and then now getting further into things around software bill materials or SBOMs supply chain security and other topics as well. >> John: Well we love you guys doing this. We think it's very big deal. We think it's important. We're starting to see events post COVID take a certain formation, you know joking aside about the event operating systems smaller events are happening, but they're tied together. And so this is key. And of course the critical need is our businesses are under siege with threats, ransomware, security challenges, that's IT moves to Cloud Native, not everyone's moved over yet. So that's in progress. So there's a huge business imperative and the hackers have a business model. So this isn't like pie in the sky, this is urgent. So, that being said, how do you see this developing from who should attend the next one or who are you looking for to be involved to get input from you guys are open arms and very diverse and great great culture there, but who are you looking for? What's the makeup persona that you hope to attract and nurture and grow? >> Taylor: Absolutely. I, think that when it comes to trying the folks that we're looking for the correct answer is it varies you know, from, you know, you're asking Priyanka or our executive director or Chris Aniszczyk our CTO, I work mostly with the end users, so for me personally I really want to see folks that are operating within our ecosystem and actually pulling these down, these projects down and using them and sharing those stories. Because there are people creating these projects and contributing to them might not always have an idea of how they're used or how they can be exploited too. A lot of these groups that I work with like Mercedes or Intuit for example, they're out there in the world using these, these projects and getting a sense for, you know, what can come up. And by sharing that knowledge I think that's what's most important across the board. So really looking for those stories to be told and novel ways in which people are trying to exploit security and attacking the supply chain, or building applications, or just things we haven't thought about. So truly that that developer archetype is really helpful to have the consumers, the end users, the folks that are actually using these. And then, yeah, and I'm truly anywhere knowledgeable about security or that wants to learn more >> John: Super important, we're here to help you scale those stories up whatever you need, send them our way. We're looking forward to getting those. This is a super important movement getting the end users who are on the front lines bringing it back into the open, building, more software, making it secure and verified, all super important. We really appreciate the mission you guys are on and again we're here to help. So send those stories our way. >> Taylor: Cool, cool. We couldn't do it without you. Yeah, just everyone contributing, everyone sharing the news. This is it's people, people is the is the true operating system of our ecosystem. So really great to, really great to share. >> Lisa: That's such a great point Taylor. It is all about people. You talked about this event having a different vibe. I wanted to learn a little bit more about that as we, as we wrap up because there's so much cultural change that's required for organizations to evolve their security practices. And so people of course are at the center of culture. Talk a little bit about why that vibe is different and do you think that yeah, it's finally time. Everyone's getting on the same page here we're understanding, we're learning from each other. >> Taylor: Yes. So, so to kind of answer that, I think it's really a focus on, there's this term shift left and shift right. And talking about where do we actually put security in the mix as it comes to people adopting this and and figuring out where things go. And if you keep shifting at left, that meaning that the developers should care more deeply about this and a deeper understanding of all of these, you know, even if it's, even if they don't understand how to put it together, maybe understand a little bit about it or how these topics and, and facets of knowledge work. But you know, like with anything, if you shift everything off to one side or the other that's also not going to be efficient. You know, you want a steady stream of knowledge flowing throughout your whole organization. So I think that that's been something that has been a really interesting topic and, and hearing people kind of navigate and try to get through, especially groups that have had, you know, deployed an app and it's going to be around for 40 years as well. So I think that those are some really interesting and unique areas of focus that I've come up on the floor and then in a couple of the sessions here >> Lisa: There's got to be that, that balance there. Last question as we wrap the last 30 seconds or so what are you excited about given the success and the momentum of day one? What excites you about what's ahead for us on day two? >> Taylor: So on day two, I'm really, it's, there's just so many sessions. I think that it was very difficult for me to, you know pick which one I was actually going to go see. There are a lot of favorites that I had kind of doubled up at each of the time so I'm honestly going to be in a lot of the sessions today. So really excited about that. Supply chain security is definitely one that's close to my heart as well but I'm really curious to see what new topics, concepts or novel ideas people have to kind of exploit things. Like one for example is a package is out there it's called Browser Test but somebody came up with one called Bowser Test. Just a very simple misname and then when you go and run that it does a fake kind of like, hey you've been exploited and just even these incorrect name attacks. That's something that is really close and dear to me as well. Kind of hearing about all these wild things people wouldn't think about in terms of exploitation. So really, really excited to hear more stories on that front and better protect myself both at home and within the Cloud Community as I stand these things up. >> Lisa: Absolutely you need to clone yourself so that you can, there's so many different sessions. There needs to be multiple versions of Taylor that you can attend and then you can all get together and talk about and learn. But that's actually a really good problem to have as we mentioned when we started 72 sessions yesterday and today. Lots of great content. Taylor, we thank you for your participation. We thank you for bringing the vibe and the buzz of the event to us and we look forward as well to hearing and seeing what day two brings us today. Thank you so much for your time Taylor. >> Taylor: Thank you for having me. >> John: All right >> Lisa: Right, for our guest and John Furrier, I'm Lisa Martin. You're watching theCube's Day two coverage of Cloud Native Security Con 23. (energetic music plays)

(rousing music) >> Hello everyone. Welcome back to "theCUBE's" day one coverage of Cloud Native Security Con 23. This is going to be an exciting panel. I've got three great guests. I'm Lisa Martin, you know our esteemed analysts, John Furrier, and Dave Vellante well. And we're excited to welcome to "theCUBE" for the first time, Yves Sandfort, the CEO of Comdivision Group, who's coming to us from Germany. As you know, Cloud Native Security Con is a global event. Everyone welcome Yves, great to have you in particular. Welcome to "theCUBE." >> Great to be here. >> Thank you for inviting me. >> Yves, tell us a little bit, before we dig into really wanting to understand your perspectives on the event and get Dave and John's feedback as well, tell us a little bit about you. >> So yeah, talking about me, or talking about Comdivision real quick. We are in the business for over 27 years already. We started as a SaaS company, then became more like an architecture and, and Cloud Native company over the last few years. But what's interesting is, and I think that's, that's, that's really interesting when we look at our industry. It hasn't really, the requirements haven't really changed over the years. It's still security. We still have to figure out how we deal with security. We still have to figure out how we deal with compliance and everything else. And I think therefore, it's more and more important that we take these items more seriously. Also, based on the fact that when we look at it, how development and other things happen nowadays, it's, it's, everybody says it's like open source. It's great because everybody can look into the code. We, I think the last few years have shown us enough example that that's not necessarily solving all the issues, but it's also code and development has changed rapidly when we look at the Cloud Native approach, where it's far more about gluing the pieces together, versus the development pieces. When I was actually doing software development 25 years ago, and had to basically build my code because I didn't have that much internet access for it. So it has evolved, but even back then we had to deal with security and everything. >> Right. The focus on security is, is incredibly important, and the focus keeps growing as you mentioned. This is, guys, and I want to get your perspectives on this. We're going to start with John. This is the first time Cloud Native Security Con is its own event being extracted from, and amplified from KubeCon. John, I want to understand from your perspective, break down the event, what you see, what you've heard, and Cloud Native Security in general. What does this mean to companies? What does it mean to customers? Is this a reality? >> Well, I think that's the topic we want to discuss, and I think Yves background, you see the VMware certification, I love that. Because what VMware did with virtualization, was abstract that from server virtualization, kind of really changed the game on things, and you start to see Cloud Native kind of go that next level of how companies will be operating their business, not just digital transformation, as digital transformation goes to completion, it's total business transformation where IT is everywhere. And so you're starting to see the trends where, "Okay, that's happening." Now you're starting to see, that's Cloud Native Con, or KubeCon, AWS re:Invent, or whatever show, or whatever way you want to look at it. But in, in the past decade, past five years, security has always been front and center as almost a separate thing, and, in and of itself, but the same thing. So you're starting to see the breakout of security conversations around how to make things work. So a lot of operational conversations around what used to be DevOps makes infrastructure as code, and that was great, that fueled that. Then DevSecOps came. So the Cloud Native next level, is more application development at scale, developers driving the standards with developer first thinking, shifting left, I get all that. But down in the lower ends of the stack, you got real operational issues. DNS we've heard in the keynote, we heard about the Colonel, the Lennox Colonel. Things that need to be managed and taken care of at a security level. These are like, seem like in the weeds, but you're starting to see that happen. And the other thing that I think's real about Cloud Native Security Con that's going to be interesting to watch, is Amazon has pretty much canceled all their re:Invent like shows except for two; Re:Invent, which is their annual conference, and Re:Inforce, which is dedicated to securities. So Cloud Native, Linux, the Linux Foundation has now breaking out Cloud Native Con and KubeCon, and now Cloud Native Security Con. They can't call it KubeCon because it's not Kubernetes, but it's like security focus. I think this is the beginning of starting to see this new developer driving, developers driving the standards, and it has it implications, what used to be called IT ops, and that's like the VMwares of the world. You saw all the stuff that was not at developer focus, but more ops, becoming much more in the application. So I think, I think it's real. The question is where does it go? How fast does it develop? So to me, I think it's a real trend, and it's worthy of a breakout, but it's not yet clear of where the landing zone is for people to start doing it, how they get started, what are the best practices. Machine learning's going to be a big part of this. So to me it's totally cool, but I'm not yet seeing the beachhead. So that's kind of my take. >> Dave, our inventor and host of breaking analysis, what's your take? >> So when you, I think when you zoom out, there's some, there's a big macro change that's been going on. I think when you look back, let's say 10, 12 years ago, the, the need for speed far trumped the, the, the security aspect, the governance, the data privacy. It was like, "Yeah, the risks, they're not that great compared to our opportunity." That has completely changed because the risks are now so much higher. And so what's happening, I think there's a, there's a major effort amongst CIOs and CISOs to try to make security not a blocker because it use to be, it still is. "Okay, I got this great initiative." Eh, give it to the SecOps pros, and let them take it for a while before we can go to market. And so a huge challenge now is to simplify, automate, AI comes in, the whole supply chain security, so the, so the companies can not be facing so much friction. And that is non-trivial. I don't think we're anywhere close there, but I think the goal is by, within the next several years, we're going to be in a position, that security, we heard today, is, wasn't designed in to the initial internet protocols. It was bolted on. And so increasingly, the fundamental architecture of the internet, the Cloud, et cetera, is, is seeing designed in security, and, and that is an imperative, or else business is going to come to a grinding halt. >> Right. It's no longer, the bolt no longer works. Yves, what's your perspective on Cloud Native Security, where it stands today? What's in it for customers, whether we're talking about banks, or hospitals, or retailers, what do you think? >> I think when we, when we look at security in the, in the modern world, is we need to as, as Dave mentioned, we need to rethink how we apply it. Very often, security in the past has been always bolted on in the end. If we continue to do that, it'll become more and more difficult, because as companies evolve, and as companies want to bring products and software to market in a much faster and faster way, it's getting more and more difficult if we bolt on the security process at the end. It's like, developers build something and then someone checks security. That's not going to work any longer. Especially if we also consider now the changes in the industry. We had Stack Overflow over the last 10 years. If I would've had Stack Overflow 15, 20, what, 25 years ago when I was a developer, it would've changed a hell lot. Looking at it now, and looking at it what we had in the last few weeks, it's like where nearly all of my team members say is like finally I don't need any script kiddies anymore because I can't go to (indistinct) who writes the code for me. Which is on one end great, because it enables us to solve certain problems in a much higher pace. But the challenge with that is, if the people who just copy and past that code, don't understand the implications of that code, we have a much higher risk continuously. And what people thought was, is challenging with Stack Overflow. Imagine that something in one of these AI engines, is actually going ballistic, and it creates holes in nearly every one of these applications. And trust me, there will be enough developers who are going to use these tools to develop codes, the same as students in university are going to take this to write their essays and everything else. And so it's really important that every developer team basically has a security person within their team, and not a security at the end. So we build something, we check it, go through QA, and then it goes to security. Security needs to be at the forefront. And I think that's where we see Cloud Native Security Con, where we see AWS. I saw it during re:Invent already where they said is like, we have reinforced next year. I think this becomes more and more of a topic, and I think companies, as much as it is become a norm that you have a firewall and everything else, it needs to become a norm that when you are doing software development, and every development team needs to have a security person on that needs to be trained. >> I love that chat comment Dave, 'cause you and I were talking about this. And I think that is going to be the issue. Do we need security chat for the chat bot? And there's like a, like a recursive model there. The biases are built in. I think, and I think our interview with the Palo Alto Network's co-founder, Dave, when he talked about zero trust as a structured way to start things, but he was referencing that with Cloud, there's a chance to rethink or do a do-over in security. So, I think this is kind of to me, where this is all going. And I think you asked Pat Gelsinger what, year 2013, 2014, can, is security a do over? I think we're in that do over time. >> He said yes. >> He said yes. (laughing) He was right. But yeah, eight years later... But this is, how do you, zero trust gives you some structure, but how do you organize and redo security? Because to me, I think that's what's happening here. >> And John you heard, Zuk at Palo Alto Network said, "Yeah, the, the words security and architecture, they don't go together historically." And so it is a total, total retake. >> Well is that because there's too many tools out there and- >> Yeah. For sure. >> Yeah, well, first of all, a lot of hardware. And then yeah, a lot of tools. You even see IIOT and industry 40, you see IOT security coming up as another stove pipe, and that's not the right approach. And, and so- >> Well let me, let me ask you a question Dave, and Yves, if you don't mind. 'Cause I was just riffing on this yesterday about this. In the ML space, you're seeing the ML models, you're seeing proprietary models versus open source. Is security going to go down this proprietary security methods and open source? Because that's interesting, because the CNCF is run by the the Linux Foundation. So you can almost maybe see a model where there's more proprietary security methods than open source. Or is it, is that a non-issue? >> I would, I would, let me, if I, if I jump in here first, I think the last, especially last five or 10 years have clearly shown the, the whole and, and I invested early on in the, in the end 90s in several open source startups in the Bay area. So, I'm well behind the whole open source idea and, and mid (indistinct) and others back then several times. But the point is, I think what we have seen is open source is not in general, more secure or less secure, because code is too complex nowadays. You have millions of lines of code, and it's not that either one way or the other is going to solve it. The ways I think we are going to look at it is more is what's the role to market, because only because something is open source doesn't necessarily mean it's going to be available for everyone. And the same for proprietary source from that perspective, even though everybody mixes licensing and payments and all that all the time, but it doesn't necessarily have anything to do with it. But I think as we are going through it, and when we also look at the industry, security industry over the last 10 plus years has been primarily hardware focused. And a lot of these vendors have done a good business out of selling hardware boxes, putting software on top of it. Whereas in reality, those were still X86 standard boxes in the end. So it was not that we had specific security ethics or anything like that in there anymore. And so overall, the question of the market is going to change. And as we are looking into Cloud Native, think about someone like an AWS, do you really envision them to have a hardware box of every supplier in their data center, and that in every availability zone in every region? Same for Microsoft, same for Google, etc? So we need to have new ways on how we can apply security. And that applies both on the backend services, but also on the front end side. >> And if I, and if I could chime in, I think the, the good, I think the answer is, is, is no and yes. And what I mean by that is if you take, antivirus and known malware, I mean pretty much anybody today can, can solve that problem, it's the unknown malware. So I think the yes part of the answer is yes, it's, it's going to be proprietary, but in the sense we're going to use open source tooling, and then apply that in a proprietary way with, with specific algorithms and unique architectures that are going to solve problems. For example, XDR with, with unknown malware. So, and that's the, that's the hard part. As somebody said, I think this morning at the keynote, it's, it's all the stuff that, that the SecOps team couldn't find. That's the really hard part. >> (laughs) Well the question will be will, is the new IP, the ability to feed ChatGPT some magical spelled insertion query string that does the job, that's unique, that might be the new IP, the the question to ask. >> Well, that's what the hackers are going to do. And I, they're on offense. (John laughs) And the offense knows what play is coming. So, they're going to start. >> So guys, let's take this conversation up a level. I want to get your perspectives on what's in this for me as a customer? We know security is a board level conversation. We talk about this all the time. We also know that they're based on, I think David, was the conversations that you and I had, with Palo Alto Networks at Ignite in December. There's a, there's a lack of alignment between the executives and the board from a security perspective. When we talk about Cloud Native Security, we all talked about the value in that, what's in it for customers? I want to get your perspectives on should this be a board level conversation, and if so, how do you advise organizations, whether it is a hospital, or a bank, or an organization that is really affected by things like ransomware? How should they be thinking about this from an organizational perspective? >> Well, I'll start first, because we had this conversation during our Super Cloud event last month, and this comes up a lot. And this is, the CEO board level. Yes it is a board level conversation for security, as is application development as in terms of transforming their business to be competitive, not to be on the wrong side of history with this wave coming. So I think that's more of a management. But the issue is, they tell their people, "Go do it." And they're like, 'cause they get sold on the idea of, "Hey, won't you transform your business, and everything's going to be data driven, and machine learning's going to power your apps, get new customers, be profitable." "Oh, sign me up for that." When you have to implement this, it's really hard. And I think the core issue is, where are companies in their life cycle of the ability to execute and architect this thing properly as Dave said, Nick Zuk said, "You can't have architecture and security, you need platforms." So, I think the re-platforming, and the re-factoring of business is a big factor, and that's got to get down into the, the organizational shifts and the people to do it. So are there skills? Do I do a managed service? How do I architect it? Are there more services? Are there developers doing applications that are going to be more agile? So, this is not an easy thing. And to move a business from IT operations that is proven, to be positioned for this enablement, is just really difficult. And it's expensive. And if you screw it up, you could be, could be on the wrong side of things. So, to me, that's the big issue is, you sell the dream and then you got to implement it. And that's really difficult. >> Yves, give us your perspective on, based on John's comments, how do organizations shift so dramatically? There's a cultural element there as well, but there's also organizations that are, have competitive competitors in the rear view mirror, and there's time to waste. What are your thoughts on that? >> I think that's exactly the point. It's like, as an organization, you need to take the decision between the time, the risk, and all the other elements we have into this game. Because you can try to achieve 100% security, but that's exactly the same as trying to, to protect gold or anything else 100%. It's most likely not going to be from a risk perspective anyway sensible. And that's the same from a corporational perspective. When you look at building new internet services, or IOT services, or any kind of new shopping experience or whatever else, you need to balance out between the risks and the advantages out of it. And you also need to be accepting that you potentially on the way make mistakes, but then it's more important than ever that you are able to quickly fix any mistakes, and to adjust to anything what's happening in the market. Because as we are building all these new Cloud Native applications, and build up all these skill sets, one of the big scenarios is we are far more depending on individual building blocks. These building blocks come out of open source communities, which have a much different way. When we look back in software development, back then we had application servers from Oracle, Web Logic, whatsoever, they had a release cycles of every three to six months. As now we have to deal with open source, where sometimes release cycles are on a four week schedule, in between security patches. So you need to be much faster in adopting that, checking that, implementing that, getting things to work. So there is a security stretch from that perspective. There is a speech stretch on the other thing companies have to deal with, and on the other side it's always a measurement between the risk, and the security you can afford. Because reality is, you will not be 100% protected no matter what you do. So, you need to balance out what you as an organization can actually build on. But I think, coming back also to the point, it's on the bot level nowadays. It's like nearly every discussion we have with companies nowadays as they move into the Cloud, especially also here in Europe where for the last five years, it was always, it's like "It's data privacy." Data privacy is no longer, I mean, yes, for certain people, it's still the point, but for many more people it's like, "How protected is my data?" "What do we do in case of ransomware attack?" "What do we do in case of a denial of service?" All of these things become more vulnerable, where in the past you were discussing these things with a becking page, or, or like a stock exchange. They were, it's like, "What the hell is going to happen if we have a denial of service?" Now all of the sudden, this now affects nearly everyone in their storefronts and everything else, because everything is depending on it. >> Yeah, I think you're right on. You think about how cultural change occurs, it's bottom ups or, bottom up, top down or middle out. And what, what's happened with security is the people in the security team cared about it, they were the, everybody said, "Oh, it's their problem." And then it just did an end run to the board, kind of mid, early last decade. And then the board sort of pushed that down. And the line of business is realizing, "Holy cow. My business, my EBIT can be dramatically affected by this, so I care." Now it's this whole house, cultural team sport. I know it's sort of a, a cliche, but it, it's true. Everybody actually is beginning to care about security because the risks are now so high, and it's going to affect not only the bottom line of the company, the bottom line of the business, their job, it's, it's, it's virtually everywhere. It's a huge cultural shift that we're seeing. >> And that's a big challenge for organizations in any industry. And Yves, you talked about ransomware service. Every industry across the globe is vulnerable to this. But how can, maybe John, we'll start with you. How can Cloud Native Security help organizations if they're able to embrace it, operationally, culturally, dial down some of the vulnerabilities that just seem to keep growing? >> Well, I mean that's the big question. The breaches are, are critical. The governances also could be a way that anchors down growth. So I think the balance between the governance compliance piece of it is key, but making the developers faster and more productive is the key to me. And I think having the security paradigm where they're not blockers, as Dave said, is critical. So I love the whole shift left, but now that we have more data focused initiatives around how that, you can use data to understand the security issues, I think data and security are together, and I think there's a going to be a data operating system model emerging, where data and security will be almost one thing. And that will be set up by the security teams, and the data teams together. And that will feed guardrails into the developer environment. So the developer should feel no pain at all in doing this. So I think the best practice will end up being what we're seeing with supply chain, security, with making sure code's verified. And you're going to see the container, security side completely address has been, and KubeCon, we just, I asked Scott Johnson, the CEO of Docker, and I asked him directly, "Are you guys all tight on container security?" He said, yes, but other people are suggesting that's not true. There's a lot of issues with the container security. So, there's all kinds of areas where there's holes. So Cloud Native is cool on one hand, and very relevant, but if it's not shored up, it's going to be a problem. But I, so I think that's where the action will be, at the developer pipeline, in the containers, and the data. So, that will be very relevant, and if companies nail that, they'll be faster, they'll have better apps, and that'll be the differentiator. And again, if they don't on this next wave, they're going to be driftwood. >> Dave, how do they prevent becoming driftwood? >> Well, I think Cloud has had a huge impact. And a Cloud's by no means a panacea, but let's face it, it's dramatically improved a lot of companies security posture. Now there's still that shared responsibility. Even though an S3 bucket is encrypted, it's still your responsibility to make sure that it doesn't get decrypted by somebody who has access to it. So there are things like that, but to Yve's earlier point, that can be, that's done through software now, it's done through best practices. Those best practices can be shared. So the way you, you don't become driftwood, is you start to, you step back, rethink that security architecture as we were talking about earlier, take advantage of the Cloud, take advantage of Cloud Native, and all the, the rapid pace of innovation that's occurring there, and you don't use, it's called before, The audit is the last line of defense. That's no longer a check box item. "Oh yeah, we're in compliance." It's, this is a business imperative, and because we're going to reduce our expected loss and reduce our business risk. That's part of the business case today. >> Yeah. >> It's a huge, critically important part of the business case. Yves, question for you. If you're in an elevator with a CEO, a CFO, and a CISO, and they're talking about security and Cloud Native Security, what's your value proposition to them on a, on a say a 32nd elevator ride? >> Difficult story. I think at the moment, the most important part is, we need to get people to work together, and we need to train people to work more much better together. I think that's the overall most important part for all of these solutions, because in the end, security is always a person issue. If, we can have the best tools in the industry, as long as we don't get all of these teams to work together, then we have a problem. If the security team is always seen as the end of the solution to fix everything, that's not going to work because they always are the bad guys in the game. And so we need to bring the teams together. And once we have the teams work together, I think we have a far better track on, on maintaining security. >> John and Dave, I want to get your perspectives on what Yves just said. In all the experience that the two of you have as industry analysts here on "theCUBE," Wikibon, Siliconangle Media. How do you advise organizations to get those teams together? As Eve said, that alignment is critical, but John, we'll start with you, then Dave go to you. What's your advice for organizations that need to align those teams and really don't have a lot of time to wait to do it? >> (chuckling) That's a great question. I think, I think that's everyone pays hundreds of thousands of millions of dollars to get that advice from these consultants, organizations out there doing the transformations. But I think it comes down to personnel and commitment. I think if there's a C-level commitment to the effort, you'll see the institutional structure change. So you can see really getting behind it with their, with their wallet and their, and their support of either getting more personnel to support and assist, or manage services, or giving the power to the teams to execute and doing it in a way that, that's, that's well known and best practices. Start small, build out the pilots, build the platform, and then start getting it right. And I think that's the key. Not the magic wand, the old model of rolling out stuff in, in six month cycles. It's really, get the proof points, double down and change the culture, but also execute and have real metrics. And changing the architecture, like having more penetration tests as a service. Doing pen tests is like a joke now. So that doesn't make any sense. You got to have that built in almost every day, and every minute. So, these kinds of new techniques have to be implemented and have to be tried. So that's why these communities are growing. That's why I like what open source has been doing, and I like the open source as the place to have these conversations, because that's where the action will be for new stuff. And I think people will implement open source like they did before, but with different ways, better testing, better supply chain on the software side, verifying code. So, I see open source actually getting a tailwind from this, not a headwind. So, I'm bullish on the open source piece here on, on all levels, machine learning- >> Lisa, my answer is intramural sports. And it's 'cause I think it's cultural. And what I mean by that, is you take your your best and brightest security, and this is what frankly, a lot of CISOs do, an examples is Lena Smart, MongoDB. Take your best and brightest security pros, make them captains of the intramural teams, and pair them up with pods of individuals across the organization, which is most people who don't know anything about security, and put them together, so that they can, they, so that the folks that understand security can, can realize how little people know, what, what, what, how, what the worst practices that are out there in the reverse, how they can cross pollinate. And they do that on a regular basis, I know at Mongo and other companies. And that kind of cultural assimilation is a starting point for how you get security awareness up to your question around making it a team sport. >> Absolutely critical. Yves, I want to kind of wrap things with you. We've got a couple of minutes left. When you're really looking at the Cloud Native community, the growth of it, we talked about earlier in the program, Cloud Native Security Con being now extracted and elevated out of KubeCon, what are your thoughts on the groundswell that this community is generating around Cloud Native Security, the benefits that organizations will achieve from it? >> I think overall, when we have these securities conferences, or these security arms a bit spread out and separated out of the main conference, it helps to a certain degree, because especially in the security space, when you look at at other like black hat or white hat conferences and things like that in the past, although they were not focused on Cloud Native, a lot of these security folks didn't feel well taken care of in any of the other conferences because they were always these, it's like they are always blocking us, they're always making us problems, and all these kinds of things. Now that we really take the Cloud Native piece and the security piece together, or like AWS does it with re:Inforce, I think we will see more and more that people understand is that security is a permanent topic we need to cover, but we need to bring different people together, because security also has compliance and a lot of other components in there. So we will see at these conferences moving forward, also a different audience. It's not going to be only the Cloud Native developers. And if I see some of these security audiences, I can't really imagine them to really be at KubeCon because there is too much other things going on. And you couldn't really see much of that at re:Invent because re:Invent by itself has become a complete monster of a conference. It covers too many topics. And so having this very, very important security piece separated, also gives the opportunity, I think, that we can bring in the security people, but also have the type of board level discussions potentially, between the leaders of the industry, to also discuss on how we can evolve, how we can make things better, and how, how we can actually, yeah, evolve our industry for it. Because let's face it, that threat is not going to go away. It's, it's a business. And one of the last security conferences I was on, on the ransomware part, it was one of the topics someone said is like, "Look, currently on average, it takes a hacker group roughly around they said 15 to 20 K to break into a company, and they on average make 100K. It's a business, let's face it. And it's a business we don't like. And ethically, it's no discussion that this is not good, but that's something which is happening. People are making money with it. And as long as that's going to go on, and we have enough countries where these people can hide, it's going to stay and survive. And so, with that being said, it's important for us to really build an industry around this. But I also think it's good that we have separate conferences. In the past we had more the RSA conference, which tried to cover all of these areas. But that is not really fitting Cloud Native and everything else. So I think it's good that we have these new opportunities, the Cloud Native one, but also what AWS brings up for someone. >> Yves, you just nailed it. It just comes down to simple math. It's a fraction. Revenue over cost. And if you could increase the hacker's cost, increase the denominator, their ROI will go down. And that is the game. >> Great point, Dave. What I'm hearing guys, and we can talk about technology for days and days. I know all of you. But there's, there's a big component that, that the elevation of Cloud Native Security, on its own as standalone is critical, as is the people component. You guys all talked about that. We talked about the cultural change necessary for that. Hopefully what we're seeing with Cloud Native Security Con 23, this first event is going to give us more insight over the next couple of days, and the next months or so, as to how this elevation, and how the people can come together to really help organizations from a math perspective as, as Dave talked about, really dial down the risks there, understand more of the vulnerabilities so that ransomware as a service is not as lucrative as it is today. Guys, so much appreciate your time, really breaking down Cloud Native Security, the value in it from different perspectives, and what your thoughts are on where it's going. Thanks so much for your time. >> All right. Thanks. >> Thanks, Lisa. >> Thank you. >> Thanks, Yves. >> All right. For my guests, I'm Lisa Martin. You're watching theCUBE's day one coverage of Cloud Native Security Con 23. Thanks for watching. (rousing music)

(bright upbeat music) >> Hello, wonderful Cloud community and welcome back to our wall-to-wall coverage of AWS re:Invent here in Las Vegas, Nevada. I'm Savannah Peterson, joined by the brilliant John Furrier. John, how you doing this afternoon? >> Doing great, feeling good. We've got day three here, another day tomorrow. Wall-to-wall coverage we're already over a hundred something videos, live getting up. >> You're holding up well. >> And then Cloud show is just popping. It's back to pre-pandemic levels. The audience is here, what recession? But there is one coming but apparently doesn't seem to be an unnoticed with the Cloud community. >> I think, we'll be talking a little bit about that in our next interview in the state of the union. Not just our union, but the the general global economy and the climate there with some fabulous guests from Software One. Please welcome Neil and Bernd, welcome to the show, guys. How you doing? >> Great, thank you. >> Really good. >> Yeah, like you said, just getting over the jet lag. >> Yeah, yeah. Pretty good today, yeah, (laughing loudly) glad we did it today. >> I love that Neil, set your smiling and I can feel your energy. Tell us a little bit about Software One and what you all do. >> Yeah, so Software One we're a software and Cloud solutions provider. We're in 90 countries. We have 65,000 customers. >> Savannah: Just a few. >> Yeah, and we really focus on being close to the customers and helping customers through their software and Cloud journey. So we transact, we sell software in Cloud, 10,000 different ISVs. And then on top of that we a lot of services around the spend optimization FinOps we'll talk about as well, and lots of other areas. But yeah, we're really a large scale partner in this space. >> That's awesome. FinOps, cost optimization, pretty much all we've been talking about here on the give. It's very much a hot topic. I'm actually excited about this and Bernd I'm going to throw this one to you first. We haven't actually done a proper definition of what FinOps is at the show yet. What is FinOps? >> Well, largely speaking it's Cloud cost optimization but for us it's a lot more than for others. That's our superpower. We do it all. We do the technology side but we also do the licensing side. So, we have a differentiated offering. If you would look at the six Rs of application migration we do it all, not even an Accenture as it all. And that is our differentiation. >> You know, yesterday Adams left was on the Keynote. He's like waving his hands around. It's like, "Hey, we got if you want to tighten your belt, come to the Cloud." I'm like, wait a minute. In 2008 when the last recession, Amazon wasn't a factor. They were small. Now they're massive, they're huge. They're a big part of the economic equation. What does belt tightening mean? Like what does that mean? Like do customers just go to the marketplace? Do they go, do you guys, so a lot of moving parts now on how they're buying software and they're fine tuning their Cloud too. It's not just eliminate budget, it's fine tune the machine if you will... >> 'make a smarter Cloud. >> Explain this phenomenon, how people are tackling this cost optimization, Cloud optimization. 'Cause they're not going to stop building. >> No. >> This is right sizing and tuning and cutting. >> Yeah, we see, of course with so many customers in so many countries, we have a lot of different views on maturity and we see customers taking the FinOps journey at different paces. But fundamentally what we see is that it's more of an afterthought and coming in at a panic stage rather than building it and engaging with it from the beginning and doing it continuously. And really that's the huge opportunity and AWS is a big believer in this of continued optimization of the Cloud is a confident Cloud. A confident Cloud means you'll do more with it. If you lose confidence in that bill in what how much it's costing you, you're going to retract. And so it's really about making sure all customers know exactly what's in there, how it's optimized, restocking, reformatting applications, getting more out of the microservices and getting more value out the Cloud and that will help them tighten that belt. >> So the euphoric enthusiasm of previous years of building water just fallen the pipes leaving the lights on when you go to bed. I mean that's kind of the mentality. People were not literally I won't say they weren't not paying attention but there was some just keep going we're all good now it's like whoa, whoa. We turn that service off and no one's using it or do automation. So there's a lot more of that mindset emerging. We're hearing that for the first time price performance being mindful of what's on and off common sense basically. >> Yeah, but it's not just that the lights are on and the faucets are open it's also the air condition is running. So the FinOps foundation is estimating that about a third of Cloud spend is waste and that's where FinOps comes in. We can help customers be more efficient in the Cloud and lower their Cloud spend while doing the same or more. >> So, let's dig in a little bit there. How do you apply FinOps when migrating to the Cloud? >> Well, you start with the business case and you're not just looking at infrastructure costs like most people do you ought look at software licensing costs. For example, if you run SQL on-premise you have an enterprise agreement. But if you move it to the Cloud you may actually take a different more favorable licensing agreement and save a lot of money. And these things are hidden. They're not to be seen but they need to be part of the business case. >> When you look at the modernization trend we had an analyst on our session with David Vellante and Zs (indistinct) from ZK Consulting. He had an interesting comment. He said, "Spend more in Cloud to save more." Which is a mindset that doesn't come across right. Wait a minute, spend more, save more. You can do bet right now with the Clouds kind of the the thesis of FinOps, you don't have to cut. Just kind of cut the waste out but still spend and build if you're smart, there's a lot more of that going on. What does that mean? >> I mean, yeah I've got a good example of this is, we're the largest Microsoft provider in the world. And when of course when you move Microsoft workloads to the Cloud, you don't... Maybe you don't want a server, you can go serverless, right? So you may not win a server. Bernd said SQL, right? So, it's not just about putting applications in the Cloud and workloads in the Cloud. It's about modernizing them and then really taking advantage of what you can really do in the Cloud. And I think that's where the customers are still pretty immature. They're still on that journey of throwing stuff in there and then realizing actually they can take way more advantage of what services are in there to reduce the amount and get even more in there. >> Yeah, and so the... You want to say, something? >> How much, just building on the stereotypical image of Cloud customer is the marketing person with a credit card, right? And there are many of them and they all buy their own Cloud and companies have a hard time consolidating the spend pulling it together, even within a country. But across countries across the globe, it's really, really hard. If you pull it all together, you get a better discount. You spend more to save more. >> Yeah, and also there's a human piece. We had an intern two summers ago playing with our Cloud. We're on a Cloud with our media plus stack left a service was playing around doing some tinkering and like, where's this bill? What is this extra $20,000 came from. It just, we left a service on... >> It's a really good point actually. It's something that we see almost every day right now which is customers also not understanding what they've put in the Cloud and what the implications of spikes are. And also therefore having really robust monitoring and processes and having a partner that can look after that for them. Otherwise we've got customers where they've been really shocked about not doing things the right way because they've empowered the business but also not with the maturity that the business needs to have that responsibility. >> And that's a great point. New people coming in and or people being platooned through new jobs are getting used to the Cloud. That's a great point. I got that brings up my security question 'cause this comes up a lot. So that's what's a lot of spend of people dialing up more security. Obviously people try everything with security, every tool, every platform, and throw everything at the problem. How does that impact the FinOps equation? 'Cause Dev SecOps is now part of everything. Okay, moving security at the CICD pipeline, that's cool. Check Cloud native applications, microservices event-based services check. But now you've got more security. How does that factor into the cost side? What you guys look at that can you share your thoughts on how your customers are managing their security posture without getting kind of over the barrel, if you will? >> Since we are at AWS re:Invent, right? We can talk about the well architected framework of AWS and there's six components to it. And there's reliability, there's security cost, performance quality, operational quality and sustainability. And so when we think about migrating apps to the Cloud or modernizing them in the Cloud security is always a table stakes. >> And it has to be, yeah, go ahead. >> I really like what AWS is doing with us on that. We partner very closely on that area. And to give you a parallel example of Microsoft I don't feel very good about that at the moment. We see a lot of customers right now that get hacked and normally it's... >> 'yeah that's such a topic. >> You mean on Azure? >> Yeah, and what happens is that they normally it's a crypto mining script that the customer comes in they come in as the customer get hacked and then they... We saw an incident the other day where we had 2,100 security incidents in a minute where it all like exploded on the customer side. And so that's also really important is that the customer's understanding that security element also who they're letting in and out of their organization and also the responsibility they have if things go bad. And that's also not aware, like when they get hacked, are they responsible for that? Are they not responsible? Is the provider... >> 'shared responsibility? >> Yeah. >> 'well that security data lake the open cybersecurity schema framework. That's going to be very interesting to see how that plays out to your point. >> Absolutely, absolutely. >> Yeah, it is fascinating and it does require a lot of collaboration. What other trends, what other big challenges are you seeing? You're obviously working with customers at incredible scale. What are some of the other problems you're helping them tackle? >> I think we work with customers from SMB all the way up to enterprise and public sector. But what we see is more in the enterprise space. So we see a lot of customers willing to commit a lot to the Cloud based on all the themes that we've set but not commit financially for all the PNLs that they run in all the business units of all the different companies that they may own in different countries. So it's like, how can I commit but not be responsible on the hook for the bill that comes in. And we see this all the time right now and we are working closely with AWS on this. And we see the ability for customers to commit centrally but decentralized billing, decentralized optimization and decentralized FinOps. So that's that educational layer within the business units who owns the PNL where they get that fitness and they own what they're spending but the company is alone can commit to AWS. And I think that's a big trend that we are seeing is centralized commitment but decentralized ownership in that model. >> And that's where the marketplaces kind of fit in as well. >> Absolutely. >> Yeah, yeah. Do you want to add some more on that? >> I mean the marketplace, if you're going to cut your bill you go to the marketplace right there you want single dashboard or your marketplace what's the customer going to do when they're going to tighten their belts? What do they do? What's their workflow, marketplace? What's the process? >> Well, on marketplaces, the larger companies will have a private marketplace with dedicated pricing managed service they can call off. But that's for the software of the shelf. They still have the data centers they still have all the legacy and they need to do the which ones are we going to keep which ones are we going to retire, we repurchase, we license, rehouse, relocate, all of those things. >> That's your wheelhouse. >> It's a three, yes is our wheelhouse. It's a three to five year process for most companies. >> This could be a tailwind for you guys. This is like a good time. >> I mean FinOps is super cool and super hot right now. >> Not that you're biased? (all laughing loudly) >> But look, it's great to see it because well we are the magic quadrant leader in software asset management, which is a pedigree of ours. But we always had to convince customers to do that because they're always worried, oh what you're going to find do I have an audit? Do I have to give Oracles some more money or SAP some more money? So there's always like, you know... >> 'don't, (indistinct). >> How compliant do I really want? >> Is anyone paying attention to this? >> Well FinOps it's all upside. Like it's all upside. And so it's completely flipped. And now we speak to most customers that are building FinOps internally and then they're like, hold on a minute I'm a bank. Why do I have hundred people doing FinOps? And so that's the trend that we've seen because they just get more and more value out of it all the time. >> Well also the key mindset is that the consumption based model of Cloud you mentioned Oracle 'cause they're stuck in that whoa, whoa, whoa, how many servers license and they're stuck in that extortion. And now they got Cloud once you're on a variable, what's the downside? >> Exactly and then you can look at all the applications, see where you can go serverless see where you can go native services all that sort of stuff is all upside. >> And for the major workloads like SAP and Oracle and Microsoft defined that customers save in the millions. >> Well just on that point, those VMware, SAP, these workloads they're being rolled and encapsulated into containers and Kubernetes run times moved into the Cloud, they're being refactored. So that's a whole nother ballgame. >> Yes. Lift and shift usually doesn't save you any money. So that's relocation with containers may save you money but in some cases you have to... >> 'it's more in the Cloud now than ever before. >> Yeah >> Yeah, yeah. >> Before we take him to the challenge portion we have a little quiz for you, or not a quiz, but a little prop for you in a second. I want to talk about your role. You have a very important role at the FinOps Foundation and why don't you tell me more about that? You, why don't you go. >> All right, so yeah I mean we are a founding member of the Finops organization. You can tell I'm super passionate about it as well. >> I wanted to keep that club like a poster boy for FinOps right now. It's great, I love the energy. >> You have some VA down that is going to go up on the table and dance, (all laughing loudly) >> We're ready for it. We're waiting for that performance here on theCUBE this week. I promise I would keep everyone up an alert... >> 'and it's on the post. And our value to the foundation is first of all the feedback we get from all our customers, right? We can bring that back as an organization to that also as one of the founding members. We're one of the only ones that really deliver services and platforms. So we'll work with Cloud health, Cloud ability our own platform as well, and we'll do that. And we have over 200 practitioners completely dedicated to FinOps as well. So, it's a great foundation, they're doing an amazing job and we're super proud to be part of that. >> Yeah, I love that you're contributing to the community as well as supporting it, looking after your customers. All right, so our new tradition here on theCUBE at re:Invent 'cause we're looking for your 32nd Instagram reel hot take sizzle of thought leadership on the number one takeaway most important theme of the show this year Bernd do you want to go first? >> Of the re:Invent show or whatever? >> You can interpret that however you want. We've gotten some unique interpretations throughout the week, so we're probing. >> Everybody's looking for the superpower to do more with less in the Cloud. That will be the theme of 2023. >> Perfect, I love that. 10 seconds, your mic very efficient. You're clearly providing an efficient solution based on that answer. >> I won't that much. That's... (laughing loudly) >> It's the quiz. And what about you Neil? Give us your, (indistinct) >> I'm going to steal your comment. It's exactly what I was thinking earlier. Tech is super resilient and tech is there for customers when they want to invest and modernize and do fun stuff and they're also there for when they want to save money. So we are always like a constant and you see that here. It's like this is... It's always happening here, always happening. >> It is always happening. It really can feel the energy. I hope that the show is just as energetic and fun for you guys. As the last few minutes here on theCUBE has been thank you both for joining us. >> Thanks. >> Thank you very much. >> And thank you all so much for tuning in. I hope you enjoyed this conversation about FinOps, Cloud confidence and all things AWS re:Invent. We're here in Las Vegas, Nevada with John Furrier, my name is Savannah Peterson. You're watching theCUBE, the leader in high tech coverage. (bright upbeat music)

(corporate electronic xylophone jingle intro) >> Good afternoon and welcome back to our very last segment of Tuesday's live broadcast here on theCUBE from AWS re:Invent in fabulous Las Vegas, Nevada. My name is Savannah Peterson and I am joined here by the brilliant Paul Gillin. Paul, end of our first day. You holding up, are you still feeling overwhelmed with fire hose... >> Savannah, yet my feet are killing me. (savannah laughs) >> Yeah, we've done so much walking in these chairs. >> 14,000 steps already today. It's not even dinner time. >> Hey, well, at least you've earned your dinner, Paul. I love that. I love that. I'm very excited about our next guests. We have Krishna and Sowmya joining us from Tata Consultancy Services. Now, I was impressed when I was doing my background research on you all. The Tata Group has locations in 150 different spots, 46 different countries. You have over 600,000 employees on the team. We are talking about absolutely massive scale here but, today we're going to be focused specifically on the Tata Consultancy Services. Sowmya, can you tell me what you all do? What is that team specifically in charge of? >> Yeah, TCS, first of all, thank you very much for inviting us. >> Savannah: Our pleasure. >> Maybe the last session but, we'll make it very lively. >> Savannah: It's going to be the best session. That's the best part of the day. >> Yes, that's the attitude. From a company standpoint, we are a 50 plus year old company. Part of the Tata group. We focus on IT services. We are categorized as industry verticals and we have horizontal services where AWS is one of the horizontal services that we have. And, when I talk about TCS, we focus a lot more on growth and transformation of our customers. That is one of the key objectives of the current company's growth, I would say. So, that is TCS in a nutshell. >> Extraordinarily important topic to be focused on right now. Growth, transformation, pretty much the core topics of the show. I know you're on the hospitality and transportation side of the business, which is very exciting. And, we're going to dig into that a little bit more. Krishna, you're overseeing the world. Tell us a little bit more about your role within the whole ecosystem. >> Yeah, thank you for the opportunity. Great meeting all of you. It's been awesome experience here. re:Invent is coming back, catching up, right? 50,000 people compared to 25,000 last year. So, great to see and meet all of you. Coming to my role, I am responsible for AWS Business Unit within TCS. That means I am responsible for anything that happens on cloud, on AWS. It's a Full Stack unit. I have the global responsibility. That's whether it's a applications, data, infrastructure, transformation that happens, as well as OT at the edge. So, that's my responsibility. >> Savannah: Well, I love talking about the edge. One of my favorite. >> Transformation is a theme of what you do. We heard that the pandemic accelerated digital transformation initiatives at many companies. How did you see the pandemic affecting your business, affecting the customers you were working with? >> Pandemic definitely kind of accelerated a lot of cloud adoption, right? A lot of companies initially focused on resiliency, coming back to handling the pandemic, the situation. But, it also drove a lot of innovation in the business models. They had to think on their feet, re-look at their business models, change the channels and that continued. Pandemic is thankfully gone by but, the transformation actually continued. The way that we actually see on cloud, especially transformation, it has evolved. What we call as Cloud 2.0. Now, cloud is actually more focused on future-proofing the businesses. And, the initial days it was more about future-proofing the technology and technology architecture. But, it has evolved to future-proofing businesses. That means implementing new business models, bringing in agility, measuring the business value. And, that's where we see a significant traction. >> So, it's not about technology then. It's not about infrastructure. >> It is about technology but, really delivering business value. It's about, how can I improve the customer experience? >> Well, can you give us a couple of examples of companies you work with that embody this idea? >> I can imagine in the travel and hospitality zone. Probably few communities more sensitive than when someone's having a disruption or frustration within that process. And, perhaps few time periods less chaotic than the last few years. Tell us about your experience and what you've seen. >> Absolutely. To answer your question, first of all, coming out of pandemic, right? Many customers in the travel and hospitality industry where legacy, did not modernize for the last decade or so because, there have been many ups and downs in the industry. So, during pandemic, post-pandemic, one of the the way they wanted to rebound was, can we do the transformation? First of all, cloud as a technology adoption, but, beyond that, how do customers derive value, business value? That is one of the key aspects of the old transformation. And, if you take, I can give a couple of examples. Avis Car Rental, they had monolith mainframe applications and, that was there for almost couple of decades, right? But, over a period of time, they were not able to have the availability of those applications. There were many outages. As a result, businesses could not do the bookings. Like OTAs, customers could not do the bookings, the application was not available most of the time. And, it's all legacy, right? So, that is where we all came in, TCS. How do we first of all, simplify the complexity of the landscape? That is one. Then, second is, modernize the legacy application. That's the second thing. Third is, how do you scale it? Because, everyone wants to go faster, right? How do you scale it? That is where we partnered with AWS as well, to bring in some specific solutions. One example for Avis', their Rent Shop. Because, of the lack of availability, because, it's monolith application and legacy application. It was not available. So, as a result, we partnered and we brought in our contextual knowledge of the car rental industry to kind of transform, move it to cloud. And, today, as a result of it, Avis was able to save millions of dollars from a MIB standpoint. Second, in terms of availability, that was 99.9% availability. As a result, they had a pick in their business revenue as well. So, this is one of the ways that its helped. The second example I want to quote is, United Airlines. Here again, we've been present for a long time. We have a deep industry knowledge of the airline industry. So, we brought in our airline contextual knowledge and the United landscape to bring in a TCS's solution that we developed. It's called the Aviana. It's an intelligent operations solution for the airline industry, which we have developed. It's on AWS as well, that is being implemented in United. As a result, the ground staff, they have to take decisions on the moment when there is a irregular operation. That could be flight delays, as a result, customers connections will be lost. >> Savannah: Baggage. >> Baggage, right? Baggage delays. >> So many variables. The complexity... >> exactly >> in this matrix is wild. >> So, leveraging the Aviana solution, the ground staff were able to take decisions based on exceptions. They were able to take decisions quickly so that, they improved the customer experience. I think that was one of the key successes for United in the recent times. So, those two are the examples that I would call where customers have the right business value. So, cloud was not just for technology. They all are deriving a lot of business value as well. I would say. >> How important do you think it is for companies facing these unique challenges and scaling to work with partners like TCS? And, I'm sure you would say very important, but, tell me a little bit more why it's so important and those core benefits that they're going to get. Krishna, let's start off with you. Yeah, let me take again the AWS cloud transformation, right? TCS has formed AWS Business Unit two years back. So, we are a covid baby in a way. We have been working with the AWS for more than a decade but, we formed a dedicated Full-Stack Unit to drive cloud transformation on AWS. In these last two years, we've grown three X and customers we have added 400 new customers we have added. >> Nicely done. Just want to see you there. That's huge. Especially during these times. Congratulations. >> So, it's basically about the scale that we bring in. What we have done as a differentiation is, if you look at the entire cloud journey, right from taking a decision which cloud is, right, all the way to the cloud migration modernization and running operations. So, we have built complete platform. AML based platforms, where we have taken our delivery wisdom and codified it onto these platforms. So, we support around thousand plus customers on AWS in varying capacity. All of that knowledge is codified and, that is what we bring to the table, to the customers. And, so, customers obviously appreciate that value that best practices that are coming. And, coupled with that, the industry knowledge that we have on banking, life sciences, healthcare, automotive. So, it's partly the IT, it is the industry transformation as well. Because, we are working on connected cars, for example, in automotive. We are working on accelerated drug development platforms. We're working on complete banks as a platform that we have. TCS has built on AWS. So, 400 customers are there. It's the complete banking and insurance platform. So, this is the combination of the technical expertize that is digitized using platforms, as well as the industry knowledge, is the reason why customers work with us on the cloud transformation. >> So, we're seeing you talk about the vertical industry knowledge. AWS also has its own vertical industry plays. How do you, I guess, coordinate with them or, do you compete with them or, do you stay out of each other's way? >> No, we actually collaborate aggressively. >> Savannah: I like that (laughs) >> Right, so, it's not.. >> Savannah: With vigor. >> With vigor. TCS supports approximately 14 verticals. With AWS, we went with the focused industry play. We said we look at financial services, travel, transportation, hospitality, healthcare, life sciences and automotive, to start with. And, we have Go Big plans with AWS. very focused. The collaboration is actually at the industry solutions because, AWS is a great platform, ever evolving, keeps you on on your toes to really adapt it. But, that is always going on, the collaboration. But, the industry, I'm actually glad AWS last year took a pivot on focusing on industries. Now, we talk the same language when we go in front of a board or a CEO or COO. Present it. We are talking about the future of the industry not just the future of the technology. So, it's a win-win. >> You are also developing products on top of AWS that are not industry verticals, that build on the platform. What kinds of products are those? >> For cloud transformation, for example, consulting. We have a product called Cloud Counsell. We have a decision engine on the data side. We have something called Cloud Foundation, Mason. CloudMason. It's just the foundation, right? And, entire migration and modernization factory. And, the last one on cloud operations is actually Cloud Exponence. So, these are time tested. You have Fortune 500 customers using this regularly actively leveraging that. And, these are all AWS in a well architecture framework certified. So, they work well and they're designed to work on cloud, not only in the native environment, but, also legacy environment. Because, enterprises is not just only native, cloud-native. There is a lot of legacy. Sowmya spoke about the mainframe model... >> So much legacy, we were talking about it. >> So, you have to have a combination of solutions. So, the platforms that we're building, the products we're building, work in both the environments. >> Yeah, and that agility and ability to help customers navigate that prioritization. I mean, there's so many options. We talk about how many new companies there are every year. New solutions. Our adoption of technology is accelerating. As, McKinsey said, we went through 10 years of technological evolution and workplace evolution over the first six months of the pandemic. So, really everything's moving at unprecedented velocity unlike ever before. We have a new game here on theCUBE specifically for this show. And, we are challenging our guests, prompting our guests, to give us a 30 second sizzly sound bite with your hot take on the most important themes of this year's show. Think of it as a thought leadership moment. Opportunity to plug if you really want it. Krishna, you've just given me the nod. I'm going to start with you first and then we'll then we'll pass it along, yeah >> Sure. I think on thought leadership, the way that on cloud, business value is the focus, not the technology. Technology is important, but business value is the focus. And, the way that I see it evolving is with quantum computing coming out more and more, becoming relevant, and Edge is actually becoming quite active as well. All this while on cloud, we focused on business value at the centralized place at the corporate. But, I think the real value of cloud is when you deliver the results, business results, where the customers consume it, that is at the edge. I think that's basically the combination of centralized and the edge is where the real value of cloud is, right. And, I also loud, I know you said 30 seconds but, give me 30 more seconds. >> I like your answer right now. So, I'm going to give you a little more time. Yeah, thank you. >> You've earned more time. (laughs) >> So, I like the way Adam said in the keynote, if you look at it broadly, I categorizes two things. There are a lot of offerings that are becoming comprehensive, like AWS Connect, bringing in workforce management into it, making it a complete end to end product. Similarly, Security Lake, all bringing in the entire security and compliance under one, similarly data. So, there are lot of things that he announced where it is an end to end comprehensiveness of the thing. But, what I love about is, what Amazon is known for, supply chain. So, they rolled out AWS Supply Chain offering. Walk Out technology. So, the Amazon proposition is actually being brought to AWS as a core proposition. I think that's very futuristic and I think we can see more and more customers, enterprise customers, adopting AWS more to drive transformation >> Badly needed right now. Supply chain resiliency. >> Supply chain really having its moment the last two years. File under two words. No one knew, many of us did who worked in it before this. And, here we are, soon as we lost our toilet paper, everyone's freaked out. I love that you talked about business value and also that the end customer is on the edge and, everyone kind of forgets we are essentially the edge device. This is the edge device, it's all around us. And, all the technology that we're all using that you're even talking about is built right inside here from my airlines app to my car rentals to all of it. All right Sowmya, give us your 30 second hot take, roughly. >> Taking the cue from Krishna, right? Today, things are available on AWS Marketplace. So, tomorrow, somebody wants to start an airline, they just have to come and plug and play the apps that are available in the marketplace. Especially your supply chain. The Amazon is known for that. And, a small and medium business they want to start something, right, a .com. It's very easy. So, that's something that we are all looking for. The future is going to be very, very bright and great for the businesses, is what I would say because, most of it could be plug and play with all the solutions. >> Paul: It's already been built. >> On the cloud, so, we are looking forward to it. The second thing I would talk about is, we have to take it to scale. How more and more people can leverage AWS, right? The talent is very important and, that is where partners like us focus on re-scaling our talent. We have 600,000 people, right? We are not just... >> 600,000 people! That's basically as many people live in the San Francisco Bay area for contexts for our listeners. It's how many people work for Walmart? >> It's 1.2 million in Walmart? >> Is it really? >> It is, yes, yes. That's work for Walmart, sidebar. >> So from that standpoint, as the company, we are focusing on re-skilling, up-skilling our talent in order to work AWS cloud and so on, so, that they can go and support our customers. That is something that is very important and that's going to be the future as well. Bring it to scale, go faster. >> I love that you just touched on the fact that you essentially have to practice what you preach because, you've got to think about those 600,000 people in a 100 locations across 40 plus different countries. I love it. Sowmya, I'm going to close on that note. The future is bright, just like your fabulous blazer. >> Thank you so much. Krishna, Sowmya, thank you so much for being here with us. We can't wait to see what happens next, who you help next, and how Tata continues to transform. Thank all of you for tuning in today. A full jam packed day of coverage live here from Las Vegas, Nevada. We are at AWS re:Invent with Paul Gillin. I'm Savannah Peterson. We're theCUBE, the leader in High-Tech Coverage. (corporate electronic xylophone jingle outro)

(upbeat music) >> Hello, everyone and welcome back to fabulous Las Vegas, Nevada, where we are here on the show floor at AWS re:Invent. We are theCUBE. I am Savannah Peterson, joined with John Furrier. John, afternoon, day two, we are in full swing. >> Yes. >> What's got you most excited? >> Just got lunch, got the food kicking in. No, we don't get coffee. (Savannah laughing) >> Way to bring the hype there, John. >> No, there's so many people here just in Amazon. We're back to 2019 levels of crowd. The interest levels are high. Next gen, cloud security, big part of the keynote. This next segment, I am super excited about. CUBE Alumni, going back to 2013, 10 years ago he was on theCUBE. Now, 10 years later we're at re:Invent, looking forward to this guest and it's about security, great topic. >> I don't want to delay us anymore, please welcome Mark. Mark, thank you so much for being here with us. Massive day for you and the team. I know you oversee three different units at Amazon, Inspector, Detective, and the most recently announced, Security Lake. Tell us about Amazon Security Lake. >> Well, thanks Savannah. Thanks John for having me. Well, Security Lake has been in the works for a little bit of time and it got announced today at the keynote as you heard from Adam. We're super excited because there's a couple components that are really unique and valuable to our customers within Security Lake. First and foremost, the foundation of Security Lake is an open source project we call OCFS, Open Cybersecurity Framework Schema. And what that allows is us to work with the vendor community at large in the security space and develop a language where we can all communicate around security data. And that's the language that we put into Security Data Lake. We have 60 vendors participating in developing that language and partnering within Security Lake. But it's a communal lake where customers can bring all of their security data in one place, whether it's generated in AWS, they're on-prem, or SaaS offerings or other clouds, all in one location in a language that allows analytics to take advantage of that analytics and give better outcomes for our customers. >> So Adams Selipsky big keynote, he spent all the bulk of his time on data and security. Obviously they go well together, we've talked about this in the past on theCUBE. Data is part of security, but this security's a little bit different in the sense that the global footprint of AWS makes it uniquely positioned to manage some security threats, EKS protection, a very interesting announcement, runtime layer, but looking inside and outside the containers, probably gives extra telemetry on some of those supply chains vulnerabilities. This is actually a very nuanced point. You got Guard Duty kind of taking its role. What does it mean for customers 'cause there's a lot of things in this announcement that he didn't have time to go into detail. Unpack all the specifics around what the security announcement means for customers. >> Yeah, so we announced four items in Adam's keynote today within my team. So I'll start with Guard Duty for EKS runtime. It's complimenting our existing capabilities for EKS support. So today Inspector does vulnerability assessment on EKS or container images in general. Guard Duty does detections of EKS workloads based on log data. Detective does investigation and analysis based on that log data as well. With the announcement today, we go inside the container workloads. We have more telemetry, more fine grain telemetry and ultimately we can provide better detections for our customers to analyze risks within their container workload. So we're super excited about that one. Additionally, we announced Inspector for Lambda. So Inspector, we released last year at re:Invent and we focused mostly on EKS container workloads and EC2 workloads. Single click automatically assess your environment, start generating assessments around vulnerabilities. We've added Lambda to that capability for our customers. The third announcement we made was Macy sampling. So Macy has been around for a while in delivering a lot of value for customers providing information around their sensitive data within S3 buckets. What we found is many customers want to go and characterize all of the data in their buckets, but some just want to know is there any sensitive data in my bucket? And the sampling feature allows the customer to find out their sensitive data in the bucket, but we don't have to go through and do all of the analysis to tell you exactly what's in there. >> Unstructured and structured data. Any data? >> Correct, yeah. >> And the fourth? >> The fourth, Security Data Lake? (John and Savannah laughing) Yes. >> Okay, ocean theme. data lake. >> Very complimentary to all of our services, but the unique value in the data lake is that we put the information in the customer's control. It's in their S3 bucket, they get to decide who gets access to it. We've heard from customers over the years that really have two options around gathering large scale data for security analysis. One is we roll our own and we're security engineers, we're not data engineers. It's really hard for them to build these distributed systems at scale. The second one is we can pick a vendor or a partner, but we're locked in and it's in their schemer and their format and we're there for a long period of time. With Security Data Lake, they get the best of both worlds. We run the infrastructure at scale for them, put the data in their control and they get to decide what use case, what partner, what tool gives them the most value on top of their data. >> Is that always a good thing to give the customers too much control? 'Cause you know the old expression, you give 'em a knife they play with and they they can cut themselves, I mean. But no, seriously, 'cause what's the provisions around that? Because control was big part of the governance, how do you manage the security? How does the customer worry about, if I have too much control, someone makes a mistake? >> Well, what we finding out today is that many customers have realized that some of their data has been replicated seven times, 10 times, not necessarily maliciously, but because they have multiple vendors that utilize that data to give them different use cases and outcomes. It becomes costly and unwieldy to figure out where all that data is. So by centralizing it, the control is really around who has access to the data. Now, ultimately customers want to make those decisions and we've made it simple to aggregate this data in a single place. They can develop a home region if they want, where all the data flows into one region, they can distribute it globally. >> They're in charge. >> They're in charge. But the controls are mostly in the hands of the data governance person in the company, not the security analyst. >> So I'm really curious, you mentioned there's 60 AWS partner companies that have collaborated on the Security lake. Can you tell us a little bit about the process? How long does it take? Are people self-selecting to contribute to these projects? Are you cherry picking? What does that look like? >> It's a great question. There's three levels of collaboration. One is around the open source project that we announced at Black Hat early in this year called OCSF. And that collaboration is we've asked the vendor community to work with us to build a schema that is universally acceptable to security practitioners, not vendor specific and we've asked. >> Savannah: I'm sorry to interrupt you, but is this a first of its kind? >> There's multiple schemes out there developed by multiple parties. They've been around for multiple years, but they've been built by a single vendor. >> Yeah, that's what I'm drill in on a little bit. It sounds like the first we had this level of collaboration. >> There's been collaborations around them, but in a handful of companies. We've really gone to a broad set of collaborators to really get it right. And they're focused around areas of expertise that they have knowledge in. So the EDR vendors, they're focused around the scheme around EDR. The firewall vendors are focused around that area. Certainly the cloud vendors are in their scope. So that's level one of collaboration and that gets us the level playing field and the language in which we'll communicate. >> Savannah: Which is so important. >> Super foundational. Then the second area is around producers and subscribers. So many companies generate valuable security data from the tools that they run. And we call those producers the publishers and they publish the data into Security Lake within that OCSF format. Some of them are in the form of findings, many of them in the form of raw telemetry. Then the second one is in the subscriber side and those are usually analytic vendors, SIM vendors, XDR vendors that take advantage of the logs in one place and generate analytic driven outcomes on top of that, use cases, if you will, that highlight security risks or issues for customers. >> Savannah: Yeah, cool. >> What's the big customer focus when you start looking at Security Lakes? How do you see that planning out? You said there's a collaboration, love the open source vibe on that piece, what data goes in there? What's sharing? 'Cause a big part of the keynote I heard today was, I heard clean rooms, I've cut my antenna up. I'd love to hear that. That means there's an implied sharing aspect. The security industry's been sharing data for a while. What kind of data's in that lake? Give us an example, take us through. >> Well, this a number of sources within AWS, as customers run their workloads in AWS. We've identified somewhere around 25 sources that will be natively single click into Amazon Security Lake. We were announcing nine of them. They're traditional network logs, BBC flow, cloud trail logs, firewall logs, findings that are generated across AWS, EKS audit logs, RDS data logs. So anything that customers run workloads on will be available in data lake. But that's not limited to AWS. Customers run their environments hybridly, they have SaaS applications, they use other clouds in some instances. So it's open to bring all that data in. Customers can vector it all into this one single location if they decide, we make it pretty simple for them to do that. Again, in the same format where outcomes can be generated quickly and easily. >> Can you use the data lake off on premise or it has to be in an S3 in Amazon Cloud? >> Today it's in S3 in Amazon. If we hear customers looking to do something different, as you guys know, we tend to focus on our customers and what they want us to do, but they've been pretty happy about what we've decided to do in this first iteration. >> So we got a story about Silicon Angle. Obviously the ingestion is a big part of it. The reporters are jumping in, but the 53rd party sources is a pretty big number. Is that coming from the OCSF or is that just in general? Who's involved? >> Yeah, OCSF is the big part of that and we have a list of probably 50 more that want to join in part of this. >> The other big names are there, Cisco, CrowdStrike, Peloton Networks, all the big dogs are in there. >> All big partners of AWS, anyway, so it was an easy conversation and in most cases when we started having the conversation, they were like, "Wow, this has really been needed for a long time." And given our breadth of partners and where we sit from our customers perspective in the center of their cloud journey that they've looked at us and said, "You guys, we applaud you for driving this." >> So Mark, take us through the conversations you're having with the customers at re:Inforce. We saw a lot of meetings happening. It was great to be back face to face. You guys have been doing a lot of customer conversation, security Data Lake came out of that. What was the driving force behind it? What were some of the key concerns? What were the challenges and what's now the opportunity that's different? >> We heard from our customers in general. One, it's too hard for us to get all the data we need in a single place, whether through AWS, the industry in general, it's just too hard. We don't have those resources to data wrangle that data. We don't know how to pick schema. There's multiple ones out there. Tell us how we would do that. So these three challenges came out front and center for every customer. And mostly what they said is our resources are limited and we want to focus those resources on security outcomes and we have security engines. We don't want to focus them on data wrangling and large scale distributed systems. Can you help us solve that problem? And it came out loud and clear from almost every customer conversation we had. And that's where we took the challenge. We said, "Okay, let's build this data layer." And then on top of that we have services like Detective and Guard Duty, we'll take advantage of it as well. But we also have a myriad of ISV third parties that will also sit on top of that data and render out. >> What's interesting, I want to get your reaction. I know we don't have much time left, but I want to get your thoughts. When I see Security Data Lake, which is awesome by the way, love the focus, love how you guys put that together. It makes me realize the big thing in re:Invent this year is this idea of specialized solutions. You got instances for this and that, use cases that require certain kind of performance. You got the data pillars that Adam laid out. Are we going to start seeing more specialized data lakes? I mean, we have a video data lake. Is there going to be a FinTech data lake? Is there going to be, I mean, you got the Great Lakes kind of going on here, what is going on with these lakes? I mean, is that a trend that Amazon sees or customers are aligning to? >> Yeah, we have a couple lakes already. We have a healthcare lake and a financial lake and now we have a security lake. Foundationally we have Lake Formation, which is the tool that anyone can build a lake. And most of our lakes run on top of Lake Foundation, but specialize. And the specialization is in the data aggregation, normalization, enridgement, that is unique for those use cases. And I think you'll see more and more. >> John: So that's a feature, not a bug. >> It's a feature, it's a big feature. The customers have ask for it. >> So they want roll their own specialized, purpose-built data thing, lake? They can do it. >> And customer don't want to combine healthcare information with security information. They have different use cases and segmentation of the information that they care about. So I think you'll see more. Now, I also think that you'll see where there are adjacencies that those lakes will expand into other use cases in some cases too. >> And that's where the right tools comes in, as he was talking about this ETL zero, ETL feature. >> It be like an 80, 20 rule. So if 80% of the data is shared for different use cases, you can see how those lakes would expand to fulfill multiple use cases. >> All right, you think he's ready for the challenge? Look, we were on the same page. >> Okay, we have a new challenge, go ahead. >> So think of it as an Instagram Reel, sort of your hot take, your thought leadership moment, the clip we're going to come back to and reference your brilliance 10 years down the road. I mean, you've been a CUBE veteran, now CUBE alumni for almost 10 years, in just a few weeks it'll be that. What do you think is, and I suspect, I think I might know your answer to this, so feel free to be robust in this. But what do you think is the biggest story, key takeaway from the show this year? >> We're democratizing security data within Security Data Lake for sure. >> Well said, you are our shortest answer so far on theCUBE and I absolutely love and respect that. Mark, it has been a pleasure chatting with you and congratulations, again, on the huge announcement. This is such an exciting day for you all. >> Thank you Savannah, thank you John, pleasure to be here. >> John: Thank you, great to have you. >> We look forward to 10 more years of having you. >> Well, maybe we don't have to wait 10 years. (laughs) >> Well, more years, in another time. >> I have a feeling it'll be a lot of security content this year. >> Yeah, pretty hot theme >> Very hot theme. >> Pretty odd theme for us. >> Of course, re:Inforce will be there this year again, coming up 2023. >> All the res. >> Yep, all the res. >> Love that. >> We look forward to see you there. >> All right, thanks, Mark. >> Speaking of res, you're the reason we are here. Thank you all for tuning in to today's live coverage from AWS re:Invent. We are in Las Vegas, Nevada with John Furrier. My name is Savannah Peterson. We are theCUBE and we are the leading source for high tech coverage. (upbeat music)

>>Good afternoon, brilliant humans, and welcome back to the Cube. We're live in Detroit, Michigan at Cub Con, and I'm joined by John Furrier. John three exciting days buzzing. How you doing? >>That's great. I mean, we're coming down to the third day. We're keeping the energy going, but this segment's gonna be awesome. The CD foundation's doing amazing work. Developers are gonna be running businesses and workflows are changing. Productivity's the top conversation, and you're gonna start to see a coalescing of the communities who are continuous delivery, and it's gonna be awesome. >>And, and our next guess is an outstanding person to talk about this. We are joined by Stephen Chin, the chair of the CD Foundation. Steven, thanks so much for being here. >>No, no, my pleasure. I mean, this has been an amazing week quote that CubeCon with all of the announcements, all of the people who came out here to Detroit and, you know, fantastic. Like just walking around, you bump into all the right people here. Plus we held a CD summit zero day events, and had a lot of really exciting announcements this week. >>Gotta love the shirt. I gotta say, it's one of my favorites. Love the logos. Love the love the branding. That project got traction. What's the news in the CD foundation? I tried to sneak in the back. I got a little laid into your co-located event. It was packed. Everyone's engaged. It was really looked, look really cool. Give us the update. >>What's the news? Yeah, I know. So we, we had a really, really powerful event. All the key practitioners, the open source leads and folks were there. And one of, one of the things which I think we've done a really good job in the past six months with the CD foundation is getting back to the roots and focusing on technical innovation, right? This is what drives foundations, having strong projects, having people who are building innovation, and also bringing in a new innovation. So one of the projects which we added to the CD foundation this week is called Persia. So it's a, it's a decentralized package repository for getting open source libraries. And it solves a lot of the problems which you get when you have centralized infrastructure. You don't have the right security certificates, you don't have the right verification libraries. And these, these are all things which large companies provision and build out inside of their infrastructure. But the open source communities don't have the benefit of the same sort of really, really strong architecture. A lot of, a lot of the systems we depend upon. It's >>A good point, yeah. >>Yeah. I mean, if you think about the systems that developers depend upon, we depend upon, you know, npm, ruby Gems, Mayn Central, and these systems been around for a while. Like they serve the community well, right? They're, they're well supported by the companies and it's, it's, it's really a great contribution that they give us. But every time there's an outage or there's a security issue, guess, guess how many security issues that our, our research team found at npm? Just ballpark. >>74. >>So there're >>It's gotta be thousands. I mean, it's gotta be a lot of tons >>Of Yeah, >>They, they're currently up to 60,000 >>Whoa. >>Vulnerable, malicious packages in NPM and >>Oh my gosh. So that's a super, that's a jar number even. I know it was gonna be huge, but Holy mo. >>Yeah. So that's a software supply chain in actually right there. So that's, that's open source. Everything's out there. What's, how do, how does, how do you guys fix that? >>Yeah, so per peria kind of shifts the whole model. So when, when you think about a system that can be sustained, it has to be something which, which is not just one company. It has to be a, a, a set of companies, be vendor neutral and be decentralized. So that's why we donated it to the Continuous Delivery Foundation. So that can be that governance body, which, which makes sure it's not a single company, it is to use modern technologies. So you, you, you just need something which is immutable, so it can't be changed. So you can rely on it. It has to have a strong transaction ledger so you can see all of the history of it. You can build up your software, build materials off of it, and it, it has to have a strong peer-to-peer architecture, so it can be sustained long term. >>Steven, you mentioned something I want to just get back to. You mentioned outages and disruption. I, you didn't, you didn't say just the outages, but this whole disruption angle is interesting if something happens. Talk about the impact of the developer. They stalled, inefficiencies create basically disruption. >>No, I mean, if, if, so, so if you think about most DevOps teams in big companies, they support hundreds or thousands of teams and an hour of outage. All those developers, they, they can't program, they can't work. And that's, that's a huge loss of productivity for the company. Now, if you, if you take that up a level when MPM goes down for an hour, how many millions of man hours are wasted by not being able to get your builds working by not being able to get your codes to compile. Like it's, it's >>Like, yeah, I mean, it's almost hard to fathom. I mean, everyone's, It's stopped. Exactly. It's literally like having the plug pulled >>Exactly on whenever you're working on, That's, that's the fundamental problem we're trying to solve. Is it, it needs to be on a, like a well supported, well architected peer to peer network with some strong backing from big companies. So the company is working on Persia, include J Frog, which who I work for, Docker, Oracle. We have Deploy hub, Huawei, a whole bunch of other folks who are also helping out. And when you look at all of those folks, they all have different interests, but it's designed in a way where no single party has control over the network. So really it's, it's a system system. You, you're not relying upon one company or one logo. You're relying upon a well-architected open source implementation that everyone can rely >>On. That's shared software, but it's kind of a fault tolerant feature too. It's like, okay, if something happens here, you have a distributed piece of it, decentralized, you're not gonna go down. You can remediate. All right, so where's this go next? I mean, cuz we've been talking about the role of developer. This needs to be a modern, I won't say modern upgrade, but like a modern workflow or value chain. What's your vision? How do you see that? Cuz you're the center of the CD foundation coming together. People are gonna be coalescing multiple groups. Yeah. >>What's the, No, I think this is a good point. So there, there's a, a lot of different continuous delivery, continuous integration technologies. We're actually, from a Linux Foundation standpoint, we're coalescing all the continued delivery events into one big conference >>Next. You just made an announcement about this earlier this week. Tell us about CD events. What's going on, what's in, what's in the cooker? >>Yeah, and I think one of the big announcements we had was the 0.1 release of CD events. And CD events allows you to take all these systems and connect them in an event scalable, event oriented architecture. The first integration is between Tecton and Capin. So now you can get CD events flowing cleanly between your, your continuous delivery and your observability. And this extends through your entire DevOps pipeline. We all, we all need a standards based framework Yep. For how we get all the disparate continuous integration, continuous delivery, observability systems to, to work together. That's also high performance. It scales with our needs and it, it kind of gives you a future architecture to build on top of. So a lot of the companies I was talking with at the CD summit Yeah. They were very excited about not only using this with the projects we announced, but using this internally as an architecture to build their own DevOps pipelines on. >>I bet that feels good to hear. >>Yeah, absolutely. Yeah. >>Yeah. You mentioned Teton, they just graduated. I saw how many projects have graduated? >>So we have two graduated projects right now. We have Jenkins, which is the first graduated project. Now Tecton is also graduated. And I think this shows that for Tecton it was, it was time, the very mature project, great support, getting a lot of users and having them join the set of graduated projects. And the continuous delivery foundation is a really strong portfolio. And we have a bunch of other projects which also are on their way towards graduation. >>Feels like a moment of social proof I bet. >>For you all. Yeah, yeah. Yeah. No, it's really good. Yeah. >>How long has the CD Foundation been around? >>The CD foundation has been around for, i, I won't wanna say the exact number of years, a few years now. >>Okay. >>But I, I think that it, it was formed because what we wanted is we wanted a foundation which was purpose built. So CNCF is a great foundation. It has a very large umbrella of projects and it takes kind of that big umbrella approach where a lot of different efforts are joining it, a lot of things are happening and you can get good traction, but it produces its own bottlenecks in process. Having a foundation which is just about continuous delivery caters to more of a DevOps, professional DevOps audience. I think this, this gives a good platform for best practices. We're working on a new CDF best practices Yeah. Guide. We're working when use cases with all the member companies. And it, it gives that thought leadership platform for continuous delivery, which you need to be an expert in that area >>And the best practices too. And to identify the issues. Because at the end of the day, with the big thing that's coming out of this is velocity and more developers coming on board. I mean, this is the big thing. More people doing more. Yeah. Well yeah, I mean you take this open source continuous thunder away, you have more developers coming in, they be more productive and then people are gonna even either on the DevOps side or on the straight AP upside. And this is gonna be a huge issue. And the other thing that comes out that I wanna get your thoughts on is the supply chain issue you talked about is hot verifications and certifications of code is such big issue. Can you share your thoughts on that? Because Yeah, this is become, I won't say a business model for some companies, but it's also becoming critical for security that codes verified. >>Yeah. Okay. So I, I think one of, one of the things which we're specifically doing with the Peria project, which is unique, is rather than distributing, for example, libraries that you developed on your laptop and compiled there, or maybe they were built on, you know, a runner somewhere like Travis CI or GitHub actions, all the libraries being distributed on Persia are built by the authorized nodes in the network. And then they're, they're verified across all of the authorized nodes. So you nice, you have a, a gar, the basic guarantee we're giving you is when you download something from the Peria network, you'll get exactly the same binary as if you built it yourself from source. >>So there's a lot of trust >>And, and transparency. Yeah, exactly. And if you remember back to like kind of the seminal project, which kicked off this whole supply chain security like, like whirlwind it was SolarWinds. Yeah. Yeah. And the exact problem they hit was the build ran, it produced a result, they modified the code of the bill of the resulting binary and then they signed it. So if you built with the same source and then you went through that same process a second time, you would've gotten a different result, which was a malicious pre right. Yeah. And it's very hard to risk take, to take a binary file Yep. And determine if there's malicious code in it. Cuz it's not like source code. You can't inspect it, you can't do a code audit. It's totally different. So I think we're solving a key part of this with Persia, where you're freeing open source projects from the possibility of having their binaries, their packages, their end reduces, tampered with. And also upstream from this, you do want to have verification of prs, people doing code reviews, making sure that they're looking at the source code. And I think there's a lot of good efforts going on in the open source security foundation. So I'm also on the governing board of Open ssf >>To Do you sleep? You have three jobs you've said on camera? No, I can't even imagine. Yeah. Didn't >>You just spin that out from this open source security? Is that the new one they >>Spun out? Yeah, So the Open Source Security foundation is one of the new Linux Foundation projects. They, they have been around for a couple years, but they did a big reboot last year around this time. And I think what they really did a good job of now is bringing all the industry players to the table, having dialogue with government agencies, figuring out like, what do we need to do to support open source projects? Is it more investment in memory, safe languages? Do we need to have more investment in, in code audits or like security reviews of opensource projects. Lot of things. And all of those things require money investments. And that's what all the companies, including Jay Frogger doing to advance open source supply chain security. I >>Mean, it's, it's really kind of interesting to watch some different demographics of the developers and the vendors and the customers. On one hand, if you're a hardware person company, you have, you talk zero trust your software, your top trust, so your trusted code, and you got zero trust. It's interesting, depending on where you're coming from, they're all trying to achieve the same thing. It means zero trust. Makes sense. But then also I got code, I I want trust. Trust and verified. So security is in everything now. So code. So how do you see that traversing over? Is it just semantics or what's your view on that? >>The, the right way of looking at security is from the standpoint of the hacker, because they're always looking for >>Well said, very well said, New >>Loop, hope, new loopholes, new exploits. And they're, they're very, very smart people. And I think when you, when you look some >>Of the smartest >>Yeah, yeah, yeah. I, I, I work with, well former hackers now, security researchers, >>They converted, they're >>Recruited. But when you look at them, there's like two main classes of like, like types of exploits. So some, some attacker groups. What they're looking for is they're looking for pulse zero days, CVEs, like existing vulnerabilities that they can exploit to break into systems. But there's an increasing number of attackers who are now on the opposite end of the spectrum. And what they're doing is they're creating their own exploits. So, oh, they're for example, putting malicious code into open source projects. Little >>Trojan horse status. Yeah. >>They're they're getting their little Trojan horses in. Yeah. Or they're finding supply chain attacks by maybe uploading a malicious library to NPM or to pii. And by creating these attacks, especially ones that start at the top of the supply chain, you have such a large reach. >>I was just gonna say, it could be a whole, almost gives me chills as we're talking about it, the systemic, So this is this >>Gnarly nation state attackers, like people who wanted serious >>Damages. Engineered hack just said they're high, highly funded. Highly skilled. Exactly. Highly agile, highly focused. >>Yes. >>Teams, team. Not in the teams. >>Yeah. And so, so one, one example of this, which actually netted quite a lot of money for the, for the hacker who exposed it was, you guys probably heard about this, but it was a, an attack where they uploaded a malicious library to npm with the same exact namespace as a corporate library and clever, >>Creepy. >>It's called a dependency injection attack. And what happens is if you, if you don't have the right sort of security package management guidelines inside your company, and it's just looking for the latest version of merging multiple repositories as like a, like a single view. A lot of companies were accidentally picking up the latest version, which was out in npm uploaded by Alex Spearson was the one who did the, the attack. And he simultaneously reported bug bounties on like a dozen different companies and netted 130 k. Wow. So like these sort of attacks that they're real Yep. They're exploitable. And the, the hackers >>Complex >>Are finding these sort of attacks now in our supply chain are the ones who really are the most dangerous. That's the biggest threat to us. >>Yeah. And we have stacker ones out there. You got a bunch of other services, the white hat hackers get the bounties. That's really important. All right. What's next? What's your vision of this show as we end Coan? What's the most important story coming outta Coan in your opinion? And what are you guys doing next? >>Well, I, I actually think this is, this is probably not what most hooks would say is the most exciting story to con, but I find this personally the best is >>I can't wait for this now. >>So, on, on Sunday, the CNCF ran the first kids' day. >>Oh. >>And so they had a, a free kids workshop for, you know, underprivileged kids for >>About, That's >>Detroit area. It was, it was taught by some of the folks from the CNCF community. So Arro, Eric hen my, my older daughter, Cassandra's also an instructor. So she also was teaching a raspberry pie workshop. >>Amazing. And she's >>Here and Yeah, Yeah. She's also here at the show. And when you think about it, you know, there's always, there's, there's, you know, hundreds of announcements this week, A lot of exciting technologies, some of which we've talked about. Yeah. But it's, it's really what matters is the community. >>It this is a community first event >>And the people, and like, if we're giving back to the community and helping Detroit's kids to get better at technology, to get educated, I think that it's a worthwhile for all of us to be here. >>What a beautiful way to close it. That is such, I'm so glad you brought that up and brought that to our attention. I wasn't aware of that. Did you know that was >>Happening, John? No, I know about that. Yeah. No, that was, And that's next generation too. And what we need, we need to get down into the elementary schools. We gotta get to the kids. They're all doing robotics club anyway in high school. Computer science is now, now a >>Sport, in my opinion. Well, I think that if you're in a privileged community, though, I don't think that every school's doing robotics. And >>That's why Well, Cal Poly, Cal Poly and the universities are stepping up and I think CNCF leadership is amazing here. And we need more of it. I mean, I'm, I'm bullish on this. I love it. And I think that's a really great story. No, >>I, I am. Absolutely. And, and it just goes to show how committed CNF is to community, Putting community first and Detroit. There has been such a celebration of Detroit this whole week. Stephen, thank you so much for joining us on the show. Best Wishes with the CD Foundation. John, thanks for the banter as always. And thank you for tuning in to us here live on the cube in Detroit, Michigan. I'm Savannah Peterson and we are having the best day. I hope you are too.

>>Good afternoon, friends. My name is Savannah Peterson here in the Cube Studios live from Detroit, Michigan, where we're at Cuban and Cloud Native Foundation, Cloud Native Con all week. Our last interview of the day served me a real treat and one that I wasn't expecting. It turns out that I am in the presence of two caddies. It's a literal episode of Caddy Shack up here on Cube. John Furrier. I don't think the audience knows that you were a caddy. Tell us about your caddy days. >>I used to caddy when I was a kid at the local country club every weekend. This is amazing. Double loops every weekend. Make some bang, two bags on each shoulder. Caddying for the members where you're going. Now I'm >>On show. Just, just really impressive >>Now. Now I'm caddying for the cube where I caddy all this great content out to the audience. >>He's carrying the story of emerging brands and established companies on their cloud journey. I love it. John, well played. I don't wanna waste any more of this really wonderful individual's time, but since we now have a new trend of talking about everyone's Twitter handle here on the cube, this may be my favorite one of the day, if not Q4 so far. Drew, not reply. AKA Drew ne Drew Nielsen, excuse me, there is here with us from Teleport. Drew, thanks so much for being here. >>Oh, thanks for having me. It's great to be here. >>And so you were a caddy on a whole different level. Can you tell us >>About that? Yeah, so I was in university and I got tired after two years and didn't have a car in LA and met a pro golfer at a golf course and took two years off and traveled around caddying for him and tried to get 'em through Q School. >>This is, this is fantastic. So if you're in school and your parents are telling you to continue going to school, know that you can drop out and be a caddy and still be a very successful television personality. Like both of the gentlemen at some point. >>Well, I never said my parents like >>That decision, but we'll keep our day jobs. Yeah, exactly. And one of them is Cloud Native Security. The hottest topic here at the show. Yep. I want to get into it. You guys are doing some really cool things. Are we? We hear Zero Trust, you know, ransomware and we even, I even talked with the CEO of Dockets morning about container security issues. Sure. There's a lot going on. So you guys are in the middle of teleport. You guys have a unique solution. Tell us what you guys got going on. What do you guys do? What's the solution and what's the problem you solve? >>So Teleport is the first and only identity native infrastructure access solution in the market. So breaking that down, what that really means is identity native being the combination of secret list, getting rid of passwords, Pam Vaults, Key Vaults, Yeah. Passwords written down. Basically the number one source of breach. And 50 to 80% of breaches, depending on whose numbers you want to believe are how organizations get hacked. >>But it's not password 1 23 isn't protecting >>Cisco >>Right >>Now. Well, if you think about when you're securing infrastructure and the second component being zero trust, which assumes the network is completely insecure, right? But everything is validated. Resource to resource security is validated, You know, it assumes work from anywhere. It assumes the security comes back to that resource. And we take the combination of those two into identity, native access where we cryptographically ev, validate identity, but more importantly, we make an absolutely frictionless experience. So engineers can access infrastructure from anywhere at any time. >>I'm just flashing on my roommates, checking their little code, changing Bob login, you know, dongle essentially, and how frustrating that always was. I mean, talk about interrupting workflow was something that's obviously necessary, but >>Well, I mean, talk about frustration if I'm an engineer. Yeah, absolutely. You know, back in the day when you had these three tier monolithic applications, it was kind of simple. But now as you've got modern application development environments Yeah, multi-cloud, hybrid cloud, whatever marketing term around how you talk about this, expanding sort of disparate infrastructure. Engineers are sitting there going from system to system to machine to database to application. I mean, not even a conversation on Kubernetes yet. Yeah. And it's just, you know, every time you pull an engineer or a developer to go to a vault to pull something out, you're pulling them out for 10 minutes. Now, applications today have hundreds of systems, hundreds of microservices. I mean 30 of these a day and nine minutes, 270 minutes times 60. And they also >>Do the math. Well, there's not only that, there's also the breach from manual error. I forgot to change the password. What is that password? I left it open, I left it on >>Cognitive load. >>I mean, it's the manual piece. But even think about it, TR security has to be transparent and engineers are really smart people. And I've talked to a number of organizations who are like, yeah, we've tried to implement security solutions and they fail. Why? They're too disruptive. They're not transparent. And engineers will work their way around them. They'll write it down, they'll do a workaround, they'll backdoor it something. >>All right. So talk about how it works. But I, I mean, I'm getting the big picture here. I love this. Breaking down the silos, making engineers lives easier, more productive. Clearly the theme, everyone they want, they be gonna need. Whoever does that will win it all. How's it work? I mean, you deploying something, is it code, is it in line? It's, >>It's two binaries that you download and really it starts with the core being the identity native access proxy. Okay. So that proxy, I mean, if you look at like the zero trust principles, it all starts with a proxy. Everything connects into that proxy where all the access is gated, it's validated. And you know, from there we have an authorization engine. So we will be the single source of truth for all access across your entire infrastructure. So we bring machines, engineers, databases, applications, Kubernetes, Linux, Windows, we don't care. And we basically take that into a single architecture and single access platform that essentially secures your entire infrastructure. But more importantly, you can do audit. So for all of the organizations that are dealing with FedRAMP, pci, hipaa, we have a complete audit trail down to a YouTube style playback. >>Oh, interesting. We're we're California and ccpa. >>Oh, gdpr. >>Yeah, exactly. It, it, it's, it's a whole shebang. So I, I love, and John, maybe you've heard this term a lot more than I have, but identity native is relatively new to me as as a term. And I suspect you have a very distinct way of defining identity. How do you guys define identity internally? >>So identity is something that is cryptographically validated. It is something you have. So it's not enough. If you look at, you know, credentials today, everyone's like, Oh, I log into my computer, but that's my identity. No, it's not. Right. Those are attributes. Those are something that is secret for a period of time until you write it down. But I can't change my fingerprint. Right. And now I >>Was just >>Thinking of, well no, perfect case in point with touch ID on your meth there. Yeah. It's like when we deliver that cryptographically validated identity, we use these secure modules in like modern laptops or servers. Yeah. To store that identity so that even if you're sitting in front of your computer, you can't get to it. But more importantly, if somebody were to take that and try to be you and try to log in with your fingerprint, it's >>Not, I'm not gonna lie, I love the apple finger thing, you know, it's like, you know, space recognition, like it's really awesome. >>It save me a lot of time. I mean, even when you go through customs and they do the face scan now it actually knows who you are, which is pretty wild in the last time you wanna provide ones. But it just shifted over like maybe three months ago. Well, >>As long as no one chops your finger off like they do in the James Bond movies. >>I mean, we try and keep it a light and fluffy here on the queue, but you know, do a finger teams, we can talk about that >>Too. >>Gabby, I was thinking more minority report, >>But you >>Knows that's exactly what I, what I think of >>Hit that one outta bounds. So I gotta ask, because you said you're targeting engineers, not IT departments. What's, is that, because I in your mind it is now the engineers or what's the, is always the solution more >>Targeted? Well, if you really look at who's dealing with infrastructure on a day-to-day basis, those are DevOps individuals. Those are infrastructure teams, Those are site reliability engineering. And when it, they're the ones who are not only managing the infrastructure, but they're also dealing with the code on it and everything else. And for us, that is who is our primary customer and that's who's doing >>It. What's the biggest problem that you're solving in this use case? Because you guys are nailing it. What's the problem that your identity native solution solves? >>You know, right out of the backs we remove the number one source of breach. And that is taking passwords, secrets and, and keys off the board. That deals with most of the problem right there. But there are really two problems that organizations face. One is scaling. So as you scale, you get more secrets, you get more keys, you get all these things that is all increasing your attack vector in real time. Oh >>Yeah. Across teams locations. I can't even >>Take your pick. Yeah, it's across clouds, right? Any of it >>On-prem doesn't. >>Yeah. Any of it. We, and we allow you to scale, but do it securely and the security is transparent and your engineers will absolutely love it. What's the most important thing about this product Engineers. Absolutely. >>What are they saying? What are some of those examples? Anecdotally, pull boats out from engineering. >>You're too, we should have invent, we should have invented this ourselves. Or you know, we have run into a lot of customers who have tried to home brew this and they're like, you know, we spend an in nor not of hours on it >>And IT or they got legacy from like Microsoft or other solutions. >>Sure, yeah. Any, but a lot of 'em is just like, I wish I had done it myself. Or you know, this is what security should be. >>It makes so much sense and it gives that the team such a peace of mind. I mean, you never know when a breach is gonna come, especially >>It's peace of mind. But I think for engineers, a lot of times it deals with the security problem. Yeah. Takes it off the table so they can do their jobs. Yeah. With zero friction. Yeah. And you know, it's all about speed. It's all about velocity. You know, go fast, go fast, go fast. And that's what we enable >>Some of the benefits to them is they get to save time, focus more on, on task that they need to work on. >>Exactly. >>And get the >>Job done. And on top of it, they answer the audit and compliance mail every time it comes. >>Yeah. Why are people huge? Honestly, why are people doing this? Because, I mean, identity is just such an hard nut to crack. Everyone's got their silos, Vendors having clouds have 'em. Identity is the most fragmented thing on >>The planet. And it has been fragmented ever since my first RSA conference. >>I know. So will we ever get this do over? Is there a driver? Is there a market force? Is this the time? >>I think the move to modern applications and to multi-cloud is driving this because as those application stacks get more verticalized, you just, you cannot deal with the productivity >>Here. And of course the next big thing is super cloud and that's coming fast. Savannah, you know, You know that's Rocket. >>John is gonna be the thought leader and keyword leader of the word super cloud. >>Super Cloud is enabling super services as the cloud cast. Brian Gracely pointed out on his Sunday podcast of which if that happens, Super Cloud will enable super apps in a new architectural >>List. Please don't, and it'll be super, just don't. >>Okay. Right. So what are you guys up to next? What's the big hot spot for the company? What are you guys doing? What are you guys, What's the idea guys hiring? You put the plug in. >>You know, right now we are focused on delivering the best identity, native access platform that we can. And we will continue to support our customers that want to use Kubernetes, that want to use any different type of infrastructure. Whether that's Linux, Windows applications or databases. Wherever they are. >>Are, are your customers all of a similar DNA or are you >>No, they're all over the map. They range everything from tech companies to financial services to, you know, fractional property. >>You seem like someone everyone would need. >>Absolutely. >>And I'm not just saying that to be a really clean endorsement from the Cube, but >>If you were doing DevOps Yeah. And any type of forward-leaning shift, left engineering, you need us because we are basically making security as code a reality across your entire infrastructure. >>Love this. What about the team dna? Are you in a scale growth stage right now? What's going on? Absolutely. Sounds I was gonna say, but I feel like you would have >>To be. Yeah, we're doing, we're, we have a very positive outlook and you know, even though the economic time is what it is, we're doing very well meeting. >>How's the location? Where's the location of the headquarters now? With remote work is pretty much virtual. >>Probably. We're based in downtown Oakland, California. >>Woohoo. Bay area representing on this stage right now. >>Nice. Yeah, we have a beautiful office right in downtown Oakland and yeah, it's been great. Awesome. >>Love that. And are you hiring right now? I bet people might be. I feel like some of our cube watchers are here waiting to figure out their next big play. So love to hear that. Absolutely love to hear that. Besides Drew, not reply, if people want to join your team or say hello to you and tell you how brilliant you looked up here, or ask about your caddy days and maybe venture a guest to who that golfer may have been that you were CAD Inc. For, what are the best ways for them to get in touch with you? >>You can find me on LinkedIn. >>Great. Fantastic. John, anything else >>From you? Yeah, I mean, I just think security is paramount. This is just another example of where the innovation has to kind of break through without good identity, everything could cripple. Then you start getting into the silos and you can start getting into, you know, tracking it. You got error user errors, you got, you know, one of the biggest security risks. People just leave systems open, they don't even know it's there. So like, I mean this is just, just identity is the critical linchpin to, to solve for in security to me. And that's totally >>Agree. We even have a lot of customers who use us just to access basic cloud consoles. Yeah. >>So I was actually just gonna drive there a little bit because I think that, I'm curious, it feels like a solution for obviously complex systems and stacks, but given the utility and what sounds like an extreme ease of use, I would imagine people use this for day-to-day stuff within their, >>We have customers who use it to access their AWS consoles. We have customers who use it to access Grafana dashboards. You know, for, since we're sitting here at coupon accessing a Lens Rancher, all of the amazing DevOps tools that are out there. >>Well, I mean true. I mean, you think about all the reasons why people don't adopt this new federated approach or is because the IT guys did it and the world we're moving into, the developers are in charge. And so we're seeing the trend where developers are taking the DevOps and the data and the security teams are now starting to reset the guardrails. What's your >>Reaction to that? Well, you know, I would say that >>Over the top, >>Well I would say that you know, your DevOps teams and your infrastructure teams and your engineers, they are the new king makers. Yeah. Straight up. Full stop. >>You heard it first folks. >>And that's >>A headline right >>There. That is a headline. I mean, they are the new king makers and, but they are being forced to do it as securely as possible. And our job is really to make that as easy and as frictionless as possible. >>Awesome. >>And it sounds like you're absolutely nailing it. Drew, thank you so much for being on the show. Thanks for having today. This has been an absolute pleasure, John, as usual a joy. And thank all of you for tuning in to the Cube Live here at CU Con from Detroit, Michigan. We look forward to catching you for day two tomorrow.

>>Keon Cloud Native Con kicks off in Detroit on October 24th, and we're pleased to have Stewart Miniman, who's the director of Market Insights, hi, at, for hybrid platforms at Red Hat back in the studio to help us understand the key trends to look for at the events. Do welcome back, like old, old, old >>Home. Thank you, David. It's great to, great to see you and always love doing these previews, even though Dave, come on. How many years have I told you Cloud native con, It's a hoodie crowd. They're gonna totally call you out for where in a tie and things like that. I, I know you want to be an ESPN sportscaster, but you know, I I, I, I still don't think even after, you know, this show's been around for so many years that there's gonna be too many ties into Troy. I >>Know I left the hoodie in my off, I'm sorry folks, but hey, we'll just have to go for it. Okay. Containers generally, and Kubernetes specifically continue to show very strong spending momentum in the ETR survey data. So let's bring up this slide that shows the ETR sectors, all the sectors in the tax taxonomy with net score or spending velocity in the vertical axis and pervasiveness on the horizontal axis. Now, that red dotted line that you see, that marks the elevated 40% mark, anything above that is considered highly elevated in terms of momentum. Now, for years, the big four areas of momentum that shine above all the rest have been cloud containers, rpa, and ML slash ai for the first time in 10 quarters, ML and AI and RPA have dropped below the 40% line, leaving only cloud and containers in rarefied air. Now, Stu, I'm sure this data doesn't surprise you, but what do you make of this? >>Yeah, well, well, Dave, I, I did an interview with at Deepak who owns all the container and open source activity at Amazon earlier this year, and his comment was, the default deployment mechanism in Amazon is containers. So when I look at your data and I see containers and cloud going in sync, yeah, that, that's, that's how we see things. We're helping lots of customers in their overall adoption. And this cloud native ecosystem is still, you know, we're still in that Cambridge explosion of new projects, new opportunities, AI's a great workload for these type type of technologies. So it's really becoming pervasive in the marketplace. >>And, and I feel like the cloud and containers go hand in hand, so it's not surprising to see those two above >>The 40%. You know, there, there's nothing to say that, Look, can I run my containers in my data center and not do the public cloud? Sure. But in the public cloud, the default is the container. And one of the hot discussions we've been having in this ecosystem for a number of years is edge computing. And of course, you know, I want something that that's small and lightweight and can do things really fast. A lot of times it's an AI workload out there, and containers is a great fit at the edge too. So wherever it goes, containers is a good fit, which has been keeping my group at Red Hat pretty busy. >>So let's talk about some of those high level stats that we put together and preview for the event. So it's really around the adoption of open source software and Kubernetes. Here's, you know, a few fun facts. So according to the state of enterprise open source report, which was published by Red Hat, although it was based on a blind survey, nobody knew that that Red Hat was, you know, initiating it. 80% of IT execs expect to increase their use of enterprise open source software. Now, the CNCF community has currently more than 120,000 developers. That's insane when you think about that developer resource. 73% of organizations in the most recent CNCF annual survey are using Kubernetes. Now, despite the momentum, according to that same Red Hat survey, adoption barriers remain for some organizations. Stu, I'd love you to talk about this specifically around skill sets, and then we've highlighted some of the other trends that we expect to see at the event around Stu. I'd love to, again, your, get your thoughts on the preview. You've done a number of these events, automation, security, governance, governance at scale, edge deployments, which you just mentioned among others. Now Kubernetes is eight years old, and I always hear people talking about there's something coming beyond Kubernetes, but it looks like we're just getting started. Yeah, >>Dave, It, it is still relatively early days. The CMC F survey, I think said, you know, 96% of companies when they, when CMC F surveyed them last year, were either deploying Kubernetes or had plans to deploy it. But when I talked to enterprises, nobody has said like, Hey, we've got every group on board and all of our applications are on. It is a multi-year journey for most companies and plenty of them. If you, you look at the general adoption of technology, we're still working through kind of that early majority. We, you know, passed the, the chasm a couple of years ago. But to a point, you and I we're talking about this ecosystem, there are plenty of people in this ecosystem that could care less about containers and Kubernetes. Lots of conversations at this show won't even talk about Kubernetes. You've got, you know, big security group that's in there. >>You've got, you know, certain workloads like we talked about, you know, AI and ml and that are in there. And automation absolutely is playing a, a good role in what's going on here. So in some ways, Kubernetes kind of takes a, a backseat because it is table stakes at this point. So lots of people involved in it, lots of activities still going on. I mean, we're still at a cadence of three times a year now. We slowed it down from four times a year as an industry, but there's, there's still lots of innovation happening, lots of adoption, and oh my gosh, Dave, I mean, there's just no shortage of new projects and new people getting involved. And what's phenomenal about it is there's, you know, end user practitioners that aren't just contributing. But many of the projects were spawned out of work by the likes of Intuit and Spotify and, and many others that created some of the projects that sit alongside or above the, the, you know, the container orchestration itself. >>So before we talked about some of that, it's, it's kind of interesting. It's like Kubernetes is the big dog, right? And it's, it's kind of maturing after, you know, eight years, but it's still important. I wanna share another data point that underscores the traction that containers generally are getting in Kubernetes specifically have, So this is data from the latest ETR survey and shows the spending breakdown for Kubernetes in the ETR data set for it's cut for respondents with 50 or more citations in, in by the IT practitioners that lime green is new adoptions, the forest green is spending 6% or more relative to last year. The gray is flat spending year on year, and those little pink bars, that's 6% or down spending, and the bright red is retirements. So they're leaving the platform. And the blue dots are net score, which is derived by subtracting the reds from the greens. And the yellow dots are pervasiveness in the survey relative to the sector. So the big takeaway here is that there is virtually no red, essentially zero churn across all sectors, large companies, public companies, private firms, telcos, finance, insurance, et cetera. So again, sometimes I hear this things beyond Kubernetes, you've mentioned several, but it feels like Kubernetes is still a driving force, but a lot of other projects around Kubernetes, which we're gonna hear about at the show. >>Yeah. So, so, so Dave, right? First of all, there was for a number of years, like, oh wait, you know, don't waste your time on, on containers because serverless is gonna rule the world. Well, serverless is now a little bit of a broader term. Can I do a serverless viewpoint for my developers that they don't need to think about the infrastructure but still have containers underneath it? Absolutely. So our friends at Amazon have a solution called Fargate, their proprietary offering to kind of hide that piece of it. And in the open source world, there's a project called Can Native, I think it's the second or third can Native Con's gonna happen at the cncf. And even if you use this, I can still call things over on Lambda and use some of those functions. So we know Dave, it is additive and nothing ever dominates the entire world and nothing ever dies. >>So we have, we have a long runway of activities still to go on in containers and Kubernetes. We're always looking for what that next thing is. And what's great about this ecosystem is most of it tends to be additive and plug into the pieces there, there's certain tools that, you know, span beyond what can happen in the container world and aren't limited to it. And there's others that are specific for it. And to talk about the industries, Dave, you know, I love, we we have, we have a community event that we run that's gonna happen at Cubans called OpenShift Commons. And when you look at like, who's speaking there? Oh, we've got, you know, for Lockheed Martin, University of Michigan and I g Bank all speaking there. So you look and it's like, okay, cool, I've got automotive, I've got, you know, public sector, I've got, you know, university education and I've got finance. So all of you know, there is not an industry that is not touched by this. And the general wave of software adoption is the reason why, you know, not just adoption, but the creation of new software is one of the differentiators for companies. And that is what, that's the reason why I do containers, isn't because it's some cool technology and Kubernetes is great to put on my resume, but that it can actually accelerate my developers and help me create technology that makes me respond to my business and my ultimate end users. Well, >>And you know, as you know, we've been talking about the Supercloud a lot and the Kubernetes is clearly enabler to, to Supercloud, but I wanted to go back, you and John Furrier have done so many of, you know, the, the cube cons, but but go back to Docker con before Kubernetes was even a thing. And so you sort of saw this, you know, grow. I think there's what, how many projects are in CNCF now? I mean, hundreds. Hundreds, okay. And so you're, Will we hear things in Detroit, things like, you know, new projects like, you know, Argo and capabilities around SI store and things like that? Well, you're gonna hear a lot about that. Or is it just too much to cover? >>So I, I mean the, the good news, Dave, is that the CNCF really is, is a good steward for this community and new things got in get in. So there's so much going on with the existing projects that some of the new ones sometimes have a little bit of a harder time making a little bit of buzz. One of the more interesting ones is a project that's been around for a while that I think back to the first couple of Cube Cuban that John and I did service Mesh and Istio, which was created by Google, but lived under basically a, I guess you would say a Google dominated governance for a number of years is now finally under the CNCF Foundation. So I talked to a number of companies over the years and definitely many of the contributors over the years that didn't love that it was a Google Run thing, and now it is finally part. >>So just like Kubernetes is, we have SEO and also can Native that I mentioned before also came outta Google and those are all in the cncf. So will there be new projects? Yes. The CNCF is sometimes they, they do matchmaking. So in some of the observability space, there were a couple of projects that they said, Hey, maybe you can go merge down the road. And they ended up doing that. So there's still you, you look at all these projects and if I was an end user saying, Oh my God, there is so much change and so many projects, you know, I can't spend the time in the effort to learn about all of these. And that's one of the challenges and something obviously at Red Hat, we spend a lot of time figuring out, you know, not to make winners, but which are the things that customers need, Where can we help make them run in production for our, our customers and, and help bring some stability and a little bit of security for the overall ecosystem. >>Well, speaking of security, security and, and skill sets, we've talked about those two things and they sort of go hand in hand when I go to security events. I mean, we're at reinforced last summer, we were just recently at the CrowdStrike event. A lot of the discussion is sort of best practice because it's so complicated. And, and, and will you, I presume you're gonna hear a lot of that here because security securing containers now, you know, the whole shift left thing and shield right is, is a complicated matter, especially when you saw with the earlier data from the Red Hat survey, the the gaps are around skill sets. People don't have the skill. So should we expect to hear a lot about that, A lot of sort of how to, how to take advantage of some of these new capabilities? >>Yeah, Dave, absolutely. So, you know, one of the conversations going on in the community right now is, you know, has DevOps maybe played out as we expect to see it? There's a newer term called platform engineering, and how much do I need to do there? Something that I, I know your, your team's written a lot about Dave, is how much do you need to know versus what can you shift to just a platform or a service that I can consume? I've talked a number of times with you since I've been at Red Hat about the cloud services that we offer. So you want to use our offering in the public cloud. Our first recommendation is, hey, we've got cloud services, how much Kubernetes do you really want to learn versus you want to do what you can build on top of it, modernize the pieces and have less running the plumbing and electric and more, you know, taking advantage of the, the technologies there. So that's a big thing we've seen, you know, we've got a big SRE team that can manage that for use so that you have to spend less time worrying about what really is un differentiated heavy lifting and spend more time on what's important to your business and your >>Customers. So, and that's, and that's through a managed service. >>Yeah, absolutely. >>That whole space is just taken off. All right, Stu I'll give you the final word. You know, what are you excited about for, for, for this upcoming event and Detroit? Interesting choice of venue? Yeah, >>Look, first of off, easy flight. I've, I've never been to Detroit, so I'm, I'm willing to give it a shot and hopefully, you know, that awesome airport. There's some, some, some good things there to learn. The show itself is really a choose your own adventure because there's so much going on. The main show of QAN and cloud Native Con is Wednesday through Friday, but a lot of a really interesting stuff happens on Monday and Tuesday. So we talked about things like OpenShift Commons in the security space. There's cloud Native Security Day, which is actually two days and a SIG store event. There, there's a get up show, there's, you know, k native day. There's so many things that if you want to go deep on a topic, you can go spend like a workshop in some of those you can get hands on to. And then at the show itself, there's so much, and again, you can learn from your peers. >>So it was good to see we had, during the pandemic, it tilted a little bit more vendor heavy because I think most practitioners were pretty busy focused on what they could work on and less, okay, hey, I'm gonna put together a presentation and maybe I'm restricted at going to a show. Yeah, not, we definitely saw that last year when I went to LA I was disappointed how few customer sessions there were. It, it's back when I go look through the schedule now there's way more end users sharing their stories and it, it's phenomenal to see that. And the hallway track, Dave, I didn't go to Valencia, but I hear it was really hopping felt way more like it was pre pandemic. And while there's a few people that probably won't come because Detroit, we think there's, what we've heard and what I've heard from the CNCF team is they are expecting a sizable group up there. I know a lot of the hotels right near the, where it's being held are all sold out. So it should be, should be a lot of fun. Good thing I'm speaking on an edge panel. First time I get to be a speaker at the show, Dave, it's kind of interesting to be a little bit of a different role at the show. >>So yeah, Detroit's super convenient, as I said. Awesome. Airports too. Good luck at the show. So it's a full week. The cube will be there for three days, Tuesday, Wednesday, Thursday. Thanks for coming. >>Wednesday, Thursday, Friday, sorry, >>Wednesday, Thursday, Friday is the cube, right? So thank you for that. >>And, and no ties from the host, >>No ties, only hoodies. All right Stu, thanks. Appreciate you coming in. Awesome. And thank you for watching this preview of CubeCon plus cloud Native Con with at Stu, which again starts the 24th of October, three days of broadcasting. Go to the cube.net and you can see all the action. We'll see you there.

(upbeat music) >> Hello, and welcome back to AWS Startup Showcase, I'm John Furrier, your host. This is the Hero panel, the AWS Heroes. These are folks that have a lot of experience in Open Source, having fun building great projects and commercializing the value and best practices of Open Source innovation. We've got some great guests here. Liz Rice, Chief Open Source Officer, Isovalent. CUBE alumni, great to see you. Brian LeRoux, who is the Co-founder and CTO of begin.com. Erica Windisch who's an Architect for Developer Experience. AWS Hero, also CUBE alumni. Casey Lee, CTO Gaggle. Doing some great stuff in ed tech. Great collection of experts and experienced folks doing some fun stuff, welcome to this conversation this CUBE panel. >> Hi. >> Thanks for having us. >> Hello. >> Let's go down the line. >> I don't normally do this, but since we're remote and we have such great guests, go down the line and talk about why Open Source is important to you guys. What projects are you currently working on? And what's the coolest thing going on there? Liz we'll start with you. >> Okay, so I am very involved in the world of Cloud Native. I'm the chair of the technical oversight committee for the Cloud Native Computing Foundation. So that means I get to see a lot of what's going on across a very broad range of Cloud Native projects. More specifically, Isovalent. I focus on Cilium, which is it's based on a technology called EBPF. That is to me, probably the most exciting technology right now. And then finally, I'm also involved in an organization called OpenUK, which is really pushing for more use of open technologies here in the United Kingdom. So spread around lots of different projects. And I'm in a really fortunate position, I think, to see what's happening with lots of projects and also the commercialization of lots of projects. >> Awesome, Brian what project are you working on? >> Working project these days called Architect. It's a Open Source project built on top of AWSM. It adds a lot of sugar and terseness to the SM experience and just makes it a lot easier to work with and get started. AWS can be a little bit intimidating to people at times. And the Open Source community is stepping up to make some of that bond ramp a little bit easier. And I'm also an Apache member. And so I keep a hairy eyeball on what's going on in that reality all the time. And I've been doing this open-source thing for quite a while, and yeah, I love it. It's a great thing. It's real science. We get to verify each other's work and we get to expand and build on human knowledge. So that's a huge honor to just even be able to do that and I feel stoked to be here so thanks for having me. >> Awesome, yeah, and totally great. Erica, what's your current situation going on here? What's happening? >> Sure, so I am currently working on developer experience of a number of Open Source STKS and CLI components from my current employer. And previously, recently I left New Relic where I was working on integrating with OpenTelemetry, as well as a number of other things. Before that I was a maintainer of Docker and of OpenStack. So I've been in this game for a while as well. And I tend to just put my fingers in a lot of little pies anywhere from DVD players 20 years ago to a lot of this open telemetry and monitoring and various STKs and developer tools is where like Docker and OpenStack and the STKs that I work on now, all very much focusing on developer as the user. >> Yeah, you're always on the wave, Erica great stuff. Casey, what's going on? Do you got some great ed techs happening? What's happening with you? >> Yeah, sure. The primary Open Source project that I'm contributing to right now is ACT. This is a tool I created a couple of years back when GitHub Actions first came out, and my motivation there was I'm just impatient. And that whole commit, push, wait time where you're testing out your pipelines is painful. And so I wanted to build a tool that allowed developers to test out their GitHub Actions workflows locally. And so this tool uses Docker containers to emulate, to get up action environment and gives you fast feedback on those workflows that you're building. Lot of innovation happening at GitHub. And so we're just trying to keep up and continue to replicate those new features functionalities in the local runner. And the biggest challenge I've had with this project is just keeping up with the community. We just passed 20,000 stars, and it'd be it's a normal week to get like 10 PRs. So super excited to announce just yesterday, actually I invited four of the most active contributors to help me with maintaining the project. And so this is like a big deal for me, letting the project go and bringing other people in to help lead it. So, yeah, huge shout out to those folks that have been helping with driving that project. So looking forward to what's next for it. >> Great, we'll make sure the SiliconANGLE riders catch that quote there. Great call out. Let's start, Brian, you made me realize when you mentioned Apache and then you've been watching all the stuff going on, it brings up the question of the evolution of Open Source, and the commercialization trends have been very interesting these days. You're seeing CloudScale really impact also with the growth of code. And Liz, if you remember, the Linux Foundation keeps making projections and they keep blowing past them every year on more and more code and more and more entrance coming in, not just individuals, corporations. So you starting to see Netflix donates something, you got Lyft donate some stuff, becomes a project company forms around it. There's a lot of entrepreneurial activity that's creating this new abstraction layers, new platforms, not just tools. So you start to see a new kickup trajectory with Open Source. You guys want to comment on this because this is going to impact how fast the enterprise will see value here. >> I think a really great example of that is a project called Backstage that's just come out of Spotify. And it's going through the incubation process at the CNCF. And that's why it's front of mind for me right now, 'cause I've been working on the due diligence for that. And the reason why I thought it was interesting in relation to your question is it's spun out of Spotify. It's fully Open Source. They have a ton of different enterprises using it as this developer portal, but they're starting to see some startups emerging offering like a hosted managed version of Backstage or offering services around Backstage or offering commercial plugins into Backstage. And I think it's really fascinating to see those ecosystems building up around a project and different ways that people can. I'm a big believer. You cannot sell the Open Source code, but you can sell other things that create value around Open Source projects. So that's really exciting to see. >> Great point. Anyone else want to weigh in and react to that? Because it's the new model. It's not the old way. I mean, I remember when I was in college, we had the Pirate software. Open Source wasn't around. So you had to deal under the table. Now it's free. But I mean the old way was you had to convince the enterprise, like you've got a hard knit, it builds the community and the community manage the quality of the code. And then you had to build the company to make sure they could support it. Now the companies are actually involved in it, right? And then new startups are forming faster. And the proof points are shorter and highly accelerated for that. I mean, it's a whole new- >> It's a Cambrian explosion, and it's great. It's one of those things that it's challenging for the new developers because they come in and they're like, "Whoa, what is all this stuff that I'm supposed to figure out?" And there's no right answer and there's no wrong answer. There's just tons of it. And I think that there's a desire for us to have one sort of well-known trot and happy path, that audience we're a lot better with a more diverse community, with lots of options, with lots of ways to approach these problems. And I think it's just great. A challenge that we have with all these options and all these Cambrian explosion of projects and all these competing ideas, right now, the sustainability, it's a bit of a tricky question to answer. We know that there's a commercialization aspect that helps us fund these projects, but how we compose the open versus the commercial source is still a bit of a tricky question and a tough one for a lot of folks. >> Erica, would you chime in on that for a second. I want to get your angle on that, this experience and all this code, and I'm a new person, I'm an existing person. Do I get like a blue check mark and verify? I mean, these are questions like, well, how do you navigate? >> Yeah, I think this has been something happening for a while. I mean, back in the early OpenStack days, 2010, for instance, Rackspace Open Sourcing, OpenStack and ANSU Labs and so forth, and then trying, having all these companies forming in creating startups around this. I started at a company called Cloudccaling back in late 2010, and we had some competitors such as Piston and so forth where a lot of the ANSUL Labs people went. But then, the real winners, I think from OpenStack ended up being the enterprises that jumped in. We had Red Hat in particular, as well as HP and IBM jumping in and investing in OpenStack, and really proving out a lot of... not that it was the first time, but this is when we started seeing billions of dollars pouring into Open Source projects and Open Source Foundations, such as the OpenStack Foundation, which proceeded a lot of the things that we now see with the Linux Foundation, which was then created a little bit later. And at the same time, I'm also reflecting a little bit what Brian said because there are projects that don't get funded, that don't get the same attention, but they're also getting used quite significantly. Things like Log4j really bringing this to the spotlight in terms of projects that are used everywhere by everything with significant outsized impacts on the industry that are not getting funded, that aren't flashy enough, that aren't exciting enough because it's just logging, but a vulnerability in it brings every everything and everybody down and has possibly billions of dollars of impact to our industry because nobody wanted to fund this project. >> I think that brings up the commercialization point about maybe bringing a venture capital model in saying, "Hey, that boring little logging thing could be a key ingredient for say solving some observability problems so I think let's put some cash." Again then we'd never seen that before. Now you're starting to see that kind of a real smart investment thesis going into Open Source projects. I mean, Promethease, Crafter, these are projects that turned off companies. This is turning up companies. >> A decade ago, there was no money in Dev tools that I think that's been fully debunked now. They used to be a concept that the venture community believed, but there's just too much evidence to the contrary, the companies like Cash Court, Datadog, the list goes on and on. I think the challenge for the Open Source (indistinct) comes back to foundations and working (indistinct) these developers make this code safe and secure. >> Casey, what's your reaction to all of this? You've got, so a project has gained some traction, got some momentum. There's a lot of mission critical. I won't say white spaces, but the opportunities in the big cloud game happening. And there's a lot of, I won't say too many entrepreneurial, but there's a lot of community action happening that's precommercialization that's getting traction. How does this all develop naturally and then vector in quickly when it hits? >> Yeah, I want to go back to the Log4j topic real quick. I think that it's a great example of an area that we need to do better at. And there was a cool article that Rob Pike wrote describing how to quantify the criticality. I think that's sort of quantifying criticality was the article he wrote on how to use metrics, to determine how valuable, how important a piece of Open Source is to the community. And we really need to highlight that more. We need a way to make it more clear how important this software is, how many people depend on it and how many people are contributing to it. And because right now we all do that. Like if I'm going to evaluate an Open Source software, sure, I'll look at how many stars it has and how many contributors it has. But I got to go through and do all that work myself and come up with. It would be really great if we had an agreed upon method for ranking the criticality of software, but then also the risk, hey, that this is used by a ton of people, but nobody's contributing to it anymore. That's a concern. And that would be great to potential users of that to signal whether or not it makes sense. The Open Source Security Foundation, just getting off the ground, they're doing some work in this space, and I'm really excited to see where they go with that looking at ways to stop score critically. >> Well, this brings up a good point while we've got everyone here, let's take a plug and plug a project you think that's not getting the visibility it needs. Let's go through each of you, point out a project that you think people should be looking at and talking about that might get some free visibility here. Anyone want to highlight projects they think should be focused more on, or that needs a little bit of love? >> I think, I mean, particularly if we're talking about these sort of vulnerability issues, there's a ton of work going on, like in the Secure Software Foundation, other foundations, I think there's work going on in Apache somewhere as well around the bill of material, the software bill of materials, the Secure Software supply chain security, even enumerating your dependencies is not trivial today. So I think there's going to be a ton of people doing really good work on that, as well as the criticality aspect. It's all like that. There's a really great xkcd cartoon with your software project and some really big monolithic lumps. And then, this tiny little piece in a very important point that's maintained by somebody in his bedroom in Montana or something and if you called it out. >> Yeah, you just opened where the next lightening and a bottle comes from. And this is I think the beauty of Open Source is that you get a little collaboration, you get three feet in a cloud of dust going and you get some momentum, and if it's relevant, it rises to the top. I think that's the collective intelligence of Open Source. The question I want to ask that the panel here is when you go into an enterprise, and now that the game is changing with a much more collaborative and involved, what's the story if they say, hey, what's in it for me, how do I manage the Open Source? What's the current best practice? Because there's no doubt I can't ignore it. It's in everything we do. How do I organize around it? How do I build around it to be more efficient and more productive and reduce the risk on vulnerabilities to managing staff, making sure the right teams in place, the right agility and all those things? >> You called it, they got to get skin in the game. They need to be active and involved and donating to a sustainable Open Source project is a great way to start. But if you really want to be active, then you should be committing. You should have a goal for your organization to be contributing back to that project. Maybe not committing code, it could be committing resources into the darks or in the tests, or even tweeting about an Open Source project is contributing to it. And I think a lot of these enterprises could benefit a lot from getting more active with the Open Source Foundations that are out there. >> Liz, you've been actively involved. I know we've talked personally when the CNCF started, which had a great commercial uptake from companies. What do you think the current state-of-the-art kind of equation is has it changed a little bit? Or is it the game still the same? >> Yeah, and in the early days of the CNCF, it was very much dominated by vendors behind the project. And now we're seeing more and more membership from end-user companies, the kind of enterprises that are building their businesses on Cloud Native, but their business is not in itself. That's not there. The infrastructure is not their business. And I think seeing those companies, putting money in, putting time in, as Brian says contributing resources quite often, there's enough money, but finding the talent to do the work and finding people who are prepared to actually chop the wood and carry the water, >> Exactly. >> that it's hard. >> And if enterprises can find peoples to spend time on Open Source projects, help with those chores, it's hugely valuable. And it's one of those the rising tide floats all the boats. We can raise security, we can reduce the amount of dependency on maintain projects collectively. >> I think the business models there, I think one of the things I'll react to and then get your guys' comments is remember which CubeCon it was, it was one of the early ones. And I remember seeing Apple having a booth, but nobody was manning. It was just an Apple booth. They weren't doing anything, but they were recruiting. And I think you saw the transition of a business model where the worry about a big vendor taking over a project and having undue influence over it goes away because I think this idea of participation is also talent, but also committing that talent back into the communities as a model, as a business model, like, okay, hire some great people, but listen, don't screw up the Open Source piece of it 'cause that's a critical. >> Also hire a channel, right? They can use those contributions to source that talent and build the reputation in the communities that they depend on. And so there's really a lot of benefit to the larger organizations that can do this. They'll have a huge pipeline of really qualified engineers right out the gate without having to resort to cheesy whiteboard interviews, which is pretty great. >> Yeah, I agree with a lot of this. One of my concerns is that a lot of these corporations tend to focus very narrowly on certain projects, which they feel that they depend greatly, they'll invest in OpenStack, they'll invest in Docker, they'll invest in some of the CNCF projects. And then these other projects get ignored. Something that I've been a proponent of for a little bit for a while is observability of your dependencies. And I don't think there's quite enough projects and solutions to this. And it sounds maybe from lists, there are some projects that I don't know about, but I also know that there's some startups like Snyk and so forth that help with a little bit of this problem, but I think we need more focus on some of these edges. And I think companies need to do better, both in providing, having some sort of solution for observability of the dependencies, as well as understanding those dependencies and managing them. I've seen companies for instance, depending on software that they actively don't want to use based on a certain criteria that they already set projects, like they'll set a requirement that any project that they use has a code of conduct, but they'll then use projects that don't have codes of conduct. And if they don't have a code of conduct, then employees are prohibited from working on those projects. So you've locked yourself into a place where you're depending on software that you have instructed, your employees are not allowed to contribute to, for certain legal and other reasons. So you need to draw a line in the sand and then recognize that those projects are ones that you don't want to consume, and then not use them, and have observability around these things. >> That's a great point. I think we have 10 minutes left. I want to just shift to a topic that I think is relevant. And that is as Open Source software, software, people develop software, you see under the hood kind of software, SREs developing very quickly in the CloudScale, but also you've got your classic software developers who were writing code. So you have supply chain, software supply chain challenges. You mentioned developer experience around how to code. You have now automation in place. So you've got the development of all these things that are happening. Like I just want to write software. Some people want to get and do infrastructure as code so DevSecOps is here. So how does that look like going forward? How has the future of Open Source going to make the developers just want to code quickly? And the folks who want to tweak the infrastructure a bit more efficient, any views on that? >> At Gaggle, we're using AWS' CDK, exclusively for our infrastructure as code. And it's a great transition for developers instead of writing Yammel or Jason, or even HCL for their infrastructure code, now they're writing code in the language that they're used to Python or JavaScript, and what that's providing is an easier transition for developers into that Infrastructure as code at Gaggle here, but it's also providing an opportunity to provide reusable constructs that some Devs can build on. So if we've got a very opinionated way to deploy a serverless app in a database and do auto-scaling behind and all stuff, we can present that to a developer as a library, and they can just consume it as it is. Maybe that's as deep as they want to go and they're happy with that. But then they want to go deeper into it, they can either use some of the lower level constructs or create PRs to the platform team to have those constructs changed to fit their needs. So it provides a nice on-ramp developers to use the tools and languages they're used to, and then also go deeper as they need. >> That's awesome. Does that mean they're not full stack developers anymore that they're half stack developers they're taking care of for them? >> I don't know either. >> We'll in. >> No, only kidding. Anyway, any other reactions to this whole? I just want to code, make it easy for me, and some people want to get down and dirty under the hood. >> So I think that for me, Docker was always a key part of this. I don't know when DevSecOps was coined exactly, but I was talking with people about it back in 2012. And when I joined Docker, it was a part of that vision for me, was that Docker was applying these security principles by default for your application. It wasn't, I mean, yes, everybody adopted because of the portability and the acceleration of development, but it was for me, the fact that it was limiting what you could do from a security angle by default, and then giving you these tuna balls that you can control it further. You asked about a project that may not get enough recognition is something called DockerSlim, which is designed to optimize your containers and will make them smaller, but it also constraints the security footprint, and we'll remove capabilities from the container. It will help you build security profiles for app armor and the Red Hat one. SELinux. >> SELinux. >> Yeah, and this is something that I think a lot of developers, it's kind of outside of the realm of things that they're really thinking about. So the more that we can automate those processes and make it easier out of the box for users or for... when I say users, I mean, developers, so that it's straightforward and automatic and also giving them the capability of refining it and tuning it as needed, or simply choosing platforms like serverless offerings, which have these security constraints built in out of the box and sometimes maybe less tuneable, but very strong by default. And I think that's a good place for us to be is where we just enforced these things and make you do things in a secure way. >> Yeah, I'm a huge fan of Kubernetes, but it's not the right hammer for every nail. And there are absolutely tons of applications that are better served by something like Lambda where a lot more of that security surface is taken care of for the developer. And I think we will see better tooling around security profiling and making it easier to shrink wrap your applications that there are plenty of products out there that can help you with this in a cloud native environment. But I think for the smaller developer let's say, or an earlier stage company, yeah, it needs to be so much more straightforward. Really does. >> Really an interesting time, 10 years ago, when I was working at Adobe, we used to requisition all these analysts to tell us how many developers there were for the market. And we thought there was about 20 million developers. If GitHub's to be believed, we think there is now around 80 million developers. So both these groups are probably wrong in their numbers, but the takeaway here for me is that we've got a lot of new developers and a lot of these new developers are really struck by a paradox of choice. And they're typically starting on the front end. And so there's a lot of movement in the stack moved towards the front end. We saw that at re:Invent when Amazon was really pushing Amplify 'cause they're seeing this too. It's interesting because this is where folks start. And so a lot of the obstructions are moving in that direction, but maybe not always necessarily totally appropriate. And so finding the right balance for folks is still a work in progress. Like Lambda is a great example. It lets me focus totally on just business logic. I don't have to think about infrastructure pretty much at all. And if I'm newer to the industry, that makes a lot of sense to me. As use cases expand, all of a sudden, reality intervenes, and it might not be appropriate for everything. And so figuring out what those edges are, is still the challenge, I think. >> All right, thank you very much for coming on the CUBE here panel. AWS Heroes, thanks everyone for coming. I really appreciate it, thank you. >> Thank you. >> Thank you. >> Okay. >> Thanks for having me. >> Okay, that's a wrap here back to the program and the awesome startups. Thanks for watching. (upbeat music)

(upbeat electronic music) >> Okay thanks, Adam, and the studio. We're here on the floor in Cloud City, right in the middle of all the action, the keynotes are going on in the background. It's a packed house. I'm John Furrier. Dave Vellante's on assignment, digging in, getting those stories. He'll have the analysis, he'll be back on theCUBE, but I want to welcome Chloe Richardson, who has been holding down the main stage here in Cloud City with amazing content that she's been hosting. Chloe, great to see you. Thanks for coming on theCUBE, and kicking it off day two with me. >> No, not at all. Thank you for having me! It's very exciting! I love what you guys have got over here, very fun! >> We're inside theCUBE. This is where all the action is, and also, Cloud City is really changing the game. If you look at what's going on here in Cloud City, it's pretty spectacular. >> No, I mean, the atmosphere is absolutely palpable. Isn't it? You can just feel it. People walk in and see what the future looks like for the telecoms industry. Very exciting. >> And you've been doing a great job on the main stage, we're really loving your content. Let's get into some of the content here. After the keynotes are going on, we're going to have DR maybe fly by the set later, we're going to check that out. But let's check out this videotape. This is TelcoDR. You got to check out this reel, and we'll be right back, and we'll talk about it. (smooth electronic music) >> TelcoDR burst onto the global telecom scene this year, making headlines for taking over the huge Erickson space at MWC 21, and for building Cloud City in just a hundred days. But why did the company go to such trouble? And what is their unique offering to the telecoms industry? And what drives their dynamic CEO, Danielle Royston, or DR, as everyone calls her? Cloud City Live caught up with DR, away from the hustle and bustle of the city to find out. (upbeat instrumental music) >> Hi, I'm Danielle Royston, coming to you from beautiful Barcelona! I'm here for MWC 21. About a hundred days ago, I decided to take over the iconic Erickson booth to turn it into Cloud City. Cloud City has over 30 vendors, and 70 demos, to introduce telco to what I think is the future for our industry. We're going to have three awesome experiences. We're going to talk about the new subscriber experience. We're going to talk about what's in store for the new network, and the future of work. And I'm really excited to create a community, and invite awesome telco executives to see this new feature. It's been a really tough 18 months, and we didn't know what MWC 21 was going to be like in terms of attendance. And so from the get-go, we planned this amazing experience that we call Cloud City Live. At Cloud City Live, we have two main components. We have the speaker series, where we have over 50 speakers from Amazon, Google, Microsoft, as well as CSPs, and awesome vendors, talking about the public cloud in telco. The second part of Cloud City Live is theCUBE. Think of this as like an ESPN desk of awesome tech interviews focused on telco and the public cloud, hosted by John furrier and Dave Vallente. Dave and John are going to talk to a variety of guests focused on telco in the public cloud. It's a great way for our virtual participants to feel like they're at the show, experiencing what's going on here. So excited to have them as part of the Cloud City booth. There's a ton of innovation going on in telco, and 20 years ago, Elon Musk set on his mission to Mars. I, like Elon Musk, am on a quest to take telco to the public cloud. Every year at MWC, there's always a flurry of announcements, and this year is no different. At this year's MWC, Totogi, a startup that I invested $1,000,000 in, will be launching. Totogi is introducing two products to the market this week at MWC. The first is at planetary scale charger. More than a charger, it's an engagement, coupling your network data with charging information to drive subscriber engagement, and doubling your ARPU. The second product that Totogi is introducing is a planetary scale BSS system, built on top of the TM Forum Open APIs. Both of these products will be available for viewing in the virtual booth, as well as on the show floor. The public cloud is an unstoppable mega trend that's coming to telco! I'm super excited to bring to you the vendors, the products, the demonstrations, and the speakers, both to people here in Barcelona, and virtually around the world! (upbeat instrumental music) Well, that was a fascinating insight into the origins of TelcoDR, why public cloud is going to truly disrupt the telecoms industry, and why DR herself is so passionate about it. If you'd like to find out more, come and see us at Cloud City. (groovy electronic music) >> Okay, thanks. Just rolling that reel. Chloe, I mean, look at that reel, I mean, DR, Danielle Royston, she's a star. And I've seen a lot of power players in the industry. She's got guts and determination, and she's got a vision, and she's not just, you know, making noise about telco and cloud, there's actually a lot of real good vision there! I mean, it's just so impressive. >> No, it really is. And for me, it's almost like the next moonshot. It's the moonshot of the telco world! She's innovative, she's exciting. And if we've learned anything over the last 18 months, it's that we need that in this industry, to grow for the future of the industry. So, so exciting. I think she's a real inspiration! >> And I love the fact that she's so takes the tiger by the tail. Because the telco industry is being disrupted, she's just driving the bus here. And I remember, I did a story on Teresa Carlson, who was with Amazon Web Services, she was running the public sector, and she was doing the same exact thing in that public sector world in DC, and around the world. She opened up regions in Bahrain, which as a woman, that was an amazing accomplishment. And she wasn't just a woman, she was just a power player! And she was an exceptional leader. I see DR doing the same thing, and people aren't going to like that, I'll tell you right now. People are going to be like, "Whoa, what's going on here?" >> Now of course, it's always that way we pioneers though, isn't it? At the time, people thinking what is going on here, we don't like change, why are being shaken up? But actually, afterwards, in retrospect, they think, "Oh, okay. I see why that happened, and we needed it." So, really exciting stuff. >> Making things happen, that's what we're doing here on theCUBE. Obviously, the main stage's doing a great job. Let's go check out this highlight reel. If you're watching and you missed some of the action, this is obviously the physical event back since 2019 in February, but there's also a hybrid event, a lot of virtual action going on. So, you got theCUBE Virtual, you got a lot of content on virtual sites. But in person here, we're going to go show you a highlight reel from what we did yesterday, and what was happening around the show. Enjoy this quick highlight reel from yesterday. (groovy electronic music) (cheerful instrumental music) (groovy electronic music) Okay. We're back here in theCUBE. We're on the main floor out here with Chloe, who is emceeing, hosting, and driving the content on the Cloud City main stage. Chloe, it's been great here. I mean so far, day one, I was watching your presentations and fireside chats you've been hosting. Awesome content. I mean, people are like jazzed up. >> Yeah, no, for sure. We had Scott Brighton on yesterday, who was our opening keynote on the live stage, and his session was all about the future of work, which is so relevant and so pertinent to now. And he talked about the way it's changing. And in 10 years, it's going to be a trillion dollar industry to be in the cloud at work. So, really interesting! I mean, yeah, the atmosphere here is great. Everyone's excited. It's new content everyday. And that's the thing, it's not stale content! It's stuff that people want to hear. People are here for the new hot trends, the new hot topics. It's very exciting. >> Yeah, the next big thing. And also it's a fiscal event, so since 2019, this Mobile World Congress has been a massive event, and hasn't happened since February, 2019. That's a lot of time that's elapsed in the industry because of COVID, and people are glad to be here. But a lot of stuff's changed! >> Yeah. It's a different world, right? I mean, two years in the telco industry is like a hundred years elsewhere. Everything has changed! Digital transformation migration, obviously cloud, which is what we're talking about over here at Cloud City Live. I'm wondering though, John, I'd like to pick your brains on something. >> John: Sure. >> It has changed in the last two years. We know that! But what about the future of Mobile World Congress? How do you see it changing in the next few years. >> Oh, man. That's a great question. I mean, my observation, I've been coming to the show for a very long time, over a decade and a half, and it's been a nerdy show about networks, and telecom, which is basically radios, and wireless, and then mobile. But it's very global, a lot of networks. But now it's evolving! And many people are saying, and we were talking on theCUBE yesterday, Dave Vellante was commenting, that this show is turning into a consumer like show. So CES is the big consumer electronics show in the US, in Las Vegas every year. This show has got a vibe, because of all the technology from the cloud players, and from the chips, getting smaller, faster, cheaper, more capability, lower power. So people look at the chips, the hardware. It's less about the speeds and feeds, it's more about the consumer experience. We got cars. I was talking to a guy yesterday, he said, "Vehicle e-commerce is coming." I went, "What the hell his vehicle e-commerce?" And you could be on your app driving down the freeway and go, "Hey, I want some food." Instead of having it delivered to you, you order it, you pick it up. So that's kind of what can be happening now in real time, you can do all kinds of other things. So, a lot of new things are happening. >> Yeah, I think so. Do you see that as another disruption for the industry? That is, the fact that it's moving to be more consumer focused? Is there anything we should be worried about in that space? >> Well, I think the incumbents are going to lose their positions. So I think in any new shift, new brands come in out of nowhere. And it's the people that you don't think about. It's the the company that you don't see. (audience in background applauding) And we got DR on the main stage right here, look at this! We saw her walk out with the confidence of a pro. >> Chloe: Yeah, for sure. >> She just walked out there, and she's not afraid. >> Well, as she said in her video, she is ready to wake them up! And you can see as soon as she walks out, that is what she intends to do today. >> I love her mojo. She's got a lot of energy. And back to the show, I mean, she's just an example of what I was saying. Like in every market shift, a new brand emerges. >> Chloe: Yep. >> I mean, even when Apple was tainted, they were about to shut down, they were going to run out of cash, when Steve Jobs brought back Apple, he consolidated and rebooted the company, the iPad was a seminal, iPod, a seminal moment. Then the iPhone, and just, the rest is history. That kind of disruption is coming. You're going to see that now. >> Oh, it's exciting though, isn't it? To be future ready, rather than future proof! But actually I wanted to ask you something as well, because we are seeing all these cloud players getting hot under the collar about telco. Why are they so excited? What's the buzz about wire, as you're on AWS and Google Cloud, why do they want to have a slice of the pie? >> Well, I think they're hot and heavy on the fact that telco is a ripe opportunity. And it used to be this boring, slow moving glacier. It's almost like global warming now, the icebergs are melting, and it's going to just change. And because of the edge, 5G is not a consumer wireless thing, it's not like a better phone. It's a commercial app opportunity, because it's high bandwidth. We've all been to concerts, or football games, or sporting events where a stadium is packed. Everyone gets bars on their wifi, but can't get out. Can't upload their picture to Instagram. Why? Because it's choking them on the network. That's where 5G solves a problem. It brings a lot of bandwidth, and that's going to bring the edge to life, and that's money. So when you got money, and greed, and power, changing hands, if it's on the table, and the wheel's spinning, it could be double zero, or it could be lucky seven. You don't know! >> Oh, for sure. And that's certainly enough to get all the big players hot and bothered about getting involved! And I suppose it circles back to the fact that DR is really leading the charge, and they're probably thinking, "Okay, what's going on here? This is different. We want something new." You did notice it, OpenRAN is something that we've been talking about over the last day or so. We've had quite a few of us speakers over here at Cloud City Live mention OpenRAN. What is it all about, Don? Because why all the buzz if 5G is such a hot topic? Why are we get excited about it? >> That's a great thing. The 5G certainly will drive the main trend, for sure. OpenRAN is essentially an answer to the fact that 5G is popular, and they need more infrastructure. So open source, the Linux Foundation, has been the driver for most of the open source software. So, they're trying to make open software, and open architectures, to create more entrepreneurial activity around hardware, and around infrastructure, because we need more infrastructure, we need more antennas, we need more transceivers, we need more devices. That could be open. So in order to do that, you got to open up the technology, and you want to minimize the licensing, and minimize a lot of these, you know, proprietary aspects. >> What did we look at? So on Wednesday, we've got a great keynote from Phillip Langlois, who is CEO and founder of P1 Security. And he's coming to talk to us about cybersecurity within the cloud, and within telco. So you just mentioned that OpenRAN is all about having open source, about having that space where we can share more efficiently and easily more easily. What does that mean for security though? Is it at risk? >> I think it's going to increase the value of security, and minimize the threats. Because open source, even though it's open, the more people that are working on it, the more secure it could be. So yes, it could be more open in a sense that could be explored by hackers, but open can also protect. And I think we've seen open source, and cloud in particular, be more secure. Because everyone said, cloud is not secure, open source is insecure. And as it turns out, when the collective hive minds of developers work on things, it gets secure. >> And it is interesting, isn't it? Because we have seen that there has been an uptick in cyber security threats, but actually I was speaking to some leaders across various industries, and particularly in tech, and they were saying, actually, there's not been an uptick in attempted threats, there's been an uptick because with this open-source environment, we are able to track them, and measure them, and defend more efficiently. So actually, they're being batted away. But the number is probably the same as it always was, we just didn't know about them before we had this open source environment. >> There's more money in threats, and there's more surface area. So as the tide rises, so to the threats. So on a net basis, it's more, because there's more volume, but it's pretty much the same. And look it, there's money involved, they are organized. There's a business model on attacking and getting the cash out of your bank, or ransomware is at an all time high. >> Yes! >> So this is like a big problem, and it's beyond the government. It's around individual freedom. So, security is huge. And I think open source and cloud are going to be, I think, the answer to that. >> Yeah, for sure. And it's, again, about collaboration, isn't it? Which we talk about all the time, but without collaboration, the industries are going to have to work together to promote this environment. So yeah, it should be good to talk with Phillip on Wednesday. >> I'd just say on security, don't download that PDF, if you don't know who it came from. The phishing is always good. Well, we got some great stuff coming up. We're going to have a great day. We got a video here of Mobile World Live. We're going to show this next segment, and we're going to toss it to a video. And this is really about to give the experience, Chloe, for people who aren't here. To get a feel for what's going on in Barcelona, and all the action. And if you look at the video, enjoy it. >> Hi, I'm Daniel Royston, CEO and founder of TelcoDR. But you can call me DR! Ready for some more straight talk about telco? It's go time! Let's do it. Holy shit! It sure is a great time to be a tech company! I mean, if you're Amazon, Microsoft, Google, Grab, Twilio, Door Dash, or Uber, life's pretty great! Just look at these stock prices over the past five years, with their shareholder value going up and to the right. Totally amazing! But where's telco? Dare I add our stocks to this awesome chart? Let's compare these fabulous tech stocks to AT&T, Vodafone, Telefonica, TIM, America Movil, and Zain Group. Huh. Not so great, right? Yep. I'm talking directly to you, senior telco execs. I'm here to wake you up! Why is it that Wall Street doesn't see you as tech? Why aren't CSPs seen as driving all the tech change? Why is it always Apple, Amazon and Google who get the big buzz? But more importantly, why isn't it you? Before I came to this industry, I always thought of carriers as tech companies. I gave more of my money to AT&T than to Apple, because I really cared about the quality of the network. But I also wondered why on earth the carriers allowed all the other tech companies to take center stage. After spending the last few years in telco, I now understand why. It's because you are network people, you are not customer people! I get it. You have the security blanket. You're a network oligopoly. It's crazy expensive to build a network, and it's expensive to buy spectrum. It takes operational chops to run a killer network, and it takes great skill to convince Wall Street to finance all of it. You telco execs are amazing at all those things. But because you focus on the network, it means you don't focus on the customer. And so far, you haven't had to. Every Telco's KPI is to be less shitty than their next competitor. You don't have to be the best. Just don't be last. Everyone else's NPS is in the thirties too. Their mobile app ratings are just as terrible as yours. Everyone's sucks at customer sat. And it's widely acknowledged and accepted. Let's talk about the cost of that. The cost is not measured on market share against other MNOs. The cost is measured in lost ARPU that the tech guys are getting. Everyone knows about the loss of texting to WeChat, WhatsApp, and the other OTT apps. But it is not just texting. The total adjustable market, or TAM, of the mobile app disruptors is huge! Instead of remaining network focused, you should be leveraging your network into a premier position. And because you're network people, I bet you think I'm talking about coercive network leverage. That is not what I'm talking about! I'm talking about love, customer love. There is one thing the highly valued tech companies all have in common. They all crush it on customer love! They look at every interaction with the customer and say, how do we make the customer love this? Like Netflix has easy monthly cancellation, Amazon does no questions asked returns, Uber gives users a real time view into driver rating and availability. Compare those ideas to the standard telco customer interaction. The highly valued tech companies don't have the network oligopoly to fall back on like you do. To survive, they must make customers love them. So, they focus on it in a big way! And it pays off. Their NPS is close to 70, and they have app ratings of 4.5 or higher. A far cry from your thirties NPS, and app ratings of 3.5. If you want to have those huge tech multiples for yourself, you have to start thinking about these guys as your new competition, not the other telcos in your market. The crazy thing is, if you give up using your network as a crutch, and put all of your focus on the customer, the network becomes an asset worth more than all the super apps. Let's step back and talk about the value of super apps, and becoming customer centered! Retooling around the customer is a huge change, so let's make sure it's worth it. We aren't talking about 25% improvement. I'm going to show you that if you become customer centric, you can double your ARPU, double your valuation multiples, and drive big shareholder value, just like the tech companies on that chart! Now let's talk about the customer focused super apps. There are hundreds of companies in a variety of categories vying for your subscribers' disposable income. Movies, food delivery, financial services. Who are they? And why does Wall Street give them such high valuations and like them so much? Well first, look at what they are telling Wall Street about their TAM. They broadcast ridiculously huge TAMs that are greater than the telco TAMs. You know, who should have a ridiculously huge TAM? You! Hello? What I'm saying is that if you got what's yours, you double in size. And if you take the TAMs they throw around, you'd be five times as big. When I think about the opportunity to double ARPU, without having to double the cap ex to build out the network, I say to myself, hell yeah! We should totally go do it, and do whatever it takes to go get it. For example, let's talk about Grab. Grab is a Southeast Asian super app company with an expected $40 billion valuation. Grab's customer focus started in Rideshare, but then leveraged its customer love into wallet deliveries, hospitality, and investing. Their ARPU is now larger than a Telco's ARPU in countries where they compete, and they have a higher valuation than those telcos too. Imagine if you could combine a great user experience with the valuable services that helped grow your ARPU. That would be huge! So, how do you build a super app? I bet right about now, you're wishing you had a super app. Everyone wants a super app! A lot of money has been unsuccessfully spent by telcos trying to build their own. I bet you're saying to yourself, "DR, your pie in the sky sounds great, but it has no chance of success." Well, I'm betting things are about to change. There is a public cloud startup called to Totogi that is going to help carriers build world-class super apps. To have a successful super app, there is one key metric you need to know. It is the KPI that determines if your super app will be a success or a flop. It's not about the daily active users. It's not the average order value. It's not even gross merchandise value. It's all about the frequency of use per day by the user. That's the metric that matters. How many have you used that metric in your telco apps? Do you have a team driving up user app interactions every day? Most telco apps are used for top-up, or to check a bill. This is a huge missed opportunity. Super app companies excel at building great experiences and driving a huge amount of interactions. They have to, their business depends on it. They have to be customer focused. They have to keep bringing the user back to the app, every day, multiple times a day. And you know what? They do a great job. Customers love their super apps. They have great user experiences. Like Apple credit cards, no information required application process. They have high net promoter scores because of customer friendly policies. Like how Door Dash retroactively credits fees when you move to a better plan. And they have great app store ratings, because they do simple things, like remember your last order, or allow you to use the app, rather than forced you to call customer service. Customers of successful super apps love it when new services are added. And because of the customer love, every time something is added to the app, customers adopt it immediately. New services drive frequent daily user interactions. So our problem in telco is we have an app that is only open once per month, not multiple times per day. And without frequent opens, there is no super app. Hm, what do we have in telco that we could use to help with this problem? I wonder. While you don't currently have a mobile app that subscribers use multiple times a day, you have something that's 10 times better! You have a network. Subscribers already interact with your network. 10 times more frequently than any user with any of the super apps. But telcos don't leverage those interactions into the insanely valuable engagements they could be. Worse, even if you wanted to, your crappy, over customized, on-premise solutions, make it impossible. Thankfully, there's this new tech that's come around, you may have heard of it, the public cloud. When you bring the enabling technology of the public cloud, you can turn your network interactions into valuable super app interactions. And there's a special new startup that's going to help you do it, Totogi! Totogi will leverage all those network interactions, and turn them into valuable customer interactions. Let me repeat that. Totogi will leverage all those network interactions, and turn them into valuable customer interactions. Totogi allows the carrier to leverage its network, and all the network interactions, into customer engagement. This is something that super apps don't have, but will wish they did. But this magic technology is not enough. Telcos also need to move from being network focused to being customer focused. Totogi enables telcos to chase exciting revenue growth without that annoying, massive cap ex investment. Totogi is going to help you transform your sucky mobile apps, with the crappy customer ratings, into something your subscribers want to open multiple times a day, and become a platform for growth. I'm so excited about Totogi, I'm investing $100,000,000 into it. You heard me right. $100,000,000. Is this what it feels like to be SoftBank? I'm investing into Totogi because it's going to enable telcos to leverage their network interactions into super app usage! Which will lead to an improved subscriber experience, and will give you a massive jump in your ARPU. And once you do that, all those telco valuations will go from down here, (buzzes lips) to up here. And so I've been talking to some folks, you know, checking in, feeling them out, getting their thoughts. And I've been asking them, what do you think about telcos building super apps? And the response has been, "Click. Eh." Everyone says, no way. Telcos can't do it. Zero chance. Total goose egg. (egg cracking) One suggested I build a bonfire with a hundred million dollars, because then at least I wouldn't waste years of my life. Well, I think those people are dead wrong! I do believe that telcos can build super apps and make them super successful. The public cloud is changing all parts of telco, and Totogi and super apps are fundamentally changing the customer relationships. In one month at MWC, people will see what Totogi has to offer, and they will understand why I'm making this bold call. Because Totogi takes the value of the network, and the power of the public cloud, to help telcos move from being network centric, to being customer centric. Boom! If you want to make this transformation and reap all the financial benefits, you will have to compete for customers with a whole new set of players. You will no longer compete with the network focused guys, like the other telcos. Instead, you will be competing against the customer focused companies. These players don't have a network to fall back on like your old competitors, they know they have to make customers love them. Their customer loyalty is so off the charts, their customers are called fans. So if you want that big money, you will have to compete on their turf, and make the customers want to choose you. You need Apple level loyalty. That bar is uber high. We'll have to give up the security blanket of the network, and change. Instead of NPS at the thirties, it needs to be in the seventies. Instead of mobile app ratings in the threes, they need to get five stars. I'm betting big that Totogi will make that possible! I'm going to help you every step of the way, starting with my keynote next month at MWC. Join me, and I'll share the secrets to converting your super valuable network interactions to make your super app a massive success. We're going to have an amazing time, and I can't wait to see you there! >> Okay. We're back here in theCUBE here at Mobile World Congress in Cloud City. I'm John Furrier. Chloe Richardson's filling in for Dave Vellante who's out on assignment. He's out getting all the data out there and getting stories. Chloe, what a great keynote by Danielle Royston. We just heard her involving major action, major pump you up, punch in the face, "Wake the heck up cloud people, cloud is here!" She didn't pull any punches. >> No, I mean the thing is, John, there's trillions of dollars on the table, and everyone seems to be fighting for it. >> And you heard her up there, if you're not on the public cloud, you're not going to get access to that money. It's a free for all. And I think the cloud people are like, they might think they're going to walk right in, and the telco industry is going to just give it up. >> No, of course. >> And it's not going to be, it's going to be a fight! Who will win? >> Who will win, but also who will build the next big thing? (John laughing) >> Someone needs to die in the media conversations. It's always a fight. Something's dead. Something's dead but keeps the living. All that kidding aside, this is really about partnering. Think what's happened is Telco's already acknowledged that they need to change. And the 5G edge conversation, the chip acceleration. Look at Apple. They've got their own processors, Nvidia, Amazon makes their own chips, Intel's pumping stuff out, you've got Qualcomm. You've got all these new things. So, the chips are getting faster, and the software's more open source. And I'm telling you, the cloud is just going to drive that bus right down Cloud Street, and it's going to be in Cloud City everywhere. >> And it's going to be peepin' on the board as it drives down. (John laughing) John, I'm not a stalker, but I have read some of the things that you've written, and one of the things you mentioned that was really interesting was the difference between building and operating. Break it down for me, what does that mean? >> That means basically in mature markets, and growing markets, things behave differently, and certainly economics, and the people, and the makeup, and the mindset. So the telco has been kind of this mature market, it's been changing and growing, but not like radically. Cost optimization, make profit. You know, to install a lot of cable, you got to get the rents out of that infrastructure. And that's kind of gone on for too long. Cloud is a growth market. And it's about building, not just operating. And you've got operators, carriers are operating networks. So you're going to see the convergence of operators and builders coming together. Builders being software developers, new technology, and executives that think about building. And you want people on your team that are going to be, I won't say war time, you know, lieutenants or generals, but people who can handle the pace of change. Because the change and the nature is different. And some people want slow and steady, keep the boat from rocking. But in a growth market, it's turbulent, and the ride might not be quiet, first-class ticket to paradise. It's bumpy, but it's thrilling. >> No, of course. Is it similar to the old sales adage of hunter versus farmer? Are there parallels there? >> Yeah. I mean, there's a mindset. If you have a team of people that aren't knocking down new opportunities and building the next big thing, fixing your house, get your house in order, you know, refactor, reset, reboot, replatform with the cloud, and then refactor your business! If you don't have the people thinking like that, you're probably either going to be taken over, or go out of business. And that's what the telcos with all these assets, they're going to get bought, rolled into a SPAC, Special Purpose Acquisition Company, which is super hot in the United States. A lot of roll-ups going on with private equity. So a lot of these telcos, if they don't refactor, or replatform then refactor, they're going to be toast, and they're going to get rolled up, and eaten up by somebody else. >> Yeah, sure. It's interesting though, isn't it? Because when we think of telco in tech, we often think of, obviously we've got the triad, people, process, technology, and we think, process and technology really to the forefront here. But like you said there, people are also so important because if you don't have this right balance, you're not going to be able to drive that change. We had, obviously, Scott Brighton on the stage yesterday, and after his session, somebody came up to me and just said, "I'm interested to hear what that means for education." So how can we establish this new generation of tech and telco leaders from the grassroots with educational associations, establishments. How can we encourage that? I wonder, is this something that you talk about? >> Yeah. I mean, education's huge, and this highlights the change that telco's now part of. Telco used to be a boring industry that ran the networks, or moving packets around, and mobile was there. But once the iPhone came out in 2007, the life has changed, society has changed, education's changed, how people interact has changed. So, you start to see people now aware of the value. And if you look at during COVID, the internet didn't crash, the telcos actually saved our asses, and everyone survived because the network didn't break. Yeah, we had some bad Zoom meetings here and there, and some teleconferences that didn't go well, but for the most part we survived, and they really saved everybody. So, they should get kudos for that. But now they're dependent upon healthcare, education. People care about that stuff, so now you're going to start to see an elevated focus on what telecom is doing. That's why the edge has got trillions of dollars up for grabs. But education, there's negative unemployment in cybersecurity and in cloud. So for the people who say, "Oh, there's no jobs." Or, "I can't work." That's a bunch of BS, because you can just get online, get on YouTube, and just get a degree. You can get a degree. You can get an Amazon job. It pays a hundred thousand dollars a year! American. You can make a hundred thousand pounds, and be unemployed six months, and then be employed. So negative unemployment means, there's more jobs than people to fill them all, in fact. >> Yeah, it's interesting you mentioned that, because I was talking to a cyber security leader who was saying in something, I think there were now 3 million vacancies in cybersecurity. And there's such a skill shortage. There is nobody around to fill it! So it's an interesting problem to have, isn't it? Because it's reversed to what we've been used to for the last few decades! And obviously, telco is in the same space. But what can we do about it do you think, to actually -- >> I think it's going to take leadership, and I'm a big proponent of kids not going to university if they don't have to. Why spend the dough, money, if you don't have to? You can get online. I mean, the data's there. But to me, it's the relationships, the mentorship. You're starting to see a women in tech, and underrepresented minorities in the tech field, where mentorship is more important than curriculum. Community is more important than just going through a linear courseware. Nobody wants to sit online and go through linear courseware. Now, if they have to get a certificate, or degree, and accreditation, no problem. But the communities are out there, so that's a big change over, I'm a big fan of that. And I think people should, you know, get some specialized skills. You can get that online, so why even go to school? So, people are figuring that out. >> For sure. And also, even transferring. I mean, so many skills are transferable nowadays, aren't they, so we could easily be talking to people from other industries, and bringing them into telco, and saying, "Look, bring what you know from your retail background, or your healthcare background, and help us at telco to, again, drive forwards." Just like DR was saying, it's all about the next big thing. >> Well, Danielle is always also driving a lot of change. And if you think about the jobs, and the pedigree of going to a university, oh, Harvard, all the big Ivy Leagues, Oxford in your area. So it's like, if you go to the school like that, and you get a pedigree, you instantly get a job. Now the jobs that are available weren't around five years ago, so there's no like pedigree or track record. There's no like, everyone's equal. >> Yeah. >> So you could, the democratization of the internet now, from a job standpoint, is people are leveling up faster. So it's not about the Ivy League, or the big degree, or silver spoon in your mouth, you've got the entitlement. So you start to see people emerging and making things happen. Entrepreneurship in America, immigrant entrepreneurship. People are billionaires that have no high school diplomas! >> It's interesting you mention that, John, because we can't have more than five years experience in this space, we know that. But in telco, there is a problem. And maybe it's, again, it's a flipped problem where telco recruiters, or talent acquisition leaders, are now asking for kind of 10, 20 years experience when they're sending out job descriptions. So does that mean that we are at fault for not being able to fill all these vacancies? >> I think that's just, I mean I think there's a transition of the new skill set happening, one. But two, I think, you know, to be like a chip engineer, (laughs) you can't learn that online. But if you want to run a cloud infrastructure, you can. But I think embedded systems is an area that I was talking to an engineer, there's a huge shortage of engineers who code on the microprocessors, on the chips. So, embedded systems is a big career. So there's definitely paths you can specialize. Space is another area you've seen a lot of activity on. You see Jeff Bezos and Elon Musk is going to be here on a virtual keynote, trying to go to Mars. And you know, Danielle Royston always says, "What's going to happen first, Mars colony, or telco adopting public cloud?" And some people think Mars will happen first, but. >> What do you think, John? >> I think Telco's going to get cloud. I mean first of all, public cloud is now hybrid cloud, and the edge, this whole internet edge, 5G, is so symbolic and so important, because it's an architectural beachhead. And that's where the trillion dollar baby is. So, the inside baseball, and the inside money, and all the investors are focusing on the edge, because whoever can command the edge, wins all the dollars. So everyone kind of knows, it's a public secret, and it's fun to watch everyone jockey for the positions. >> Yeah no, it really is. But it's also quite funny, isn't it? Because the edge is almost where we were decades ago, but we're putting the control back in the hands of consumers. So, it's an interesting flip. And I wonder if, with the edge, we can really enhance this acceleration of product development, this efficiency, this frictionless system in which we live in. And also, I've heard you say hybrid a few times, John. >> John: Yeah. >> Is hybrid going to be the future of the world no matter what industry you're in? >> Hybrid is everything now. So, we're the hybrid CUBE, we've got hybrid cloud. >> Exactly. >> You got hybrid telco, because now you've got the confluence of online and offline coming together. That is critical dynamic! And you're seeing it. Like virtual reality, for instance, now you're seeing things, I know you guys are doing some great work at your company around creating experiences that are virtual. You got, companies like Roblox went public recently. Metaverse. It's a good time to be in that business, because experiential human relations are coming. So, I think that's going to be powered by 5G. You know, gamers. So, all good stuff. Chloe, great to be with you here on theCUBE, and we're looking forward to seeing your main stage. >> Great. >> And then we're going to send it back to the studio, Adam, and the team. We're waiting for DR to arrive here in Cloud City. And this is theCUBE, from Cloud City, back to you, Adam, and the studio.

(upbeat music) >> Okay, thanks Adam in the studio. We're here on the floor in Cloud City, right in the middle of all the action. The keynotes are going on in the background, it's a packed house. I'm John Furrier. Dave Vellante is on assignment, digging in, getting those stories. He'll have the analysis, he'll be back on theCUBE but I want to welcome Chloe Richardson, who has been holding down the main stage here in Cloud City, with amazing content that she's been hosting. Chloe, great to see you. Thanks for coming on theCUBE and kicking it up day two with me. >> No, not at all. Thank you for having me. It's very exciting. I love what you guys have got over here, very fun. >> We're inside theCUBE. This is where all the action is. And also the Cloud City is really changing the game. If you look at what's going on here in Cloud City, it's pretty spectacular. >> Know, I mean the atmosphere is absolutely palpable, isn't it? You can just feel as people walk in and see what the future looks like to the Telecoms industry, it's very exciting. >> And you've been doing a great job on the main stage. We've been really loving your content. Let's get into some of the content here. Actually the keynote is going on, we're going to have DR, maybe fly by the set later, we're going to check that up. But let's check out this videotape of, this is TelcoDR. You got to check out this reel and we'll be right back, we'll talk about it. (upbeat music) >> TelcoDR burst onto the global telecom scene this year, making headlines for taking over the huge Erickson's space at MWC21. And for building Cloud City in just a hundred days. But why did the company go to such trouble? And what is the unique offering to the telecoms industry? And what drives their dynamic CEO, Danielle Royston or DR as everyone calls her? Cloud City Live caught up with DR, away from the hustle and bustle of the city to find out. (upbeat music) >> Hi, I'm Danielle Royston, coming to you from beautiful Barcelona. I'm here for MWC21. About a hundred days ago, I decided to take over the iconic Erickson booth to turn it into Cloud City. Cloud City has over 30 vendors and 70 demos to introduce telco to what I think is the future for our industry. We're going to have three awesome experiences. We're going to talk about the new subscriber experience, we're going to talk about what's in store for the new network and the future of work. I'm really excited to create a community and invite awesome telco executives to see this new future. It's been a really tough 18 months, and we didn't know what MWC21 was going to be like in terms of attendance. And so from the get go we plan this amazing experience that we call, Cloud City Live. At Cloud City Live, we have two main components. We have the speaker series where we have over 50 speakers from Amazon, Google, Microsoft, as well as CSPs and awesome vendors talking about the public cloud in telco. The second part of Cloud City Live, is theCUBE. Think of this as like an ESPN desk of awesome tech interviews focused on telco and the public cloud hosted by John Furrier and Dave Vellante. Dave and John are going to talk to a variety of guests, focused on telco and the public cloud. It's a great way for our virtual participants to feel like they're at the show, experiencing what's going on here. So excited to have them as part of the Cloud City booth. There's a ton of innovation going on in telco. And 20 years ago, Elon Musk set on his mission to Mars. I, like Elon Musk, I'm on a quest to take telco to the public cloud. Every year at MWC, there's always a flurry of announcements and this year is no different. At this year's MWC, Totogi, a startup that I invested a hundred million dollars in, will be launching. Totogi is introducing two products to the market, this week at MWC. The first is a planetary scale charger. More than a charger, it's an engagement coupling dual network data with charging information to drive subscriber engagement and doubling your ARPU. The second product that Totogi is introducing, is a planetary scale BSS system built on top of the TM forum, open APIs. Both of these products will be available for viewing in the virtual booth, as well as on the show for. The public cloud is an unstoppable mega trend that's coming to telco. I'm super excited to bring to you, the vendors, the products, the demonstrations, and the speakers, both to people here in Barcelona and virtually around the world. (upbeat music) >> Well, that was a fascinating insight into the origins of TelcoDR, why public cloud is going to truly disrupt the telecoms industry and why DR herself is so passionate about it. If you'd like to find out more, come and see us at Cloud City. (upbeat music) >> Okay, thanks. Just roll on that reel. Chloe, I mean, look at that reel. I mean, DR, Danielle Royston, she's a star and I've seen a lot of power players in the industry. She's got guts and determination, and she's got a vision and she's not just, you know, making noise about telco and cloud, there's actually a lot of real good vision there. I mean, it's just so impressive. >> No, really isn't. And for me, it's almost like the next moonshot. It's the moonshot of the telco world. She's innovative, she's exciting and if we've learned anything over the last 18 months is that we need to in this industry to grow and for the future of the industry. So, it's so exciting. I think she's a real inspiration. >> And I love the fact that she's so, takes a tiger by the tail, because the telco industry is being disrupted. She's just driving the bus here and I remember I did a story on Teresa Carlson, who was with Amazon web services, she was running the public sector and she was doing the same exact thing in that public sector world in DC and around the world. She opened up regions in Bahrain, which as a woman, that was an amazing accomplishment. And she wasn't just a woman, she was just a power player. And she was exceptional leader. I see DR doing the same thing and people aren't going to like that, I'll tell you right now. People are going to be like, whoa, what's going on here? >> And of course, it's always the way we pioneers though, isn't it? At the time people thinking what's going, we don't like change, why are we being shaken up. But actually afterwards, in retrospect, they think, oh, okay, I see why that happened and we needed it. So really exciting stuff. >> Making things happen, that's what we're doing here in theCUBE. Obviously the main stage's doing a great job. Let's go check out this highlight reel. If you're watching and you miss some of the action, this is, I'll see the physical event back since 2019 in February, but there's also a Hybrid event. A lot of virtual action going on. So you got theCUBE virtual, you got a lot of content on virtual sites, but in person here, we're going to go show you a highlight reel from what we did yesterday, what was happening around the show? Enjoy this quick highlight reel from yesterday. (upbeat music) (upbeat music) (upbeat music) Okay. We're back here in theCUBE. We're the main floor out here with Chloe Richardson, who is emceeing, hosting and driving the content on the Cloud City main stage. Chloe, it's been great here. I mean, so far day one, I was watching your presentations and inspire site chats you've been hosting. Awesome content. I mean, people are like jazzed up. >> Yeah, I know for sure. We had Scott Brighton on yesterday, who was our opening keynote on the live stage. And his session was all about the future of work, which is so relevant and so pertinent to now. And he talked about the way it's changing and in 10 years it's going to be a trillion dollar industry to be in the cloud at work. So really interesting. I mean, yeah, the atmosphere here is great, everyone's excited, there's new content everyday. And that's the thing, it's not stale content. It's stuff that people want to hear. People are here for the new hot trends, the new hot topics. Really exciting. >> Yeah, the next big thing. And also it's a fiscal event. So since 2019, this Mobile World Congress has been a massive event and hasn't happened since February, 2019. That's a lot of time that's elapsed in the industry cause of COVID and people are glad to be here, but a lot of stuff's changed. >> Yeah, it's a different world, right? I mean, two years in the telco industry is like a hundred years elsewhere. Everything has changed, digital transformation migration, obviously cloud, which is what we're talking about over here at Cloud City Live. I'm wondering though John, I'd like to pick your brains on something. >> Sure. >> It has changed in the last two years, we know that, but what about the future of Mobile World Congress? How do you see it changing in the next few years? >> Oh man, that's a great question. I mean, my observation, I've been coming to the show for a very long time, over a decade and a half, and it's been a nerdy show about networks and telecom, which is basically radios and wireless and then mobile. It's very global, a lot of networks, but now it's evolving and many people are saying, and we were talking on theCUBE yesterday, Dave Vellante was commenting that this show is turning into a consumer like show. So CES is the big consumer electronics show in the US, in Las Vegas every year. This show has got a vibe because what's all the technology from the cloud players and from the chips, are getting smaller, faster, cheaper, more capability, lower power. So if you look at the chips, the hardware, it's less about the speeds and feeds. It's more about the consumer experience. You got cars. I was talking to a guy yesterday, he said, "Vehicle e-commerce is coming." I'm like, "What the hell his vehicle e-commerce?" And you could be on your app, driving down the freeway and go, "Hey, I want some food." Instead of having it delivered to you, if you order it you pick it up. So that's kind of can be happening now in real time, you can do all kinds of other things. so a lot of new things are happening. >> Yeah, I think so. Do you see that as another disruption for the industry that is the fact that it's moving to be more consumer focused? Is that anything we should be worried about in that space? >> Well I think the incumbents are going to lose their position. So I think in any new shift, new brands come in out of nowhere. >> For sure. >> And it's the people that you don't think about. It's the company that's not, that you don't see. And we got DR on the main stage right here, look at this. You saw her walk out with the confidence of a pro. She just walked out there and she's not afraid. >> No. Well, as she said in her video, she is ready to wake them up and you can see as soon as she worked out. That is what she intends to do. >> I love her mojo, she's got a lot of energy. And back to the show, I mean, she's just an example of what I was saying. Like in every market shift, a new brand emerges. >> Yep. >> I mean, even when apple was tainted, they were about to shut down, they were going to run out of cash. When Steve Jobs brought back apple, he consolidated and rebooted the company. The iPad was a similar moment, then the iPhone and just the rest is history. That kind of disruption's coming. You're going to see that here. >> Yeah. Oh, it's exciting though isn't it? To be future ready rather than future proof but actually I wanted to ask you something as well, because we are seeing all these cloud players getting hot under the collar about telco. Why are they so excited? What's the buzz about why, as you're in MWS and Google Cloud? Why do they want to have a slice of the pie? >> Well, I think they're hot, hot and heavy on the fact that telco is a ripe opportunity and it used to be this boring, slow moving glacier. >> Okay. >> It's almost like global warming now. The icebergs are melting and it's going to just change and because of the edge, 5G is not a consumer wireless thing. It's not like a better phone, it's a commercial app opportunity cause it's high bandwidth. We've all been to concerts or football games or sporting events where a stadium is packed. Everyone gets bars on their wifi, but can't get out, can't upload their pictures on Instagram. Why? Because it's choking them in the network. That's where 5G solves the problem. It brings a lot of bandwidth and that's going to bring the edge to life and that's money. So when you got money and greed and power changing hands, it's every, it's on the table and the wheel's spinning, and it could be double zero, or it could be lucky seven. You don't know. >> Yeah, for sure. And that's certainly enough to get all the big players hot and bothered about getting involved. And I suppose it circles back to the fact that, DR is really leading the charge and they're probably thinking, okay, what's going on here? This is different, we want something new. You didn't know it's an open run or something that we've been talking about over the last day or so. We've had quite a few of us speakers over here constantly. I've mentioned open run. What is it all about John? Because why all the bars, if 5G is such a hot topic? Why are we getting excited about it? >> That's a great thing. 5G certainly is Google Drive the main trend for sure. OpenRent is essentially an answer to the fact that 5G is popular and they need more infrastructure. So open source, the Linux Foundation has been the driver for most of the open source software. So they're trying to bring software and open architectures to create more entrepreneurial activity around hardware and around infrastructure because we need more infrastructure. We need more antennas, we need more transceivers, we need more devices that could be open. So in order to do that, you got to open up the technology and you want to minimize the licensing and minimize a lot of these, you know, proprietary aspects. >> What if we look at, so on Wednesday, we've got a great keynote from Philippe Langlois, who is CEO and founder of P1 Security. And he's coming to talk to us about cybersecurity within the cloud and within telco. So you just mentioned that. Open mind, it's all about having open source, about having that space where we can share more efficiently and easy, more easily. What does that mean for security though? Is it a risk? >> I think that's going to increase the value of security and minimize the threats. Because open source, even though it's open, the more people that are working on it, the more secure it could be. So yes, it could be more open in sense that could be explored by hackers, but it can be open to also protect. And I think we've seen open source and cloud in particular be more secure because everyone said, "Cloud is not secure, open source is not secure." And as it turns out when the collective hive minds of developers work on things, it gets secure. >> And it is interesting, isn't it? Because we have seen that there has been an uptick in cyber security and threats. But actually I was speaking to some leaders in across various industries and particularly in tech. And they were saying, "Actually there's not been an uptick in attempted threats, there's been an uptick because with this open source environment. We are able to track them and measure them and defend more efficiently. So actually they're being battered away, but the number is probably the same as it always was. We just didn't know about them before we had this open source environment. >> There's more money in threats and there's more surface area. So as the tide rises, so do the threats. So on a net basis it's more because there's more volume, but it's pretty much the same. And look at it, there's money involved, they're organized, there's a business model on attacking and getting the cash out of your bank or ransomwares at an all time high. So this is like a big problem and it's beyond the government, it's our individual freedom. So security its huge and I think open source and cloud are going to be, I think the answer to that. >> Yeah, for sure. And it's again about collaboration, isn't it? Which we talk about all the time but without collaboration that the industries aren't going to have to work together to promote this environment. So yeah, it should be good to talk with Phillip on Wednesday. >> I just say in security, don't download that PDF if you don't know who came from. The fishing is always good. Well, we got some great stuff coming up. We're going to have a great day. We got a video here on Mobile World Live, we're going to show this next segment and we're going to toss it to a video. And this is really about to give the experience Chloe, for people who aren't here, right? >> Yeah. >> To get a feel for what's going on in Barcelona and all the actions. And if you look at the video, enjoy it. >> Hi, I'm Danielle Royston, CEO and founder of TelcoDr, but you can call me DR. Ready for some more straight talk about telco? It's go time, let's do it. Holy shit. It sure is a great time to be a tech company. I mean, if you're Amazon, Microsoft, Google, Grab, Twilio, DoorDash or Uber, life's pretty great. Just look at these stock prices over the past five years with their shareholder value going up into the right. Totally amazing. But where's telco? There I add our stocks to this awesome chart. Let's compare these fabulous tech stocks to AT&T, Vodafone, Telefonica, Tim, America Movil and Zain group. Huh, not so great, right? Yep. I'm talking directly to you senior telco execs. I'm here to wake you up. Why is it that Wall Street doesn't see you as tech? Why aren't CSPs seen as driving all the tech change? Why is it always Apple, Amazon and Google who get the big buzz? But more importantly, why isn't it you? Before I came to this industry, I always thought of carriers as tech companies. I gave more of my money to AT&T and to Apple because I really cared about the quality of the network. But I also wondered why on earth, the carriers allowed all the other tech companies to take center stage. After spending the last few years in telco, I now understand why. It's because you are network people, you are not customer people. I get it, you have the security blanket, you're a network oligopoly. It's crazy expensive to build a network and it's expensive to buy spectrum. It takes operational chops to run a killer network and it takes great skill to convince Wall Street, to finance all of it. You telco execs are amazing at all those things, but because you focus on the network, it means you don't focus on the customer. And so far you haven't had to. Every telco's KPI is to be less shitty than their next competitor. You don't have to be the best, just don't be last. Everyone else's NPS, is in the thirties too. Their mobile app ratings are just as terrible as yours. Everyone's sucks at customer sat and it's widely acknowledged and accepted. Let's talk about the cost of that. The cost is not measured on market share against other MNOs. The cost is measured in lost ARPU that the tech guys are getting. Everyone knows about the loss of texting, to WeChat, WhatsApp and the other OTT apps, but it is not just texting. The total adjustable market or term of the mobile app disruptors is huge. Instead of remaining network focused, you should be leveraging your network into a premier position. And because you're a network people, I bet you think I'm talking about coercive network leverage. That is not what I'm talking about. I'm talking about love, customer love. There is one thing the highly valued tech companies all have in common. They all crush it on customer love. They look at every interaction with the customer and say, "How do we make the customer love this?" Like Netflix has easy monthly cancellation, Amazon does no questions asked returns, Uber gives users a real time view into driver rating and availability. Compare those ideas to the standard telco customer interaction. The highly valued tech companies, don't have the network oligopoly to fall back on like you do. To survive they must make customers love them. So they focus on it in a big way and it pays off. Their NPS is close to 70 and they have app ratings of 4.5 or higher. A far cry from your thirties NPS and app ratings of 3.5. If you want to have those huge tech multiples for yourself, you have to start thinking about these guys as your new competition, not the other telcos in your market. The crazy thing is, if you give up using your network as a crutch and put all of your focus on the customer, the network becomes an asset worth more than all the super apps. Let's step back and talk about the value of super apps and becoming customer centric. Retooling around the customer is a huge change. So let's make sure it's worth it. We aren't talking about 25% improvement. I'm going to show you that if you become customer centric, you can double your ARPU, double your valuation multiples and drive big shareholder value just like the tech companies on that chart. Now let's talk about the customer focused super apps. There are hundreds of companies and a variety of categories vying for your subscriber's disposable income. Movies, food delivery, financial services, who are they? And why does Wall Street give them such high evaluations and like them so much? Well first, look at what they are telling Wall Street about their TAM. They broadcast ridiculously huge TAMs that are greater than the telco TAMs. You know, who should have a ridiculously huge TAM? You. Hello. What I'm saying is that if you got what's yours, you double in size. And if you take the TAAMs they throw around, you'll be five times as big. When I think about the opportunity to double ARPU, without having to double the CapEx, to build out the network, I say to myself, "Hell yeah, we should totally go do it and do whatever it takes to go get." For example, let's talk about Grab. Grab is a southeast Asian super app company with an expected $40 billion valuation. Grab's customer focused started in rideshare, but then leverage its customer love into wallet deliveries, hospitality, and investing. Their ARPU is now larger than a telco's ARPU in countries where they compete, and they have a higher valuation than those telcos too. Imagine if you could combine a great user experience with a valuable services that helped grow your ARPU, that would be huge. So how do you build a super app? I bet right about now, you're wishing you had a super app. Everyone wants a super app. A lot of money has been unsuccessfully spent by telcos trying to build their own. I bet you're saying to yourself, "DR, your pie in the sky sounds great but it has no chance of success." Well, I'm betting things are about to change. There is a public cloud startup called Totogi that is going to help carriers build world class super apps. To have a successful super app, there is one key metric you need to know. It is the KPI that determines if your super app will be a success or a flop. It's not about the daily active users, it's not the average order value, it's not even gross merchandise value. It's all about the frequency of use per day by the user, that's the metric that matters. How many of you use that metric in your telco apps? Do you have a team driving up user app interactions every day? Most telco apps are used for top up or to check a bill. This is a huge missed opportunity. Super app companies excel at building great experiences and driving a huge amount of interactions. They have to, their business depends on it. They have to be customer focused. They have to keep bringing the user back to the app, every day, multiple times a day. And you know what? They do a great job. Customers love their super apps. They have great user experiences like Apple credit cards, no information required, application process. They have high net promoter scores because of customer friendly policies, like how DoorDash retroactively credits fees when you move to a better plan. And they have great app store ratings because they do simple things like remember your last order, or allow you to use the app rather than force you to call customer service. Customers of successful super apps love it when new services are added. And because of the customer love, every time something is added to the app, customers adopt it immediately. New services drive frequent daily user interactions. So our problem in telco is we have an app that is only open once per month, not multiple times per day. And without frequent opens, there is no super app. What do we do we have in telco that we could use to help with this problem? I wonder, why you don't currently have a mobile app that subscribers use multiple times a day. You have something that's 10 times better. You have a network. Subscribers already interact with your network 10 times more frequently than any user with any of the super apps. But telcos don't leverage those interactions into the insanely valuable engagements they could be. Worse, even if you wanted to your crappy over customized on premise solutions, make it impossible. Thankfully, there's this new tech that's come around, you may have heard of it. The public cloud. When you bring the enabling technology of the public cloud, you can turn your network interactions into valuable super app interactions. And there's a special new startup that's going to help you do it, Totogi. Totogi will leverage all those network interactions and turn them into valuable customer interactions. Let me repeat that. Totogi will leverage all those network interactions and turn them into valuable customer interactions. Totogi allows the carrier to leverage its network and all the network interactions into customer engagement. This is something the super apps don't have but will wish they did. But this magic technology is not enough. Telcos also need to move from being network focus to being customer focused. Totogi enables telcos to chase exciting revenue growth without that annoying massive CapEx investment. Totogi is going to help you transform your sucky mobile apps with the crappy customer ratings, into something your subscribers want to open multiple times a day and become a platform for growth. I'm so excited about Totogi, I'm investing $100 million into it. You heard me right, $100 million. Is this what it feels like to be soft bank? I'm investing in Totogi because it's going to enable telcos to leverage the network interactions into super app usage. Which will lead to an improved subscriber experience and will give you a massive jump in your ARPU. And once you do that, all those Telco valuations will go from down here to up here. And so I've been talking to some folks, you know, checking in, feeling them out, getting their thoughts, and I've been asking them, what do you think about telcos building super apps? And the response has been, click, everyone says, "No way, telcos can't do it." Zero chance, total goose egg. One suggested I build a bonfire with 100 million dollars, because then at least I wouldn't waste years of my life. Well I think those people are dead wrong. I do believe that telcos can build super apps and make them super successful. The public cloud is changing all parts of telco and Totogi and super apps are fundamentally changing, the customer relationships. In one month at MWC, people will see what Totogi has to offer, and they will understand why I'm making this bold call. Because the Totogi takes the value of the network and the power of the public cloud to help telcos move from being network centric, to being customer centric. Boom! If you want to make this transformation and reap all the financial benefits, you will have to compete for customers with a whole new set of players. You will no longer compete with the network focus guys like the other telcos, instead you will be competing against the customer focused companies. These players don't have a network to fall back on like your old competitors. They know they have to make customers love them. Their customer loyalty is so off the charts, their customers are called fans. So if you want that big money, you will have to compete on their turf and make the customers want to choose you, you need Apple level loyalty. That bar is uber high. We will have to give up the security blanket of the network and change. Instead of NPS of the thirties, it needs to be in the 70s. Instead of mobile app ratings in the threes, they need to get five stars. I'm betting big that Totogi will make that possible. I'm going to help you every step of the way, starting with my keynote next month at MWC. Join me and I'll share the secrets to converting your super valuable network interactions to make your super app a massive success. We're going to have an amazing time and I can't wait to see you there. >> Okay. We're back here in theCUBE here at Mobile World Congress in Cloud City. I'm John Furrier, Chloe Richardson filling it for Dave Vellante who's out on assignment. He's out getting all the data out there and getting stories. Chloe, what a great keynote by Danielle Royston. We just heard her and while with major action, major pump me up, punch in the face, wake the heck up cloud people, cloud is here. She didn't pull any punches. >> No, I mean the thing is John, there's trillions of dollars on the table and everyone seems to be fighting for it. >> And you heard her up there, if you're not on the public cloud, you're not going to get access to that money. It's a free for all. And I think the cloud people are like, they might think they're going to walk right in and the telco industry is going to just give it up. >> No, of course. >> There's not going to be, it's going to be a fight, who will win. >> Who will win but also who will build the next big thing? >> Someone needs to die in the media conversation, it's always a fight, something's dead, something's dead but keeps the living. All that kidding aside, this is really about partnering. I think what's happened is, telco's already acknowledged that they need to change in the 5G edge conversation, the chip acceleration. Look at Apple, they've got their own processors, Nvidia, Amazon makes their own chips, Intel's pumping stuff out, you've got Qualcomm, you've got all these new things. So the chips are getting faster and the software's more open source and I'm telling you, cloud is just going to drive that bus right down clouds street and it's going to be in Cloud City everywhere. >> And it's going to be peeping on the board as it drives down. John, I'm not a stalker, but I have read some of the things that you've written. And one of the things you mentioned that was really interesting was the difference between building and operating. Break it down for me. What does that mean? >> That means basically in mature markets and growing markets things behave differently and certainly economics and the people and the makeup and the mindset. >> Okay. >> So the telco has been kind of this mature market. It's been changing and growing but not like radically. Cost optimization, make profit, you know, install a lot of cable. You got to get the rents out of that infrastructure and that's kind of gone on for too long. Cloud is a growth market, and it's about building, not just operating and you've got operators, carriers are operating networks. So you're going to see the convergence of operators and builders coming together, builders being software developers, new technology and executives that think about building. And you want people on your team that are going to be, I won't say war time, you know, lieutenants or generals, but people who can handle the pace of change. >> Okay. >> Because the change and the nature is different. And some people want slow and steady, keep the boat from rocking, but in a growth market, it's turbulent and ride might not be quiet, first class ticket to paradise, but it's bumpy, but it's thrilling. >> No, of course. Is it similar to the old sales adage of hunter versus farmer and the parallels? >> Yeah. I mean, the mindset. If you have a team of people that aren't knocking down new opportunities and building the next big thing, fixing your house, get your house in order, you know, refactor, reset, reboot, re platform with the cloud and then refactor your business. If you don't have the people thinking like that, you're probably either going to be taken over or go out of business. And that's what the telco with all these assets, they're going to get bought roll into a SPAC, special purpose acquisition company was a super hot in the United States. A lot of roll ups going on with Private equity. So a lot of these telcos, if they don't refactor or re platform, then refactor, they're going to be toast and they're going to get rolled up and eaten up by somebody else. >> Yeah, sure. It's interesting though, isn't it? Because when we think of telco in tech, we often think of, obviously we've got the triad. People process technology, and we think process and technology really take the forefront here but like you said there, people are also so important because if you don't have this right balance, you're not going to be able to drive that change. We had, obviously Scott Brighton on the stage yesterday and after his session, somebody came up to me and just said, "I'm interested to hear what that means for education." So how can we establish this new generation of tech and telco leaders from the grassroots with educational associations establishments? How can we encourage that? I wonder, is this something that you talk about often? >> Yeah. I mean, education is huge and this highlights the change that telcos now part of. Telco used to be a boring industry that ran the networks, or moving packets around and mobile was there, but once the iPhone came out in 2007, the life has changed, society has changed, education's changed, how people interact has changed. So you start to see people now aware of the value and if you look at the, during the COVID, the internet didn't crash, the telcos actually saved our asses and everyone was, survive because the network didn't break. Yeah, we had some bad zoom meetings here and there and some teleconferences that didn't go well but for the most part we survived and they really saved everybody, my goodness. So they should get kudos for that. But now they're dependent upon healthcare, education, people care about that stuff. So now you're going to start to see an elevated focus on what telecom is doing. That's why The Edge has checked trillions of dollars up for grabs. But education, there's negative unemployment in cybersecurity and in cloud. So for the people who say, oh, there's no jobs or I can't work, that's a bunch of BS because you can just get online, get on YouTube and just get a degree. You can get a degree, you can get an Amazon job, it pays a hundred thousand dollars a year, American. You can make a hundred thousand pounds and be unemployed six months and then be employed. So negative unemployment means there's more jobs than people to fill them qualify. >> Yeah, it's interesting you mentioned that because I was talking to a cyber security leader who was saying in some of the things there were now 3 million vacancies in cybersecurity and there's such a skill shortage, there is nobody around to fill it. So it's an interesting problem to have isn't it? Cause it's reversed to what we've been used to for the last few decades and obviously telco is in the same space. What can we do about it? Do you think it will actually bring people in? >> I think it's going to take leadership and I'm a big proponent of kids not going to university, they don't have to. Why spend the dough, money if you don't have to? You can get online. I mean, the data's there, but to me it's the relationships, the mentorship. You starting to see women in tech and underrepresented minorities in the tech field, where mentorship is more important than curriculum. Community is more important than just going through a linear course where nobody wants to sit online and go through linear courseware. Now, if they have to get a certificate or degree and accreditation no problem, but communities are out there. So that's a big change over, I'm a big fan of that and I think people should, you know, get some specialized skills, you can get that online. So why even go to school? So people are figuring that out. >> For sure. And also even transferring, I mean, so many skills are transferable nowadays, aren't there? So we could easily be talking to people from other industries and bringing them into telco and saying, look, bring what you know from your retail background or your healthcare background and help us at telco to again, drive forward, just like DR is saying it's all about the next big thing. >> Danielle, I was also driving a lot of change and if you think about the jobs and a pedigree of going to a university, oh, Harvard, all the big Ivy leagues, Oxford in your area. So it's like, if you go to a school like that and you get a pedigree, you instantly get a job. Now, the jobs that are available, weren't around five years ago. So there's no like pedigree or track record, there's no like, everyone's equal. >> Yeah. >> So you could, the democratization of the internet now is, from a job standpoint is, people are leveling up faster. So it's not about the Ivy league or the big degree or silver spoon in your mouth, you've got the entitlement. So you start to see people emergent and make things happen, entrepreneurship in America, immigrant entrepreneurship. People are billionaires that have no high school diplomas. >> It's interesting you mentioned that John, because we can have more than five years experience in this space, we know that but in telco there is a problem and maybe it's, again it's a flipped problem where, telco recruiters or talent acquisition leaders, are now asking for kind of 10, 20 years experience when they're sending out job descriptions. So does that mean that we are at fault for not being able to fill all these vacancies? >> Well, I mean, I think that's just, I mean, I think there's a transition of the new skill set happening one, but two, I think, you know, you've got to be like a chip engineer, you can't learn that online, but if you want to run a cloud infrastructure, you can. But I think embedded systems is an area that I was talking to an engineer, there's a huge shortage of engineers who code on the microprocessors, on the chips. So embedded systems is a big career. So there's definitely parts, you can specialize, space is another area you've seen a lot of activity on, obviously Jeff Bezos and Elon Musk is going to be here on virtual keynote, trying to go to Mars. And, you know, Danielle Royston always says, who's going to happen first, Mars, colony, or telco adopting public cloud? Some people think Mars will happen first but. >> What do you think John? >> I think telco's going to get cloud. I mean, first of all, public cloud is now hybrid cloud and the edge, this whole internet edge, 5G, is so symbolic and so important because it's an architectural beachhead. >> Yeah. >> And that's where the trillion dollar baby is. >> Of course. >> So the inside baseball and the inside money and all the investors are focusing on the edge because whoever can command the edge, wins all the dollars. So everyone kind of knows it's a public secret and it's fun to watch, everyone jockey for the positions. >> Yeah, know, it really is. But it's also quite funny, isn't it? Because the edge is almost where we were decades ago, but we're putting the control back in the hands of consumers. So it's an interesting flip and I wonder if with the edge, we can really enhance this acceleration of product development its efficiency, this frictionless system in which we live in. And also, I've heard you say hybrid a few times John. >> Yeah. >> Is hybrid going to be the future of the world no matter what industry you're in? >> Hybrid is everything now. So it's, we're the hybrid cube, we've got hybrid cloud. >> Exactly. >> You got hybrid telco, because now you've got the confluence of online and offline coming together. >> Yeah. >> That is critical dynamic, and you seeing it. Like virtual reality for instance, now you seeing things, I know you guys are doing some great work at your company around creating experiences that are virtual. >> Exactly. >> You got, like Roblox went public recently. >> Yeah. >> Metaverse is a good time to be in that business because experiential human relations are coming. So I think that's going to be powered by 5G, you know, gamers. So all good stuff, Chloe, great to be with you here in theCUBE. >> Thank you. >> And we're looking forward to seeing your main stage. >> Great. >> And then we're going to send it back to the studio, Adam and the team, we're waiting for DR to arrive here in Cloud City and this is theCUBE, from Cloud City back to you, Adam in the studio.

>> From around the globe, it's theCUBE, with coverage of KubeCon and CloudNativeCon Europe 2021 Virtual. Brought to you by Red Hat, the Cloud Native Computing Foundation and ecosystem partners. >> Hello, welcome back to theCUBE's coverage of KubeCon 2021 CloudNativeCon Europe Virtual, I'm John Furrier your host, preview with Brian Gracely from Red Hat Senior Director Product Strategy Cloud Business Unit Brian Gracely great to see you. Former CUBE host CUBE alumni, big time strategist at Red Hat, great to see you, always great. And also the founder of Cloudcast which is an amazing podcast on cloud, part of the cloud (indistinct), great to see you Brian. Hope's all well. >> Great to see you too, you know for years, theCUBE was always sort of the ESPN of tech, I feel like, you know ESPN has become nothing but highlights. This is where all the good conversation is. It's theCUBE has become sort of the the clubhouse of tech, if you will. I know that's that's an area you're focused on, so yeah I'm excited to be back on and good to talk to you. >> It's funny you know, with all the events going away loved going out extracting the signal from the noise, you know, game day kind of vibe. CUBE Virtual has really expanded, so it's been so much more fun because we can get more people easy to dial in. So we're going to keep that feature post COVID. You're going to hear more about theCUBE Virtual hybrid events are going to be a big part of it, which is great because as you know and we've talked about communities and ecosystems are huge advantage right now it's been a big part of the Red Hat story. Now part of IBM bringing that mojo to the table the role of ecosystems with hybrid cloud is so critical. Can you share your thoughts on this? Because I know you study it, you have podcasts you've had one for many years, you understand that democratization and this new direct to audience kind of concept. Share your thoughts on this new ecosystem. >> Yeah, I think so, you know, we're sort of putting this in the context of what we all sort of familiarly call KubeCon but you know, if we think about it, it started as KubeCon it was sort of about this one technology but it's always been CloudNativeCon and we've sort of downplayed the cloud native part of it. But even if we think about it now, you know Kubernetes to a certain extent has kind of, you know there's this feeling around the community that, that piece of the puzzle is kind of boring. You know, it's 21 releases in, and there's lots of different offerings that you can get access to. There's still, you know, a lot of innovation but the rest of the ecosystem has just exploded. So it's, you know, there are ecosystem partners and companies that are working on edge and miniaturization. You know, we're seeing things like Kubernetes now getting into outer space and it's in the space station. We're seeing, you know, Linux get on Mars. But we're also seeing, you know, stuff on the other side of the spectrum. We're sort of seeing, you know awesome people doing database work and streaming and AI and ML on top of Kubernetes. So, you know, the ecosystem is doing what you'd expect it to do once one part of it gets stable. The innovation sort of builds on top of it. And, you know, even though we're virtual, we're still seeing just tons and tons of contributions, different companies different people stepping up and leading. So it's been really cool to watch the last few years. >> Yes, interesting point about the CloudNativeCon. That's an interesting insight, and I totally agree with you. And I think it's worth double clicking on. Let me just ask you, because when you look at like, say Kubernetes, okay, it's enabled a lot. Okay, it's been called the dial tone of Cloud native. I think Pat Gelsinger of VMware used that term. We call it the kind of the interoperability layer it enables more large scale deployments. So you're seeing a lot more Kubernetes enablement on clusters. Which is causing more hybrid cloud which means more Cloud native. So it actually is creating a network effect in and of itself with more Cloud native components and it's changing the development cycle. So the question I want to ask you is one how does a customer deal with that? Because people are saying, I like hybrid. I agree, Multicloud is coming around the corner. And of course, Multicloud is just a subsystem of resource underneath hybrid. How do I connect it all? Now I have multiple vendors, I have multiple clusters. I'm cross-cloud, I'm connecting multiple clouds multiple services, Kubernetes clusters, some get stood up some gets to down, it's very dynamic. >> Yeah, it's very dynamic. It's actually, you know, just coincidentally, you know, our lead architect, a guy named Clayton Coleman, who was one of the Kubernetes founders, is going to give a talk on sort of Kubernetes is this hybrid control plane. So we're already starting to see the tentacles come out of it. So you know how we do cross cloud networking how we do cross cloud provisioning of services. So like, how do I go discover what's in other clouds? You know and I think like you said, it took people a few years to figure out, like how do I use this new thing, this Kubernetes thing. How do I harness it. And, but the demand has since become "I have to do multi-cloud." And that means, you know, hey our company acquires companies, so you know, we don't necessarily know where that next company we acquire is going to run. Are they going to run on AWS? Are they going to, you know, run on Azure I've got to be able to run in multiple places. You know, we're seeing banking industries say, "hey, look cloud's now a viable target for you to put your applications, but you have to treat multiple clouds as if they're your backup domains." And so we're, you know, we're seeing both, you know the way business operates whether it's acquisitions or new things driving it. We're seeing regulations driving hybrid and multi-cloud and, even you know, even if the stalwart were to you know, set for a long time, well the world's only going to be public cloud and sort of you know, legacy data centers even those folks are now coming around to "I've got to bring hybrid to, to these places." So it's been more than just technology. It's been, you know, industries pushing it regulations pushing it, a lot of stuff. So, but like I said, we're going to be talking about kind of our future, our vision on that, our future on that. And, you know Red Hat everything we end up doing is a community activity. So we expect a lot of people will get on board with it >> You know, for all the old timers out there they can relate to this. But I remember in the 80's the OSI Open Systems Interconnect, and I was chatting with Paul Cormier about this because we were kind of grew up through that generation. That disrupted network protocols that were proprietary and that opened the door for massive, massive growth massive innovation around just getting that interoperability with TCP/IP, and then everything else happened. So Kubernetes does that, that's a phenomenal impact. So Cloud native to me is at that stage where it's totally next-gen and it's happening really fast. And a lot of people getting caught off guard, Brian. So you know, I got to to ask you as a product strategist, what's your, how would you give them the navigation of where that North star is? If I'm a customer, okay, I got to figure out where I got to navigate now. I know it's super volatile, changing super fast. What's your advice? >> I think it's a couple of pieces, you know we're seeing more and more that, you know, the technology decisions don't get driven out of sort of central IT as much anymore right? We sort of talk all the time that every business opportunity, every business project has a technology component to it. And I think what we're seeing is the companies that tend to be successful with it have built up the muscle, built up the skill set to say, okay, when this line of business says, I need to do something new and innovative I've got the capabilities to sort of stand behind that. They're not out trying to learn it new they're not chasing it. So that's a big piece of it, is letting the business drive your technology decisions as opposed to what happened for a long time which was we built out technology, we hope they would come. You know, the other piece of it is I think because we're seeing so much push from different directions. So we're seeing, you know people put technology out at the edge. We're able to do some, you know unique scalable things, you know in the cloud and so forth That, you know more and more companies are having to say, "hey, look, I'm not, I'm not in the pharmaceutical business. I'm not in the automotive business, I'm in software." And so, you know the companies that realize that faster, and then, you know once they sort of come to those realizations they realize, that's my new normal, those are the ones that are investing in software skills. And they're not afraid to say, look, you know even if my existing staff is, you know, 30 years of sort of history, I'm not afraid to bring in some folks that that'll break a few eggs and, you know, and use them as a lighthouse within their organization to retrain and sort of reset, you know, what's possible. So it's the business doesn't move. That's the the thing that drives all of them. And it's, if you embrace it, we see a lot of success. It's the ones that, that push back on it really hard. And, you know the market tends to sort of push back on them as well. >> Well we're previewing KubeCon CloudNativeCon. We'll amplify that it's CloudNativeCon as well. You guys bought StackRox, okay, so interesting company, not an open source company they have soon to be, I'm assuring, but Advanced Cluster Security, ACS, as it's known it's really been a key part of Red Hat. Can you give us the strategy behind that deal? What does that product, how does it fit in that's a lot of people are really talking about this acquisition. >> Yeah so here's the way we looked at it, is we've learned a couple of things over the last say five years that we've been really head down in Kubernetes, right? One is, we've always embedded a lot of security capabilities in the platform. So OpenShift being our core Kubernetes platform. And then what's happened over time is customers have said to us, "that's great, you've made the platform very secure" but the reality is, you know, our software supply chain. So the way that we build applications that, you know we need to secure that better. We need to deal with these more dynamic environments. And then once the applications are deployed they interact with various types of networks. I need to better secure those environments too. So we realized that we needed to expand our functionality beyond the core platform of OpenShift. And then the second thing that we've learned over the last number of years is to be successful in this space, it's really hard to take technology that wasn't designed for containers, or it wasn't designed for Kubernetes and kind of retrofit it back into that. And so when we were looking at potential acquisition targets, we really narrowed down to companies whose fundamental technologies were you know, Kubernetes-centric, you know having had to modify something to get to Kubernetes, and StackRox was really the leader in that space. They really, you know have been the leader in enterprise Kubernetes security. And the great thing about them was, you know not only did they have this Kubernetes expertise but on top of that, probably half of their customers were already OpenShift customers. And about 3/4 of their customers were using you know, native Kubernetes services and other clouds. So, you know, when we went and talked to them and said, "Hey we believe in Kubernetes, we believe in multi-cloud. We believe in open source," they said, "yeah, those are all the foundational things for us." And to your point about it, you know, maybe not being an open source company, they actually had a number of sort of ancillary projects that were open source. So they weren't unfamiliar to it. And then now that the acquisition's closed, we will do what we do with every piece of Red Hat technology. We'll make sure that within a reasonable period of time that it's made open source. And so you know, it's good for the community. It allows them to keep focusing on their innovation. >> Yeah you've got to get that code out there cool. Brian, I'm hearing about Platform Plus what is that about? Take us through that. >> Yeah, so you know, one of the things that our customers, you know, have come to us over time is it's you know, it's like, I've been saying kind of throughout this discussion, right? Kubernetes is foundational, but it's become pretty stable. The things that people are solving for now are like, you highlighted lots and lots of clusters, they're all over the place. That was something that our advanced cluster management capabilities were able to solve for people. Once you start getting into lots of places you've got to be able to secure things everywhere you go. And so OpenShift for us really allows us to bundle together, you know, sort of the complete set of the portfolio. So the platform, security management, and it also gives us the foundational pieces or it allows our customers to buy the foundational pieces that are going to help them do multi and hybrid cloud. And, you know, when we bundle that we can save them probably 25% in terms of sort of product acquisition. And then obviously the integration work we do you know, saves a ton on the operational side. So it's a new way for us to, to not only bundle the platform and the technologies but it gets customers in a mindset that says, "hey we've moved past sort of single environments to hybrid and multi-cloud environments. >> Awesome, well thanks for the update on that, appreciate it. One of the things going into KubeCon, and that we're watching closely is this Cloud native developer action. Certainly end users want to get that in a separate section with you but the end user contribution, which is like exploding. But on the developer side there's a real trend towards adding stronger consistency programmability support for more use cases okay. Where it's becoming more of a data platform as a requirement. >> Brian: Right. >> So how, so that's a trend so I'm kind of thinking, there's no disagreement on that. >> Brian: No, absolutely. >> What does that mean? Like I'm a customer, that sounds good. How do I make that happen? 'Cause that's the critical discussion right now in the DevOps, DevSecOps day, two operations. What you want to call it. This is the number one concern for developers and that solution architect, consistency, programmability more use cases with data as a platform. >> Yeah, I think, you know the way I kind of frame this up was you know, for any for any organization, the last thing you want to to do is sort of keep investing in lots of platforms, right? So platforms are great on their surface but once you're having to manage five and six and, you know 10 or however many you're managing, the economies of scale go away. And so what's been really interesting to watch with Kubernetes is, you know when we first got started everything was Cloud native application but that really was sort of, you know shorthand for stateless applications. We quickly saw a move to, you know, people that said, "Hey I can modernize something, you know, a Stateful application and we add that into Kubernetes, right? The community added the ability to do Stateful applications and that got people a certain amount of the way. And they sort of started saying, okay maybe Kubernetes can help me peel off some things of an existing platform. So I can peel off, you know Java workloads or I can peel off, what's been this explosion is the data community, if you will. So, you know, the TensorFlows the PItorches, you know, the Apache community with things like Couchbase and Kafka, TensorFlow, all these things that, you know maybe in the past didn't necessarily, had their own sort of underlying system are now defaulting to Kubernetes. And what we see because of that is, you know people now can say, okay, these data workloads these AI and ML workloads are so important to my business, right? Like I can directly point to cost savings. I can point to, you know, driving innovation and because Kubernetes is now their default sort of way of running, you know we're seeing just sort of what used to be, you know small islands of clusters become these enormous footprints whether they're in the cloud or in their data center. And that's almost become, you know, the most prevalent most widely used use case. And again, it makes total sense. It's exactly the trends that we've seen in our industry, even before Kubernetes. And now people are saying, okay, I can consolidate a lot of stuff on Kubernetes. I can get away from all those silos. So, you know, that's been a huge thing over the last probably year plus. And the cool thing is we've also seen, you know the hardware vendors. So whether it's Intel or Nvidia, especially around GPUs, really getting on board and trying to make that simpler. So it's not just the software ecosystem. It's also the hardware ecosystem, really getting on board. >> Awesome, Brian let me get your thoughts on the cloud versus the power dynamics between the cloud players and the open source software vendors. So what's the Red Hat relationship with the cloud players with the hybrid architecture, 'cause you want to set up the modern day developer environment, we get that right. And it's hybrid, what's the relationship with the cloud players? >> You know, I think so we we've always had two philosophies that haven't really changed. One is, we believe in open source and open licensing. So you haven't seen us look at the cloud as, a competitive threat, right? We didn't want to make our business, and the way we compete in business, you know change our philosophy in software. So we've always sort of maintained open licenses permissive licenses, but the second piece is you know, we've looked at the cloud providers as very much partners. And mostly because our customers look at them as partners. So, you know, if Delta Airlines or Deutsche Bank or somebody says, "hey that cloud provider is going to be our partner and we want you to be part of that journey, we need to be partners with that cloud as well." And you've seen that sort of manifest itself in terms of, you know, we haven't gone and set up new SaaS offerings that are Red Hat offerings. We've actually taken a different approach than a lot of the open source companies. And we've said we're going to embed our capabilities, especially, you know OpenShift into AWS, into Azure into IBM cloud working with Google cloud. So we'd look at them very much as a partner. I think it aligns to how Red Hat's done things in the past. And you know, we think, you know even though it maybe easy to sort of see a way of monetizing things you know, changing licensing, we've always found that, you've got to allow the ecosystem to compete. You've got to allow customers to go where they want to go. And we try and be there in the most consumable way possible. So that's worked out really well for us. >> So I got to bring up the end user participation component. That's a big theme here at KubeCon going into it and around the event is, and we've seen this trend happen. I mean, Envoy, Lyft the laying examples are out there. But they're more end-use enterprises coming in. So the enterprise class I call classic enterprise end user participation is at an all time high in opensource. You guys have the biggest portfolio of enterprises in the business. What's the trend that you're seeing because it used to be limited to the hyperscalers the Lyfts and the Facebooks and the big guys. Now you have, you know enterprises coming in the business model is working, can you just share your thoughts on CloudNativeCons participation for end users? >> Yeah, I think we're definitely seeing a blurring of lines between what used to be the Silicon Valley companies were the ones that would create innovation. So like you mentioned Lyft, or, you know LinkedIn doing Kafka or Twitter doing you know, whatever. But as we've seen more and more especially enterprises look at themselves as software companies right. So, you know if you talk about, you know, Ford or Volkswagen they think of themselves as a software company, almost more than they think about themselves as a car company, right. They're a sort of mobile transportation company you know, something like that. And so they look at themselves as I've got to I've got to have software as an expertise. I've got to compete for the best talent, no matter where that talent is, right? So it doesn't have to be in Detroit or in Germany or wherever I can go get that anywhere. And I think what they really, they look for us to do is you know, they've got great technology chops but they don't always understand kind of the the nuances and the dynamics of open-source right. They're used to having their own proprietary internal stuff. And so a lot of times they'll come to us, not you know, "Hey how do we work with the project?" But you know like here's new technology. But they'll come to us and they'll say "how do we be good, good stewards in this community? How do we make sure that we can set up our own internal open source office and have that group, work with communities?" And so the dynamics have really changed. I think a lot of them have, you know they've looked at Silicon Valley for years and now they're modeling it, but it's, you know, for us it's great because now we're talking the same language, you know we're able to share sort of experiences we're able to share best practices. So it is really, really interesting in terms of, you know, how far that whole sort of software is eating the world thing is materialized in sort of every industry. >> Yeah and it's the workloads of expanding Cloud native everywhere edge is blowing up big time. Brian, final question for you before we break. >> You bet. >> Thanks for coming on and always great to chat with you. It's always riffing and getting the data out too. What's your expectation for KubeCon CloudNativeCon this year? What are you expecting to see? What highlights do you expect will come out of CloudNativeCon KubeCon this year? >> Yeah, I think, you know like I said, I think it's going to be much more on the Cloud native side, you know we're seeing a ton of new communities come out. I think that's going to be the big headline is the number of new communities that are, you know have sort of built up a following. So whether it's Crossplane or whether it's, you know get-ops or whether it's, you know expanding around the work that's going on in operators we're going to see a whole bunch of projects around, you know, developer sort of frameworks and developer experience and so forth. So I think the big thing we're going to see is sort of this next stage of, you know a thousand flowers are blooming and we're going to see probably a half dozen or so new communities come out of this one really strong and you know the trends around those are going to accelerate. So I think that'll probably be the biggest takeaway. And then I think just the fact that the community is going to come out stronger after the pandemic than maybe it did before, because we're learning you know, new ways to work remotely, and that, that brings in a ton of new companies and contributors. So I think those two big things will be the headlines. And, you know, the state of the community is strong as they, as they like to say >> Yeah, love the ecosystem, I think the values are going to be network effect, ecosystems, integration standards evolving very quickly out in the open. Great to see Brian Gracely Senior Director Product Strategy at Red Hat for the cloud business unit, also podcasts are over a million episode downloads for the cloud cast podcast, thecloudcast.net. What's it Brian, what's the stats now. >> Yeah, I think we've, we've done over 500 shows. We're you know, about a million and a half listeners a year. So it's, you know again, it's great to have community followings and, you know, and meet people from around the world. So, you know, so many of these things intersect it's a real pleasure to work with everybody >> You're going to create a culture, well done. We're all been there, done that great job. >> Thank you >> Check out the cloud cast, of course, Red Hat's got the great OpenShift mojo going on into KubeCon. Brian, thanks for coming on. >> Thanks John. >> Okay so CUBE coverage of KubeCon, CloudNativeCon Europe 2021 Virtual, I'm John Furrier with theCUBE virtual. Thanks for watching. (upbeat music)

>>Hello and welcome to this session on experiencing secure agile hybrid cloud for your absent data. My name is Andrew labor. I'm a worldwide business unit product manager, Hc I Solutions with HP and I'm joined by my teammate Jeff Corcoran, who was go to market program Solutions or HP as well. And with that let's just dive right into it. Well, everybody has absent data. They're all over the place. They're both live on your phones, your computers and the cloud and servers are everywhere, absent data are all over the place. Well, what can we really do about that from moving forward modernization of that? Well, we have expectations for personalized, instant and engaging experiences that are the benchmark of your experience, more speed and agility or more paramount than ever. You see a world where apps and data like I mentioned our live and all over the place and that data explosion is happening at the edge where 75 of data is now created in moving us from a data center too many locations and many centers of that data. We have a digital transformation that has reached only a fraction of that. And we have modern cloud experiences for speed and agility and we want to really push that into an on premise reality where data has gravity security formats and compliance that you require. You really want that data transformation that somehow remains elusive for most outside of the public cloud. We want that true private premised on premise cloud infrastructure that translates to your hybrid cloud where you already have your apps and data live in the public cloud. And so as I mentioned, 70 of the public of the apps are outside in the public cloud and we really want that to be able to be brought into the local as well. And the on premise give you more flexibility, more agility and only H P E brings the cloud experience absent data everywhere. We define that right mix for you to move your data to the local and with that we have an approach that's any cloud anywhere and we have the expertise to help you define that right mix of cloud for your enterprise. We also create modern casual platforms for innovation where we bring your non native traditional apps that are slowing you down. We bring that into a modern enabled cloud experience together with cloud data of apps to achieve that speed and agility that I mentioned, being able to create a consistent strategy for you and your infrastructure. We also consume everything as a service everywhere. We bring the modern cloud experience to you and your apps and data self service ease being able to scale up or down depending on usage and flexibility. And we also have to pay for use and all managed for you with HP. Green Lake services the market leading infrastructure as a service platform for well over a decade. We also unify that hybrid cloud estate being able to move operations to a cloud native Cloud ops process manage for you with one unified management platform. Hp Green Lake Central. This helps you manage and unify your applications across cloud native and non cloud native workloads, drive insights and control for operational excellence and we do that by defining the right mix of cloud for you with HPD Point Next services, we're able to assess applications to determine the right mix for your business objectives. Hp Point Next services, we have cloud in technology experts on hand and ready to task for you to assess your existing IT infrastructure strategy, identify trapped capital that you might not even notice is there as well as help you assess your people and teams to identify critical gaps in your cloud journey. Finally, HP Point next services capital experts can determine the right mix of cloud strategy for you. Help you move and migrate your data into that optimized for every workload. And we do that by creating modern agile platform for innovation and we achieve the speed and agility you want report folio of software defined rack optimized HP keep Reliant and H. P. S. Energy infrastructure. Using that compose Herbal cloud compose double infrastructure platform that we support through our intellectual property and through leading partner Cloud solutions and who is that? That's BM wear with cloud foundation. I am a cloud foundation is the perfect blend for HP synergy and HP. Reliant to create that universal hybrid cloud platform, both modern and traditional applications. The Cloud foundation is characterized by many tenants such as develop Already Infrastructure, which creates that automated full stack experience. To help you get ready to do your development through a PS and infrastructure. Universal platforms, a single platform virtual machines and containers as well as application focused management. To simplify your management, being able to have multiple application resources and foundation for that hybrid cloud that I described being able to extend that same software stack to the public cloud. You connect to your flavor of choice for public cloud consume. And together with HB solutions and BMR Cloud Foundation, we create that perfect platform for a consistent hybrid cloud experience from the mid market to the large enterprise customers. We are transforming that traditional I. T. To a virtualized data center. Our goal is to help you move quickly and be agile to digitally transform software defined data center supporting that hybrid infrastructure. Hp envy m where have been working together for years and we are providing a simple experience for hybrid cloud that you can create and deliver to show value instantly and continuously achieve faster innovation, consistent operation and reducing costs. And how do we do that together? Well with HB solutions from being more cloud foundation, we've revolutionized that data centre by building a single consistent hybrid cloud experience that you can see that delivers greater agility and simplicity with five times faster automation tools for building out your infrastructure in getting time to market quicker, invalidating that solution stack. Where we have end to end fully tested and validated solutions that reduce your complexity and allow you to consolidate your VMS and your containers into one environment. Seamlessly, we also integrate management. We have unique the upper management integration and automation through firmer lifecycle management. Vis a vis L C M on the VM ware side, simplify I. T and deliver more agility to your infrastructure as well as your software defined data center. And then we also have services with HB Point Next they accelerate that time to deployment using HP Green Lake and providing as a service experience that we bring that cloud to you. And we bring that with an enhanced ballistic 360° view of security that begins in the manufacturing supply chain of our servers and concludes with safeguarded end of life Decommissioning. We power that by the recently announced Gen 10 plus servers uhh peep Reliant NHP synergy and integrate that Silicon Root of Trust technology offering protection detection and recovery from attacks industry leading encryption and firmware protection. And finally all of that is brought together. Hp one view We take HP one view as the management solution which transforms all of the compute storage networking into one software defined infrastructure Through HP one View we offer a template driven approach for deploying provisioning, updating, integrating compute storage networking All together in one infrastructure. and HP one View uses those software templates single line of code. We can deploy and manage and compose all of your physical resources, require for that application or virtual host or container infrastructure. We deliver the flexibility to compose different tiers of storage as well as types of provisioning by HP One View through direct or attach fabric using cloud foundation and HPV Premera. And now I'd like to ask my coworker Jeff to dive into some customer experiences around the hybrid cloud Jeff. Take it away. >>Thanks. Andrew. I think a great way to follow up and talk about our solutions is to really look at how one of our customers is enabling this transformation. So Wedbush Security is one of the leading financial services firms in the US, providing private and institutional clients, securities brokerage wealth management, in investment banking services. The company is headquartered in los Angeles California and has about 100 offices across the United States to meet increasingly rigorous financial regulations for more resilient operations and mitigate the threat of earthquakes in the Los Angeles area and increase operational efficiencies. Wedbush was looking for transformation is looking for a change to what the way they are currently operating. And to do this, Wedbush partnered with lumen and HP to develop a new private, cloud based data center using bloomin Private cloud on VM ware Cloud foundation. This was located in lumens Dallas hosting center using HP Keep Reliant dl 33 60 jen tens to create a hyper converged, high performance infrastructure using integrated software defined networking and security. To date, Wedbush has migrated its entire production facility to this private cloud. The virtual machines support a range of business applications, including Refinitiv, Thompson, Reuters and if I ask financial systems, they're also hosting Web Bush's in house broker management tool and Microsoft, sequel server and Mongo DB. Now, how did this impact them? They were able to impact Their financial reporting by cutting that from five hours down to 58 minutes. At the same time, they are able to reduce the time that it takes to deploy these Infrastructure resources by 50%. So this allows them to deploy a modern IT infrastructure for performance, reliability and efficiency improvement. The net impact on their business Was that it reduces the analytic costs by 27%. It increases their business agility and it developed, allows them to develop new lines of business faster and increases their compliance for the new Finra financial regulations with HP Green Lake, the cloud that comes to you. Hp Green like brings that cloud experience, self serve paper use scale up and down and manage for you by HP and our partners to absent data everywhere, whether they're in the edges co locations or data centers, enabling you to free up capital most operational and financial flexibility and free up talent to accelerate what's next for you and your business with HP Green Lake customers get cloud services that our production ready, elastic for any scale With a simple experience delivered to customer locations and as little as 14 days. Now, let's take a look at how some of our customers are experiencing the benefit of HP Green Lake as the voice of Austrian business. The Austrian economic chamber delivers advocacy and support to over 500,000 companies and trade groups, thereby helping to foster the country's robust economic growth. However, a policy of fiscal prudence Led to a mandated 30 cost reduction and the chambers it service provider needed to cut costs without compromising service levels. So to do this, they turn to HP to pair a future proof compose herbal infrastructure with a consumption based support model and HP Green Lake. Now, both the internal and regional chambers offices are getting better performance and faster access to I. T. Services enabled them to focus more than ever on boosting critical Austrian economic forces in sectors. Hp is here to help you accelerate your transformation. We just talked about Green Lake. So this enables you to deploy any workload as a service and with HP Green Lake services, you can bring that cloud like speed, agility and as a service model to where your data, data and apps live today, it enables you to transform the way you do business with one experience in one operating model across your distributed clouds for apps and data at the edge in co locations and in data centers with HP Point Next services. They have conducted over 11,000. IT. projects in over 1.4 million customer interactions each and every year. HB Point Next services 15,000 plus experts and its vast ecosystem of solution partners and channel partners are uniquely able to help you at every stage of your digital transformation journey because we address some of the biggest areas of concern that can slow you down. We bring together technology and expertise to help you drive your business forward. Lastly, with HP financial services, flexibility and investment capacity are key considerations for business to drive digital transformation initiatives. In order to forge a path forward, you need access to flexible payment options that allow you to match your IT costs to usage, from helping release capital from existing infrastructures to deferring payments and providing pre owned technology to relieve capital strain. Hp financial services unlocks the value of your entire estate from edge to cloud to end user with multi vendor solutions consistently and sustainably around the world. H P E F s helps you create the financial capacity to transform your business, Y H P E. We have the experience to get you there Over 1000 successful cloud migrations. We have the expertise to help you at any stage to accelerate adoption of any cloud or financial model to help you deploy the like cloud experience for your apps and data. We're open to any cloud strategy with deep expertise across Azure AWS and google cloud. We have unbiased expertise and I p to accelerate your right mix of clouds for your enterprise and we can tie that all together with I. T. As a service from our market leading platform of HP Green Lake. After you viewed this session, we have a lot of resources that you can now use to help you continue your digital transformation and educate yourself. You'll find links here on the slide to a lot of different products and solution areas as well as social media interactions that we have to engage with you. Thank you for joining. We hope you find the sexual useful. Have a great day.