>> Narrator: Live from Las Vegas, it's theCUBE. Covering AWS reInvent 2017, presented by AWS, Intel, and our ecosystem of partners. >> Okay, welcome back everyone, this is theCUBE's exclusive coverage, live, in Las Vegas, 45,000 people here on the ground, for Amazon Web Services reInvent 2017. Their annual conference. Our fifth year doing it, I got two sets, two cubes, a lot of action. Day two of three days of wall to wall coverage. My next guest, Tom Kemp, CEO, of Centrify, security company out of California in Silicon Valley, leader in identity based security in the cloud, on-prem, big business growing, fast growing startup in the area. Good to see you. >> Yeah it's great to be here again. >> Security has been Amazon's kryptonite for many years. They've done their work, their paying their dues, they're checking the boxes. Certainly we see that on the federal side, public sector. Great success, Teresa Carlson, has done an amazing job. It's been fun watch her go from an outcast to, in the marketplace, "Ah, we don't trust the cloud", to winning. They've done the work. Security, you've gotta do the work. >> Yeah, I mean, they've done a great job of evangelizing the shared responsibiloty model where they clearly identify, "Hey, this is what we do", and then, "This is what the customer needs to do." So it's actually a very nice model that they offer that vendors such as us can slot into. >> And they move so fast but again, security is one of those things, you can't fake it til you make it. Right? (Tom laughs) You can't make it til you make it. Which means, it's hard. What are you guys doing with Amazon now? What's your story here for Centrify? >> Yeah, we're doing a couple of things. So the first thing is that we do privilege management. I mean the reality is is that the keys to the kingdom are in the AWS console in terms of the billing systems, firing up servers, shutting down servers et cetera. A lot of the more recent hacks have been because people have gotten the access to those keys of those systems as well. So we help lockdown the AWS environment and then we also help lockdown the actual servers being deployed on EC2. We provide multifactor authentication et cetera. The other thing that we do is and what we announced just the other day is we've actually moved our platform over to AWS. So before we ran on at Azure, can I say that at this, ah? >> John: That's fine. >> It's okay, yeah, just joking. >> All fair in love and sharing the cloud. >> So now we have a production cloud on AWS and we've also integrated in the marketplace. So there's SaaS billing that people can get as well, which actually is a very unique thing that AWS offers that the other cloud providers don't do. >> Alright, so I gotta ask you, obviously, to me, super exciting show because some of the announcements are really kind of cool and sexy, and some are under the hood geeky, like Lambda. And then you got the cool AI stuff happening, whether it's VR, AR, or recognition, all these cool machine learning, democratized toolkits. So does this help you? I mean Lambda server lists is a dream for a developer. Just, "Oh my God, I don't have to worry about anything. "What's a local host? "I don't need to know what a load balancer is." Does that help you guys or not? >> Yeah it does, I mean the reality is is that the amount of servers and applications, be it server or server-less, the amount of applications, the users that are connecting to it, it just adds more to the potential complexity. And we can, through the power of identity, provide a control plane to give people identity driven security and really allow people to move-- >> But it doesn't replace us. My point is, I guess, if you're locking down servers, this is a value right? >> Yeah. >> EC2 instances. But if the developers aren't using EC2 instances 'cause it's server-less. Are you guys transparent, are you abstracted away? >> So we also then, then integrate into the application and then help facilitate security for the actual users themselves. But look the reality of the situation is is that people are always gonna have a hybrid environment. They still have on-premises, which users have to access that environment. They're gonna have the cloud environment. And it's gonna be heterogenous. So AWS is a clear leader in the cloud but you're also gonna have Azure, Google, and then the SaaS applications as well, which are gonna be used in conjunction with the custom applications people are building. So the one constant-- >> I've been saying, I've been saying this for years, the specialty cloud is a big market. Oracle's a specialty cloud, Microsoft's a specialty cloud, 'cause they have apps for them. They can be different clouds. Multi-cloud is what's coming, would you agree? >> Yeah, and the reality is as companies go through digital transformation they're gonna open up more and more of their applications to more and more users. They're gonna be more and more devices, and that's just gonna lead to identity sprawl, more and more passwords that people have to deal with as well. And that's why in a world in which-- >> How bad is that problem? 'Cause that's a huge problem, at least in my mind. Identity sprawl, explain what that is and how bad is it? And what are the consequences if it's not fixed? >> Well look the reality is 80% of breaches nowadays involve compromised credentials. I mean we had the whole election, Podesta, the DNC, the recent hack of HBO, you had Sony. It always tied into people stealing credentials and people having too many credentials, sharing credentials, et cetera. So the problem that we face as consumers in terms of having too many user names and passwords has now entered into the actual enterprise and we're now in a situation that, yeah, there's an app for that but that means that there's a password for that. So IT is having a hard time controlling who can access what while end users are just dealing with too many user names and passwords as well. So you have identity sprawl, it's difficult to provision access. And then now you have IoT coming onboard and those devices need an identity unto themselves. And probably the thing that excites me most about some of today's announcements is what AWS is doing with IoT. Some pretty cool stuff. >> I mean I think IoT is the trend, AI and IoT, because, to me the data center, and this might be a little bit over the top, but I'll say it anyway. I think private cloud is real, the way Wikibon talks about it but it's still cloud and the cloud looks at these endpoints as edge devices. So a data center is just an IoT device, a big one. >> Yeah. >> Or, a series of devices connected to the network which connect to the cloud. I mean if it's operating as a cloud what's the difference? Private and public. >> Yeah, no, I, I, I-- >> IoT has gotta be connected. That's where identity could be helpful. >> Identity, I mean, 'cause look, every device has an identity beyond just an IP address. I mean some of the attacks have even taken over IoT devices and then pointed them against websites and brought those websites down as well. So users have multiple identities. Devices have identities unto themselves so you've got this kinda n-by-m, you know, situation where you multiply the number of users times the number of devices, and we're told digital transformation, more and more users are coming online connecting to applications. So I think that's a, it's just a great market to be in. >> Tom, great to have you on theCUBE, congratulations on your business growth. What's your secret sauce? We'll end this segment by you just taking a minute to describe to the folks watching why are you doing so good, what's your secret sauce, what are the tailwinds for you, why the success? >> Well the tailwinds are, first of all, identity has become the top attack vector. It's now involved, compromised credentials stolen at NEs is now involved in over 80% of all breaches. And the other tailwind is the whole move to the cloud that just says, introduces password sprawl. And we're very unique in the market in that we can secure both end users and their identities but we can also secure the privileged accounts that are built into the infrastructures of service. The AWS, EC2, IAM-- >> John: The critical resources. >> Yeah, and we do this in a hybrid environment. So, yes, people are aggressively moving to the cloud but you know and I know that still, what, 70, 80% of IT is still on-prem, and it's gonna be a mixed hybrid environment. And we offer both software and cloud services to secure both end users as well as privileged accounts in that environment. >> Alright, the bottom line, the AWS cloud phenomenon. Describe it in a sentence. >> In a sentence? Oh, it's just, the complete consolidation of all IT in a single platform. I mean, it's amazing that every year they announce another couple a hundred new brand new services as well. So it's just like a phenomena that I've never seen before in terms of a vendor aggressively able to come out with new capabilities and deliver more and more features. >> Cloud as an operating system that's what I always say. And I can see it coming together, and they're staying on their track. I gotta give Andy Jassy credit, even though I busted his chops by putting the Gartner slide on there, because that's old guard technically, doesn't match his presentation, so he's gotta fix that. They stay on their line, they're not wavering. They are mission focused. Changing the game, adding value for customers. >> And they're thinking about new app scenarios and I think it was brilliant that, take IoT, there's so many different flavors of operating systems for IoT. They're saying, "Hey, we're gonna come out "with a standard operating system "that you can leverage. "And we're gonna provide device management, "and we're gonna tie it back into the platform." So they're gonna capture the, they're trying to capture the edge. And the good news is stuff like that does provide opportunities for vendors such as Centrify. >> And they surround themselves with a great ecosystem. You guys are doing great in there. I know you're growing but you're soon to be bigger. But Intel, they're doing great with Intel. Intel gets a lift off this, more compute, everywhere. >> Absolutely. >> So even if they, they kind of have to split some of the business, whatever they do, who knows what happens there but Intel wins with this scenario. Amazon's not trying to eat the whole pie, they're sharing. They're sharing the wealth. And they do it, in the case of security again I go back to their shared responsibility model. It provides a great framework where it makes it very easy for vendors such as ourselves to say, "We play here, here, and here." So it makes it great to partner with and the ability for them to actually have SaaS based applications in their marketplace as well. And that's powerful, and no other of the cloud guys have a similar concept. Yeah, you could put AMIs on infrastructure as a service but to actually have a cloud based service tied into the billing system of AWS is incredibly powerful. We're very excited about being a part of that. >> And we will keep an eye on them on the open source side, certainly that's an area we're watching very carefully. Hey the developers love Amazon and that's a good thing. Now the enterprise love Amazon, public sector loves Amazon. Who doesn't love Amazon Web Services? We'll be following that very closely over the course of the next few months and next year, 2018. Of course live here in here in Las Vegas is AWS reInvent 2017. Back with more coverage after this short break. (upbeat electronic music)