>> Live from Las Vegas, it's theCUBE, covering AWS re:Invent 2018. Brought to you by Amazon Web Services, Intel, and their ecosystem partners. (upbeat music) >> Welcome back, here on theCUBE, (mumbles) to continue our coverage at AWS re:Invent with Sands. This is actually one of seven sites all around town, that are hosting various sessions. We heard a lot our guests saying, "it's so exciting." There's this spot for this particular expertise. Then I boo, Uber across town, I go to this spot, because that's how big this show's become, and how dynamic this show has become. We are on day three, and I'm here with Rebecca Knight, and also joined by Eric Boerger, who is a technology specialist at McAfee. Hello Eric good to see you. >> Hello, thanks for having me today, this is wonderful. >> You bet, well we've had a couple of your colleagues on already. I mean Markus Strauss is one who comes to mind. Talk about the database you're on the cloud side of things, cloud security. >> I am. I'm a technology specialist here at McAfee. My role is to help our customers as they're moving into the cloud, understanding where their security pitfalls may be, and implementing the right technologies and security tools to help make sure that their transition into the cloud is as secure as possible. >> So what's the big picture on that? Alright so security first and foremost in the cloud, that's probably, well certainly one of the big questions people have right. >> Absolutely, that tends to be the biggest question is, "how can I make sure that as I'm doing this transition to the cloud, that I'm not just throwing assets out there, and finding that I have issues later, but how can I bake security into them from the beginning." And that's really where we at McAfee are trying to sit back and identify where customers are having their challenges, and make sure that our tools are able to be positioned and developed correctly to address those issues. >> So what are some of the most common challenges that you see? >> So some of the most common challenges that we see in terms of problems are misconfigured accounts. That's a very common issue that we see in a lot of breach reports. Somebody setup a data repository, doesn't put the right security mechanisms in place, and all of a sudden now all of the confidential data that's been breached. >> Out the door. >> A second problem we see is a lot of, especially within the IAS space, organizations are standing up new instances of workloads, and the security teams aren't necessarily being informed that they're actually putting these workloads, or computer assets online, so now they're coming online without any protections, or any audit capability in place to make sure they're meeting their own security best practices guidelines that their organizations may have developed. >> Yeah we were talking earlier with probably one of your competitors actually, and they were talking about breaches. We're talking about. They said, "Their estimation 90 percent, are created, or made possible by mistakes." >> Absolutely. >> I mean, you agree with that? Is that our... >> I cannot agree anymore with that. Because the problem is, is that, the ability and the agility of the cloud, is both a positive, it allows us to be extremely flexible and agile as we're developing, but it also allows us to move so fast that we may be outpacing what our own knowledge levels are for being able to secure those. And that's tended to be one of the biggest hindrances that we see, is a developer gets enabled to go through and create a MS3 Bucket, put a lot of data in there, but at the same point they don't implement any tools behind it, or any security behind that. So it's not necessarily their fault, it's just they don't understand what security requirements are to implement in the cloud. >> And that's where you come in. So talk a little bit about your solutions and about how you approach the problem. >> Absolutely. So we have a wide variety of solutions here at McAfee, to help address those issues. That's everything from our Skyhigh McAfee Casb product, to help do account identifications and discovery of rogue accounts. And then some of our tools, like our virtual network IPS. That's able to do packet level inspection to apply a deeper level of security onto those systems. And then of course our Cloud Workload Security Product. That's something that is able to help you discover any of those rogue assets, and identify systems that may have already been breached based upon the network communication that's already occurring on those systems. >> Yeah you're kind of this cat and mouse game, aren't you, in terms of security, because you're trying to stay one step ahead of some actors who are very skilled at maintaining an edge. >> Absolutely. >> I mean how do you sleep at night Eric? >> So moving to the cloud is an area that once you feel that... Once you have the right tools in place, it'll help you actually sleep a lot easier, knowing that there's audit tools in the background, that are able to continuously monitor your workloads, identify if you have misconfigured accounts, if you have systems that are missing, needed information. You may have a requirement to have something like an integrity monitoring tool in place for some of your workloads, and this is a, with our tools, we can actually monitor and tell you if you're out of compliance with any of those baseline requirements. >> So how do you help the companies, the customers that want to move to the cloud, but also be sort of a hybrid, or maybe keep some of their stuff on PRIM, how do you make it easier for them? >> And that's a very common question that we hear over and over is, "I want to move to the cloud, but I'm not ready to go all in yet." So what we've actually done, is we've developed a lot of same discovery tools, can be used on premise. So that as they're building out their private clouds, whether it's in an open sac implementation, or via VMware, we can still do the same discovery, the same identification of misconfigured workloads. Now that also brings us to, as they move more into the cloud, it's already there, it's able to help them with their hybrid environment space, and that can either be managed on premise or from the cloud directly. So that when they're ready to move all their management infrastructure to the cloud, our tools are already there and ready for them. >> Now you're really good at what you do, but as you know, you're not the only game in town. >> We're not. >> So what's your differentiation then in terms of your cloud offering? What do you think this is what McAfee does better than anybody else? >> So what we feel that we really do better than anybody else, is be able to integrate a full security picture in a unified console management. So this is giving us the ability to do deployment of our own tool sets. Being able to do things such as integration with our Skyhigh product, and being able to pull back from the Casb view to help pull in a unified view. That's where we really feel that we've got a lot of unique factors in the cloud space to help our customers as they're moving. Plus the ability to be not just cloud focused, but still hybrid. Being able to protect those private data centers. We see a lot of companies who are going pure cloud, but they say, "Well if you had something on a premise, we don't care about it anymore, because it's not in the cloud." We feel with our background and our strengths in security we can really help address those concerns. >> So you're a technology specialist, that is your job title, >> It is. >> but in so many of these migrations and big digital transformations, the technology is really the easy part. And what's so much harder is getting the people onboard with the changes. Getting them to adopt and embrace and keep using the solutions. First of all, do you see this kind of resistance, and then also how do you overcome those challenges? >> Absolutely, the challenge is getting people to adopt to the cloud, and then continually be integrative with the newest tools that are coming available from the security standpoint and side is always a problem. The developers are very agile, they want to move at the speed of development. Which means going back and talking to security and saying, "hey by the way, I'm doing these things," doesn't always happen. So this is where we want to be able to give you a continuous monitoring ability to say hey, "somebody went through and stood something up." Security was completely outside of the loop. Bring them back in so that they can get the visibility, the alerting. And this is even where we've created some new features, that we announced on stage yesterday to be able to be integrated with the Amazon security hub. This is where we really feel that being able to help augment as Amazon's developing tools providing our security insight, to make sure that once again, as the developers are taking advantage of some of the newest features, we're there with them. >> And what was the driver of that? I mean how did you get to that point? >> So this is part of our partnership with Amazon. We actually have a great foundational relationship where we have a lot of our products have gone through a best practices review. And we have well architecture review stamps on a lot of the products that we have in the marketplace. This is due to the tight security integrations that we've had work with Amazon. That we're invited to be one of the first partners into the security hub, and you're going to see this out of additional products as we move forward with our new capabilities in the cloud. >> Yeah I hate to, I mean we have just a few minutes left, and I hate to dive into a big topic here, but on the other side of that security coin is compliance. Right, you got to be concerned about that. It's governments, you got to be concerned about that. And that's a whole new can of worms especially today with whether you're dealing with company concerns, state, federal concerns, and even European concerns. >> Absolutely, and the data privacy is another major concern with the compliance. It's not just what do I have, but how is it being used, how's it being utilized, and that's where with some of our products we've actually gone through and have build our full DLP engine into discovery of any of your data that exists within the cloud. So if you put data in as three, we can go through, scan it, identify if there's any PII data, alert upon it, give you controls of that. And then from a workload perspective side, we have tools that can go through and feed in your own templates. To say that I need to be PCI compliant, I need to meet HIPAA compliance. Be able to audit that workload, and give a continuance summary report back to the management teams to say hey, "I have auditors coming in, how am I in compliance, and then tell me what I need to do to address those gaps that I found from my cloud workloads." >> Solving problems. >> Solving problems. >> That's what it's all about right there. >> He's the best, that's right. >> Alright, I want you around more often. (laughing) We got a lot of problems to be solved, we appreciate it Eric, thank you for your time here at AWS re:Invent. >> Thank you very much for the time today. >> Good to have you, thanks for the McAfee story. Back with more from Las Vegas right after this. You're watching theCUBE. (upbeat music)