>> Announcer: From Miami Beach, Florida, it's The Cube, covering Acronis Global Cyber Summit 2019. Brought to you by Acronis. >> Welcome back everyone. We are here with The Cube coverage for two days. We're wrapping up, getting down on day one in the books for the Acronis Global Cyber Summit 2019. I'm John Furrier, your host of The Cube. We are in Miami Beach, the Fontainebleau Hotel. I'm personally excited for this next guest because I'm a huge Red Sox fan, even though I got moved out to California. Giants is in a different area. National League is different than American League, still my heart with the Red Sox. And we're here with an industry veteran, seasoned professional in IT and data, Brian Shield. Boston Red Sox Vice President of Technology and IT. Welcome to The Cube, thanks for joining us. >> Thank you. It's great to be here. >> John: So congratulations on the rings. Since I moved out of town, Red sox win their World Series, break the curse of the Bambino. >> Hey we appreciate that. Thank you. >> My family doesn't want me back. You got to show >> Yeah, maybe I'll put this one up for the, maybe someone can zoom in on this. Which camera is the good one? This one here? So, there ya go. So, World Series champs for at least for another week. (laughter) >> Bummer about this year. Pitching just couldn't get it done. But, good team. >> Happens. >> Again, things move on, but you know. New regime, new GM going to come on board. >> Yup. >> So, but in general, Red Sox, storied franchise. Love it there. Fenway Park, the cathedral of baseball parks. >> Brian: Defnitely. >> And you're seeing that just play out now, standard. So just a great place to go. We have tickets there. So, I got to ask you. Technology, sports, really is modernized faster than I think any category. And certainly cyber security forced to modernize because of the threats. But sports, you got a business to run, not just IT and making the planes run on time. >> Sure. >> Scouts, money, whatever. >> Fans. >> You got fan experience. >> Stadium opportunities. >> Club management, scouts are out there. So you got business, team, fans. And data's a big part of it. That's part of your career. Tell us what the cutting edge innovation is at the Red Sox these days. >> I think baseball in general, as you indicated, it's a very evolving kind of environment. I mean historically I think people really sort of relish the nostalgia of sports and Fenway Park being as historic as it is, was probably the pinnacle of that, in some respects. But Red Sox have always been leaders and baseball analytics, you know. And everyone's pretty familiar with "Moneyball" and Brad Pitt. >> John: Is that a true story, he turned down the GM job? >> I'm told it is. (laughter) I don't know if I fully vetted that question. But over the last six, seven years, you know we've really turned our attention to sort of leveraging sort of technology across the businesses, right? Not just baseball and analytics and how we do scouting, which continues to evolve at a very rapid pace. But also as you pointed out, running a better business, understanding our fans, understanding fan behavior, understanding stadiums. There's a lot of challenges around running an effective stadium. First and foremost to all of us is really ensuring it's a great fan experience. Whether it's artificial intelligence, or IoT technologies or 5G or the latest Wifi, all those things are coming up at Fenway Park. You and I talked earlier about we're about to break ground for a new theater, so a live theater on the outside, beyond the bleachers type of thing. So that'll be a 5,400-seat arena, 200 live performances a year, and with e-sports, you know, complementing it. It just gives you an example of just how fast baseball is sort of transitioning. >> And the theater, is that going to be blown out from where that parking garage is, structure and going towards >> So the corner of Landsdown and Ipswich, if you think of that sort of corner back there, for those that are familiar with the Fenway area. So it's going to be a very big change and you'll see the difference too from within the ballpark. I think we'll lose a couple of rows of the bleachers. That'll be replaced with another gathering area for fans and things like that, on the back end of that theater. So build a great experience and I think it really speaks to sort of our ability to think of Fenway as more of a destination, as a venue, as a complementary experience. We want people to come to the area to enjoy sports and to enjoy entertainment and things. >> You know Brian, the consumerization of IT has been kicked around. Last decade, that was a big buzzword. Now the blending of a physical event and digital has certainly consumed the world. >> Absolutely. >> And we're starting to see that dynamic. You speak to a theater. That's a physical space. But digital is also a big part of kind of that complementary. It's not mutually exclusive for each other. They're integrated business models. >> Absolutely. >> So therefore, the technology has to be seamless. The data has to be available. >> Yup. >> And it's got to be secure. >> Well the data's got to be ubiquitous, right? I mean you don't want to, if we're going to have fans attending theater and then you're going to go to Fenway Park or they leave a game and then go to some other event or they attend a tour of Fenway Park, and beyond maybe the traditional what people might think about, is certainly when you think about baseball and Fenway Park. You know we have ten to twelve concerts a year. We'll host Spartan games, you know. This Christmas, I'm sorry, Christmas 2020 we now have sort of the Fenway Bowl. So we'll be hosting the AAC ACC championship games there with ESPN. >> John: Hockey games? >> Hockey games. Obviously we have Liverpool soccer being held there so it's much more of a destination, a venue for us. How we leverage all the wonderful things about Fenway Park and how we modernize, how we get basically the best of what makes Fenway Park as great as it is, yet as modern as we can make it, where appropriate to create a great fan experience. >> It's a tough balance between balancing the brand and having things on brand as well. >> Sure. >> Does that come into your job a lot around IT? Saying being on brand, not kind of tearing down the old. >> Yeah absolutely. I think our CEOs and leadership team, I mean it's not success for us if you pan to the audience and everyone is looking at their phone, right? That's not what we aspire to. We aspire to leverage technology to simplify people's experience of how do you get to the ballpark, how do I park, how do I get if I want to buy concessions or merchandise, how do I do it easily and simply? How do we supplement that experience with maybe additional data that you may not have had before. Things like that, so we're doing a lot of different testing right now whether it's 4D technologies or how we can understand, watch a play from different dimensions or AI and be able to perhaps see sort of the skyline of Boston since 1912, when Fenway Park launched... And so we sort of see all these technologies as supplemental materials, really kind of making it a holistic experience for fans. >> In Las Vegas, they have a section of Las Vegas where they have all their test beds. 5G, they call it 5G, it's really, you know, evolution, fake 5G but it's a sandbox. One of the challenges that you guys have in Boston, I know from a constraint standpoint physically, you don't have a lot of space. How do you sandbox new technologies and what are some of the things that are cool that people might not know about that are being sandboxed? So, one, how do you do it? >> Yeah. >> Effectively. And then what are some of the cool things that you guys are looking at or things they might not know about that would be interesting. >> Sure. Yeah so Fenway Park, we struggle as you know, a little bit with our footprint. You know, honestly, I walk into some of these large stadiums and I get instant jealousy, relative to just the amount of space that people have to work with and things. But we have a great relationship with our partners so we really partner, I think, particularly well with key partners like Verizon and others. So we now have 5G partially implemented at Fenway Park. We expect to have it sort of fully live come opening day next year. So we're really excited about that. We hope to have a new version of Wifi, the latest version of Wifi available, for the second half of the year. After the All-Star Break, probably after the season's over. But before our bowl game hopefully. We're looking at some really interesting ways that we can tease that out. That bowl game, we're really trying to use that as an opportunity, the Fenway Bowl, as an opportunity to make it kind of a high-tech bowl. So we're looking at ways of maybe doing everything from hack-a-thons to a pre-egaming sort of event to some interesting fan experiential opportunities and things like that. >> Got a lot of nerds at MIT, Northeastern, BU, Bentley, Babson, all the schools in the area. >> Yeah, so we'll be reaching out to colleges and we'll be reaching out to our, the ACC and AACs as well, and see what we can do to kind of create sort of a really fun experience and capitalize on the evolving role of e-sports and the role that technology can play in the future. >> I want to get to the e-sports in a second but I want to just get the plug in for Acronis. We're here at their Global Cyber Summit. You flew down for it, giving some keynote speeches and talks around security. It's a security company, data protection, to cyber protection. It is a data problem, not a storage appliance problem. It's a data problem holistically. You get that. >> Sure. Sure. >> You've been in the business for a long time. What is the security kind of posture that you guys have? Obviously you want to protect the data, protect privacy. But you got to business. You have people that work with you, supply chain, complex but yet dynamic, always on environment. >> That's a great question. It's evolving as you indicated. Major League Baseball, first and foremost, does an outstanding job. So the last, probably last four plus years, Major League Baseball has had a cyber security program that all the clubs partake in. So all 30 clubs are active participants in the program. They basically help build out a suite of tools as well as the ability to kind of monitor, help participate in the monitoring, sort of a lot of our cyber security assets and logs And that's really elevated significantly our posture in terms of security. We supplement that quite a bit and a good example of that is like Acronis. Acronis, for us, represents the ability for us to be able to respond to certain potential threats like ransom-ware and other things. As well as frankly, what's wonderful about a tool like this is that it allows us to also solve other problems. Making our scouts more efficient. We've got these 125 scouts scattered around the globe. These guys are the lifeblood of our, you know, the success of our business. When they have a problem, if they're in Venezuela or the Dominican or someplace else, in southeast Asia, getting them up and running as quickly as we can, being able to consume their video assets and other things as they're scouting prospects. We use Acronis for those solutions. It's great to kind of have a partner who can both double down as a cyber partner as well as someone who helps drive a more efficient business. >> People bring their phone into the stadiums too so those are end points now connecting to your network. >> Definitely. And as you pointed out before, we've got great partnerships. We've got a great concession relationship with Aramark and they operate, in the future they'll be operating off our infrastructure. So we're in the point of rolling out all new point-of-sale terminals this off-season. We're excited about that 'cause we think for the first time it really allows us to build a very comprehensive, very secure environment for both ourselves and for all the touchpoints to fans. >> You have a very stellar career. I noticed you were at Scudder Investments back in the '80s, very cutting-edge firm. FTD that set the whole standard for connecting retailers. Again, huge scale play. Can see the data kind of coming out, they way you've been a CIO, CTO. The EVP CIO at The Weather Channel and the weather.com again, first mover, kind of pioneer. And then now the Red Sox, pioneering. So I got to ask you the modernization question. Red Sox certainly have been cutting-edge, certainly under the last few owners, and the previous Henry is a good one, doing more and more, Has the business model of baseball evolved, 'cause you guys a franchise. >> Sure. >> You operate under the franchisor, Major League Baseball, and you have jurisdictions. So has digital blurred the lines between what Advanced Media unit can do. You got communities developing outside. I watch the games in California. I'm not in there but I'm present digitally. >> Sure. Sure. >> So how has the business model flexed with the innovation of baseball? >> That's a great question. So I mean, first off, the relationship between clubs like ours and MLB continue to evolve. We have a new commissioner, relatively new commissioner, and I think the whole one-baseball model that he's been promoting I think has been great. The boundaries sometimes between digital assets and how we innovate and things like that continues to evolve. Major League Baseball and technology groups and product groups that support Major League Baseball have been a fantastic partner of ours. If you look at some of the innovations with Statcast and some of the other types of things that fans are now becoming more familiar with. And when they see how fast a runner goes or how far a home run goes and all those sort of things, these kinds of capabilities are on the surface, but even like mobile applications, to make it easy for fans to come into ballparks and things like that really. What we see is really are platforms for the future touchpoints to all of our customers. But you're right, it gets complicated. Streaming videos and people hadn't thought of before. >> Latin America, huge audience for the Red Sox. Got great players down there. That's outside the jurisdiction, I think, of the franchise agreement, isn't it? (laughs) >> Well, it's complicated. As this past summer, we played two games in England, right? So we enjoy two games in London, sadly we lost to the Yankees in both of those, but amazing experience and Major League Baseball really hats off to those guys, what they did to kind of pull that together. >> You mentioned Statcast. Every year when I meet with Andy Jassy at AWS, he's a sports fan. We love to talk sports. That's a huge, kind of shows the power of data and cloud computing. >> No doubt. >> How do you guys interface with Statcast? Is that an Amazon thing? Do they come to you? Are they leveraging dimensions, camera angles? How does that all work? Are you guys involved in that or? >> Brian: Oh yeah, yeah. >> Is that separate? >> So Statcast is just one of many data feeds as you can imagine. One of the things that Major League Baseball does is all that type of data is readily available to every club. So every club has access to the data. The real competitive differentiator, if you will, is how you use it internally. Like how your analysts can consume that data. We have a baseball system we call Beacon. We retired Carmine, if you're familiar with the old days of Carmine. So we retired Carmine a few years ago with Beacon. And Beacon for us represents sort of our opportunity to effectively collapse all this information into a decision-making environment that allows us to hopefully to kind of make the best decisions to win the most games. >> I love that you're answering all these questions. I really appreciate it. The one I really want to get into is obviously the fan experience. We talked about that. No talent on the field means no World Series so you got to always be constantly replenishing the talent pool, farm system, recruiting, scouting, all these things go on. They're instrumental. Data's a key driver. What new innovations that the casual fan or IT person might be interested in what's going on around scouting and understanding the asset of a human being? >> Right. Sure. I mean some of this gets highly confidential and things, but I think at a macro level, as you start to see both in the minor leagues and in some portions of the major leagues, wearable technologies. I think beyond just sort of player performance information that you would see traditionally with you might associate it with like Billy Beane, and things like that with "Moneyball" which is evolved obviously considerably since those days. I mean understanding sort of player wellness, understanding sort of how to get the most out of a player and understanding sort of, be able to kind of predict potential injuries and accelerate recoveries and being able to use all of this technology where appropriate to really kind of help sort of maximize the value of player performance. I mean, David Ortiz, you know, I don't know where we would have been in 2018 without, you know, David. >> John: Yeah. >> But like, you know >> Longevity of a player. >> Absolutely. >> To when they're in the zone. You wear a ring now to tell you if you're sleeping well. Will managers have a visual, in-the-zone, don't pull 'em out, he can go an extra inning? >> Well, I mean they have a lot of data. We currently don't provide all that data to the clubhouse. I mean, you know, and so If you're in the dugout, that information isn't always readily available type of thing. But players know all this information. We continue to evolve it. At the end of the day though, it's finding the balancing act between data and the aptitudes of our coaching staff and our managers to really make the wise decisions. >> Brian, final question for you. What's the coolest thing you're working on right now? Besides the fan having a great experience, 'cause that's you kind of touched on that. What's the coolest thing that you're excited about that you're working on from a tech perspective that you think is going to be game-changing or interesting? >> I think our cloud strategy coming up in the future. It's still a little bit early stage, but our hope would be to kind of have clarity about that in the next couple months. I think is going to be a game-changer for us. I think having, you know, we enjoy a great relationship with Dell EMC and yet we also do work in the cloud and so being able to leverage the best of both of those to be able to kind of create sort of a compelling experience for both fans, for both player, baseball operations as well as sort of running an efficient business, I think is really what we're all about. >> I mean you guys are the poster child for hybrid cloud because you got core, data center, IoT, and >> No doubt. So it's exciting times. And we're very fortunate that with our relationship organizations like Dell and EMC, we have leading-edge technologies. So we're excited about where that can go and kind of what that can mean. It'll be a big step. >> Okay two personal questions from me as a fan. One is there really a money-counting room like in the movie "The Town"? Where they count a big stack of dollar bills. >> Well, I'm sure there is. I personally haven't visited it. (laughs) I know it's not in the room that they would tell you it is on the movie. (laughter) >> And finally, can The Cube get press passes to cover the games, next to NESN? Talk tech. >> Yeah, we'll see what we can do. >> They can talk baseball. We can talk about bandwidth. Right now, it's the level five conductivity. We're looking good on the pipes. >> Yeah we'll give you a tech tour. And you guys can sort of help us articulate all that to the fans. >> Thank you so much. Brian Shield, Vice President of Technology of the Boston Red Sox. Here talking about security and also the complications and challenges but the mega-opportunities around what digital and fan experiences are with the physical product like baseball, encapsulates kind of the digital revolution that's happening. So keep covering it. Here in Miami, I'm John Furrier. We'll be right back after this short break. (techno music)

(light airy music) >> Hello, everyone, welcome to theCUBE's presentation of the AWS Startup Showcase, AI and machine learning. "Top Startups Building Generative AI on AWS." This is season three, episode one of the ongoing series covering the exciting startups from the AWS ecosystem, talking about AI machine learning. We have three great guests Bratin Saha, VP, Vice President of Machine Learning and AI Services at Amazon Web Services. Tom Mason, the CTO of Stability AI, and Aidan Gomez, CEO and co-founder of Cohere. Two practitioners doing startups and AWS. Gentlemen, thank you for opening up this session, this episode. Thanks for coming on. >> Thank you. >> Thank you. >> Thank you. >> So the topic is hype versus reality. So I think we're all on the reality is great, hype is great, but the reality's here. I want to get into it. Generative AI's got all the momentum, it's going mainstream, it's kind of come out of the behind the ropes, it's now mainstream. We saw the success of ChatGPT, opens up everyone's eyes, but there's so much more going on. Let's jump in and get your early perspectives on what should people be talking about right now? What are you guys working on? We'll start with AWS. What's the big focus right now for you guys as you come into this market that's highly active, highly hyped up, but people see value right out of the gate? >> You know, we have been working on generative AI for some time. In fact, last year we released Code Whisperer, which is about using generative AI for software development and a number of customers are using it and getting real value out of it. So generative AI is now something that's mainstream that can be used by enterprise users. And we have also been partnering with a number of other companies. So, you know, stability.ai, we've been partnering with them a lot. We want to be partnering with other companies as well. In seeing how we do three things, you know, first is providing the most efficient infrastructure for generative AI. And that is where, you know, things like Trainium, things like Inferentia, things like SageMaker come in. And then next is the set of models and then the third is the kind of applications like Code Whisperer and so on. So, you know, it's early days yet, but clearly there's a lot of amazing capabilities that will come out and something that, you know, our customers are starting to pay a lot of attention to. >> Tom, talk about your company and what your focus is and why the Amazon Web Services relationship's important for you? >> So yeah, we're primarily committed to making incredible open source foundation models and obviously stable effusions been our kind of first big model there, which we trained all on AWS. We've been working with them over the last year and a half to develop, obviously a big cluster, and bring all that compute to training these models at scale, which has been a really successful partnership. And we're excited to take it further this year as we develop commercial strategy of the business and build out, you know, the ability for enterprise customers to come and get all the value from these models that we think they can get. So we're really excited about the future. We got hugely exciting pipeline for this year with new modalities and video models and wonderful things and trying to solve images for once and for all and get the kind of general value and value proposition correct for customers. So it's a really exciting time and very honored to be part of it. >> It's great to see some of your customers doing so well out there. Congratulations to your team. Appreciate that. Aidan, let's get into what you guys do. What does Cohere do? What are you excited about right now? >> Yeah, so Cohere builds large language models, which are the backbone of applications like ChatGPT and GPT-3. We're extremely focused on solving the issues with adoption for enterprise. So it's great that you can make a super flashy demo for consumers, but it takes a lot to actually get it into billion user products and large global enterprises. So about six months ago, we released our command models, which are some of the best that exist for large language models. And in December, we released our multilingual text understanding models and that's on over a hundred different languages and it's trained on, you know, authentic data directly from native speakers. And so we're super excited to continue pushing this into enterprise and solving those barriers for adoption, making this transformation a reality. >> Just real quick, while I got you there on the new products coming out. Where are we in the progress? People see some of the new stuff out there right now. There's so much more headroom. Can you just scope out in your mind what that looks like? Like from a headroom standpoint? Okay, we see ChatGPT. "Oh yeah, it writes my papers for me, does some homework for me." I mean okay, yawn, maybe people say that, (Aidan chuckles) people excited or people are blown away. I mean, it's helped theCUBE out, it helps me, you know, feed up a little bit from my write-ups but it's not always perfect. >> Yeah, at the moment it's like a writing assistant, right? And it's still super early in the technologies trajectory. I think it's fascinating and it's interesting but its impact is still really limited. I think in the next year, like within the next eight months, we're going to see some major changes. You've already seen the very first hints of that with stuff like Bing Chat, where you augment these dialogue models with an external knowledge base. So now the models can be kept up to date to the millisecond, right? Because they can search the web and they can see events that happened a millisecond ago. But that's still limited in the sense that when you ask the question, what can these models actually do? Well they can just write text back at you. That's the extent of what they can do. And so the real project, the real effort, that I think we're all working towards is actually taking action. So what happens when you give these models the ability to use tools, to use APIs? What can they do when they can actually affect change out in the real world, beyond just streaming text back at the user? I think that's the really exciting piece. >> Okay, so I wanted to tee that up early in the segment 'cause I want to get into the customer applications. We're seeing early adopters come in, using the technology because they have a lot of data, they have a lot of large language model opportunities and then there's a big fast follower wave coming behind it. I call that the people who are going to jump in the pool early and get into it. They might not be advanced. Can you guys share what customer applications are being used with large language and vision models today and how they're using it to transform on the early adopter side, and how is that a tell sign of what's to come? >> You know, one of the things we have been seeing both with the text models that Aidan talked about as well as the vision models that stability.ai does, Tom, is customers are really using it to change the way you interact with information. You know, one example of a customer that we have, is someone who's kind of using that to query customer conversations and ask questions like, you know, "What was the customer issue? How did we solve it?" And trying to get those kinds of insights that was previously much harder to do. And then of course software is a big area. You know, generating software, making that, you know, just deploying it in production. Those have been really big areas that we have seen customers start to do. You know, looking at documentation, like instead of you know, searching for stuff and so on, you know, you just have an interactive way, in which you can just look at the documentation for a product. You know, all of this goes to where we need to take the technology. One of which is, you know, the models have to be there but they have to work reliably in a production setting at scale, with privacy, with security, and you know, making sure all of this is happening, is going to be really key. That is what, you know, we at AWS are looking to do, which is work with partners like stability and others and in the open source and really take all of these and make them available at scale to customers, where they work reliably. >> Tom, Aidan, what's your thoughts on this? Where are customers landing on this first use cases or set of low-hanging fruit use cases or applications? >> Yeah, so I think like the first group of adopters that really found product market fit were the copywriting companies. So one great example of that is HyperWrite. Another one is Jasper. And so for Cohere, that's the tip of the iceberg, like there's a very long tail of usage from a bunch of different applications. HyperWrite is one of our customers, they help beat writer's block by drafting blog posts, emails, and marketing copy. We also have a global audio streaming platform, which is using us the power of search engine that can comb through podcast transcripts, in a bunch of different languages. Then a global apparel brand, which is using us to transform how they interact with their customers through a virtual assistant, two dozen global news outlets who are using us for news summarization. So really like, these large language models, they can be deployed all over the place into every single industry sector, language is everywhere. It's hard to think of any company on Earth that doesn't use language. So it's, very, very- >> We're doing it right now. We got the language coming in. >> Exactly. >> We'll transcribe this puppy. All right. Tom, on your side, what do you see the- >> Yeah, we're seeing some amazing applications of it and you know, I guess that's partly been, because of the growth in the open source community and some of these applications have come from there that are then triggering this secondary wave of innovation, which is coming a lot from, you know, controllability and explainability of the model. But we've got companies like, you know, Jasper, which Aidan mentioned, who are using stable diffusion for image generation in block creation, content creation. We've got Lensa, you know, which exploded, and is built on top of stable diffusion for fine tuning so people can bring themselves and their pets and you know, everything into the models. So we've now got fine tuned stable diffusion at scale, which is democratized, you know, that process, which is really fun to see your Lensa, you know, exploded. You know, I think it was the largest growing app in the App Store at one point. And lots of other examples like NightCafe and Lexica and Playground. So seeing lots of cool applications. >> So much applications, we'll probably be a customer for all you guys. We'll definitely talk after. But the challenges are there for people adopting, they want to get into what you guys see as the challenges that turn into opportunities. How do you see the customers adopting generative AI applications? For example, we have massive amounts of transcripts, timed up to all the videos. I don't even know what to do. Do I just, do I code my API there. So, everyone has this problem, every vertical has these use cases. What are the challenges for people getting into this and adopting these applications? Is it figuring out what to do first? Or is it a technical setup? Do they stand up stuff, they just go to Amazon? What do you guys see as the challenges? >> I think, you know, the first thing is coming up with where you think you're going to reimagine your customer experience by using generative AI. You know, we talked about Ada, and Tom talked about a number of these ones and you know, you pick up one or two of these, to get that robust. And then once you have them, you know, we have models and we'll have more models on AWS, these large language models that Aidan was talking about. Then you go in and start using these models and testing them out and seeing whether they fit in use case or not. In many situations, like you said, John, our customers want to say, "You know, I know you've trained these models on a lot of publicly available data, but I want to be able to customize it for my use cases. Because, you know, there's some knowledge that I have created and I want to be able to use that." And then in many cases, and I think Aidan mentioned this. You know, you need these models to be up to date. Like you can't have it staying. And in those cases, you augmented with a knowledge base, you know you have to make sure that these models are not hallucinating. And so you need to be able to do the right kind of responsible AI checks. So, you know, you start with a particular use case, and there are a lot of them. Then, you know, you can come to AWS, and then look at one of the many models we have and you know, we are going to have more models for other modalities as well. And then, you know, play around with the models. We have a playground kind of thing where you can test these models on some data and then you can probably, you will probably want to bring your own data, customize it to your own needs, do some of the testing to make sure that the model is giving the right output and then just deploy it. And you know, we have a lot of tools. >> Yeah. >> To make this easy for our customers. >> How should people think about large language models? Because do they think about it as something that they tap into with their IP or their data? Or is it a large language model that they apply into their system? Is the interface that way? What's the interaction look like? >> In many situations, you can use these models out of the box. But in typical, in most of the other situations, you will want to customize it with your own data or with your own expectations. So the typical use case would be, you know, these are models are exposed through APIs. So the typical use case would be, you know you're using these APIs a little bit for testing and getting familiar and then there will be an API that will allow you to train this model further on your data. So you use that AI, you know, make sure you augmented the knowledge base. So then you use those APIs to customize the model and then just deploy it in an application. You know, like Tom was mentioning, a number of companies that are using these models. So once you have it, then you know, you again, use an endpoint API and use it in an application. >> All right, I love the example. I want to ask Tom and Aidan, because like most my experience with Amazon Web Service in 2007, I would stand up in EC2, put my code on there, play around, if it didn't work out, I'd shut it down. Is that a similar dynamic we're going to see with the machine learning where developers just kind of log in and stand up infrastructure and play around and then have a cloud-like experience? >> So I can go first. So I mean, we obviously, with AWS working really closely with the SageMaker team, do fantastic platform there for ML training and inference. And you know, going back to your point earlier, you know, where the data is, is hugely important for companies. Many companies bringing their models to their data in AWS on-premise for them is hugely important. Having the models to be, you know, open sources, makes them explainable and transparent to the adopters of those models. So, you know, we are really excited to work with the SageMaker team over the coming year to bring companies to that platform and make the most of our models. >> Aidan, what's your take on developers? Do they just need to have a team in place, if we want to interface with you guys? Let's say, can they start learning? What do they got to do to set up? >> Yeah, so I think for Cohere, our product makes it much, much easier to people, for people to get started and start building, it solves a lot of the productionization problems. But of course with SageMaker, like Tom was saying, I think that lowers a barrier even further because it solves problems like data privacy. So I want to underline what Bratin was saying earlier around when you're fine tuning or when you're using these models, you don't want your data being incorporated into someone else's model. You don't want it being used for training elsewhere. And so the ability to solve for enterprises, that data privacy and that security guarantee has been hugely important for Cohere, and that's very easy to do through SageMaker. >> Yeah. >> But the barriers for using this technology are coming down super quickly. And so for developers, it's just becoming completely intuitive. I love this, there's this quote from Andrej Karpathy. He was saying like, "It really wasn't on my 2022 list of things to happen that English would become, you know, the most popular programming language." And so the barrier is coming down- >> Yeah. >> Super quickly and it's exciting to see. >> It's going to be awesome for all the companies here, and then we'll do more, we're probably going to see explosion of startups, already seeing that, the maps, ecosystem maps, the landscape maps are happening. So this is happening and I'm convinced it's not yesterday's chat bot, it's not yesterday's AI Ops. It's a whole another ballgame. So I have to ask you guys for the final question before we kick off the company's showcasing here. How do you guys gauge success of generative AI applications? Is there a lens to look through and say, okay, how do I see success? It could be just getting a win or is it a bigger picture? Bratin we'll start with you. How do you gauge success for generative AI? >> You know, ultimately it's about bringing business value to our customers. And making sure that those customers are able to reimagine their experiences by using generative AI. Now the way to get their ease, of course to deploy those models in a safe, effective manner, and ensuring that all of the robustness and the security guarantees and the privacy guarantees are all there. And we want to make sure that this transitions from something that's great demos to actual at scale products, which means making them work reliably all of the time not just some of the time. >> Tom, what's your gauge for success? >> Look, I think this, we're seeing a completely new form of ways to interact with data, to make data intelligent, and directly to bring in new revenue streams into business. So if businesses can use our models to leverage that and generate completely new revenue streams and ultimately bring incredible new value to their customers, then that's fantastic. And we hope we can power that revolution. >> Aidan, what's your take? >> Yeah, reiterating Bratin and Tom's point, I think that value in the enterprise and value in market is like a huge, you know, it's the goal that we're striving towards. I also think that, you know, the value to consumers and actual users and the transformation of the surface area of technology to create experiences like ChatGPT that are magical and it's the first time in human history we've been able to talk to something compelling that's not a human. I think that in itself is just extraordinary and so exciting to see. >> It really brings up a whole another category of markets. B2B, B2C, it's B2D, business to developer. Because I think this is kind of the big trend the consumers have to win. The developers coding the apps, it's a whole another sea change. Reminds me everyone use the "Moneyball" movie as example during the big data wave. Then you know, the value of data. There's a scene in "Moneyball" at the end, where Billy Beane's getting the offer from the Red Sox, then the owner says to the Red Sox, "If every team's not rebuilding their teams based upon your model, there'll be dinosaurs." I think that's the same with AI here. Every company will have to need to think about their business model and how they operate with AI. So it'll be a great run. >> Completely Agree >> It'll be a great run. >> Yeah. >> Aidan, Tom, thank you so much for sharing about your experiences at your companies and congratulations on your success and it's just the beginning. And Bratin, thanks for coming on representing AWS. And thank you, appreciate for what you do. Thank you. >> Thank you, John. Thank you, Aidan. >> Thank you John. >> Thanks so much. >> Okay, let's kick off season three, episode one. I'm John Furrier, your host. Thanks for watching. (light airy music)

(bright upbeat music) >> Hello and welcome to this Cube Conversation. I'm John Furrier, host of theCUBE. We've got a great conversation featuring Arthur AI. I'm your host. I'm excited to have Adam Wenchel who's the Co-Founder and CEO. Thanks for joining us today, appreciate it. >> Yeah, thanks for having me on, John, looking forward to the conversation. >> I got to say, it's been an exciting world in AI or artificial intelligence. Just an explosion of interest kind of in the mainstream with the language models, which people don't really get, but they're seeing the benefits of some of the hype around OpenAI. Which kind of wakes everyone up to, "Oh, I get it now." And then of course the pessimism comes in, all the skeptics are out there. But this breakthrough in generative AI field is just awesome, it's really a shift, it's a wave. We've been calling it probably the biggest inflection point, then the others combined of what this can do from a surge standpoint, applications. I mean, all aspects of what we used to know is the computing industry, software industry, hardware, is completely going to get turbo. So we're totally obviously bullish on this thing. So, this is really interesting. So my first question is, I got to ask you, what's you guys taking? 'Cause you've been doing this, you're in it, and now all of a sudden you're at the beach where the big waves are. What's the explosion of interest is there? What are you seeing right now? >> Yeah, I mean, it's amazing, so for starters, I've been in AI for over 20 years and just seeing this amount of excitement and the growth, and like you said, the inflection point we've hit in the last six months has just been amazing. And, you know, what we're seeing is like people are getting applications into production using LLMs. I mean, really all this excitement just started a few months ago, with ChatGPT and other breakthroughs and the amount of activity and the amount of new systems that we're seeing hitting production already so soon after that is just unlike anything we've ever seen. So it's pretty awesome. And, you know, these language models are just, they could be applied in so many different business contexts and that it's just the amount of value that's being created is again, like unprecedented compared to anything. >> Adam, you know, you've been in this for a while, so it's an interesting point you're bringing up, and this is a good point. I was talking with my friend John Markoff, former New York Times journalist and he was talking about, there's been a lot of work been done on ethics. So there's been, it's not like it's new. It's like been, there's a lot of stuff that's been baking over many, many years and, you know, decades. So now everyone wakes up in the season, so I think that is a key point I want to get into some of your observations. But before we get into it, I want you to explain for the folks watching, just so we can kind of get a definition on the record. What's an LLM, what's a foundational model and what's generative ai? Can you just quickly explain the three things there? >> Yeah, absolutely. So an LLM or a large language model, it's just a large, they would imply a large language model that's been trained on a huge amount of data typically pulled from the internet. And it's a general purpose language model that can be built on top for all sorts of different things, that includes traditional NLP tasks like document classification and sentiment understanding. But the thing that's gotten people really excited is it's used for generative tasks. So, you know, asking it to summarize documents or asking it to answer questions. And these aren't new techniques, they've been around for a while, but what's changed is just this new class of models that's based on new architectures. They're just so much more capable that they've gone from sort of science projects to something that's actually incredibly useful in the real world. And there's a number of companies that are making them accessible to everyone so that you can build on top of them. So that's the other big thing is, this kind of access to these models that can power generative tasks has been democratized in the last few months and it's just opening up all these new possibilities. And then the third one you mentioned foundation models is sort of a broader term for the category that includes LLMs, but it's not just language models that are included. So we've actually seen this for a while in the computer vision world. So people have been building on top of computer vision models, pre-trained computer vision models for a while for image classification, object detection, that's something we've had customers doing for three or four years already. And so, you know, like you said, there are antecedents to like, everything that's happened, it's not entirely new, but it does feel like a step change. >> Yeah, I did ask ChatGPT to give me a riveting introduction to you and it gave me an interesting read. If we have time, I'll read it. It's kind of, it's fun, you get a kick out of it. "Ladies and gentlemen, today we're a privileged "to have Adam Wenchel, Founder of Arthur who's going to talk "about the exciting world of artificial intelligence." And then it goes on with some really riveting sentences. So if we have time, I'll share that, it's kind of funny. It was good. >> Okay. >> So anyway, this is what people see and this is why I think it's exciting 'cause I think people are going to start refactoring what they do. And I've been saying this on theCUBE now for about a couple months is that, you know, there's a scene in "Moneyball" where Billy Beane sits down with the Red Sox owner and the Red Sox owner says, "If people aren't rebuilding their teams on your model, "they're going to be dinosaurs." And it reminds me of what's happening right now. And I think everyone that I talk to in the business sphere is looking at this and they're connecting the dots and just saying, if we don't rebuild our business with this new wave, they're going to be out of business because there's so much efficiency, there's so much automation, not like DevOps automation, but like the generative tasks that will free up the intellect of people. Like just the simple things like do an intro or do this for me, write some code, write a countermeasure to a hack. I mean, this is kind of what people are doing. And you mentioned computer vision, again, another huge field where 5G things are coming on, it's going to accelerate. What do you say to people when they kind of are leaning towards that, I need to rethink my business? >> Yeah, it's 100% accurate and what's been amazing to watch the last few months is the speed at which, and the urgency that companies like Microsoft and Google or others are actually racing to, to do that rethinking of their business. And you know, those teams, those companies which are large and haven't always been the fastest moving companies are working around the clock. And the pace at which they're rolling out LLMs across their suite of products is just phenomenal to watch. And it's not just the big, the large tech companies as well, I mean, we're seeing the number of startups, like we get, every week a couple of new startups get in touch with us for help with their LLMs and you know, there's just a huge amount of venture capital flowing into it right now because everyone realizes the opportunities for transforming like legal and healthcare and content creation in all these different areas is just wide open. And so there's a massive gold rush going on right now, which is amazing. >> And the cloud scale, obviously horizontal scalability of the cloud brings us to another level. We've been seeing data infrastructure since the Hadoop days where big data was coined. Now you're seeing this kind of take fruit, now you have vertical specialization where data shines, large language models all of a set up perfectly for kind of this piece. And you know, as you mentioned, you've been doing it for a long time. Let's take a step back and I want to get into how you started the company, what drove you to start it? Because you know, as an entrepreneur you're probably saw this opportunity before other people like, "Hey, this is finally it, it's here." Can you share the origination story of what you guys came up with, how you started it, what was the motivation and take us through that origination story. >> Yeah, absolutely. So as I mentioned, I've been doing AI for many years. I started my career at DARPA, but it wasn't really until 2015, 2016, my previous company was acquired by Capital One. Then I started working there and shortly after I joined, I was asked to start their AI team and scale it up. And for the first time I was actually doing it, had production models that we were working with, that was at scale, right? And so there was hundreds of millions of dollars of business revenue and certainly a big group of customers who were impacted by the way these models acted. And so it got me hyper-aware of these issues of when you get models into production, it, you know. So I think people who are earlier in the AI maturity look at that as a finish line, but it's really just the beginning and there's this constant drive to make them better, make sure they're not degrading, make sure you can explain what they're doing, if they're impacting people, making sure they're not biased. And so at that time, there really weren't any tools to exist to do this, there wasn't open source, there wasn't anything. And so after a few years there, I really started talking to other people in the industry and there was a really clear theme that this needed to be addressed. And so, I joined with my Co-Founder John Dickerson, who was on the faculty in University of Maryland and he'd been doing a lot of research in these areas. And so we ended up joining up together and starting Arthur. >> Awesome. Well, let's get into what you guys do. Can you explain the value proposition? What are people using you for now? Where's the action? What's the customers look like? What do prospects look like? Obviously you mentioned production, this has been the theme. It's not like people woke up one day and said, "Hey, I'm going to put stuff into production." This has kind of been happening. There's been companies that have been doing this at scale and then yet there's a whole follower model coming on mainstream enterprise and businesses. So there's kind of the early adopters are there now in production. What do you guys do? I mean, 'cause I think about just driving the car off the lot is not, you got to manage operations. I mean, that's a big thing. So what do you guys do? Talk about the value proposition and how you guys make money? >> Yeah, so what we do is, listen, when you go to validate ahead of deploying these models in production, starts at that point, right? So you want to make sure that if you're going to be upgrading a model, if you're going to replacing one that's currently in production, that you've proven that it's going to perform well, that it's going to be perform ethically and that you can explain what it's doing. And then when you launch it into production, traditionally data scientists would spend 25, 30% of their time just manually checking in on their model day-to-day babysitting as we call it, just to make sure that the data hasn't drifted, the model performance hasn't degraded, that a programmer did make a change in an upstream data system. You know, there's all sorts of reasons why the world changes and that can have a real adverse effect on these models. And so what we do is bring the same kind of automation that you have for other kinds of, let's say infrastructure monitoring, application monitoring, we bring that to your AI systems. And that way if there ever is an issue, it's not like weeks or months till you find it and you find it before it has an effect on your P&L and your balance sheet, which is too often before they had tools like Arthur, that was the way they were detected. >> You know, I was talking to Swami at Amazon who I've known for a long time for 13 years and been on theCUBE multiple times and you know, I watched Amazon try to pick up that sting with stage maker about six years ago and so much has happened since then. And he and I were talking about this wave, and I kind of brought up this analogy to how when cloud started, it was, Hey, I don't need a data center. 'Cause when I did my startup that time when Amazon, one of my startups at that time, my choice was put a box in the colo, get all the configuration before I could write over the line of code. So the cloud became the benefit for that and you can stand up stuff quickly and then it grew from there. Here it's kind of the same dynamic, you don't want to have to provision a large language model or do all this heavy lifting. So that seeing companies coming out there saying, you can get started faster, there's like a new way to get it going. So it's kind of like the same vibe of limiting that heavy lifting. >> Absolutely. >> How do you look at that because this seems to be a wave that's going to be coming in and how do you guys help companies who are going to move quickly and start developing? >> Yeah, so I think in the race to this kind of gold rush mentality, race to get these models into production, there's starting to see more sort of examples and evidence that there are a lot of risks that go along with it. Either your model says things, your system says things that are just wrong, you know, whether it's hallucination or just making things up, there's lots of examples. If you go on Twitter and the news, you can read about those, as well as sort of times when there could be toxic content coming out of things like that. And so there's a lot of risks there that you need to think about and be thoughtful about when you're deploying these systems. But you know, you need to balance that with the business imperative of getting these things into production and really transforming your business. And so that's where we help people, we say go ahead, put them in production, but just make sure you have the right guardrails in place so that you can do it in a smart way that's going to reflect well on you and your company. >> Let's frame the challenge for the companies now that you have, obviously there's the people who doing large scale production and then you have companies maybe like as small as us who have large linguistic databases or transcripts for example, right? So what are customers doing and why are they deploying AI right now? And is it a speed game, is it a cost game? Why have some companies been able to deploy AI at such faster rates than others? And what's a best practice to onboard new customers? >> Yeah, absolutely. So I mean, we're seeing across a bunch of different verticals, there are leaders who have really kind of started to solve this puzzle about getting AI models into production quickly and being able to iterate on them quickly. And I think those are the ones that realize that imperative that you mentioned earlier about how transformational this technology is. And you know, a lot of times, even like the CEOs or the boards are very personally kind of driving this sense of urgency around it. And so, you know, that creates a lot of movement, right? And so those companies have put in place really smart infrastructure and rails so that people can, data scientists aren't encumbered by having to like hunt down data, get access to it. They're not encumbered by having to stand up new platforms every time they want to deploy an AI system, but that stuff is already in place. There's a really nice ecosystem of products out there, including Arthur, that you can tap into. Compared to five or six years ago when I was building at a top 10 US bank, at that point you really had to build almost everything yourself and that's not the case now. And so it's really nice to have things like, you know, you mentioned AWS SageMaker and a whole host of other tools that can really accelerate things. >> What's your profile customer? Is it someone who already has a team or can people who are learning just dial into the service? What's the persona? What's the pitch, if you will, how do you align with that customer value proposition? Do people have to be built out with a team and in play or is it pre-production or can you start with people who are just getting going? >> Yeah, people do start using it pre-production for validation, but I think a lot of our customers do have a team going and they're starting to put, either close to putting something into production or about to, it's everything from large enterprises that have really sort of complicated, they have dozens of models running all over doing all sorts of use cases to tech startups that are very focused on a single problem, but that's like the lifeblood of the company and so they need to guarantee that it works well. And you know, we make it really easy to get started, especially if you're using one of the common model development platforms, you can just kind of turn key, get going and make sure that you have a nice feedback loop. So then when your models are out there, it's pointing out, areas where it's performing well, areas where it's performing less well, giving you that feedback so that you can make improvements, whether it's in training data or futurization work or algorithm selection. There's a number of, you know, depending on the symptoms, there's a number of things you can do to increase performance over time and we help guide people on that journey. >> So Adam, I have to ask, since you have such a great customer base and they're smart and they got teams and you're on the front end, I mean, early adopters is kind of an overused word, but they're killing it. They're putting stuff in the production's, not like it's a test, it's not like it's early. So as the next wave comes of fast followers, how do you see that coming online? What's your vision for that? How do you see companies that are like just waking up out of the frozen, you know, freeze of like old IT to like, okay, they got cloud, but they're not yet there. What do you see in the market? I see you're in the front end now with the top people really nailing AI and working hard. What's the- >> Yeah, I think a lot of these tools are becoming, or every year they get easier, more accessible, easier to use. And so, you know, even for that kind of like, as the market broadens, it takes less and less of a lift to put these systems in place. And the thing is, every business is unique, they have their own kind of data and so you can use these foundation models which have just been trained on generic data. They're a great starting point, a great accelerant, but then, in most cases you're either going to want to create a model or fine tune a model using data that's really kind of comes from your particular customers, the people you serve and so that it really reflects that and takes that into account. And so I do think that these, like the size of that market is expanding and its broadening as these tools just become easier to use and also the knowledge about how to build these systems becomes more widespread. >> Talk about your customer base you have now, what's the makeup, what size are they? Give a taste a little bit of a customer base you got there, what's they look like? I'll say Capital One, we know very well while you were at there, they were large scale, lot of data from fraud detection to all kinds of cool stuff. What do your customers now look like? >> Yeah, so we have a variety, but I would say one area we're really strong, we have several of the top 10 US banks, that's not surprising, that's a strength for us, but we also have Fortune 100 customers in healthcare, in manufacturing, in retail, in semiconductor and electronics. So what we find is like in any sort of these major verticals, there's typically, you know, one, two, three kind of companies that are really leading the charge and are the ones that, you know, in our opinion, those are the ones that for the next multiple decades are going to be the leaders, the ones that really kind of lead the charge on this AI transformation. And so we're very fortunate to be working with some of those. And then we have a number of startups as well who we love working with just because they're really pushing the boundaries technologically and so they provide great feedback and make sure that we're continuing to innovate and staying abreast of everything that's going on. >> You know, these early markups, even when the hyperscalers were coming online, they had to build everything themselves. That's the new, they're like the alphas out there building it. This is going to be a big wave again as that fast follower comes in. And so when you look at the scale, what advice would you give folks out there right now who want to tee it up and what's your secret sauce that will help them get there? >> Yeah, I think that the secret to teeing it up is just dive in and start like the, I think these are, there's not really a secret. I think it's amazing how accessible these are. I mean, there's all sorts of ways to access LLMs either via either API access or downloadable in some cases. And so, you know, go ahead and get started. And then our secret sauce really is the way that we provide that performance analysis of what's going on, right? So we can tell you in a very actionable way, like, hey, here's where your model is doing good things, here's where it's doing bad things. Here's something you want to take a look at, here's some potential remedies for it. We can help guide you through that. And that way when you're putting it out there, A, you're avoiding a lot of the common pitfalls that people see and B, you're able to really kind of make it better in a much faster way with that tight feedback loop. >> It's interesting, we've been kind of riffing on this supercloud idea because it was just different name than multicloud and you see apps like Snowflake built on top of AWS without even spending any CapEx, you just ride that cloud wave. This next AI, super AI wave is coming. I don't want to call AIOps because I think there's a different distinction. If you, MLOps and AIOps seem a little bit old, almost a few years back, how do you view that because everyone's is like, "Is this AIOps?" And like, "No, not kind of, but not really." How would you, you know, when someone says, just shoots off the hip, "Hey Adam, aren't you doing AIOps?" Do you say, yes we are, do you say, yes, but we do differently because it's doesn't seem like it's the same old AIOps. What's your- >> Yeah, it's a good question. AIOps has been a term that was co-opted for other things and MLOps also has people have used it for different meanings. So I like the term just AI infrastructure, I think it kind of like describes it really well and succinctly. >> But you guys are doing the ops. I mean that's the kind of ironic thing, it's like the next level, it's like NextGen ops, but it's not, you don't want to be put in that bucket. >> Yeah, no, it's very operationally focused platform that we have, I mean, it fires alerts, people can action off them. If you're familiar with like the way people run security operations centers or network operations centers, we do that for data science, right? So think of it as a DSOC, a Data Science Operations Center where all your models, you might have hundreds of models running across your organization, you may have five, but as problems are detected, alerts can be fired and you can actually work the case, make sure they're resolved, escalate them as necessary. And so there is a very strong operational aspect to it, you're right. >> You know, one of the things I think is interesting is, is that, if you don't mind commenting on it, is that the aspect of scale is huge and it feels like that was made up and now you have scale and production. What's your reaction to that when people say, how does scale impact this? >> Yeah, scale is huge for some of, you know, I think, I think look, the highest leverage business areas to apply these to, are generally going to be the ones at the biggest scale, right? And I think that's one of the advantages we have. Several of us come from enterprise backgrounds and we're used to doing things enterprise grade at scale and so, you know, we're seeing more and more companies, I think they started out deploying AI and sort of, you know, important but not necessarily like the crown jewel area of their business, but now they're deploying AI right in the heart of things and yeah, the scale that some of our companies are operating at is pretty impressive. >> John: Well, super exciting, great to have you on and congratulations. I got a final question for you, just random. What are you most excited about right now? Because I mean, you got to be pretty pumped right now with the way the world is going and again, I think this is just the beginning. What's your personal view? How do you feel right now? >> Yeah, the thing I'm really excited about for the next couple years now, you touched on it a little bit earlier, but is a sort of convergence of AI and AI systems with sort of turning into AI native businesses. And so, as you sort of do more, get good further along this transformation curve with AI, it turns out that like the better the performance of your AI systems, the better the performance of your business. Because these models are really starting to underpin all these key areas that cumulatively drive your P&L. And so one of the things that we work a lot with our customers is to do is just understand, you know, take these really esoteric data science notions and performance and tie them to all their business KPIs so that way you really are, it's kind of like the operating system for running your AI native business. And we're starting to see more and more companies get farther along that maturity curve and starting to think that way, which is really exciting. >> I love the AI native. I haven't heard any startup yet say AI first, although we kind of use the term, but I guarantee that's going to come in all the pitch decks, we're an AI first company, it's going to be great run. Adam, congratulations on your success to you and the team. Hey, if we do a few more interviews, we'll get the linguistics down. We can have bots just interact with you directly and ask you, have an interview directly. >> That sounds good, I'm going to go hang out on the beach, right? So, sounds good. >> Thanks for coming on, really appreciate the conversation. Super exciting, really important area and you guys doing great work. Thanks for coming on. >> Adam: Yeah, thanks John. >> Again, this is Cube Conversation. I'm John Furrier here in Palo Alto, AI going next gen. This is legit, this is going to a whole nother level that's going to open up huge opportunities for startups, that's going to use opportunities for investors and the value to the users and the experience will come in, in ways I think no one will ever see. So keep an eye out for more coverage on siliconangle.com and theCUBE.net, thanks for watching. (bright upbeat music)

>> TheCUBE presents Ignite 22 brought to you by Palo Alto Networks. >> Welcome back to Las Vegas, everyone. We're glad you're with us. This is theCUBE live at Palo Alto Ignite 22 at the MGM Grant in Las Vegas. Lisa Martin here with Dave Vellante, day one of our coverage. We've had great conversations. The cybersecurity landscape is so interesting Dave, it's such a challenging problem to solve but it's so diverse and dynamic at the same time. >> You know, Lisa theCUBE started in May of 2010 in Boston. We called it the chowder event, chowder and Lobster. It was a EMC world, 2010. BJ Jenkins, who's here, of course, was a longtime friend of theCUBE and made the, made the transition into from, well, it's still data, data to, to cyber. So >> True. And BJ is back with us. BJ Jenkins, president Palo Alto Networks great to have you back on theCUBE. >> It is great to be here in person on theCube >> Isn't it great? >> In Vegas. It's awesome. >> And we can tell by your voice will be, will be gentle. You, you've been in Vegas typical Vegas occupational hazard of losing the voice. >> Yeah. It was one of the benefits of Covid. I didn't lose my voice at home sitting talking to a TV. You lose it when you come to Vegas. >> Exactly. >> But it's a small price to pay. >> So things kick off yesterday with the partner summit. You had a keynote then, you had a customer, a CISO on stage. You had a keynote today, which we didn't get to see. But talk to us a little bit about the lay of the land. What are you hearing from CISOs, from CIOs as we know security is a board level conversation. >> Yeah, I, you know it's been an interesting three or four months here. Let me start with that. I think, cybersecurity in general is still front and center on CIOs and CISO's minds. It has to be, if you saw Wendy's presentation today and the threats out there companies have to have it front and center. I do think it's been interesting though with the macro uncertainty. We've taken to calling this year the revenge of the CFO and you know these deals in cybersecurity are still a top priority but they're getting finance and procurements, scrutiny which I think in this environment is a necessity but it's still a, you know, number one number two imperative no matter who you talked to, in my mind >> It was interesting what Nikesh was saying in the last conference call that, hey we just have to get more approvals. We know this. We're, we're bringing more go-to-market people on board. We, we have, we're filling the pipeline 'cause we know they're going to split up deals big deals go into smaller chunks. So the question I have for you is is how are you able to successfully integrate those people so that you can get ahead of that sort of macro transition? >> Yeah I, you know, I think there's two things I'd say about uncertain macro situations and Dave, you know how old I am. I'm pretty old. I've been through a lot of cycles. And in those cycles I've always found stronger companies with stronger value proposition separate themselves actually in uncertain, economic times. And so I think there's actually an opportunity here. The message tilts a little bit though where it's been about innovation and new threat vectors to one of you have 20, 30, 40 vendors you can consolidate become more effective in your security posture and save money on your TCOs. So one of the things as we bring people on board it's training them on that business value proposition. How do you take a customer who's got 20 or 30 tools take 'em down to 5 or 10 where Palo is more central and strategic and be able to demonstrate that value. So we do that through, we're making a huge investment in our people but macroeconomic times also puts some stronger people back on the market and we're able to incorporate them into the business. >> What are the conditions that are necessary for that consolidation? Like I would imagine if you're, if you're a big customer of a big, you know, competitor of yours that that migration is going to be harder than if you're dealing with lots of little point tools. Do those, do those point tools, are they sort of is it the end of the subscription? Is it just stuff that's off the books now? What's, the condition that is ripe for that kind of consolidation? >> Look, I think the challenge coming into this year was skills. And so customers had all of these point products. It required a lot more human intervention as Nikesh was talking about to integrate them or make them work. And as all of us know finding people with cybersecurity skills over the last 12 months has been incredibly hard. That drove, if you know, if you think about that a CIO and a CISO sitting there going, I have all all this investment in tools. I don't have the people to operate 'em. What do I need to do? What we tried to do is elevate that conversation because in a customer, everybody who's bought one of those, they they bought it to solve a problem. And there's people with affinity for that tool. They're not just going to say I want to get consolidated and give up my tool. They're going to wrap their arms around it. And so what we needed to do and this changed our ecosystem strategy too how we leverage partners. We needed to get into the CIO and CISO and say look at this chaos you have here and the challenges around people that it's, it's presenting you. We can help solve that by, by standardizing, consolidating taking that integration away from you as Nikesh talked about, and making it easier for your your high skill people to work on high skill, you know high challenges in there. >> Let chaos reign, and then reign in the chaos. >> Yes. >> Andy Grove. >> I was looking at some stats that there's 26 million developers but less than 3 million cybersecurity professionals. >> Talked about that skills gap and what CISOs and CIOs are facing is do you consider from a value prop perspective Palo Alto Networks to be a, a facilitator of helping organizations deal with that skills gap? >> I think there's a short term and a long term. I think Nikesh today talked about the long term that we'll never win this battle with human beings. We're going to have to win it with automation. That, that's the long term the short term right here and now is that people need people with cybersecurity skills. Now what we're trying to do, you know, is multifaceted. We work with universities to standardize programs to develop skills that people can come into the marketplace with. We run our own programs inside the company. We have a cloud academy program now where we take people high aptitude for sales and technical aptitude and we will put them through a six month boot camp on cloud and they'll come out of that ready to really work with the leading experts in cloud security. The third angle is partners, right, there are partners in the marketplace who want to drive their business into high services areas. They have people, they know how to train. We give them, we partner with them to give them training. Hopefully that helps solve some of the short-term gaps that are out there today. >> So you made the jump from data storage to security and >> Yeah. >> You know, network security, all kinds of security. What was that like? What you must have learned a lot in the last better part of a decade? >> Yeah. >> Take us through that. >> You know, so the first jump was from EMC. I was 15 years there to be CEO of Barracuda. And you know, it was interesting because EMC was, you know large enterprise for the most part. At Barracuda we had, you know 250,000 small and mid-size enterprises. And it was, it's interesting to get into security in small and mid-size businesses because, you know Wendy today was talking about nation states. For small and mid-size business, it's common thievery right? It's ransomware, it's, and, those customers don't have, you know, the human and financial resources to keep up with the threat factor. So, you know, Nikesh talked about how it's taken 'em four and a half years to get into cybersecurity. I remember my first week at Barracuda, I was talking with a customer who had, you know, breached data shut down. There wasn't much bitcoin back then so it was just a pure ransom. And I'm like, wow, this is, you know, incredible industry. So it's been a good, you know, transition for me. I still think data is at the heart of all of this. Right? And I have always believed there's a strong connection between the things I learned growing up at EMC and what I put into practice today at Palo Alto Networks. >> And how about a culture because I, you know I know have observed the EMC culture >> Yeah. >> And you were there in really the heyday. >> Yeah. >> Right? Which was an awesome place. And it seems like Palo Alto obviously, different times but you know, similar like laser focus on solving problems, you know, obviously great, you know value sellers, you know, you guys aren't the commodity >> Yeah. For Product. But there seemed to be some similarities from afar. I don't know Palo Alto as well as I know EMC. >> I think there's a lot. When I joined EMC, it was about, it was 2 billion in in revenue and I think when I left it was over 20, 20, 21. And, you know, we're at, you know hopefully 5, 5 5 in revenue. I feel like it's this very similar, there's a sense of urgency, there's an incredible focus on the customer. you know, Near and Moche are definitely different individuals but the both same kind of disruptive, Israeli force out there driving the business. There are a lot of similarities. I, you know, the passion, I feel privileged as a, you know go to market person that I have this incredible portfolio to go, you know, work with customers on. It's a lucky position to be in, but very I feel like it is a movie I've seen before. >> Yeah. And but, and the course, the challenges from the, the target that you're disrupting is different. It was, you know, EMC had a lot of big, you know IBM obviously was, you know, bigger target whereas you got thousands of, you know, smaller companies. >> Yes. >> And, and so that's a different dynamic but that's why the consolidation play is so important. >> Look at, that's why I joined Palo Alto Networks when I was at Barracuda for nine years. It just fascinated me, that there was 3000 plus players in security and why didn't security evolve like the storage market did or the server market or network where working >> Yeah, right. >> You know, two or three big gorillas came to, to dominate those markets. And it's, I think it's what Nikesh talked about today. There was a new problem in best of breed. It was always best of breed. You can never in security go in and, you know, say, Hey it's good I saved us some money but I got the third best product in the marketplace. And there was that kind of gap between products. I, believe in why I joined here I think this is my last gig is we have a chance to change that. And this is the first company as I look from the outside in that had best of breed as, you know Nikesh said 13 categories. >> Yeah. >> And you know, we're in the leaders quadrant and it's a conversation I have with customers. You don't have to sacrifice best of breed but get the benefits of a platform. And I, think that resonates today. I think we have a chance to change the industry from that viewpoint. >> Give us a little view of the voice of the customer. You had, was it Sabre? >> Yeah. >> That was on >> Scott Moser, The CISO from Sabre. >> Give us a view, what are you hearing from the voice of the customer? Obviously they're quite a successful customer but challenges, concerns, the partnership. >> Yeah. Look, I think security is similar to industries where we come up with magic marketing phrases and, you know, things to you know, make you want to procure our solutions. You know, zero trust is one. And you know, you'll talk to customers and they're like, okay, yes. And you know, the government, right? Joe, Joe Biden's putting out zero trust executive orders. And the, the problem is if you talk to customers, it's a journey. They have legacy infrastructure they have business drivers that you know they just don't deal with us. They've got to deal with the business side who's trying to make the money that keeps the, the company going. it's really helped them draw a map from where they're at today to zero trust or to a better security architecture. Or, you know, they're moving their apps into the cloud. How am I going to migrate? Right? Again, that discussion three years ago was around lift and shift, right? Today it's about, well, no I need cloud native developed apps to service the business the way I want to, I want to service it. How do I, so I, I think there's this element of a trusted partner and relationship. And again, I think this is why you can't have 40 or 50 of those. You got to start narrowing it down if you want to be able to meet and beat the threats that are out there for you. So I, you know, the customers, I see a lot of 'em. It's, here's where I'm at help me get here to a better position. And they know it's, you know Scott said in our keynote today, you don't just, you know have layer three firewall policies and decide, okay tomorrow I'm going to go to layer seven. That, that's not how it works. Right? There's, and, and by the way these things are a mission critical type areas. So there's got to be a game plan that you help customers go through to get there. >> Definitely. Last question, my last question for you is, is security being a board level conversation I was reading some stats from a survey I think it was the what's new in Cypress survey that that Palo Alto released today that showed that while significant numbers of organizations think they've got a cyber resiliency playbook, there's a lot of disconnect or lack of alignment at the boardroom. Are you in those conversations? How can you help facilitate that alignment between the executive team and the board when it comes to security being so foundational to any business? >> Yeah, it's, I've been on three, four public company boards. I'm on, I'm on two today. I would say four years ago, this was a almost a taboo topic. It was a, put your head in the sand and pray to God nothing happened. And you know, the world has changed significantly. And because of the number of breaches the impact it's had on brand, boards have to think about this in duty of care and their fiduciary duty. Okay. So then you start with a board that may not have the technical skills. The first problem the security industry had is how do I explain your risk profile in a way you can understand it. I'm, I'm on the board of Generac that makes home generators. It's a manufacturing, you know, company but they put Wifi modules in their boxes so that the dealers could help do the maintenance on 'em. And all of a sudden these things were getting attacked. Right? And they're being used for bot attacks. >> Yeah. >> Everybody on their board had a manufacturing background. >> Ah. >> So how do you help that board understand the risk they have that's what's changed over the last four years. It's a constant discussion. It's one I have with CISOs where they're like help us put it in layman's terms so they understand they know what we're doing and they feel confident but at the same time understand the marketplace better. And that's a journey for us. >> That Generac example is a great one because, you know, think about IOT Technologies. They've historically been air gaped >> Yes. >> By design. And all of a sudden the business comes in and says, "Hey we can put wifi in there", you know >> Connect it to a home Wifi system that >> Make our lives so much easier. Next thing you know, it's being used to attack. >> Yeah. >> So that's why, as you go around the world are you discerning, I know you were just in Japan are you discerning significant differences in sort of attitudes toward, towards cyber? Whether it's public policy, you know things like regulation where you, they don't want you sharing data, but as as a cyber company, you want to share that data with you know, public and private? >> Look it, I, I think around the world we see incredible government activity first of all. And I think given the position we're in we get to have some unique conversations there. I would say worldwide security is an imperative. I, no matter where I go, you know it's in front of everybody's mind. The, on the, the governance side, it's really what do we need to adapt to make sure we meet local regulations. And I, and I would just tell you Dave there's ways when you do that, and we talk with governments that because of how they want to do it reduce our ability to give them full insight into all the threats and how we can help them. And I do think over time governments understand that we can anonymize the data. There's, but that, that's a work in process. Definitely there is a balance. We need to have privacy, we need to have, you know personal security for people. But there's ways to collect that data in an anonymous way and give better security insight back into the architectures that are out there. >> All right. A little shift the gears here. A little sports question. We've had some great Boston's sports guests on theCUBE right? I mean, Randy Seidel, we were talking about him. Peter McKay, Snyk, I guess he's a competitor now but you know, there's no question got >> He got a little funding today. I saw that. >> Down round. But they still got a lot of money. Not of a down round, but they were, but yeah, but actually, you know, he was on several years ago and it was around the time they were talking about trading Brady. He said Never trade Brady. And he got that right. We, I think we can agree Brady's the goat. >> Yes. >> The big question I have for you is, Belichick. Do you ever question Has your belief in him as the greatest coach of all time wavered, you know, now that- No. Okay. >> Never. >> Weigh in on that. >> Never, he says >> Still the Goat. >> I'll give you my best. You know, never In Bill we trust. >> Okay. Still. >> All right >> I, you know, the NFL is a unique property that's designed for parody and is designed, I mean actively designed to not let Mr. Craft and Bill Belichick do what they do every year. I feel privileged as a Boston sports fan that in our worst years we're in the seventh playoff spot. And I have a lot of family in Chicago who would kill for that position, by the way. And you know, they're in perpetual rebuilding. And so look, and I think he, you know the way he's been able to manage the cap and the skill levels, I think we have a top five defense. There's different ways to win titles. And if I, you know, remember in Brady's last title with Boston, the defense won us that Super Bowl. >> Well thanks for weighing in on that because there's a lot of crazy talk going on. Like, 'Hey, if he doesn't beat Arizona, he's got to go.' I'm like, what? So, okay, I'm sometimes it takes a good good loyal fan who's maybe, you know, has >> The good news in Boston is we're emotional fans too so I understand you got to keep the long term long term in mind. And we're, we're in a privileged position in Boston. We've got Celtics, we've got Bruins we've got the Patriots right on the edge of the playoffs and we need the Red Sox to get to work. >> Yeah, no, you know they were last, last year so maybe they're going to win it all like they usually do. So >> Fingers crossed. >> Crazy worst to first. >> Exactly. Well you said, in Bill we trust it sounds like from our conversation in BJ we trust from the customers, the partners. >> I hope so. >> Thank you so much BJ, for coming back on theCUBE giving us the lay of the land, what's new, the voice of the customer and how Palo Alto was really differentiated in the market. We always appreciate your, coming on the show you >> Honor and privilege seeing you here. Thanks. >> You may be thinking that you were watching ESPN just now but you know, we call ourselves the ESPN at Tech News. This is Lisa Martin for Dave Vellante and our guest. You're watching theCUBE, the Leader and live emerging in enterprise tech coverage. (upbeat music)

hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

>>Welcome back everyone to the Cube and Horizon three.ai special presentation. I'm John Furrier, host of the Cube. We with Chris Hill, Sector head for strategic accounts and federal@horizonthree.ai. Great innovative company. Chris, great to see you. Thanks for coming on the Cube. >>Yeah, like I said, you know, great to meet you John. Long time listener. First time call. So excited to be here with >>You guys. Yeah, we were talking before camera. You had Splunk back in 2013 and I think 2012 was our first splunk.com. Yep. And boy man, you know, talk about being in the right place at the right time. Now we're at another inflection point and Splunk continues to be relevant and continuing to have that data driving security and that interplay. And your ceo, former CTO of Splunk as well at Horizons Neha, who's been on before. Really innovative product you guys have, but you know, Yeah, don't wait for a brief to find out if you're locking the right data. This is the topic of this thread. Splunk is very much part of this new international expansion announcement with you guys. Tell us what are some of the challenges that you see where this is relevant for the Splunk and the Horizon AI as you guys expand Node zero out internationally? >>Yeah, well so across, so you know, my role within Splunk was working with our most strategic accounts. And so I look back to 2013 and I think about the sales process like working with, with our small customers. You know, it was, it was still very siloed back then. Like I was selling to an IT team that was either using us for IT operations. We generally would always even say, yeah, although we do security, we weren't really designed for it. We're a log management tool. And you know, we, and I'm sure you remember back then John, we were like sort of stepping into the security space and in the public sector domain that I was in, you know, security was 70% of what we did. When I look back to sort of the transformation that I was, was witnessing in that digital transformation, you know when I, you look at like 2019 to today, you look at how the IT team and the security teams are, have been forced to break down those barriers that they used to sort of be silo away, would not communicate one, you know, the security guys would be like, Oh this is my BA box it, you're not allowed in today. >>You can't get away with that. And I think that the value that we bring to, you know, and of course Splunk has been a huge leader in that space and continues to do innovation across the board. But I think what we've we're seeing in the space that I was talking with Patrick Kauflin, the SVP of security markets about this, is that, you know, what we've been able to do with Splunk is build a purpose built solution that allows Splunk to eat more data. So Splunk itself, as you well know, it's an ingest engine, right? So the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it, but without data it doesn't do anything, right? So how do you drive and how do you bring more data in? And most importantly from a customer perspective, how do you bring the right data in? >>And so if you think about what node zero and what we're doing in a Horizon three is that, sure we do pen testing, but because we're an autonomous pen testing tool, we do it continuously. So this whole thought of being like, Oh, crud like my customers, Oh yeah, we got a pen test coming up, it's gonna be six weeks. The wait. Oh yeah. You know, and everyone's gonna sit on their hands, Call me back in two months, Chris, we'll talk to you then. Right? Not, not a real efficient way to test your environment and shoot, we, we saw that with Uber this week. Right? You know, and that's a case where we could have helped. >>Well just real quick, explain the Uber thing cause it was a contractor. Just give a quick highlight of what happened so you can connect the >>Dots. Yeah, no problem. So there it was, I think it was one of those, you know, games where they would try and test an environment. And what the pen tester did was he kept on calling them MFA guys being like, I need to reset my password re to set my password. And eventually the customer service guy said, Okay, I'm resetting it. Once he had reset and bypassed the multifactor authentication, he then was able to get in and get access to the domain area that he was in or the, not the domain, but he was able to gain access to a partial part of the network. He then paralleled over to what would I assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains. And so within minutes they had access. And that's the sort of stuff that we do under, you know, a lot of these tools. >>Like not, and I'm not, you know, you think about the cacophony of tools that are out there in a CTA orchestra architecture, right? I'm gonna get like a Zscaler, I'm gonna have Okta, I'm gonna have a Splunk, I'm gonna do this sore system. I mean, I don't mean to name names, we're gonna have crowd strike or, or Sentinel one in there. It's just, it's a cacophony of things that don't work together. They weren't designed work together. And so we have seen so many times in our business through our customer support and just working with customers when we do their pen test, that there will be 5,000 servers out there. Three are misconfigured. Those three misconfigurations will create the open door. Cause remember the hacker only needs to be right once, the defender needs to be right all the time. And that's the challenge. And so that's why I'm really passionate about what we're doing here at Horizon three. I see this my digital transformation, migration and security going on, which we're at the tip of the sp, it's why I joined say Hall coming on this journey and just super excited about where the path's going and super excited about the relationship with Splunk. I get into more details on some of the specifics of that. But you know, >>I mean, well you're nailing, I mean we've been doing a lot of things around super cloud and this next gen environment, we're calling it NextGen. You're really seeing DevOps, obviously Dev SecOps has, has already won the IT role has moved to the developer shift left as an indicator of that. It's one of the many examples, higher velocity code software supply chain. You hear these things. That means that it is now in the developer hands, it is replaced by the new ops, data ops teams and security where there's a lot of horizontal thinking. To your point about access, there's no more perimeter. So >>That there is no perimeter. >>Huge. A hundred percent right, is really right on. I don't think it's one time, you know, to get in there. Once you're in, then you can hang out, move around, move laterally. Big problem. Okay, so we get that. Now, the challenges for these teams as they are transitioning organizationally, how do they figure out what to do? Okay, this is the next step. They already have Splunk, so now they're kind of in transition while protecting for a hundred percent ratio of success. So how would you look at that and describe the challenges? What do they do? What is, what are the teams facing with their data and what's next? What do they, what do they, what action do they take? >>So let's do some vernacular that folks will know. So if I think about dev sec ops, right? We both know what that means, that I'm gonna build security into the app, but no one really talks about SEC DevOps, right? How am I building security around the perimeter of what's going inside my ecosystem and what are they doing? And so if you think about what we're able to do with somebody like Splunk is we could pen test the entire environment from soup to nuts, right? So I'm gonna test the end points through to it. So I'm gonna look for misconfigurations, I'm gonna, and I'm gonna look for credential exposed credentials. You know, I'm gonna look for anything I can in the environment. Again, I'm gonna do it at at light speed. And, and what we're, what we're doing for that SEC dev space is to, you know, did you detect that we were in your environment? >>So did we alert Splunk or the SIM that there's someone in the environment laterally moving around? Did they, more importantly, did they log us into their environment? And when did they detect that log to trigger that log? Did they alert on us? And then finally, most importantly, for every CSO out there is gonna be did they stop us? And so that's how we, we, we do this in, I think you, when speaking with Stay Hall, before, you know, we've come up with this boils U Loop, but we call it fine fix verify. So what we do is we go in is we act as the attacker, right? We act in a production environment. So we're not gonna be, we're a passive attacker, but we will go in un credentialed UN agents. But we have to assume, have an assumed breach model, which means we're gonna put a Docker container in your environment and then we're going to fingerprint the environment. >>So we're gonna go out and do an asset survey. Now that's something that's not something that Splunk does super well, you know, so can Splunk see all the assets, do the same assets marry up? We're gonna log all that data and think then put load that into the Splunk sim or the smoke logging tools just to have it in enterprise, right? That's an immediate future ad that they've got. And then we've got the fix. So once we've completed our pen test, we are then gonna generate a report and we could talk about about these in a little bit later. But the reports will show an executive summary the assets that we found, which would be your asset discovery aspect of that, a fixed report. And the fixed report I think is probably the most important one. It will go down and identify what we did, how we did it, and then how to fix that. >>And then from that, the pen tester or the organization should fix those. Then they go back and run another test. And then they validate through like a change detection environment to see, hey, did those fixes taste, play take place? And you know, SNA Hall, when he was the CTO of JS o, he shared with me a number of times about, he's like, Man, there would be 15 more items on next week's punch sheet that we didn't know about. And it's, and it has to do with how we, you know, how they were prioritizing the CVEs and whatnot because they would take all CVS was critical or non-critical. And it's like we are able to create context in that environment that feeds better information into Splunk and whatnot. That >>Was a lot. That brings, that brings up the, the efficiency for Splunk specifically. The teams out there. By the way, the burnout thing is real. I mean, this whole, I just finished my list and I got 15 more or whatever the list just can, keeps, keeps growing. How did Node zero specifically help Splunk teams be more efficient? Now that's the question I want to get at, because this seems like a very scalable way for Splunk customers and teams, service teams to be more efficient. So the question is, how does Node zero help make Splunk specifically their service teams be more efficient? >>So to, so today in our early interactions with building Splunk customers, what we've seen are five things, and I'll start with sort of identifying the blind spots, right? So kind of what I just talked about with you. Did we detect, did we log, did we alert? Did they stop node zero, right? And so I would, I put that at, you know, a a a more layman's third grade term. And if I was gonna beat a fifth grader at this game would be, we can be the sparring partner for a Splunk enterprise customer, a Splunk essentials customer, someone using Splunk soar, or even just an enterprise Splunk customer that may be a small shop with three people and, and just wants to know where am I exposed. So by creating and generating these reports and then having the API that actually generates the dashboard, they can take all of these events that we've logged and log them in. >>And then where that then comes in is number two is how do we prioritize those logs, right? So how do we create visibility to logs that are, have critical impacts? And again, as I mentioned earlier, not all CVEs are high impact regard and also not all are low, right? So if you daisy chain a bunch of low CVEs together, boom, I've got a mission critical AP CVE that needs to be fixed now, such as a credential moving to an NT box that's got a text file with a bunch of passwords on it, that would be very bad. And then third would be verifying that you have all of the hosts. So one of the things that Splunk's not particularly great at, and they, they themselves, they don't do asset discovery. So do what assets do we see and what are they logging from that? And then for, from, for every event that they are able to identify the, one of the cool things that we can do is actually create this low-code, no-code environment. >>So they could let, you know, float customers can use Splunk. So to actually triage events and prioritize that events or where they're being routed within it to optimize the SOX team time to market or time to triage any given event. Obviously reducing mtr. And then finally, I think one of the neatest things that we'll be seeing us develop is our ability to build glass tables. So behind me you'll see one of our triage events and how we build a lock Lockheed Martin kill chain on that with a glass table, which is very familiar to this Splunk community. We're going to have the ability, not too distant future to allow people to search, observe on those IOCs. And if people aren't familiar with an ioc, it's an incident of compromise. So that's a vector that we want to drill into. And of course who's better at drilling in into data and Splunk. >>Yeah, this is a critical, this is awesome synergy there. I mean I can see a Splunk customer going, Man, this just gives me so much more capability. Action actionability. And also real understanding, and I think this is what I wanna dig into, if you don't mind understanding that critical impact, okay. Is kind of where I see this coming. I got the data, data ingest now data's data. But the question is what not to log, You know, where are things misconfigured? These are critical questions. So can you talk about what it means to understand critical impact? >>Yeah, so I think, you know, going back to those things that I just spoke about, a lot of those CVEs where you'll see low, low, low and then you daisy chain together and you're suddenly like, oh, this is high now. But then to your other impact of like if you're a, if you're a a Splunk customer, you know, and I had, I had several of them, I had one customer that, you know, terabytes of McAfee data being brought in and it was like, all right, there's a lot of other data that you probably also wanna bring, but they could only afford, wanted to do certain data sets because that's, and they didn't know how to prioritize or filter those data sets. And so we provide that opportunity to say, Hey, these are the critical ones to bring in. But there's also the ones that you don't necessarily need to bring in because low CVE in this case really does mean low cve. >>Like an ILO server would be one that, that's the print server where the, your admin credentials are on, on like a, a printer. And so there will be credentials on that. That's something that a hacker might go in to look at. So although the CVE on it is low, if you daisy chain was something that's able to get into that, you might say, ah, that's high. And we would then potentially rank it giving our AI logic to say that's a moderate. So put it on the scale and we prioritize though, versus a, a vulner review scanner's just gonna give you a bunch of CVEs and good luck. >>And translating that if I, if I can and tell me if I'm wrong, that kind of speaks to that whole lateral movement. That's it. Challenge, right? Print server, great example, look stupid low end, who's gonna wanna deal with the print server? Oh, but it's connected into a critical system. There's a path. Is that kind of what you're getting at? >>Yeah, I used daisy chain. I think that's from the community they came from. But it's, it's just a lateral movement. It's exactly what they're doing. And those low level, low critical lateral movements is where the hackers are getting in. Right? So that's what the beauty thing about the, the Uber example is that who would've thought, you know, I've got my multifactor authentication going in a human made a mistake. We can't, we can't not expect humans to make mistakes. Were fall, were fallible, right? Yeah. The reality is is once they were in the environment, they could have protected themselves by running enough pen tests to know that they had certain exposed credentials that would've stopped the breach. Yeah. And they did not, had not done that in their environment. And I'm not poking. Yeah, >>They put it's interesting trend though. I mean it's obvious if sometimes those low end items are also not protected well. So it's easy to get at from a hacker standpoint, but also the people in charge of them can be fished easily or spear fished because they're not paying attention. Cause they don't have to. No one ever told them, Hey, be careful of what you collect. >>Yeah. For the community that I came from, John, that's exactly how they, they would meet you at a, an international event introduce themselves as a graduate student. These are national actor states. Would you mind reviewing my thesis on such and such? And I was at Adobe at the time though I was working on this and start off, you get the pdf, they opened the PDF and whoever that customer was launches, and I don't know if you remember back in like 2002, 2008 time frame, there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it. And John, that's >>Or LinkedIn. Hey I wanna get a joke, we wanna hire you double the salary. Oh I'm gonna click on that for sure. You know? Yeah, >>Right. Exactly. Yeah. The one thing I would say to you is like when we look at like sort of, you know, cuz I think we did 10,000 pen test last year is it's probably over that now, you know, we have these sort of top 10 ways that we think then fine people coming into the environment. The funniest thing is that only one of them is a, a CVE related vulnerability. Like, you know, you guys know what they are, right? So it's it, but it's, it's like 2% of the attacks are occurring through the CVEs, but yet there's all that attention spent to that. Yeah. And very little attention spent to this pen testing side. Yeah. Which is sort of this continuous threat, you know, monitoring space and, and, and this vulnerability space where I think we play such an important role and I'm so excited to be a part of the tip of the spear on this one. >>Yeah. I'm old enough to know the movie sneakers, which I love as a, you know, watching that movie, you know, professional hackers are testing, testing, always testing the environment. I love this. I gotta ask you, as we kind of wrap up here, Chris, if you don't mind the benefits to team professional services from this alliance, big news Splunk and you guys work well together. We see that clearly. What are, what other benefits do professional services teams see from the Splunk and Horizon three AI alliance? >>So if you're a, I think for, from our, our, from both of our partners as we bring these guys together and many of them already are the same partner, right? Is that first off, the licensing model is probably one of the key areas that we really excel at. So if you're an end user, you can buy for the enterprise by the enter of IP addresses you're using. But if you're a partner working with this, there's solution ways that you can go in and we'll license as to MSPs and what that business model on our MSPs looks like. But the unique thing that we do here is this c plus license. And so the Consulting Plus license allows like a, somebody a small to midsize to some very large, you know, Fortune 100, you know, consulting firms uses by buying into a license called Consulting Plus where they can have unlimited access to as many ips as they want. >>But you can only run one test at a time. And as you can imagine when we're going and hacking passwords and checking hashes and decrypting hashes, that can take a while. So, but for the right customer, it's, it's a perfect tool. And so I I'm so excited about our ability to go to market with our partners so that we underhand to sell, understand how not to just sell too or not tell just to sell through, but we know how to sell with them as a good vendor partner. I think that that's one thing that we've done a really good job building bringing into market. >>Yeah. I think also the Splunk has had great success how they've enabled partners and professional services. Absolutely. They've, you know, the services that layer on top of Splunk are multifold tons of great benefits. So you guys vector right into that ride, that wave with >>Friction. And, and the cool thing is that in, you know, in one of our reports, which could be totally customized with someone else's logo, we're going to generate, you know, so I, I used to work at another organization, it wasn't Splunk, but we, we did, you know, pen testing as a, as a for, for customers and my pen testers would come on site, they, they do the engagement and they would leave. And then another really, someone would be, oh shoot, we got another sector that was breached and they'd call you back, you know, four weeks later. And so by August our entire pen testings teams would be sold out and it would be like, wow. And in March maybe, and they'd like, No, no, no, I gotta breach now. And, and, and then when they do go in, they go through, do the pen test and they hand over a PDF and they pat you on the back and say, there's where your problems are, you need to fix it. And the reality is, is that what we're gonna generate completely autonomously with no human interaction is we're gonna go and find all the permutations that anything we found and the fix for those permutations and then once you fixed everything, you just go back and run another pen test. Yeah. It's, you know, for what people pay for one pen test, they could have a tool that does that. Every, every pat patch on Tuesday pen test on Wednesday, you know, triage throughout the week, >>Green, yellow, red. I wanted to see colors show me green, green is good, right? Not red. >>And once CIO doesn't want, who doesn't want that dashboard, right? It's, it's, it is exactly it. And we can help bring, I think that, you know, I'm really excited about helping drive this with the Splunk team cuz they get that, they understand that it's the green, yellow, red dashboard and, and how do we help them find more green so that the other guys are >>In Yeah. And get in the data and do the right thing and be efficient with how you use the data, Know what to look at. So many things to pay attention to, you know, the combination of both and then, then go to market strategy. Real brilliant. Congratulations Chris. Thanks for coming on and sharing this news with the detail around this Splunk in action around the alliance. Thanks for sharing, >>John. My pleasure. Thanks. Look forward to seeing you soon. >>All right, great. We'll follow up and do another segment on DevOps and IT and security teams as the new new ops, but, and Super cloud, a bunch of other stuff. So thanks for coming on. And our next segment, the CEO of Verizon, three AA, will break down all the new news for us here on the cube. You're watching the cube, the leader in high tech enterprise coverage.

>>Welcome back to the aria in Las Vegas, Dave Valante with Dave Nicholson, Falcon 22, the Cube's continuous coverage. Sean Henry is here. He's the president of the services division and he's the chief security officer at CrowdStrike. And he's joined by Kevin mania, CEO of Mandy. Now part of Google Jens. Welcome to the cube. Thank you. Congrats on closing the Google deal. Thank you. That's great. New chapter, >>New >>Chapter coming fresh off the keynote, you and George. I really en enjoyed that. Let's start there. One of the things you talked about was the changes you've been, you've been in this business for a while. I think you were talking about, you know, doing some of these early stuff in the nineties. Wow. Things have changed a lot the queen, right? Right. You used to put the perimeter around the queen. Yeah. Build the Mo the Queen's left or castle new ballgame. But you were talking about the board level knowledge of security in the organization. Talk about that change. That's occurred in the last >>Decade. You know, boards are all about governance, right? Making sure everybody's doing the right things. And they've kind of had a haul pass on cybersecurity for a long time. Like we expect them to be great at financial diligence, they understand the financials of an organization. You're gonna see a maturity, I think in cybersecurity where I think board members all know, Hey, there's risk out there. And we're on our own to kind of defend ourselves from it, but they don't know how to quantify it. And they don't know how to express it. So bottom line boards are interested in cyber and we just have to mature as an industry to give them the tools they need to measure it appropriately. >>Sean, one of the things I wanted to ask you. So Steven Schmidt, I noticed changed his title from CISOs chief inf information security officer, the chief security officer. Your title is chief security officer. Is that a nuance that has meaning to you or is it just less acronym? >>It depends on the organization that you're in, in our organization, the chief security officer owns all risks. So I have a CISO that comes underneath me. Yep. And I've got a security folks that are handling our facilities, our personnel, those sorts of things, all, all of our offices around the globe. So it's all things security. One of the things that we've found and Kevin and I were actually talking about this earlier is this intersection between the physical world and the virtual world. And if you've got adversaries that want gain access to your organization, they might do it remotely by trying to hack into your network. But they also might try to get one of your employees to take an action on their behalf, or they might try to get somebody hired into your company to take some nefarious acts. So from a security perspective, it's about building an envelope around all things valuable and then working it in a collaborative way. So there's a lot of interface, a lot of interaction and a lot of value in putting those things together. And, >>And you're also president of the services division. Is that a P and L role or >>It is, we have a it's P P O P and L. And we have an entire organization that's doing incident response and it's a lot of the work that we're doing with, with Kevin's folks now. So I've got both of those hats today. >>Okay. So self-funded so in a way, okay. Where are companies most at risk today? >>Huh? You wanna go on that one first? Sean, you talk fast than me. So it's bigger bang for the buck. If >>You >>Talk, you know, when I, when I think about, about companies in terms of, of their risk, it's a lot of it has to do with the expansion of the network. Companies are adding new applications, new devices, they're expanding into new areas. There are new technologies that are being developed every day and that are being embraced every day. And all of those technologies, all of those applications, all of that hardware is susceptible to attack. Adversaries are looking for the vulnerabilities they can exploit. And I think just kind of that sprawl is something that is, is disconcerting to me from a security perspective, we need to know where our assets are, where the vulnerabilities lie, how do we plug the holes? And having that visibility is really critical to ensure that you're you're in, involved in mitigating that, that new architecture, >>Anything you >>Did. Yeah. I would like when I, so I can just tell you what I'm hearing from CISOs out there. They're worried about identity, the lateral movement. That's been kind of part of every impactful breach. So in identity's kind of top three of mind, I would say zero trust, whatever that means. And we all have our own definitions of migration to zero trust and supply chain risk. You know, whether they're the supplier, they wanna make sure they can prove to their customers, they have great security practices. Or if they're a consumer of a supply chain, you need to understand who's in their supply chain. What are their dependencies? How secure are they? Those are just three topics that come up all the time. >>As we extend, you know, talking about XDR the X being extend. Do you see physical security as something that's being extended into? Or is it, or is it already kind of readily accepted that physical security goes hand in hand with information security? >>I, I don't think a lot of people think that way there certainly are some and Dave mentions Amazon and Steve Schmidt as a CSO, right? There's a CSO that works for him as well. CJ's clear integration. There's an intelligence component to that. And I think that there are certain organizations that are starting to recognize and understand that when we say there's no real perimeter, it, it expands the network expands into the physical space. And if you're not protecting that, you know, if you don't protect the, the server room and somebody can actually walk in the doors unlocked, you've got a vulnerability that might be exploited. So I think to, to recognize the value of that integration from a security perspective, to be holistic and for organizations to adopt a security first philosophy that all the employees recognize they're, they're the, the first line of defense. Oftentimes not just from a fish, but by somebody catching up with them and handing 'em a thumb drive, Hey, can you take a look at this document? For me, that's a potential vulnerability as well. So those things need to be integrated. >>I thought the most interesting part of the keynote this morning is when George asked you about election security and you immediately went to the election infrastructure. I was like, yeah. Okay. Yeah. But then I was so happy to hear you. You went to the disinformation, I learned something there about your monitoring, the network effects. Sure. And, and actually there's a career stream around that. Right. The reason I had so years ago I interviewed was like, this was 2016, Robert Gates. Okay. Former defense. And I, I said, yeah, but don't we have the best cyber can't we go on the offense. He said, wait a minute, we have the most to lose. Right. But, but you gave an example where you can identify the bots. Like let's say there's disinformation out there. You could actually use bots in a positive way to disseminate the, the truth in theory. Good. Is, is that something that's actually happening >>Out there? Well, I think we're all still learning. You know, you can have deep fakes, both audible files or visual files, right. And images. And there's no question. The next generation, you do have to professionalize the news that you consume. And we're probably gonna have to professionalize the other side critical thinking because we are a marketplace of ideas in an open society. And it's hard to tell where's the line between someone's opinion and intentional deception, you know, and sometimes it could be the source, a foreign threat, trying to influence the hearts and minds of citizens, but there's gonna be an internal threat or domestic threat as well to people that have certain ideas and concepts that they're zealots about. >>Is it enough to, is it enough to simply expose where the information is coming from? Because, you know, look, I, I could make the case that the red Sox, right. Or a horrible baseball team, and you should never go to Fenway >>And your Yankees Jersey. >>Right. Right. So is that disinformation, is that misinformation? He'd say yes. Someone else would say no, but it would be good to know that a thousand bots from some troll farm, right. Are behind us. >>There's, it's helpful to know if something can be tied to identity or is totally anonymous. Start just there. Yeah. Yeah. You can still protect the identity over time. I think all of us, if you're gonna trust the source, you actually know the source. Right. So I do believe, and, and by the way, much longer conversation about anonymity versus privacy and then trust, right. And all three, you could spend this whole interview on, but we have to have a trustworthy internet as well. And that's not just in the tech and the security of it, but over time it could very well be how we're being manipulated as citizens and people. >>When you guys talk to customers and, and peers, when somebody gets breached, what's the number one thing that you hear that they wished they'd done that they didn't. >>I think we talked about this earlier, and I think identity is something that we're talking about here. How are you, how are you protecting your assets? How do you know who's authorized to have access? How do you contain the, the access that they have? And the, the area we see with, with these malware free attacks, where adversaries are using the existing capabilities, the operating system to move laterally through the network. I mean, Kevin's folks, my folks, when we respond to an incident, it's about looking at that lateral movement to try and get a full understanding of where the adversary's been, where they're going, what they're doing, and to try to, to find a root cause analysis. And it really is a, a critical part. >>So part of the reason I was asking you about, was it a P and L cuz you, you wear two hats, right? You've got revenue generation on one side and then you've got you protect, you know, the company and you've got peer relationships. So the reason I bring this up is I felt like when stucks net occurred, there was a lot of lip service around, Hey, we, as an industry are gonna work together. And then what you saw was a lot of attempts to monetize, you know, private data, sell private reports and things of that nature you were referencing today, Kevin, that you think the industry's doing a much better job of, of collaboration. Is it, can you talk about that and maybe give some examples? >>Absolutely. I mean, you know, I lived through it as a victim of a breach couple years ago. If you see something new and novel, I, I just can't imagine you getting away with keeping it a secret. I mean, I would even go, what are you doing? Harboring that if you have it, that doesn't mean you tell the whole world, you don't come on your show and say, Hey, we got something new novel, everybody panic, you start contacting the people that are most germane to fixing the problem before you tell the world. So if I see something that's new in novel, certainly con Sean and the team at CrowdStrike saying, Hey, there's because they protect so many endpoints and they defend nations and you gotta get to Microsoft. You have to talk to pan. You have to get to the companies that have a large capability to do shields up. And I think you do that immediately. You can't sit on new and novel. You get to the vendor where the vulnerability is, all these things have to happen at a great rate to speak. >>So you guys probably won't comment, but I'm betting dollars to donuts. This Uber lapses hack you guys knew about. >>I turned to you. >>No comment. I'm guessing. I'm guessing that the, that wasn't novel. My point being, let me, let me ask it in a more generic fashion that you can maybe comment you you're. I think you're my, my inference is we're com the industry is compressing the time between a zero day and a fix. Absolutely. Absolutely. Like dramatically. >>Yes. Oh, awareness of it and AIX. Yes. Yeah. >>Okay. Yeah. And a lot of the hacks that we see as lay people in the media you've known about for quite some time, is that fair or no, not necessarily. >>It's, you know, it's harder to handle an intrusion quietly and discreetly these days, especially with what you're up against and, and most CEOs, by the way, their intent isn't, let's handle it quietly and discreetly it's what do we do about it? And what's the right way to handle it. And they wanna inform their customers and they wanna inform people that might be impacted. I wouldn't say we know it all that far ahead of time >>And, and depends. And, and I, I think companies don't know it. Yeah. Companies don't know they've been breached for weeks or months or years in some cases. Right. Which talks about a couple things, first of all, some of the sophistication of the adversaries, but it also talks about the inability of companies to often detect this type of activity when we're brought in. It's typically very quickly after the company finds out because they recognize they've gotta take action. They've got liability, they've got brand protection. There, whole sorts of, of things they need to take care of. And we're brought in it may or may not be, become public, but >>CrowdStrike was founded on the premise that the unstoppable breach is a myth. Now that's a, that's a bold sort of vision. We're not there yet, obviously. And a and a, and a, a CSO can't, you know, accept that. Right. You've gotta always be vigilant, but is that something that is, that we're gonna actually see manifest, you know, in any, any time in the near term? I mean, thinking about the Falcon platform, you guys are users of that. I don't know if that is part of the answer, but part of it's technology, but without the cultural aspects, the people side of things, you're never gonna get there. >>I can tell you, I started Maning in 2004 at the premise security breaches are inevitable, far less marketable. Yeah. You know, stop breaches. >>So >>Yeah. I, I think you have to learn how to manage this, right? It's like healthcare, you're not gonna stop every disease, but there's a lot of things that you can do to mitigate the consequences of those things. The same thing with network security, there's a lot of actions that organizations can take to help protect them in a way that allows them to live and, and operate in a, in a, a strong position. If companies are lackadaisical that irresponsible, they don't care. Those are companies that are gonna suffer. But I think you can manage this if you're using the right technology, the right people, you've got the right philosophy security first >>In, in the culture. >>Well, I can tell you very quickly, three reasons why people think, why is there an intrusion? It should just go away. Well, wherever money goes, crime follows. We still have crime. So you're still gonna have intrusions, whether it has to be someone on the inside or faulty software and people being paid the right faulty software, you're gonna have war. That's gonna create war in the cyber domain. So information warriors are gonna try to have intrusions to get to command and control. So wherever you have command and control, you'll have a war fighter. And then wherever you have information, you have ESP Espino. So you're gonna have people trying to break in at all times. >>And, and to tie that up because everything Kevin said is absolutely right. And what he just said at the very end was people, there are human beings that are on the other side of every single attack. And think about this until you physically get physically get to the people that are doing it and stop them. Yes, this will go on forever because you can block them, but they're gonna move and you can block them again. They're gonna move their objectives. Don't change because the information you have, whether it's financial information, intellectual property, strategic military information, that's still there. They will always come at it, which is where that physical component comes in. If you're able to block well enough and they can't get you remotely, they might send somebody in. Well, >>I, in the keynote, I, I'm not kidding. I'm looking around the room and I'm thinking there's at least one person here that is here primarily to gather intelligence, to help them defeat. What's being talked about here. >>Well, you said it's, >>It's kind >>Of creepy. You said the adversary is, is very well equipped and motivated. Why do you Rob banks? Well, that's where the money is, but it's more than that. Now with state sponsored terrorism and, you know, exfiltration of state secrets, I mean, there's, it's high stake's games. You got, this >>Has become a tool of nation states in terms from a political perspective, from a military perspective, if you look at what happened with Ukraine and Russia, all the work that was done in advanced by the Russians to soften up the Ukrainians, not just collection of intelligence, not just denial of services, but then disruptive attacks to change the entire complexity of the battlefield. This, this is a, an area that's never going away. It's becoming ingrained in our lives. And it's gonna be utilized for nefarious acts for many, many decades to come. >>I mean, you're right, Sean, we're seeing the future of war right before us is, is there's. There is going to be, there is a cyber component now in war, >>I think it signals the cyber component signals the silent intention of nations period, the silent projection of power probably before you see kinetics. >>And this is where gates says we have a lot more to lose as a country. So it's hard for us to go on the offense. We have to be very careful about our offensive capabilities because >>Of one of the things that, that we do need to, to do though, is we need to define what the red lines are to adversaries. Because when you talk about human beings, you've gotta put a deterrent in place so that if the adversaries know that if you cross this line, this is what the response is going to be. It's the way things were done during nuclear proliferation, right? Right. During the cold war, here's what the actions are gonna be. It's gonna be, it's gonna be mutual destruction and you can't do it. And we didn't have a nuclear war. We're at a point now where adversaries are pushing the envelope constantly, where they're turning off the lights in certain countries where they're taking actions that are, are quite detrimental to the host governments and those red lines have to be very clear, very clearly defined and acted upon if they're >>Crossed as security experts. Can you always tie that signature back to say a particular country or a particular group? >>Absolutely. 100% every >>Time I know. Yeah. No, it it's. It's a great question. You, you need to get attribution right. To get to deterrence, right. And without attribution, where do you proportionate respond to whatever act you're responding to? So attribution's critical. Both our companies work hard at doing it and it, and that's why I think you're not gonna see too many false flag operations in cyberspace, but when you do and they're well crafted or one nation masquerades is another, it, it, it's one of the last rules of the playground I haven't seen broken yet. And that that'll be an unfortunate day. >>Yeah. Because that mutually assure destruction, a death spot like Putin can say, well, it wasn't wasn't me. Right. So, and ironically, >>It's human intelligence, right. That ultimately is gonna be the only way to uncover >>That human intelligence is a big component. >>For sure. Right. And, and David, like when you go back to, you were referring to Robert Gates, it's the asymmetry of cyberspace, right? One person in one nation. That's not a control by asset could still do an act. And it, it just adds to the complexity of, we have attribution it's from that nation, but was it in order? Was it done on behalf of that nation? Very complicated. >>So this is an industry of superheroes. Thank you guys for all you do and appreciate you coming on the cube. Wow. >>I love your Cape. >>Thank all right. Keep it right there. Dave Nicholson and Dave ante be right back from Falcon 22 from the area you watching the cue.

>> The rapid rise of ransomware attacks has added yet another challenge that business technology executives have to worry about these days, cloud storage, immutability, and air gaps have become a must have arrows in the quiver of organization's data protection strategies. But the important reality that practitioners have embraced is data protection, it can't be an afterthought or a bolt on it, has to be designed into the operational workflow of technology systems. The problem is, oftentimes, data protection is complicated with a variety of different products, services, software components, and storage formats, this is why object storage is moving to the forefront of data protection use cases because it's simpler and less expensive. The put data get data syntax has always been alluring, but object storage, historically, was seen as this low-cost niche solution that couldn't offer the performance required for demanding workloads, forcing customers to make hard tradeoffs between cost and performance. That has changed, the ascendancy of cloud storage generally in the S3 format specifically has catapulted object storage to become a first class citizen in a mainstream technology. Moreover, innovative companies have invested to bring object storage performance to parity with other storage formats, but cloud costs are often a barrier for many companies as the monthly cloud bill and egress fees in particular steadily climb. Welcome to Secure Storage Hot Takes, my name is Dave Vellante, and I'll be your host of the program today, where we introduce our community to Wasabi, a company that is purpose-built to solve this specific problem with what it claims to be the most cost effective and secure solution on the market. We have three segments today to dig into these issues, first up is David Friend, the well known entrepreneur who co-founded Carbonite and now Wasabi will then dig into the product with Drew Schlussel of Wasabi, and then we'll bring in the customer perspective with Kevin Warenda of the Hotchkiss School, let's get right into it. We're here with David Friend, the President and CEO and Co-founder of Wasabi, the hot storage company, David, welcome to theCUBE. >> Thanks Dave, nice to be here. >> Great to have you, so look, you hit a home run with Carbonite back when building a unicorn was a lot more rare than it has been in the last few years, why did you start Wasabi? >> Well, when I was still CEO of Wasabi, my genius co-founder Jeff Flowers and our chief architect came to me and said, you know, when we started this company, a state of the art disk drive was probably 500 gigabytes and now we're looking at eight terabyte, 16 terabyte, 20 terabyte, even 100 terabyte drives coming down the road and, you know, sooner or later the old architectures that were designed around these much smaller disk drives is going to run out of steam because, even though the capacities are getting bigger and bigger, the speed with which you can get data on and off of a hard drive isn't really changing all that much. And Jeff foresaw a day when the architectures sort of legacy storage like Amazon S3 and so forth was going to become very inefficient and slow. And so he came up with a new, highly parallelized architecture, and he said, I want to go off and see if I can make this work. So I said, you know, good luck go to it and they went off and spent about a year and a half in the lab, designing and testing this new storage architecture and when they got it working, I looked at the economics of this and I said, holy cow, we can sell cloud storage for a fraction of the price of Amazon, still make very good gross margins and it will be faster. So this is a whole new generation of object storage that you guys have invented. So I recruited a new CEO for Carbonite and left to found Wasabi because the market for cloud storage is almost infinite. You know, when you look at all the world's data, you know, IDC has these crazy numbers, 120 zetabytes or something like that and if you look at that as you know, the potential market size during that data, we're talking trillions of dollars, not billions and so I said, look, this is a great opportunity, if you look back 10 years, all the world's data was on-prem, if you look forward 10 years, most people agree that most of the world's data is going to live in the cloud, we're at the beginning of this migration, we've got an opportunity here to build an enormous company. >> That's very exciting. I mean, you've always been a trend spotter, and I want to get your perspectives on data protection and how it's changed. It's obviously on people's minds with all the ransomware attacks and security breaches, but thinking about your experiences and past observations, what's changed in data protection and what's driving the current very high interest in the topic? >> Well, I think, you know, from a data protection standpoint, immutability, the equivalent of the old worm tapes, but applied to cloud storage is, you know, become core to the backup strategies and disaster recovery strategies for most companies. And if you look at our partners who make backup software like Veeam, Convo, Veritas, Arcserve, and so forth, most of them are really taking advantage of mutable cloud storage as a way to protect customer data, customers backups from ransomware. So the ransomware guys are pretty clever and they, you know, they discovered early on that if someone could do a full restore from their backups, they're never going to pay a ransom. So, once they penetrate your system, they get pretty good at sort of watching how you do your backups and before they encrypt your primary data, they figure out some way to destroy or encrypt your backups as well, so that you can't do a full restore from your backups. And that's where immutability comes in. You know, in the old days you, you wrote what was called a worm tape, you know, write once read many, and those could not be overwritten or modified once they were written. And so we said, let's come up with an equivalent of that for the cloud, and it's very tricky software, you know, it involves all kinds of encryption algorithms and blockchain and this kind of stuff but, you know, the net result is if you store your backups in immutable buckets, in a product like Wasabi, you can't alter it or delete it for some period of time, so you could put a timer on it, say a year or six months or something like that, once that data is written, you know, there's no way you can go in and change it, modify it, or anything like that, including even Wasabi's engineers. >> So, David, I want to ask you about data sovereignty. It's obviously a big deal, I mean, especially for companies with the presence overseas, but what's really is any digital business these days, how should companies think about approaching data sovereignty? Is it just large firms that should be worried about this? Or should everybody be concerned? What's your point of view? >> Well, all around the world countries are imposing data sovereignty laws and if you're in the storage business, like we are, if you don't have physical data storage in-country, you're probably not going to get most of the business. You know, since Christmas we've built data centers in Toronto, London, Frankfurt, Paris, Sydney, Singapore, and I've probably forgotten one or two, but the reason we do that is twofold; one is, you know, if you're closer to the customer, you're going to get better response time, lower latency, and that's just a speed of light issue. But the bigger issue is, if you've got financial data, if you have healthcare data, if you have data relating to security, like surveillance videos, and things of that sort, most countries are saying that data has to be stored in-country, so, you can't send it across borders to some other place. And if your business operates in multiple countries, you know, dealing with data sovereignty is going to become an increasingly important problem. >> So in May of 2018, that's when the fines associated with violating GDPR went into effect and GDPR was like this main spring of privacy and data protection laws and we've seen it spawn other public policy things like the CCPA and think it continues to evolve, we see judgments in Europe against big tech and this tech lash that's in the news in the U.S. and the elimination of third party cookies, what does this all mean for data protection in the 2020s? >> Well, you know, every region and every country, you know, has their own idea about privacy, about security, about the use of even the use of metadata surrounding, you know, customer data and things of this sort. So, you know, it's getting to be increasingly complicated because GDPR, for example, imposes different standards from the kind of privacy standards that we have here in the U.S., Canada has a somewhat different set of data sovereignty issues and privacy issues so it's getting to be an increasingly complex, you know, mosaic of rules and regulations around the world and this makes it even more difficult for enterprises to run their own, you know, infrastructure because companies like Wasabi, where we have physical data centers in all kinds of different markets around the world and we've already dealt with the business of how to meet the requirements of GDPR and how to meet the requirements of some of the countries in Asia and so forth, you know, rather than an enterprise doing that just for themselves, if you running your applications or keeping your data in the cloud, you know, now a company like Wasabi with, you know, 34,000 customers, we can go to all the trouble of meeting these local requirements on behalf of our entire customer base and that's a lot more efficient and a lot more cost effective than if each individual country has to go deal with the local regulatory authorities. >> Yeah, it's compliance by design, not by chance. Okay, let's zoom out for the final question, David, thinking about the discussion that we've had around ransomware and data protection and regulations, what does it mean for a business's operational strategy and how do you think organizations will need to adapt in the coming years? >> Well, you know, I think there are a lot of forces driving companies to the cloud and, you know, and I do believe that if you come back five or 10 years from now, you're going to see majority of the world's data is going to be living in the cloud and I think storage, data storage is going to be a commodity much like electricity or bandwidth, and it's going to be done right, it will comply with the local regulations, it'll be fast, it'll be local, and there will be no strategic advantage that I can think of for somebody to stand up and run their own storage, especially considering the cost differential, you know, the most analysts think that the full, all in costs of running your own storage is in the 20 to 40 terabytes per month range, whereas, you know, if you migrate your data to the cloud, like Wasabi, you're talking probably $6 a month and so I think people are learning how to deal with the idea of an architecture that involves storing your data in the cloud, as opposed to, you know, storing your data locally. >> Wow, that's like a six X more expensive in the clouds, more than six X, all right, thank you, David,-- >> In addition to which, you know, just finding the people to babysit this kind of equipment has become nearly impossible today. >> Well, and with a focus on digital business, you don't want to be wasting your time with that kind of heavy lifting. David, thanks so much for coming in theCUBE, a great Boston entrepreneur, we've followed your career for a long time and looking forward to the future. >> Thank you. >> Okay, in a moment, Drew Schlussel will join me and we're going to dig more into product, you're watching theCUBE, the leader in enterprise and emerging tech coverage, keep it right there. ♪ Whoa ♪ ♪ Brenda in sales got an email ♪ ♪ Click here for a trip to Bombay ♪ ♪ It's not even called Bombay anymore ♪ ♪ But you clicked it anyway ♪ ♪ And now our data's been held hostage ♪ ♪ And now we're on sinking ship ♪ ♪ And a hacker's in our system ♪ ♪ Just 'cause Brenda wanted a trip ♪ ♪ She clicked on something stupid ♪ ♪ And our data's out of our control ♪ ♪ Into the hands of a hacker's ♪ ♪ And he's a giant asshole. ♪ ♪ He encrypted it in his basement ♪ ♪ He wants a million bucks for the key ♪ ♪ And I'm pretty sure he's 15 ♪ ♪ And still going through puberty ♪ ♪ I know you didn't mean to do us wrong ♪ ♪ But now I'm dealing with this all week long ♪ ♪ To make you all aware ♪ ♪ Of all this ransomware ♪ ♪ That is why I'm singing you this song ♪ ♪ C'mon ♪ ♪ Take it from me ♪ ♪ The director of IT ♪ ♪ Don't click on that email from a prince Nairobi ♪ ♪ 'Cuz he's not really a prince ♪ ♪ Now our data's locked up on our screen ♪ ♪ Controlled by a kid who's just fifteen ♪ ♪ And he's using our money to buy a Ferrari ♪ (gentle music) >> Joining me now is Drew Schlussel, who is the Senior Director of Product Marketing at Wasabi, hey Drew, good to see you again, thanks for coming back in theCUBE. >> Dave, great to be here, great to see you. >> All right, let's get into it. You know, Drew, prior to the pandemic, Zero Trust, just like kind of like digital transformation was sort of a buzzword and now it's become a real thing, almost a mandate, what's Wasabi's take on Zero Trust. >> So, absolutely right, it's been around a while and now people are paying attention, Wasabi's take is Zero Trust is a good thing. You know, there are too many places, right, where the bad guys are getting in. And, you know, I think of Zero Trust as kind of smashing laziness, right? It takes a little work, it takes some planning, but you know, done properly and using the right technologies, using the right vendors, the rewards are, of course tremendous, right? You can put to rest the fears of ransomware and having your systems compromised. >> Well, and we're going to talk about this, but there's a lot of process and thinking involved and, you know, design and your Zero Trust and you don't want to be wasting time messing with infrastructure, so we're going to talk about that, there's a lot of discussion in the industry, Drew, about immutability and air gaps, I'd like you to share Wasabi's point of view on these topics, how do you approach it and what makes Wasabi different? >> So, in terms of air gap and immutability, right, the beautiful thing about object storage, which is what we do all the time is that it makes it that much easier, right, to have a secure immutable copy of your data someplace that's easy to access and doesn't cost you an arm and a leg to get your data back. You know, we're working with some of the best, you know, partners in the industry, you know, we're working with folks like, you know, Veeam, Commvault, Arc, Marquee, MSP360, all folks who understand that you need to have multiple copies of your data, you need to have a copy stored offsite, and that copy needs to be immutable and we can talk a little bit about what immutability is and what it really means. >> You know, I wonder if you could talk a little bit more about Wasabi's solution because, sometimes people don't understand, you actually are a cloud, you're not building on other people's public clouds and this storage is the one use case where it actually makes sense to do that, tell us a little bit more about Wasabi's approach and your solution. >> Yeah, I appreciate that, so there's definitely some misconception, we are our own cloud storage service, we don't run on top of anybody else, right, it's our systems, it's our software deployed globally and we interoperate because we adhere to the S3 standard, we interoperate with practically hundreds of applications, primarily in this case, right, we're talking about backup and recovery applications and it's such a simple process, right? I mean, just about everybody who's anybody in this business protecting data has the ability now to access cloud storage and so we've made it really simple, in many cases, you'll see Wasabi as you know, listed in the primary set of available vendors and, you know, put in your private keys, make sure that your account is locked down properly using, let's say multifactor authentication, and you've got a great place to store copies of your data securely. >> I mean, we just heard from David Friend, if I did my math right, he was talking about, you know, 1/6 the cost per terabyte per month, maybe even a little better than that, how are you able to achieve such attractive economics? >> Yeah, so, you know, I can't remember how to translate my fractions into percentages, but I think we talk a lot about being 80%, right, less expensive than the hyperscalers. And you know, we talked about this at Vermont, right? There's some secret sauce there and you know, we take a different approach to how we utilize the raw capacity to the effective capacity and the fact is we're also not having to run, you know, a few hundred other services, right? We do storage, plain and simple, all day, all the time, so we don't have to worry about overhead to support, you know, up and coming other services that are perhaps, you know, going to be a loss leader, right? Customers love it, right, they see the fact that their data is growing 40, 80% year over year, they know they need to have some place to keep it secure, and, you know, folks are flocking to us in droves, in fact, we're seeing a tremendous amount of migration actually right now, multiple petabytes being brought to Wasabi because folks have figured out that they can't afford to keep going with their current hyperscaler vendor. >> And immutability is a feature of your product, right? What the feature called? Can you double-click on that a little bit? >> Yeah, absolutely. So, the term in S3 is Object Lock and what that means is your application will write an object to cloud storage, and it will define a retention period, let's say a week. And for that period, that object is immutable, untouchable, cannot be altered in any way, shape, or form, the application can't change it, the system administration can't change it, Wasabi can't change it, okay, it is truly carved in stone. And this is something that it's been around for a while, but you're seeing a huge uptick, right, in adoption and support for that feature by all the major vendors and I named off a few earlier and the best part is that with immutability comes some sense of, well, it comes with not just a sense of security, it is security. Right, when you have data that cannot be altered by anybody, even if the bad guys compromise your account, they steal your credentials, right, they can't take away the data and that's a beautiful thing, a beautiful, beautiful thing. >> And you look like an S3 bucket, is that right? >> Yeah, I mean, we're fully compatible with the S3 API, so if you're using S3 API based applications today, it's a very simple matter of just kind of redirecting where you want to store your data, beautiful thing about backup and recovery, right, that's probably the simplest application, simple being a relative term, as far as lift and shift, right? Because that just means for your next full, right, point that at Wasabi, retain your other fulls, you know, for whatever 30, 60, 90 days, and then once you've kind of made that transition from vine to vine, you know, you're often running with Wasabi. >> I talked to my open about the allure of object storage historically, you know, the simplicity of the get put syntax, but what about performance? Are you able to deliver performance that's comparable to other storage formats? >> Oh yeah, absolutely, and we've got the performance numbers on the site to back that up, but I forgot to answer something earlier, right, you said that immutability is a feature and I want to make it very clear that it is a feature but it's an API request. Okay, so when you're talking about gets and puts and so forth, you know, the comment you made earlier about being 80% more cost effective or 80% less expensive, you know, that API call, right, is typically something that the other folks charge for, right, and I think we used the metaphor earlier about the refrigerator, but I'll use a different metaphor today, right? You can think of cloud storage as a magical coffee cup, right? It gets as big as you want to store as much coffee as you want and the coffee's always warm, right? And when you want to take a sip, there's no charge, you want to, you know, pop the lid and see how much coffee is in there, no charge, and that's an important thing, because when you're talking about millions or billions of objects, and you want to get a list of those objects, or you want to get the status of the immutable settings for those objects, anywhere else it's going to cost you money to look at your data, with Wasabi, no additional charge and that's part of the thing that sets us apart. >> Excellent, so thank you for that. So, you mentioned some partners before, how do partners fit into the Wasabi story? Where do you stop? Where do they pick up? You know, what do they bring? Can you give us maybe, a paint a picture for us example, or two? >> Sure, so, again, we just do storage, right, that is our sole purpose in life is to, you know, to safely and securely store our customer's data. And so they're working with their application vendors, whether it's, you know, active archive, backup and recovery, IOT, surveillance, media and entertainment workflows, right, those systems already know how to manage the data, manage the metadata, they just need some place to keep the data that is being worked on, being stored and so forth. Right, so just like, you know, plugging in a flash drive on your laptop, right, you literally can plug in Wasabi as long as your applications support the API, getting started is incredibly easy, right, we offer a 30-day trial, one terabyte, and most folks find that within, you know, probably a few hours of their POC, right, it's giving them everything they need in terms of performance, in terms of accessibility, in terms of sovereignty, I'm guessing you talked to, you know, Dave Friend earlier about data sovereignty, right? We're global company, right, so there's got to be probably, you know, wherever you are in the world some place that will satisfy your sovereignty requirements, as well as your compliance requirements. >> Yeah, we did talk about sovereignty, Drew, this is really, what's interesting to me, I'm a bit of a industry historian, when I look back to the early days of cloud, I remember the large storage companies, you know, their CEOs would say, we're going to have an answer for the cloud and they would go out, and for instance, I know one bought competitor of Carbonite, and then couldn't figure out what to do with it, they couldn't figure out how to compete with the cloud in part, because they were afraid it was going to cannibalize their existing business, I think another part is because they just didn't have that imagination to develop an architecture that in a business model that could scale to see that you guys have done that is I love it because it brings competition, it brings innovation and it helps lower clients cost and solve really nagging problems. Like, you know, ransomware, of mutability and recovery, I'll give you the last word, Drew. >> Yeah, you're absolutely right. You know, the on-prem vendors, they're not going to go away anytime soon, right, there's always going to be a need for, you know, incredibly low latency, high bandwidth, you know, but, you know, not all data's hot all the time and by hot, I mean, you know, extremely hot, you know, let's take, you know, real time analytics for, maybe facial recognition, right, that requires sub-millisecond type of processing. But once you've done that work, right, you want to store that data for a long, long time, and you're going to want to also tap back into it later, so, you know, other folks are telling you that, you know, you can go to these like, you know, cold glacial type of tiered storage, yeah, don't believe the hype, you're still going to pay way more for that than you would with just a Wasabi-like hot cloud storage system. And, you know, we don't compete with our partners, right? We compliment, you know, what they're bringing to market in terms of the software vendors, in terms of the hardware vendors, right, we're a beautiful component for that hybrid cloud architecture. And I think folks are gravitating towards that, I think the cloud is kind of hitting a new gear if you will, in terms of adoption and recognition for the security that they can achieve with it. >> All right, Drew, thank you for that, definitely we see the momentum, in a moment, Drew and I will be back to get the customer perspective with Kevin Warenda, who's the Director of Information technology services at The Hotchkiss School, keep it right there. >> Hey, I'm Nate, and we wrote this song about ransomware to educate people, people like Brenda. >> Oh, God, I'm so sorry. We know you are, but Brenda, you're not alone, this hasn't just happened to you. >> No! ♪ Colonial Oil Pipeline had a guy ♪ ♪ who didn't change his password ♪ ♪ That sucks ♪ ♪ His password leaked, the data was breached ♪ ♪ And it cost his company 4 million bucks ♪ ♪ A fake update was sent to people ♪ ♪ Working for the meat company JBS ♪ ♪ That's pretty clever ♪ ♪ Instead of getting new features, they got hacked ♪ ♪ And had to pay the largest crypto ransom ever ♪ ♪ And 20 billion dollars, billion with a b ♪ ♪ Have been paid by companies in healthcare ♪ ♪ If you wonder buy your premium keeps going ♪ ♪ Up, up, up, up, up ♪ ♪ Now you're aware ♪ ♪ And now the hackers they are gettin' cocky ♪ ♪ When they lock your data ♪ ♪ You know, it has gotten so bad ♪ ♪ That they demand all of your money and it gets worse ♪ ♪ They go and the trouble with the Facebook ad ♪ ♪ Next time, something seems too good to be true ♪ ♪ Like a free trip to Asia! ♪ ♪ Just check first and I'll help before you ♪ ♪ Think before you click ♪ ♪ Don't get fooled by this ♪ ♪ Who isn't old enough to drive to school ♪ ♪ Take it from me, the director of IT ♪ ♪ Don't click on that email from a prince in Nairobi ♪ ♪ Because he's not really a prince ♪ ♪ Now our data's locked up on our screen ♪ ♪ Controlled by a kid who's just fifteen ♪ ♪ And he's using our money to buy a Ferrari ♪ >> It's a pretty sweet car. ♪ A kid without facial hair, who lives with his mom ♪ ♪ To learn more about this go to wasabi.com ♪ >> Hey, don't do that. ♪ Cause if we had Wasabi's immutability ♪ >> You going to ruin this for me! ♪ This fifteen-year-old wouldn't have on me ♪ (gentle music) >> Drew and I are pleased to welcome Kevin Warenda, who's the Director of Information Technology Services at The Hotchkiss School, a very prestigious and well respected boarding school in the beautiful Northwest corner of Connecticut, hello, Kevin. >> Hello, it's nice to be here, thanks for having me. >> Yeah, you bet. Hey, tell us a little bit more about The Hotchkiss School and your role. >> Sure, The Hotchkiss School is an independent boarding school, grades nine through 12, as you said, very prestigious and in an absolutely beautiful location on the deepest freshwater lake in Connecticut, we have 500 acre main campus and a 200 acre farm down the street. My role as the Director of Information Technology Services, essentially to oversee all of the technology that supports the school operations, academics, sports, everything we do on campus. >> Yeah, and you've had a very strong history in the educational field, you know, from that lens, what's the unique, you know, or if not unique, but the pressing security challenge that's top of mind for you? >> I think that it's clear that educational institutions are a target these days, especially for ransomware. We have a lot of data that can be used by threat actors and schools are often underfunded in the area of IT security, IT in general sometimes, so, I think threat actors often see us as easy targets or at least worthwhile to try to get into. >> Because specifically you are potentially spread thin, underfunded, you got students, you got teachers, so there really are some, are there any specific data privacy concerns as well around student privacy or regulations that you can speak to? >> Certainly, because of the fact that we're an independent boarding school, we operate things like even a health center, so, data privacy regulations across the board in terms of just student data rights and FERPA, some of our students are under 18, so, data privacy laws such as COPPA apply, HIPAA can apply, we have PCI regulations with many of our financial transactions, whether it be fundraising through alumni development, or even just accepting the revenue for tuition so, it's a unique place to be, again, we operate very much like a college would, right, we have all the trappings of a private college in terms of all the operations we do and that's what I love most about working in education is that it's all the industries combined in many ways. >> Very cool. So let's talk about some of the defense strategies from a practitioner point of view, then I want to bring in Drew to the conversation so what are the best practice and the right strategies from your standpoint of defending your data? >> Well, we take a defense in-depth approach, so we layer multiple technologies on top of each other to make sure that no single failure is a key to getting beyond those defenses, we also keep it simple, you know, I think there's some core things that all organizations need to do these days in including, you know, vulnerability scanning, patching , using multifactor authentication, and having really excellent backups in case something does happen. >> Drew, are you seeing any similar patterns across other industries or customers? I mean, I know we're talking about some uniqueness in the education market, but what can we learn from other adjacent industries? >> Yeah, you know, Kevin is spot on and I love hearing what he's doing, going back to our prior conversation about Zero Trust, right, that defense in-depth approach is beautifully aligned, right, with the Zero Trust approach, especially things like multifactor authentication, always shocked at how few folks are applying that very, very simple technology and across the board, right? I mean, Kevin is referring to, you know, financial industry, healthcare industry, even, you know, the security and police, right, they need to make sure that the data that they're keeping, evidence, right, is secure and immutable, right, because that's evidence. >> Well, Kevin, paint a picture for us, if you would. So, you were primarily on-prem looking at potentially, you know, using more cloud, you were a VMware shop, but tell us, paint a picture of your environment, kind of the applications that you support and the kind of, I want to get to the before and the after Wasabi, but start with kind of where you came from. >> Sure, well, I came to The Hotchkiss School about seven years ago and I had come most recently from public K12 and municipal, so again, not a lot of funding for IT in general, security, or infrastructure in general, so Nutanix was actually a hyperconverged solution that I implemented at my previous position. So when I came to Hotchkiss and found mostly on-prem workloads, everything from the student information system to the card access system that students would use, financial systems, they were almost all on premise, but there were some new SaaS solutions coming in play, we had also taken some time to do some business continuity, planning, you know, in the event of some kind of issue, I don't think we were thinking about the pandemic at the time, but certainly it helped prepare us for that, so, as different workloads were moved off to hosted or cloud-based, we didn't really need as much of the on-premise compute and storage as we had, and it was time to retire that cluster. And so I brought the experience I had with Nutanix with me, and we consolidated all that into a hyper-converged platform, running Nutanix AHV, which allowed us to get rid of all the cost of the VMware licensing as well and it is an easier platform to manage, especially for small IT shops like ours. >> Yeah, AHV is the Acropolis hypervisor and so you migrated off of VMware avoiding the VTax avoidance, that's a common theme among Nutanix customers and now, did you consider moving into AWS? You know, what was the catalyst to consider Wasabi as part of your defense strategy? >> We were looking at cloud storage options and they were just all so expensive, especially in egress fees to get data back out, Wasabi became across our desks and it was such a low barrier to entry to sign up for a trial and get, you know, terabyte for a month and then it was, you know, $6 a month for terabyte. After that, I said, we can try this out in a very low stakes way to see how this works for us. And there was a couple things we were trying to solve at the time, it wasn't just a place to put backup, but we also needed a place to have some files that might serve to some degree as a content delivery network, you know, some of our software applications that are deployed through our mobile device management needed a place that was accessible on the internet that they could be stored as well. So we were testing it for a couple different scenarios and it worked great, you know, performance wise, fast, security wise, it has all the features of S3 compliance that works with Nutanix and anyone who's familiar with S3 permissions can apply them very easily and then there was no egress fees, we can pull data down, put data up at will, and it's not costing as any extra, which is excellent because especially in education, we need fixed costs, we need to know what we're going to spend over a year before we spend it and not be hit with, you know, bills for egress or because our workload or our data storage footprint grew tremendously, we need that, we can't have the variability that the cloud providers would give us. >> So Kevin, you explained you're hypersensitive about security and privacy for obvious reasons that we discussed, were you concerned about doing business with a company with a funny name? Was it the trial that got you through that knothole? How did you address those concerns as an IT practitioner? >> Yeah, anytime we adopt anything, we go through a risk review. So we did our homework and we checked the funny name really means nothing, there's lots of companies with funny names, I think we don't go based on the name necessarily, but we did go based on the history, understanding, you know, who started the company, where it came from, and really looking into the technology and understanding that the value proposition, the ability to provide that lower cost is based specifically on the technology in which it lays down data. So, having a legitimate, reasonable, you know, excuse as to why it's cheap, we weren't thinking, well, you know, you get what you pay for, it may be less expensive than alternatives, but it's not cheap, you know, it's reliable, and that was really our concern. So we did our homework for sure before even starting the trial, but then the trial certainly confirmed everything that we had learned. >> Yeah, thank you for that. Drew, explain the whole egress charge, we hear a lot about that, what do people need to know? >> First of all, it's not a funny name, it's a memorable name, Dave, just like theCUBE, let's be very clear about that, second of all, egress charges, so, you know, other storage providers charge you for every API call, right? Every get, every put, every list, everything, okay, it's part of their process, it's part of how they make money, it's part of how they cover the cost of all their other services, we don't do that. And I think, you know, as Kevin has pointed out, right, that's a huge differentiator because you're talking about a significant amount of money above and beyond what is the list price. In fact, I would tell you that most of the other storage providers, hyperscalers, you know, their list price, first of all, is, you know, far exceeding anything else in the industry, especially what we offer and then, right, their additional cost, the egress costs, the API requests can be two, three, 400% more on top of what you're paying per terabyte. >> So, you used a little coffee analogy earlier in our conversation, so here's what I'm imagining, like I have a lot of stuff, right? And I had to clear up my bar and I put some stuff in storage, you know, right down the street and I pay them monthly, I can't imagine having to pay them to go get my stuff, that's kind of the same thing here. >> Oh, that's a great metaphor, right? That storage locker, right? You know, can you imagine every time you want to open the door to that storage locker and look inside having to pay a fee? >> No, that would be annoying. >> Or, every time you pull into the yard and you want to put something in that storage locker, you have to pay an access fee to get to the yard, you have to pay a door opening fee, right, and then if you want to look and get an inventory of everything in there, you have to pay, and it's ridiculous, it's your data, it's your storage, it's your locker, you've already paid the annual fee, probably, 'cause they gave you a discount on that, so why shouldn't you have unfettered access to your data? That's what Wasabi does and I think as Kevin pointed out, right, that's what sets us completely apart from everybody else. >> Okay, good, that's helpful, it helps us understand how Wasabi's different. Kevin, I'm always interested when I talk to practitioners like yourself in learning what you do, you know, outside of the technology, what are you doing in terms of educating your community and making them more cyber aware? Do you have training for students and faculty to learn about security and ransomware protection, for example? >> Yes, cyber security awareness training is definitely one of the required things everyone should be doing in their organizations. And we do have a program that we use and we try to make it fun and engaging too, right, this is often the checking the box kind of activity, insurance companies require it, but we want to make it something that people want to do and want to engage with so, even last year, I think we did one around the holidays and kind of pointed out the kinds of scams they may expect in their personal life about, you know, shipping of orders and time for the holidays and things like that, so it wasn't just about protecting our school data, it's about the fact that, you know, protecting their information is something do in all aspects of your life, especially now that the folks are working hybrid often working from home with equipment from the school, the stakes are much higher and people have a lot of our data at home and so knowing how to protect that is important, so we definitely run those programs in a way that we want to be engaging and fun and memorable so that when they do encounter those things, especially email threats, they know how to handle them. >> So when you say fun, it's like you come up with an example that we can laugh at until, of course, we click on that bad link, but I'm sure you can come up with a lot of interesting and engaging examples, is that what you're talking about, about having fun? >> Yeah, I mean, sometimes they are kind of choose your own adventure type stories, you know, they stop as they run, so they're telling a story and they stop and you have to answer questions along the way to keep going, so, you're not just watching a video, you're engaged with the story of the topic, yeah, and that's what I think is memorable about it, but it's also, that's what makes it fun, you're not just watching some talking head saying, you know, to avoid shortened URLs or to check, to make sure you know the sender of the email, no, you're engaged in a real life scenario story that you're kind of following and making choices along the way and finding out was that the right choice to make or maybe not? So, that's where I think the learning comes in. >> Excellent. Okay, gentlemen, thanks so much, appreciate your time, Kevin, Drew, awesome having you in theCUBE. >> My pleasure, thank you. >> Yeah, great to be here, thanks. >> Okay, in a moment, I'll give you some closing thoughts on the changing world of data protection and the evolution of cloud object storage, you're watching theCUBE, the leader in high tech enterprise coverage. >> Announcer: Some things just don't make sense, like showing up a little too early for the big game. >> How early are we? >> Couple months. Popcorn? >> Announcer: On and off season, the Red Sox cover their bases with affordable, best in class cloud storage. >> These are pretty good seats. >> Hey, have you guys seen the line from the bathroom? >> Announcer: Wasabi Hot Cloud Storage, it just makes sense. >> You don't think they make these in left hand, do you? >> We learned today how a serial entrepreneur, along with his co-founder saw the opportunity to tap into the virtually limitless scale of the cloud and dramatically reduce the cost of storing data while at the same time, protecting against ransomware attacks and other data exposures with simple, fast storage, immutability, air gaps, and solid operational processes, let's not forget about that, okay? People and processes are critical and if you can point your people at more strategic initiatives and tasks rather than wrestling with infrastructure, you can accelerate your process redesign and support of digital transformations. Now, if you want to learn more about immutability and Object Block, click on the Wasabi resource button on this page, or go to wasabi.com/objectblock. Thanks for watching Secure Storage Hot Takes made possible by Wasabi. This is Dave Vellante for theCUBE, the leader in enterprise and emerging tech coverage, well, see you next time. (gentle upbeat music)

(ethereal music) >> Good morning, everyone, and welcome to theCUBE's day-two coverage of Snowflake Summit '22. Lisa Martin here with Dave Vellante. We are live in Las Vegas at Caesar's Forum, looking forward to an action-packed day here on theCUBE. Our first guest joins us, Bill Stratton, the global industry lead, media, entertainment and advertising at Snowflake. Bill, great to have you on the program talking about industry specifics. >> Glad to be here, excited to have a conversation. >> Yeah, the media and entertainment industry has been keeping a lot of us alive the last couple of years, probably more of a dependence on it than we've seen stuck at home. Talk to us about the data culture in the media, entertainment and advertising landscape, how is data being used today? >> Sure. Well, let's start with what you just mentioned, these last couple of years, I think, coming out of the pandemic, a lot of trends and impact to the media industry. I think there were some things happening prior to COVID, right? Streaming services were starting to accelerate. And obviously, Netflix was an early mover. Disney launched their streaming service right before the pandemic, Disney+, with ESPN+ as well. I think then, as the pandemic occurred these last two years, the acceleration of consumers' habits, obviously, of not just unbundling their cable subscription, but then choosing, you know, what services they want to subscribe to, right? I mean, I think we all sort of grew up in this era of, okay, the bundle was the bundle, you had sports, you had news, you had entertainment, whether you watched the channel or not, you had the bundle. And what the pandemic has accelerated is what I call, and I think a lot of folks call, the golden age of content. And really, the golden age of content is about the consumer. They're in control now, they pick and choose what services they want, what they watch, when they watch it. And I think that has extremely, sort of accelerated this adoption on the consumer side, and then it's creating this data ecosystem, as a result of companies like Disney having a direct-to-consumer relationship for the first time. It used to be a Disney or an NBC was a wholesaler, and the cable or satellite company had the consumer data and relationship. Now, the companies that are producing the content have the data and the consumer relationships. It's a fascinating time. >> And they're still coming over the top on the Telco networks, right? >> Absolutely right. >> Telco's playing in this game? >> Yeah, Telco is, I think what the interesting dynamic with Telco is, how do you bundle access, high speed, everybody still needs high speed at their home, with content? And so I think it's a similar bundle, but it takes on a different characteristic, because the cable and Telcos are not taking the content risk. AT&T sold Warner Media recently, and I think they looked at it and said, we're going to stay with the infrastructure, let somebody else do the content. >> And I think I heard, did I hear this right the other day, that Roku is now getting into the content business? >> Roku is getting into it. And they were early mover, right? They said the TVs aren't, the operating system in the television is not changing fast enough for content. So their dongle that you would slide into a TV was a great way to get content on connected televisions, which is the fastest growing platform. >> I was going to say, what are the economics like in this business? Because the bundles were sort of a limiting factor, in terms of the TAM. >> Yeah. >> And now, we get great content, all right, to watch "Better Call Saul", I have to get AMC+ or whatever. >> You know, your comment, your question about the economics and the TAM is an interesting one, because I think we're still working through it. One of the things, I think, that's coming to the forefront is that you have to have a subscription revenue stream. Okay? Netflix had a subscription revenue stream for the last six, eight, 10 years, significantly, but I think you even see with Netflix that they have to go to a second revenue model, which is going to be an ad-supported model, right? We see it in the press these last couple days with Reid Hastings. So I think you're going to see, obviously subscription, obviously ad-supported, but the biggest thing, back to the consumer, is that the consumer's not going to sit through two minutes of advertising to watch a 22 minute show. >> Dave: No way. >> Right? So what's then going to happen is that the content companies want to know what's relevant to you, in terms of advertising. So if I have relevancy in my ad experience, then it doesn't quite feel, it's not intrusive, and it's relevant to my experience. >> And the other vector in the TAM, just one last follow-up, is you see Amazon, with Prime, going consumption. >> Bill: That's right. >> You get it with Prime, it's sort of there, and the movies aren't the best in the world, but you can buy pretty much any movie you want on a consumption basis. >> Yeah. Just to your last quick point, there is, we saw last week, the Boston Red Sox are bundling tickets, season tickets, with a subscription to their streaming service. >> NESN+, I think it is, yeah. So just like Prime, NESN+- >> And it's like 30 bucks a month. >> -just like Prime bundling with your delivery service, you're going to start to see all kinds of bundles happen. >> Dave: Interesting. >> Man, the sky is the limit, it's like it just keeps going and proliferating. >> Bill: It does. >> You talk about, on the ad side for a second, you mentioned the relevance, and we expect that as consumers, we're so demanding, (clears throat) excuse me, we don't have the patience, one of the things I think that was in short supply during COVID, and probably still is, is patience. >> That's right. >> I think with all of us, but we expect that brands know us enough to surf up the content that they think we watched, we watched "Breaking Bad", "Better Call Saul", don't show me other things that aren't relevant to the patterns I've been showing you, the content creators have to adapt quickly to the rising and changing demands of the consumer. >> That's right. Some people even think, as you go forward and consumers have this expectation, like you just mentioned, that brands not only need to understand their own view of the consumer, and this is going to come into the Snowflake points that we talk about in a minute, but the larger view that a brand has about a consumer, not just their own view, but how they consume content, where they consume it, what other brands they even like, that all builds that picture of making it relevant for the consumer and viewer. >> Where does privacy come into the mix? So we want it to be relevant and personalized in a non-creepy way. Talk to us about the data clean rooms that Snowflake launched, >> Bill: That's right. >> and how is that facilitating from a PII perspective, or is it? >> Yeah. Great question. So I think the other major development, in addition to the pandemic, driving people watching all these shows is the fact that privacy legislation is increasing. So we started with California with the CCPA, we had GDPR in Europe, and what we're starting to see is state by state roll out different privacy legislations. At some point, it may be true that we have a federal privacy legislation, and there are some bills that are working through the legislature right now. Hard to tell what's going to happen. But to your question, the importance of privacy, and respecting privacy, is exactly happening at the same time that media companies and publishers need to piece together all the viewing habits that you have. You've probably watched, already this morning, on your PC, on your phone, and in order to bring that experience together a media company has to be able to tie that together, right? Collaborate. So you have collaboration on one side, and then you have privacy on the other, and they're not necessarily, normally, go together, Right? They're opposing forces. So now though, with Snowflake, and our data clean room, we like to call it a data collaboration platform, okay? It's not really what a data warehouse function traditionally has been, right? So if I can take data collaboration, and our clean room, what it does is it brings privacy controls to the participants. So if I'm an advertiser, and I'm a publisher, and I want to collaborate to create an advertising campaign, they both can design how they want to do that privacy-based collaboration, Because it's interesting, one company might have a different perspective of privacy, on a risk profile, than another company. So it's very hard to say one size is going to fit all. So what we at Snowflake do, with our infrastructure, is let you design how you create your own clean room. >> Is that a differentiator for Snowflake, the clean rooms? >> It's absolutely a very big differentiator. Two reasons, or probably two, three reasons, really. One is, it's cross cloud. So all the advertisers aren't going to be in the same cloud, all the publishers aren't going to be in the same cloud. One big differentiator there. Second big differentiator is, we want to be able to bring applications to the data, so our clean room can enable you to create measurement against an ad campaign without moving your data. So bringing measurement to the data, versus sending data to applications then improves the privacy. And then the third one is, frankly, our pricing model. You only pay for Snowflake what you use. So in the advertising world, there's what's called an ad tech tax, there is no ad tech tax for Snowflake, because we're simply a pay-as-you-go service. So it's a very interesting dynamic. >> So what's that stack look like, in your world? So I've pulled up Frank's chart, I took a picture of his, he's called it the new, modern data stack, I think he called it, but it had infrastructure in the bottom, okay, that's AWS, Google, Azure, and then a lot of you, live data, that would be the media data cloud, the workload execution, the specific workload here is media and entertainment, and then application development, that's a new layer of value that you're bringing in, marketplace, which is the whole ecosystem, and then monetization comes from building on top. >> Bill: Yes. >> So I got AWS in there, and other clouds, you got a big chunk of that, where do your customers add value on top of that? >> Yeah. So the way you described it, I think, with Frank's point, is right on. You have the infrastructure. We know that a lot of advertisers, for example, aren't going to use Amazon, because the retailer competes with Amazon, So they want to might be in Google or Azure. And then sort of as you go up the stack, for the data layer that is Snowflake, especially what we call first-party data, is sitting in that Snowflake environment, right? But that Snowflake environment is a distributed environment, so a Disney, who was on stage with me yesterday, she talked about, Jaya talked about their first-party datas in Snowflake, their advertisers' datas in their own Snowflake account, in their own infrastructure. And then what's interesting is is that application layer is coming to the data, and so what we're really seeing is an acceleration of companies building that application natively on Snowflake to do measurement, to do targeting, to do activation. And so, that growth of that final application layer is what we're seeing as the acceleration in the stack. >> So the more data that's in that massive distributed data cloud, the more value your customers can get out of it. And I would imagine you're just looking to tick things off that where customers are going outside of the Snowflake data cloud, let's attack that so they don't have to. >> Yeah, I think these partners, (clears throat) excuse me, and customers, it's an interesting dynamic, because they're customers of ours. But now, because anybody who is already in Snowflake can be their customer, then they're becoming our partner. So it's an interesting dynamic, because we're bringing advertisers to a Disney or an NBCU, because they already have their data in Snowflake. So the network effect that's getting created because of this layer that's being built is accelerated. >> In 2013, right after the second reinvent, I wrote a piece called "How to Compete with the Amazon Gorilla." And it seemed to us pretty obvious at the time, you're not going to win an infrastructure again, you got to build on top of it, you got to build ecosystems within industries, and the data, the connection points, that network effect that you just talked about, it's actually quite thrilling to see you guys building that. >> Well, and I think you know this too, I mean, Amazon's a great partner of ours as well, right? So they're part of our media data cloud, as Amazon, right? So we're making it easier and easier for companies to be able to spin up a clean room in places like AWS, so that they get the privacy controls and the governance that's required as well. >> What do you advise to, say, the next generation of media and advertising companies who may be really early in the data journey? Obviously, there's competition right here in the rear view mirror, but we've seen services that launch and fail, what do you advise to those folks that maybe are early in the journey and how can Snowflake help them accelerate that to be able to launch services they can monetize, and get those consumers watching? >> I think the first thing for a lot of these brands is that they need to really own their data. And what I mean by that is, they need to understand the consumer relationship that they have, they need to take the privacy and the governance very seriously, and they need to start building that muscle. It's almost, it's a routine and a muscle that they just need to continue to kind of build up, because if you think about it, a media company spends two, three hours a day with their customer. You might watch two hours of a streaming show, but how much time do you spend with a single brand a day? Maybe 30 seconds, maybe 10 seconds, right? And so, their need to build the muscle, to be able to collect the data in a privacy-compliant way, build the intelligence off of that, and then leverage the intelligence. We talked about it a few days ago, and you look at a retailer, as a really good example, a retailer is using Snowflake and the retail data cloud to optimize their supply chain. Okay? But their supply chain extends beyond their own infrastructure to the advertising and marketing community, because if I can't predict demand, how do I then connect it to my supply chain? So our media data cloud is helping retailers and consumer product goods companies actually drive demand into their reconstructed supply chain. So they both work together. >> So you have a big focus, obviously, on the monetization piece, of course, that's a great place to start. Where do you see the media data cloud going? >> Yeah. I think we'll start to expand beyond advertising and beyond marketing. There's really important sub-segments of media. Gaming is one. You talk about the pandemic and teenagers playing games on their phones. So we'll have an emphasis around gaming. We'll have an emphasis in sports. Sports is going through a big change in an ecosystem. And there's a big opportunity to connect the dots in those ecosystems as well. And then I think, to what we were just talking about, I think connecting commerce and media is a very important area. And I think the two are still very loosely connected today. It used to be, could I buy the Jennifer Aniston sweater from "Friends", right? That was always the analogy. Now, media and social media, and TikTok and everything else, are combining media and commerce very closely. So I think we'll start to see more focus around that as well. So that adds to your monetization. >> Right, right. And you can NFT that. (Lisa laughs) >> Bill: That's right, there you go, you can mint an NFT on that. >> It's the tip of the iceberg. >> Absolutely. >> There's so much more potential to go. Bill, thank you so much for joining us bright and early this morning, talking about what snowflake is doing in media, entertainment and advertising. Exciting stuff, relevant to all of us, we appreciate your insights and your forward-looking statements. >> Thank you for having me. I enjoyed it. >> Our pleasure. >> Thank you. >> Good >> Bill: Bye now. >> For our guest and Dave Vellante, I'm Lisa Martin, you're up early with us watching theCUBE's day-two coverage of Snowflake Summit '22. We'll be back in a moment with our next guest. (upbeat music)

>>To the Seaport in Boston, Massachusetts, everybody's buzzing. The Bruins are playing tonight. They tied it up. The Celtics tied it up last night. We're excited. We don't talk about the red Sox. Red Sox are getting struggles, but you know, we have good distractions. Paul goer is here. He's the president and chief executive officer at red hat and also a Boston fan of great to see, of course, you too. >>Nice to see you guys, you know, it's been a, it's been a while. >><laugh> yeah, we saw you, you know, online and virtually for a couple of years there, but, uh, you know, we've been doing red hat summit for a long, long time. Yeah, of course we were talking earlier. It's just much more intimate, kind of a VIP event, a few more suit jackets here. You know, I got my tie on, so I don't get too much grief. I usually get grief when I wear a tie of red hat summit, but it's a different format this year. Compressed keynotes. Your keynote was great. The new normal, sometimes we call it the new abnormal <laugh>, uh, but you know, how do you feel? >>I, I, I, I feel great. First of all, you know, combination today, virtual audience in, in house audience here today. I think we're gonna see a lot of that in the future. I mean, we designed the event around that and I, I think it, I think it played pretty well. Kudos, kudos to our team. You're right. It's, it's, it's a bit more intimate even the way it was set up, but those are the conversations we like having with our customers and our partners, much more partner centric, uh, as well right now, as well. >>You know, we were talking about, you know, hybrid cloud. It was kind of, you know, it was a good marketing term. And, but now it's, it's, it's become the real thing. I've said many times the, the definition of cloud is changing. It's expanding it's no, the cloud is no longer this remote set of services, you know, somewhere up in the cloud, it's on prem connecting to a cloud across clouds, out to the edge and you need capabilities that work everywhere. And that's what red hat did. The market's just swimming toward you. >>Yeah. I mean, you look at it, you know, I was, uh, you know, if you look at it, you know, the clouds are powerful unto themselves, right? The clouds are powerful unto themselves. They're all different. Right? And that that's, I mean, hardware vendors were, were similar, but different, same thing. You need that connective tissue across, across the whole thing. I mean, as I said, in my keynote today, I remember talking to some of our CIOs and customers 10 years ago and they said, we're going 90% of our apps tomorrow to one cloud. And we knew that wasn't practical because of course the clouds are built from Linux. So we knew it was underneath the hood and, and what's happened. It's taken some time, but as they started to get into that, they started to see, well, maybe one cloud's more suited for one application than the other, these apps. You may have to keep on premise, but you know, what really exploded at the, the, the hybrid thing, the edge. Now they're putting things at the edge, the GM announcement tell you, I know you're gonna talk to Francis. Yeah, yeah. Later. I mean, that's, that's a mini data center in, in every cloud, but that's still under the purview of the CIO, you know? So, so, so that's what hybrid's all about is tying all those pieces together, cuz it got more powerful, but it also more complex. >>You mentioned being the connective tissue, but we don't hear as much talk about multi-cloud seems to me, as we used to this conference has been all about hybrid cloud. You don't really talk about multi-cloud. How important is that to the red hat strategy, being that consistent layer? >>It's probably my mistake or our mistake because multi's more prevalent and more important than just hybrid alone. I mean, hybrid hybrid started from on-premise to one part to any one particular cloud. That was the, the first thought of hybrid. But as I said, as, as, as um, some of the cloud providers became so big, um, every, every CIO I talked to, whether they know whether they know it or not most do are in a multi environment for a whole bunch of reasons, right. You know, one cloud provider might be better in a different part of the world. And another one cloud provider might have a better service than another. Some just don't like to be stuck to one it's it's really hybrid multi. We should, we should train ourselves to every time we say hybrid, say multi, because that's really, that's really what it is. It, I think that happened overnight with, with Microsoft, you know, with Microsoft they've, they've, they've really grown over the last few years, so has Amazon for that matter. But Microsoft really coming up is what really made it a, a high, a multi world. >>Microsoft's remarkable what, what they're doing. But I, I, I have a different thinking on this. I, I heard Chuck Whitten last week at, at the Dell conference he used, he said used the phrase a multicloud, uh, by default versus multi-cloud by design. And I thought that was pretty interesting because I've said that multi-cloud is largely multi-vendor, you know? And so hybrid has implications, right? We, we bring and a shesh came up with a new term today. Metacloud I use Supercloud I like Metacloud better because something's happening, Paul. It feels like there's this layer abstraction layer that the underlying complexity is hidden. Think about OpenShift. Yeah. I could buy, I could get OpenShift for free. Yeah. I mean, I could, and I could cobble together and stitch together at 13, 15 dozens of different services and replicate, but I don't, I don't want that complexity. I want you to hide that complexity. I want, I'd rather spend money on your R and D than my engineering. So something's changing. It feels like >>You buy that. I totally buy that. I mean, you know, I, I, I'm gonna try to not make this sound like a marketing thing because it's not, not fair enough. Right. I mean, I'm engineer at heart, you know that, so, >>Okay. >>I really look to what we're trying to do is we're building a hybrid multi cloud. I mean that we, I look at us as a cloud provider spanning the hybrid multi all the way out to the edge world, but we don't have the data centers in the back. Like the cloud providers do in and by that is you're seeing our products being consumed more like cloud services because that's what our customers are demanding. Our, our products now can be bought out of the various marketplaces, et cetera. You're seeing different business models from us. So, uh, you're seeing, uh, committed spend, for example, like the cloud providers where a customer will buy so much up front and sort of just work it down. You're seeing different models on how they're consumed, consumption, based pricing. These, these are all things that came from the cloud providers and customers buying like that. >>They now want that across their entire environment. They don't wanna buy differently on premise or in one cloud and they don't wanna develop differently. They don't wanna operate differently. They don't wanna have to secure it differently. Security's the biggest thing with, with our, with our customers, because hybrid's powerful, but you no longer have the, you know, your security per perimeter, no longer the walls of your data center. You know, you're, you're responsible as a CIO. You're responsible for every app. Yeah. No matter where it's running, if that's the break in point, you're responsible for that. So that's why we've done things like, you know, we cried stack rocks. We've, we've built it into the container Kubernetes platform that spans those various footprints because you no longer can just do perimeter security because the perimeter is, is very, very, very large right now >>Diffuse. One of the thing on the multi-cloud hyper skills, I, I, red hat's never been defensive about public cloud. You, I think you look at the a hundred billion dollars a year in CapEx spend that's a gift to the industry. Not only the entire it industry, but, but the financial services companies and healthcare companies, they can build their own hybrid clouds. Metacloud super clouds taking advantage of that, but they still need that connective tissue. And that's where >>We products come in. We welcome our customers to go to, to the public cloud. Um, uh, look, it's it's. I said a long time ago, we said a long time it was gonna be a hybrid. Well, I should have said multi anybody said hybrid, then it's gonna be a hybrid world. It is. And it doesn't matter if it's a 20, 80, 80, 20, 40, 60, 60, 40. It's not gonna be a hundred percent anywhere. Yeah. And, and so in that, in that definition, it's a hybrid multi world. >>I wanna change the tune a little bit because I've been covering IBM for 40 years and seen a lot of acquisitions and see how they work. And usually it follows the same path. There's a commitment to leaving the acquire company alone. And then over time that fades, the company just becomes absorbed. Same thing with red hat. It seems like they're very much committed to, to, to leaving you alone. At least they said that upon the acquisition, have they followed through on that promise? >>I have to tell you IBM has followed through on every commitment they've made, made to us. I mean, I, I owe it, I owe a lot of it to Arvin. Um, he was the architect of the deal, right. Um, we've known each other for a long time. Um, he's a great guy. Um, he, uh, he, he believes in it. It's not, he's not just doing it that way because he thinks, um, something bad will happen if he doesn't, he's doing it that way. Cuz he believes in that our ecosystem is what made us. I mean, I mean, even here it's about the partners in the ecosystem. If you look at what made REL people think what made red hat as a company was support, right. Support's really important. Small piece of the value proposition life cycle supports certainly their life cycle a 10 year life cycle just came out of a, a, a customer conference asking about the life cycle and could we extend it to 15 years? You know? Um, the ecosystem is probably the most important part of, of, of, of the, of the overall value proposition. And Arvin knows in IBM knows that, you know, we have to be neutral to be able to do everything the same for all of our ecosystem partners. Some that are IBM's competitors, even. So, >>So we were noticing this morning, I mean, aside from a brief mention of power PC and the IBM logo during, at one point, there was no mention of IBM during the keynote sessions this morning. Is that intentional? Or is that just >>No, no, it it's, it's not intentional. I mean, I think that's part of, we have our strategy to drive and we're, we're driving our, our strategy. We, we, we IBM great partner. We look at them as a partner just as we do our, our many other partners and we won't, you know, we wouldn't, we wouldn't do something with our products, um, for I with IBM that we wouldn't offer to our, our entire ecosystem. >>But there is a difference now, right? I don't know these numbers. Exactly. You would know though, but, but pre 2019 acquisition red hat was just, I think north of 3 billion in revenue growing at maybe 12% a year. Something like that, AR I mean, we hear on the earnings calls, 21% growth. I think he's publicly said you're north of 5 billion or now I don't know how much of that consulting gets thrown in. IBM likes to, you know, IBM math, but still it's a much bigger business. And, and I wonder if you could share with us, obviously you can't dig into the numbers, but have you hired more people? I would imagine. I mean, sure. Like what's been different from that standpoint in terms of the accelerant to your >>Business. Yeah. We've been on the same hiring cycle percentage wise as, as we, we always were. I mean, I think the best way to characterize the relationship and where they've helped is, um, Arvin, Arvin will say, IBM can be opinionated on red hat, but not the other way around <laugh>. So, so what that, what that means is they had a lot of, they had, they had a container based Linux platform. Yeah, right, right. They, they had all their, they were their way of moving to the cloud was that when we came in, they actually stopped that. And they standardized on OpenShift across all of their products. We're now the vehicle that brings the blue software products to the hybrid cloud. We are that vehicle that does it. So I think that's, that's how, that's how they, they look about it. I mean, I know, I mean in IBM consulting, I know, I know they have a great relationship with Microsoft of course. >>Right. And so, so that's, that's how to really look at it. They they're opinionated on us where we not the other way around, but that, but they're a great partner. And even if we're at two separate companies, we'd do be doing all the same things we're doing with them. Now, what they do do for us can do for us is they open a lot of doors in many cases. I mean, IBM's been around for over a hundred years. So in many cases, they're in, in, in the C-suite, we, we may be in the C suite, but we may be one layer down, one, two layers down or something. They, they can, they help us get access. And I think that's been a, a part of the growth as well as is them talking into their, into, into their >>Constituents. Their consulting's one of the FA if not the fastest growing part of their business. So that's kind of the tip of the spear for application modernization, but enough on IBM you said something in your keynote. That was really interesting to me. You said, you, you, you didn't use the word hardware Renaissance, but that my interpretation was you're expecting the next, you know, several years to be a hardware Renaissance. We, we certainly have done relationships with arm. You mentioned Nvidia and Intel. Of course, you've had relationships with Intel for a long time. And we're seeing just the spate of new hardware developments, you know, does hardware matter? I'll ask you, >>Oh, oh, I mean the edge, as I said, you're gonna see hardware innovation out in the edge, software innovation as well. You know, the interesting part about the edge is that, you know, obviously remade red hat. What we did with REL was we did a lot of engineering work to make every hardware architecture when, when it was, when, when the world was just standalone servers, we made every hardware architecture just work out of the box. Right? And we did that in such, because with an open source development model. So embedded in our psyche, in our development processes is working upstream, bringing it downstream 10 years, support all of that kind of thing. So we lit up all that hardware. Now we go out to the edge, it's a whole new, different set of hardware innovation out at the edge. We know how to do that. >>We know how to, we know how to make hardware, innovation safe for the customer. And so we're bringing full circle and you have containers embedded in, in Linux and REL right now as well. So we're actually with the edge, bringing it all full circle back to what we've been doing for 20 plus years. Um, on, on the hardware side, even as a big part of the world, goes to containers and hybrid in, in multi-cloud. So that's why we're so excited about, about, about the edge, you know, opportunity here. That's, that's a big part of where hybrid's going. >>And when you guys talk about edge, I mean, I, I know a lot of companies will talk about edge in the context of your retail location. Okay. That's fine. That's cool. That's edge or telco that that's edge. But when you talk about, um, an in vehicle operating system, right. You know, that's to me the far edge, and that's where it gets really interesting, massive volumes, different architectures, both hardware and software. And a lot of the data may stay. Maybe it doesn't even get persisted. May maybe some comes back to the club, but that's a new >>Ballgame. Well, think about it, right? I mean, you, if you listen, I think you, right. My talk this morning, how many changes are made in the Linux kernel? Right? You're running in a car now, right? From a safety perspective. You wanna update that? I mean, look, Francis talked about it. You'll talk to Francis later as well. I mean, you know, how many, how many in, in your iPhone world Francis talked about this this morning, you know, they can, they can bring you a whole new world with software updates, the same in the car, but you have to do it in such a way that you still stay with the safety protocols. You're able to back things out, things like that. So it's open source, but getting raw upstream, open source and managing itself yourself, I just, I'm sorry. It takes a lot of experience to be able to be able to do those kinds of things. So it's secure, that's insecure. And that's what that's, what's exciting about it. You look at E the telco world look where the telco world came from in the telco world. It was a hardware stack from the hardware firmware operating system, every service, whether it was 9 1, 1 or 4, 1, 1 was its own stack. Yep. In the 4g, 3g, >>4g >>Virtualized. Now, now it's all software. Yeah. Now it's all software all the way out to the cell tower. So now, so, so now you see vendors out there, right? As an application, as a container based application, running out, running in the base of a cell tower, >>Cell tower is gonna be a little mini data >>Center. Yeah, exactly. Because we're in our time here asking quickly, because you've been at red hat a long time. You, you, you, uh, architected a lot of the reason they're successful is, is your responsibility. A lot of companies have tried to duplicate the red hat model, the, the service and support model. Nobody has succeeded. Do you think anybody ever will or will red hat continue to be a unicorn in that respect? >>No, I, I, I think, I think it will. I think open source is making it into all different parts of technology. Now I have to tell you the, the reason why we were able to do it is we stayed. We stayed true to our roots. We made a decision a long time ago that we weren't gonna put a line, say everything below the line was open and above the line was closed. Sometimes it's hard sometimes to get a differentiation with the competition, it can be hard, but we've stayed true to that. And I, to this day, I think that's the thing that's made us is never a confusion on if it's open or not. So that forces us to build our business models around that as well. But >>Do you have a differentiated strategy? Talk about that. What's your what's your differentiation >>Are, are, well, I mean, with the cloud, a differentiation is that common cloud platform across I differentiate strategy from an open source perspective is to, to sort make open source consumable. And, and it's even more important now because as Linux Linux is the base of everything, there's not enough skills out there. So even, even a container platform like open source op like OpenShift, could you build your own? Certainly. Could you keep it updated? Could you keep it updated without breaking all the applications on top? Do you have an ecosystem around it? It's all of those things. It was, it was the support, the, the, the hardening the 10 year to predictability the ecosystem. That was, that was, that is the secret. I mean, we even put the secret out as open. >>Yeah, <laugh> right. Free, like a puppy, as they say. All right, Paul, thanks so much for coming back in the cubes. Great to see you face to face. Nice to see you guys get it. All right. Keep it right there. Dave Valante for Paul Gill, you're watching the cubes coverage of red hat summit, 2022 from Boston. Be right back.

(uplifting music) >> Welcome to this CUBE conversation. In this segment, we're going to talk about the future of IoT and the critical role semiconductor technology plays in shaping this exciting space. As we've reported on our Breaking Analysis segments, the fabulous chip company enabled by the ARM ecosystem has permanently changed the semiconductor industry. Intel's fateful decision in the mid-2000s to pass on the chip design for the Apple iPhone was an ironic reminder of IBM's decision to outsource the microprocessor for the original IBM PC to Intel. In both cases, the market leader didn't appreciate the tectonic industry shifts that were possible, and importantly, the impact that volume economics would have on the power structure of the entire industry. Now fast forward today, and we believe ARM wafer volumes are 10X those of the general purpose x86. This means that the ARM ecosystem is on a cost curve that is unmatched in the business. Moreover, as we've reported, the ARM ecosystem is blowing away the historical performance curves that we've seen in the chip industry, AKA Moore's law. Whereas for years, the x86 performance curve grew roughly at 40% per annum has now moderated to the low thirties. Over the past five years, as evidenced by the progression of Apple's A series chip, based on ARM, when you observe the combined performance of the CPU, the GPU, the NPU, the XPU, DSPs, accelerators, et cetera, the alternative processors in combination have driven the average annual performance improvement to over a hundred percent per year. This is an astounding achievement. Why is this so important to IoT? Well, the edge is projected to be the next trillion dollar market. We believe we'll see a world with more than a trillion devices. And as we've reported, IoT use cases are going to require specialized and distributed processing power. And lots of it. AI Inference at the edge will enable real-time action and embedding intelligence in the chips that when the edge will be high performance, low power, inexpensive, and programmable with a much faster time to market profile than historical semiconductor cycles. We're already seeing that with companies like AWS, Apple, Tesla, and peer, and others going from design to tape out and under two years versus the historical norm of let's say four years to be generous. And with me to discuss innovation in IoT and some big news from the 2021 ARM's summit is Mohamed Awad, who is the vice president of IoT and embedded at ARM Mohamed. Good to see you. Thanks for coming on. >> Thank you. Thanks. I really appreciate the opportunity to have you. >> So, You're welcome. So tell us about your, your role at ARM. I know you were responsible for infrastructure previously and now sort of extended to, to IoT and embedded. Tell us more about. >> Yeah, sure. So I've been with ARM for a little over three years now. I started working with the infrastructure team when I was, we worked on a lot of different initiatives and one of the things that we launched was on Neo verse. And we went on to do some interesting things there, as, as I mentioned, we're making some great traction in the infrastructure space, but a year ago I took on the role to you ought to head up arms IOT and embedded business. And, you know, it's, it's interesting because my, my career really started in IOT and embedded. I was in the Boston area working for companies like Lucent Nortel, and then eventually I remembered very early IOT startup. So that was, that was 25 years ago now. But, but I still got roots in the Boston area. So I like your, like your hat in the back now. >> Yeah. Right. Go, go Sox. >> Go Sox. >> So how did we get here, you mean, you've had a lot of experience in embedded IOT, which is relatively new term to most people. It sort of evolved from a period of, you know, you had instrumentation for at least some components of, of the system. And then we focused on conductivity. But as I was saying in my upfront narrative, we're really now embedding AI and it's it's intelligence, but so there's phases. How do you see the progression in terms of how we got to where ARM is today in IOT? >> Yeah, it's really interesting because if you think about, if you think about ARM, then you really just think about IOT, you know, as you said, IOT started off with, Hey, let's, let's stick a microcontroller in everyday devices, you know, stick a micro controller to something like a vending machine, and then we went on and said, well, hey, what if we could remotely control that device for gathering data from that device, and then we, so we entered this phase of, you know, what we like to call interconnectivity, right, And that was all about, you know, connecting these devices with, with things like, you know, low power Bluetooth, or, you know, even now low latency 5G. And what's interesting is that, you know, together the work of the Arm ecosystem has done over the years has really solved the problems of how to add microcontrollers that connects the devices. I mean, that those problems have largely been solved for a lot of the reasons that you described earlier, which is, you know, we focused on lowering the barrier for folks to come in and innovate around sort of a core technology and, and lots of innovation happened as a result of that. We're entering this new phase now, which is really about, you know, you've got all these devices out there which can easily be connected, they've got microcontrollers or, or, or technology in them, which allows them to, to be intelligent. But how do we really extract the level of kind of AI intelligence out of those devices? Ultimately, what we're trying to do is, is, you know, the industry needs to figure out how to derive intelligence from the smallest sensor, all the way up to the largest cloud data center, you know, and, and, and that means local intelligence. It means regional intelligence, and it means global intelligence, you know, the potential is enormous, but the challenge is pretty enormous as well because of all those diversified use cases, all the diversified devices, all the, all of the sort of scale sort of number of platforms that we're talking about, and that that's really what, we're, what we're excited to kind of go work on, work on that. >> It is exciting. I mean, just the it's mind boggling the, the capabilities, the processing capabilities of this distributed world that we're, we're, we're evolving towards. Let's talk about the hard news of why are you announcing what you're announcing, I mean, what are the trends that are sort of informing that maybe you could hit some of the highlights of the announcement and give us a key details? >> Yeah, sure. So, so when we announced his ARM, total solutions for IOT, and that's really made up of three things, my favorite part is on virtual hardware. Our virtual hardware is all about making available a virtual representation of, of devices in the cloud for lots of developers to use. And I'll, I'll get to that in a minute, but I think, you know, in order to understand that you have to kind of understand the broader context of what ARM total solutions are. It starts with pre-integrated pre verified IP package. You talked earlier about how design cycles we're looking to accelerate people were looking to develop a Silicon much faster. Part of what we were doing at ARM is we're actually taking, you know, pre-integrated pre verified IP packages and call those ARM corstone. We're making those available to the market. So we give those to our Silicon partners, and then they can use that. They might include an neuro processing unit, a CPU. They might include the interconnect, all the, kind of the base IP. And then our Silicon partners can use that as a jumping off point so that they can quickly get Silicon to market. That's the first part of the news, which is, you know, we're doubling down on that too. Now, you know, in the last three years, we've had over 150 different designs, which have used our ARM core stone products. So moving forward, we're going to make that foundational to how we deliver IOT technology to the market. But the second part of it, which is, which is super exciting, is that not only are we going to accelerate the time to market for our Silicon partners, we're also making a virtual representation of that underlying core stone design available in the cloud for software developers all around the world to use at the same time that IP is ready. So at the same time, we hand IP to our Silicon partners. We're making a virtual representation in the cloud. So software developers can start. Now, let me just take a step back here and make sure that, you know, everyone kind of understands how, how big of a deal this is, right before the way this used to work, I would hand the IP to a Silicon partner. It would take them, you know, 18 months, maybe two years to get a piece of Silicon in market. And then a board manufacturer would have to go off. And then only maybe three or four years later, could the software developers start five years to get a product to market what we're doing here with ARM total solutions. We cut that five years down to three years, so we can massively accelerate time to market. And then the third part of what ARM total solution is, is something we call projects Centaury Project Centaury is about putting in place a set of standards to it's an ecosystem initiative, which puts in place a set of standards, reference software and, and specifications around things like security and how devices should communicate with, with, you know, the operating system or cloud service providers that allows that allows software developers to get a level of reuse and leverage. So, you know, today in the IOT, every time you develop a piece of software, you're going to develop it over and over again. But what we're talking about here is they can develop it once and, and be able to apply. And we use a lot of that software over and over again, the same way they do in other markets like infrastructure. >> Love it. So, okay. I want to ask you if that, if there's a blueprint there that we can, we can learn from, but before we do that. So if I, if I go back to the three items that you mentioned, so for example, one of your licensees can say, okay, I want to take just the standard components, the CPU, whatever, but I might want to customize the neural processing unit, as you said, and they have the flexibility to do that at the same time when they, when they bring it to the Foundry, because it's a standard platform that, you know, what's going to work, that's kind of a nuance that maybe people maybe don't fully appreciate, but am I getting that right? That standard platform has dramatically changed the industry. >> Yeah, that's right. I mean, the idea is, is that, you know, we take these, these IPS, we integrate them together. We verify them, we designed it as a subsystem. We target specific use cases, and then we make them available. Our partners are certainly free to go off and make modifications to it. They see fit. But when we hand it to them, it's ready to go. And that's the idea. >> Yeah. And then the point about the being able to, to give developers access in the cloud, and we've often said that, you know, the developers are going to shape IOT. And so I think what you're saying is essentially instead of this linear process, where you can get dependent on the previous one being done, you're actually parallelizing. If you will, the innovation. >> Yeah. That's exactly right. And I, and I'd actually take it one step forward. There's a, there's a subtlety there, which I didn't comment on, which I think it's important to call out, which is not only are we parallelize them, but we're enabling what I'll call modern development methodology. Right. You know, the way that development is done in areas like mobile and the cloud data centers, they use agile workflows, things like continuous integration, you know, broad-based testing as they go along. That's very different than the way that embedded development is done today. Embedded development today is done the same way. It was 25 years ago. You get a board on your desk, you mess around with a bunch of jumpers and cables and wires, hope you did it right. And then you write your software and you hope the hardware guy doesn't want to revise the hardware because then you're going to start all over again. Right. You know, the last thing that you'd want to do is set up a hardware form, right? Lots and lots of different hardware to go off and test over and over again. Now with virtual hardware, you can move all of that to the cloud. All that complexity goes away and you've massively reduced the investment required for software developers to get going and allow them to take on these more modern techniques. >> Well, Mohammed, thank you for clarity clarifying that, that nuance, because we're going to see a Renaissance in the way that that embedded development occurs. And I'm curious as to how you think about that in terms of you, because you're going to have a whole new breed of developers come in with, you know, the cloud developers, if you will. They have, they see IOT as a massive opportunity as well. You're going to see the, I would presume the embedded ecosystem. Up-skill a much in the same way you're seeing, you know, ops dev or dev ops or IT people, you know, learn Python to you know, to up-skill. And so you're going to see like a two vectors of innovation in terms of developers coming together. How do you see that? >> Yeah, that's exactly right. And that's exactly what we're driving to. And when we talk about this, we talk about changing the economics of IOT. That's exactly why, because what we, what we're saying is that, Hey, you can have all this massive innovation that can be unleashed from all these developers that didn't have access to these devices before. And you can also take all these embedded devices, embedded developers and make them so much more efficient with these new modern, modern development methodologies. A combination of those two things is going to, you know, not only is it going to lower the cost of development, but it's going to spur a massive amount of new innovation and all, you know, all new products and services, right. We really think can unleash the potential of IoT. >> So step back a little bit, help us understand kind of how you came to this, your strategy. You mean, what were the friction points or what are the friction points that you see in IOT and embedded in terms of being able to, to, to, to scale this capability? >> Yeah. Yeah. It's a good, it's a great question. And I got to tell you, we, we, when so when we, when I came, when I came into this role, you know, the first thing you do is you go off and talk to customers and partners, and you try to understand how people are using. But most of the time, when people think of ARM, they think of us as, Hey, they're the guys that are off talking to the Silicon partners are talking to the hardware guys. And we absolutely do. We have strong relationships with all of the Silicon partners, but because of our place in the ecosystem, you know, as a, as a company, which, you know, we've got shipped over 70 billion cortex spend devices today, you know, we underpinned, you know, the IOT basically runs on us. And so a lot of what we do too, is we talked to the software ecosystem. We talked to OEMs, and we talked to service providers looking to capitalize on all of that, you know, on the, on the depth and breadth of our ecosystem. And when I talked to OEMs, and when I talked to software service providers, two things became really clear. The OEM is wanting to find a faster path to market. They're like, it just takes too long for us to get our products to market. We need to figure out how to streamline it. So that was one. When I talked to the software service providers, they came to us with a little bit of a different problem. What they said is like, Hey, we really want to deploy software and services across this, this IOT edge space, but it's just so diverse. And so massively complex, you know, everybody's got a different view on thing. Can you help us, like, where's the, your, the common denominator, can you help us figure out how to attack this problem? And that's really what drove, what drove us. Right. >> Awesome. Let's talk a little bit more about some of the announcement, details, project Centaury particular, what are some of the things that you want people to really appreciate, and specifically, what does it mean to the ecosystem? I mean, you touched on it a little bit, but I don't know if you have any examples or customers and, and, and maybe also Mohamed, if you could help us understand how it relates to other arm projects like Cassini. >> Yeah, sure. So project, so, so, so two things. So first of all, let me just talk to what, what, what projects Centaury. So project Centaury is really looking to, you know, help enable a level of, of software leverage across that diverse M class devices that are out there in class with our microcontroller devices that are out there. And so it's really made up of 3, 3, 3 parts. One part is, is all about security. So it uses a PSA and our PSA certified framework, including TFM trusted firmware. So this is our security framework that we've put forward. And then our, the PSA standards initiative that's out there in the marketplace, you know, in all of the efforts that we bring to bear on that, the second part of it is, is around open CMSIS, and, and open CDI CMSIS, which is really, which is really about standardizing aspects about how software is delivered to an IOT device packaged and delivered. It's also about things like how any our thoughts. So any real-time operating system or any cloud service provider, you know, can be accessed from the device. So the idea is, is that a, you know, today, if you think about the way that this works, if you're a Silicon provider, you're a fiber manufacturer, you have to go off and support multiple different clubs, service providers. You may want to support multiple different operating systems, depending on you know, which, which, you know, which particular OS you're interested in. And, and what we're trying to do with, with, with, with projects Centaury is to specify key attributes of the services that exist down on your, on your Silicon, so that you can more easily integrate with, you know, whatever OS you want, whatever service provider you want on whatever hardware you want. It's still allowing plenty of differentiation. So it's not like we're saying, Hey, this is how you actually do over the air updates. For example, rather, what it's saying is that, Hey, this device supports over the updates. If you're going to ask for that service, here's how you present yourself. And that allows a level of software portability that you just didn't have in the IOT space previously. >> Right. And then the licensee can tune that to their specific use case and add their own value. Right. And so, again, go back to the thing we talked about before they, they know what's going to work and they can give it to the, Foundry and say, make this according to the spec and the Foundry's ready for it. That's how we've seen such massive volumes. I want to ask you about security. You, you touched on that. Do you leverage realms in this, or is that not in scope? Is that like. >> No, that's more of a, that right now, that's more focused on our A-class and V9 stuff. And you actually asked about project Cassini a little bit earlier. You know, project Cassini is really our initiative, which is focused on our A-class devices. So our A-class devices typically run a, you know, what I'll call a rich OS like a Linux or whatever. And it's really designed for allowing the level of virtualization and allowing a level of, of, of, of, of shared resources between different containers on, on an A-class type system that you can easily deploy and, and leverage the A-class device resources from, by, by different, by different workloads. >> The reason I asked, I'm trying to Mohamed connect the dots between mobile as kind of a blueprint, which can occur for IOT. I think that's maybe, but even some of the stuff that's going on in the data center, it's particularly as it relates to data intensive workloads, some of the work that we've seen that, you know, AWS do, and, you know, offloads, we're seeing, you know, all the new, like all the modern storage and networking and security offloads in the data center are moving to ARM. And it just seems like the use cases for ARM are exploding. And I'm wonder if he can help us connect the dots into IOT, which could, which could do or follow all of these markets. >> Yeah. I mean, what's interesting what we saw happen in mobile and what we saw happen in the infrastructure, what we see happening in both of those markets is that by creating a level of consistency in how software can be deployed on these devices, whether that's with the, you know, with the mobile phone and the ARM ecosystem and a mobile phone, or all the way through to the data center, what you've done is you unleashed a tremendous amount of innovation, you know, in the mobile space. There's something like 3 million apps out there today, right. And thousands of different smartphone models, you know, could you imagine if every one of those app developers had to test their application on every mobile phone in order to be sure that it worked, you know, you'd have a lot less innovation, a lot less, you know, a lot less, a lot less scale and a lot less, a lot less applications. So what we're talking about here is trying to unleash that same amount of value by creating that consistent. So that's a clear lesson we learned from, from both mobile and from, from infrastructure. The other thing that's clear is that a lot of these markets you've got, back to the idea of, of parallelized development flows and, and subsystems, and that's directly kind of what we're seeing in, in what we're putting forth in, with, ARM total solutions. >> Yeah. You know, it's kind of buzz wordy and people who watch my program know I'm a kind of a fan of the R model, but, but you talk about the new IOT economy. In my view, you're actually an underpinning of that economy. I mean, everybody talks about it, this multi-trillion dollar opportunity, but, but how do you think about this, this new economy? And we've obviously touched on it, but IOT, the edge it's really taking, taking shape now and becoming real. >> Yeah. I, I think that the idea here, when we talk about a new IOT economy, very clearly what I'm referring to is this idea that, you know, you've got today, you've got a lot of potential, which is lost because, you know, your you're limited to just the, a vertically integrated solution. Software is vertically integrated on the, on the specific hardware and the, the barriers and the cost to investing in that hardware from a software perspective is just, it's just too high given, given the sort of scale that you get with that software after the fact. So we're addressing that in two vectors or simplifying it, so that lots of different developers, you know, that developer that's sitting at the coffee shop can spin up an AWS instance with our ARM virtual hardware on it and write an app while they're sitting there. And at the same time, they can access a much broader set of devices than they would've been able to otherwise, if it's not, you know, it's not dissimilar, you know, I hate to keep going back to mobile, but it's not dissimilar from the mobile space where if you think about 15 years ago, when all of the applications that were written on your mobile phone were written by the phone manufacturer, you had a limited number of applications, and sure a phones were a great thing, but it was nothing like it is today. It was a mobile phone economy. Today, when you think about mobile, you know, mobile really underpins the financial economy. It underpins, you know, transport, the transportation economy. It underpins how we communicate with everybody, with social networks and it, and it's really taken a sort of life of its own in lots of different ways. It's not really a mobile economy. It is the economy. And we think IOT can be even larger than that. Right? >> Yeah. You know what I mean? Our industry has a tendency to hype a lot of new waves, but they certainly didn't, over-hype mobile. I mean, everybody, you know, migrated toward mobile. That's why I think it's such a relevant conversation. And so adaptable to IOT at the cloud as well, data as well. You know, they, they were probably under hyped. If anything, social, maybe we can put over here in a bucket, there's a lot, a lot of Friction. But those other three in terms of sort of enterprise and the edge. And I think, you know, from, from what we can see ARM has really in the ecosystem has, has completely and permanently altered the shape of the industry. It's a very exciting time. And I think the best is yet to come Mohamed. I really appreciate you coming to the cube. Thanks so much. >> No, I, I really, I really appreciate, I think thanks for taking the time. All right. >> Thank you for watching this CUBE conversation. This is Dave Vellante. We'll see you next time. (casual uplifting music)

Upbeat Music >> From the Bellagio Hotel in Las Vegas, it's theCUBE. Covering UiPath FORWARD IV. Brought to you by UiPath. >> Live, from Las Vegas, it's theCUBE at UiPath Forward IV. Lisa Martin here with Dave Vellante. Day 2 of our coverage. We've been getting a lot of really great perspectives on automation and how it is impacting, significantly, every industry. We're pleased to have, from the keynote stage, Junaid Amed, the corporate Vice President of Finance at Applied Materials. He's going to talk us through why you have a why-can't-we-automate-it-all attitude. Junaid, welcome to the program. >> Thank you so much. Pleasure to be here. >> So you have a really aggressive strategy for digital transformation automation led digital transformation. Your keynote this morning was great. It was, I just thought, strategically, it was so well thought out. And then, when you got up here before we went live, you started talking about how fast the time frame was. >> Yes. >> Give the audience an overview of the strategy, what you're aiming to do and how quickly you're expecting to see change. >> Yeah, absolutely. So when we set out, when we launched about two and a half years ago, the company had doubled in size the prior five years. We were looking for it to double again. We were honest with ourselves, with the CFO and the finance leadership team, could we support the new wave of growth? And the answer is no. Okay, what do we do? We knew we had to do something, not just more things but take a complete new view on things. That's how this whole initiative got incubated. And we took a bold approach. We said, we don't want just to cover the next five years, let's cover the next 20 years. Set ourselves up to make sure we do this right for the company and for our people. So, we basically set some very ambitious goals. Which is, the key KPI that we set at our true north is, we're going to get 50 % of finance work effort, all oriented around decision support. That's what helps move the needle for the company. Sure, we have our responsibilities to close the books, to do all the transactional stuff, to do all the reporting stuff. We will do that. But that can't be the mainstay anymore. That's just table stakes. And the business is screaming for this. It's just that we didn't have the levers and the tools to be able to do it. To pivot. But given the technological advancements, we said, "This is possible now." And that's- >> I think we have to set the table here with your industry. Because you started your journey to PA automation in 2019. >> Yes. >> You participate in one of the most challenging, if not the most challenging, industry on the planet. >> Junaid: Hundred percent. >> Everybody, I don't know, maybe not the insiders but everybody else missed, absolutely no, the insiders missed it too. What was the impact of the pandemic, right? And now, chips are every part of our lives. We've got this massive chip shortage. And you know, Wall Street missed it. They said, "Oh, sell Applied Materials. Sell every semiconductor company." And then they realized, "Oh wow," kind of late into the cycle, that this is like a multi-year, perhaps a decade long transition to, maybe this never ending demand, who knows? So that's the backdrop of your business. That was driving it. What was it like inside your company? >> So Dave, you know, what we could see, obviously we couldn't predict the pandemic. We could see long term growth, right? Really tangible market inflection on the back of AI big data. If you want to say where we made a big bet as a company? We went all in on AI. Right? We believed in that growth, at a time when I think not everyone was so convinced. Okay, is this going to be- How strong is this going to hit us? So, we had the benefit of going all in on AI and saying this is another big computing wave. The next big wave of computing. Coming off of mobile and social media. And Gary Dickerson, our CEO, bet the company that we're going to enable this growth. This is real. This is going to touch the whole global economy. So yes, that's a bet, a successful bet, the company made. No one could foresee what would the pandemic do but we had the good fortune of saying we were reacting to the growth, that we were committed to service. And we knew we had to get ahead of it. So we quickly organized and got finance, our organization well positioned to successfully support the company. Now, we got hit with the pandemic. Luckily for us, we're proactive and then, you know what we did? We accelerated. >> So your move to automation was an offensive move- >> Junaid: Hundred percent. >> Not a panic move to respond to a pandemic. >> Hundred percent. What do investors want? Operating leverage. Operating leverage. >> Yeah. >> Okay. And then, right now all the models have a certain baseline. Size of company, complexity. Okay, you need a certain amount of leverage coming out of this model. The models are going to change. Those that don't change ahead of the models, they're going to play catch up. It's not a fun ride. We wanted to be ahead. >> Well, I mean, talk about operating leverage. You're a company with what? 120+ Billion dollar market cap. You've got a 20+ Billion dollar revenue and you sell extremely expensive equipment. >> Extremely. >> And then a 5X revenue multiple. That's a trailing revenue multiple. I mean that's, that's impressive. That's operating leverage. >> Yes and but the bar keeps moving. You've got to stay ahead, right? You've got to be a leader. We're a leader. We've been a leader for five decades. It's the leadership mindset, I would say, in the company and our leadership team, that really propelled us towards this. The leadership of our CFO, Dan Durn, who invested. He made a bet. No one, you know, now we're sitting here, over almost 300,000 hours automated. We didn't have the playbook when we did it. >> You created the playbook. >> We created the playbook. >> Talk to me about the appetite, because obviously aggressive leadership, bold leadership, talk to me about the appetite to be able to be able to transform so quickly. Such that when, as Dave said, you're on the offensive, such that when the pandemic came, you leveraged that as an accelerator of what you've already been doing. Because culturally, that's challenging for folks to get on board to. How did you do that? >> I have to say, it is challenging. And it's at time's it feels counter-intuitive. We were going through the pandemic. We were having a large M&A integration happening, okay and we're transforming finance. And we're a resource constrained organization. Then you tell your people, "We've got more work to do. Transformation." And you're like, "Is that the right thing to do? Isn't everyone going to leave?" But when you dig deep, you say, "How do you get mind share?" How do you, first of all, you have to get people to see the value and then you have to make sure you do it fast enough, where they want to stick around. It's counter-intuitive. "Hey, we're going to launch this new platform. It's going to take three and half years. All right everyone, we're going to do this." What happens? People are like, in-out. Okay yeah, it'll come, we'll deal with it. Then instead, you say, "Hey, we're going to transform the way we plan. Completely. Top to bottom. 10 months. We're going to do it. Here's what you're going to be at your hands- Here's what you're going to have at your disposal in 10 months, all right? Oh, by the way, we're just showing you the high level. You get to really design. What do you want?" Now, when you have credibility, street cred with your organization, and you come out and say, "I'm going to give you top to bottom agility around forecasting and you get to have input on what you really want." Now people get excited. Like, "Oh, I'm going to work 25% more but wait a second, I'm really excited about what I get at the end of 10 months." >> So, the world was betting several years ago on the consolidation of fabs. "Oh, that's bad for Applied Materials." The exact opposite happened. You know, ARM changed the model, WAYFA volume's going through the roof. Now Intel is basically following that playbook, which is wonderful, they're breaking ground in Arizona. Which is, you have these massive tailwinds behind you. So I'm interested in how you forecast that and what role automation plays in that forecasting. >> Well, if you think about it, the fundamental demand isn't changing. Capacity has to go in. People think, wait a second, so and so is going to build less or whatever, The capacity, maybe geographically, is going to get dispersed out but it still has to go in. So I think it doesn't change the fundamental demand statement. Then, how does automation play into- I just thing that the fundamental nature and pace of business is changing. For us. And our customers are going through the same. So we have to be more reactive, we have to be able to respond to their needs. That whole thing cascades down into the organization. All the way deep into finance analyst forecasting, right? So, if everyone has to work off a weekly, monthly, quarterly cadence, you're too slow. Too late. Doesn't matter how good your plan is. It's old. It's stale. We're moving into a time and era where everything happens realtime. It always happened realtime but we just never had the tools to react realtime. Now, we have realtime business performance, enterprise grade dashboards. Any minute of the day you can see what the revenue forecast is, what the margin associated with that is. Yes, when we get into the official commit cycle everything firms up but it's not the big crank, right? You're fine tuning the knobs now. Which is great. What do you want in a plan? You want greater optionality. Is there a perfect plan? Of course there isn't. What is the North Star of forecasting? Give me as much options as- viable options and then let me decide. Because there's trade-offs. There's no one perfect plan. But you were limited. It just took too long to put a plan together. So you had very small degrees of freedom around it. Viable plans. We're changing all of that. >> This might be out of your swim lane but you had a slide up today and it had the IT in the middle- >> Yes. >> So technology's fundamental. And then, you had the elephant. The Hadoop elephant in the room. So I have to ask you, you guys announced this thing earlier this year called AI to the power of X, actionable insights. I remember reading about it, it's like you're collecting data across all the estate. So I'm like, wow this is a data company. Becoming a data company. So we've been talking a lot and of course the CFO purview is the reporting and I get that. The close, daily close, virtual close, all that. But then there's this whole line-of-business data play. >> Yes. >> And I'm wondering how automation fits there. I mean, that's got to be part of the vision. >> Yeah. Now, I can't speak to the capabilities you're talking to but we are leveraging some of that infrastructure, right? We have amazing IT organization. I have to say, we within Applied, we're a latecomer. From a product, customer product standpoint, already there is so much AI work being done. So we had the benefit of leveraging some of their capabilities for finance, when we launched Agile Finance. There is a lot going on over there. I think we actually enhanced that by introducing these RPA capabilities. And we did so from partnering with, I wouldn't say partnering, IT co-piloted this with us. Fundamentally co-piloted this, okay. And now, IT is taking it to other organizations. And they're taking it to product, they're taking it to operation, they're taking it to sales. So it will have a role. Hundred percent. But they're obviously starting, over the past three to six months is when they got started. So the answer is yes, for sure but I can't speak to exactly how it plays into that specific technology. >> But you addressed the dynamic. Which is, it started in a quick wind part of the company, finance. >> Yes. >> Which is logical. That's where I first introduced RPA a decade ago. A CFO conference, right? Then that now applies to the rest of the business. They're talking about operating leverage- >> Fundamental. Yeah. Hundred percent. >> How do you get that buy-in? How do you get finance and how do you get IT to work with finance, such that IT becomes a catalyst in all these downstream reactions to get this going across the company? >> Important question. >> Well they work for you. >> They don't. >> Oh they don't. >> They don't work for us. They work for me. I'm a customer of theirs. >> Okay. >> The first person that I needed to convince that we were serious and we're going to do it is the CIO. Okay, so you ask how do you get IT bought in? Well first thing, you have to get them in the tent. This is not about, "Oh, can you go do this for me? I need this from you. Can you do that?" Too slow, okay? This RPA, especially RPA, fundamentally, is such a, it's a technology that really needs to get embedded throughout the IT operating model. So you really need IT co-piloting this with you. This is how we did it. We said we're going to learn together. This is a must have for finance. We believe strongly this is going to become a must have for the enterprise but we're going to make the investment. In that must have for the enterprise, IT has to play the roll, right? So we started this together and we learned together and they've been fundamental in our being able to get to scale in 12 months. >> How do you federate governance? Who in the organization, what part of the organization owns governance, if you will? >> Yeah. So we created, established an RPA COE. They own the governance, the policies, the processes. Then, obviously there's a role to play for the business side. So we finance a business organization to them and there's roles to play. We actually, like I showed today in the presentation, there's multiple other players across the enterprise that have to vet these automations, right? Especially in finance. We have to be SOX compliant, we have to be data privacy compliant. We set all of those processes up. So, multiple parties have to engage but engage in an efficient way. >> We're seeing the CFO role emerge. I think of you as a CFO. I mean, I just use that umbrella, emerge as an innovator. I see this all of the place now, especially in Silicon Valley. You look at a company like Snowflake, I don't know if you know Mike Scarpelli but he kind of changed the world of software in some ways. So you're seeing very innovative CFOs emerge, that are technology savvy, they understand the operating leverage, we've used that term several times today, that you can get out of technology. It just reminds me, I don't know how long ago it was when Nick Carr wrote the book Does IT Matter. It seems like technology has never been more important. Along with people and process, of course, but in terms of creating that operating leverage, it's really a key part of the equation, the playbook going forward. >> I think it is a mindset change. We're trying to drive mindset change, right? But it's also, I think, come about because I think technology has become more friendly to non IT people. I think that's a fundamental driver. All these SaaS platforms in the market place, right? What did they design for? Business users. Of course IT has a very prominent role in that whole process and supporting it and implementing it. But the target audience is business users. What was the target audience for ERP? IT. Okay. Fundamental, the technology is changing by design and you're seeing now the impact of that. Where, "Hey wait, I can do this. I can do this by myself." Okay. IT always has been and will be a very important partner. They will service your data needs. This is how we're setting up the collaboration, right? But we really want the finance users to be able to iterate, model, analyze on the fly, in the moment. And they need to do it alone. >> Self serve, yeah. >> That's it. >> Self serve in realtime. I think one of the things, you mentioned it this morning, you mentioned it on our program and one of the things we've learned in the pandemic, that realtime and access to realtime data is no longer a nice-to-have. >> Yes. >> It's really a business critical element of any industry. >> Hundred percent. >> When do you think you'll put crypto on your balance sheet? I ask all the CFOs. >> He's been asking everyone that. >> There's an easy answer. I'm not authorized to answer. Above my pay grade. >> That's a good answer. >> That's good. >> Junaid, thank you so much for joining us. Talking to us about the transformation at Applied Materials, how you're partnering with UiPath to achieve that and the aggressive strategy that you've set out and congratulations on the success of it. We'll look forward to see what's going on in the next couple years. >> Great story. >> Of course. Thank you very much. Thank you for having me. >> Our pleasure. For Dave Vellante in Las Vegas, I'm Lisa Martin. You're watching theCUBE at UiPath Forward IV. Day two of our coverage. Stick around, we'll be right back with our next guest. (upbeat music)

(Upbeat intro music) >> Thanks guys. Hi everybody. Welcome back to The Spheres. My name is Dave Vellante and you're watching theCubes continuous coverage of AWS storage day. I'm really excited to bring on Wayne Duso. Wayne is the vice-president of AWS Storage Edge and Data Governance Services. Wayne, two Boston boys got to come to Seattle to see each other. You know. Good to see you, man. >> Good to see you too. >> I mean, I'm not really from Boston. The guys from East Boston give me crap for saying that. [Wayne laughs] That my city, right? You're a city too. >> It's my city as well I'm from Charlestown so right across the ocean. >> Charlestown is actually legit Boston, you know I grew up in a town outside, but that's my city. So all the sports fan. So, hey great keynote today. We're going to unpack the keynote and, and really try to dig into it a little bit. You know, last 18 months has been a pretty bizarre, you know, who could have predicted this. We were just talking to my line about, you know, some of the permanent changes and, and even now it's like day to day, you're trying to figure out, okay, you know, what's next, you know, our business, your business. But, but clearly this has been an interesting time to say the least and the tailwind for the Cloud, but let's face it. How are customers responding? How are they changing their strategies as a result? >> Yeah. Well, first off, let me say it's good to see you. It's been years since we've been in chairs across from one another. >> Yeah. A couple of years ago in Boston, >> A couple of years ago in Boston. I'm glad to see you're doing well. >> Yeah. Thanks. You too. >> You look great. (Wayne Laughs) >> We get the Sox going. >> We'll be all set. >> Mm Dave you know, the last 18 months have been challenging. There's been a lot of change, but it's also been inspiring. What we've seen is our customers engaging the agility of the Cloud and appreciating the cost benefits of the Cloud. You know, during this time we've had to be there for our partners, our clients, our customers, and our people, whether it's work from home, whether it's expanding your capability, because it's surging say a company like zoom, where they're surging and they need more capability. Our cloud capabilities have allowed them to function, grow and thrive. In these challenging times. It's really a privilege that we have the services and we have the capability to enable people to behave and, execute and operate as normally as you possibly can in something that's never happened before in our lifetimes. It's unprecedented. It's a privilege. >> Yeah. I mean, I agree. You think about it. There's a lot of negative narrative, in the press about, about big tech and, and, and, you know, the reality is, is big tech has, has stood and small tech has stepped up big time and we were really think about it, Wayne, where would we be without, without tech? And I know it sounds bizarre, but we're kind of lucky. This pandemic actually occurred when it did, because had it occurred, you know, 10 years ago it would have been a lot tougher. I mean, who knows the state of vaccines, but certainly from a tech standpoint, the Cloud has been a savior. You've mentioned Zoom. I mean, you know, we, productivity continues. So that's been, been pretty key. I want to ask you, in you keynote, you talked about two paths to, to move to the Cloud, you know, Vector one was go and kind of lift and shift if I got it right. And then vector two was modernized first and then go, first of all, did I get that right? And >> Super close and >> So help me course correct. And what are those, what are those two paths mean for customers? How should we think about that? >> Yeah. So we want to make sure that customers can appreciate the value of the Cloud as quickly as they need to. And so there's, there's two paths and with not launches and, we'll talk about them in a minute, like our FSX for NetApp ONTAP, it allows customers to quickly move from like to like, so they can move from on-prem and what they're using in terms of the storage services, the processes they use to administer the data and manage the data straight onto AWS, without any conversion, without any change to their application. So I don't change to anything. So storage administrators can be really confident that they can move. Application Administrators know it will work as well, if not better with the Cloud. So moving onto AWS quickly to value that's one path. Now, once they move on to AWS, some customers will choose to modernize. So they will, they will modernize by containerizing their applications, or they will modernize by moving to server-less using Lambda, right? So that gives them the opportunity at the pace they want as quickly or as cautiously as they need to modernize their application, because they're already executing, they're already operating already getting value. Now within that context, then they can continue that modernization process by integrating with even more capabilities, whether it's ML capabilities or IOT capabilities, depending on their needs. So it's really about speed agility, the ability to innovate, and then the ability to get that flywheel going with cost optimization, feed those savings back into betterment for their customers. >> So how did the launches that you guys have made today and even, even previously, do they map into those two paths? >> Yeah, they do very well. >> How so? Help us understand that. >> So if we look, let's just run down through some of the launches today, >> Great. >> And we can, we can map those two, those two paths. So like we talked about FSX for NetApp ONTAP, or we just like to say FSX for ONTAP because it's so much easier to say. [Dave laughs] >> So FSX for ONTAP is a clear case of move. >> Right >> EBS io2 Block Express for Sand, a clear case of move. It allows customers to quickly move their sand workloads to AWS, with the launch of EBS direct API, supporting 64 terabyte volumes. Now you can snapshot your 64 terabyte volumes on-prem to already be in AWS, and you can restore them to an EBS io2 Block Express volume, allowing you to quickly move an ERP application or an Oracle application. Some enterprise application that requires the speed, the durability and the capability of VBS super quickly. So that's, those are good examples of, of that. In terms of the modernization path, our launch of AWS transfer managed workflows is a good example of that. Manage workflows have been around forever. >> Dave: Yeah. >> And, and customers rely on those workflows to run their business, but they really want to be able to take advantage of cloud capabilities. They want to be able to, for instance, apply ML to those workflows because it really kind of makes sense that their workloads are people related. You can apply artificial intelligence to them, >> Right >> This is an example of a service that allows them to modify those workflows, to modernize them and to build additional value into them. >> Well. I like that example. I got a couple of followup questions, if I may. Sticking on the machine learning and machine intelligence for a minute. That to me is a big one because when I was talking to my line about this is this, it's not just you sticking storage in a bucket anymore, right? You're invoking other services: machine intelligence, machine learning, might be database services, whatever it is, you know, streaming services. And it's a service, you know, there it is. It's not a real complicated integration. So that to me is big. I want to ask you about the block side of things >> Wayne: Sure >> You built in your day, a lot of boxes. >> Wayne: I've built a lot of boxes. >> And you know, the Sand space really well. >> Yeah. >> And you know, a lot of people probably more than I do storage admins that say you're not touching my Sand, right? And they just build a brick wall around it. Okay. And now eventually it ages out. And I think, you know, that whole cumbersome model it's understood, but nonetheless, their workloads and our apps are running on that. How do you see that movement from those and they're the toughest ones to move. The Oracle, the SAP they're really, you know, mission critical Microsoft apps, the database apps, hardcore stuff. How do you see that moving into the Cloud? Give us a sense as to what customers are telling you. >> Storage administrators have a hard job >> Dave: Yeah >> And trying to navigate how they move from on-prem to in Cloud is challenging. So we listened to the storage administrators, even when they tell us, No. we want to understand why no. And when you look at EBS io2 Block Express, this is in part our initial response to moving their saying into the Cloud super easily. Right? Because what do they need? They need performance. They need their ability. They need availability. They need the services to be able to snap and to be able to replicate their Capa- their storage. They need to know that they can move their applications without having to redo all they know to re-plan all they work on each and every day. They want to be able to move quickly and confidently. EBS io2 Block Express is the beginning of that. They can move confidently to sand in the Cloud using EBS. >> Well, so why do they say 'no'? Is it just like the inherent fear? Like a lawyer would say, don't do that, you know, don't or is it just, is it, is it a technical issue? Is it a cultural issue? And what are you seeing there? >> It's a cultural issue. It's a mindset issue, but it's a responsibility. I mean, these folks are responsible for the, one of the most important assets that you have. Most important asset for any company is people. Second most important asset is data. These folks are responsible for a very important asset. And if they don't get it right, if they don't get security, right. They don't get performance right. They don't get durability right. They don't get availability right. It's on them. So it's on us to make sure they're okay. >> Do you see it similar to the security discussion? Because early on, I was just talking to Sandy Carter about this and we were saying, you remember the CIA deal? Right? So I remember talking to the financial services people said, we'll never put any data in the Cloud. Okay they got to be one of your biggest industries, if not your biggest, you know customer base today. But there was fear and, and the CIA deal changed that. They're like, wow CIA is going to the Cloud They're really security conscious. And that was an example of maybe public sector informing commercial. Do you see it as similar? I mean there's obviously differences, but is it a sort of similar dynamic? >> I do. I do. You know, all of these ilities right. Whether it's, you know, durability, availability, security, we'll put ility at the end of that somehow. All of these are not jargon words. They mean something to each persona, to each customer. So we have to make sure that we address each of them. So like security. And we've been addressing the security concern since the beginning of AWS, because security is job number one. And operational excellence job number two. So, a lot of things we're talking about here is operational excellence, durability, availability, likeness are all operational concerns. And we have to make sure we deliver against those for our customers. >> I get it. I mean, the storage admins job is thankless, but the same time, you know, if your main expertise is managing LUNs, your growth path is limited. So they, they want to transform. They want to modernize their own careers. >> I love that. >> It's true. Right? I mean it's- >> Yeah. Yeah. So, you know, if you're a storage administrator today, understanding the storage portfolio that AWS delivers will allow you, and it will enable you empower you to be a cloud storage administrator. So you have no worry because you're, let's take FSX for ONTAP. You will take the skills that you've developed and honed over years and directly apply them to the workloads that you will bring to the Cloud. Using the same CLIs, The same APIs, the same consoles, the same capabilities. >> Plus you mentioned you guys announced, you talked about AWS backup services today, announced some stuff there. I see security governance, backup, identity access management, and governance. These are all adjacency. So if you're a, if you're a cloud storage administrator, you now are going to expand your scope of operations. You, you know, you're not going to be a security, Wiz overnight by any means, but you're now part of that, that rubric. And you're going to participate in that opportunity and learn some things and advance your career. I want to ask you, before we run out of time, you talked about agility and cost optimization, and it's kind of the yin and the yang of Cloud, if you will. But how are these seemingly conflicting forces in sync in your view. >> Like many things in life, right? [Wayne Laughs] >> We're going to get a little spiritually. >> We might get a little philosophical here. [Dave Laughs] >> You know, cloud announced, we've talked about two paths and in part of the two paths is enabling you to move quickly and be agile in how you move to the Cloud. Once you are on the Cloud, we have the ability through all of the service integrations that we have. In your ability to see exactly what's happening at every moment, to then cost optimize, to modernize, to cost optimize, to improve on the applications and workloads and data sets that you've brought. So this becomes a flywheel cost optimization allows you to reinvest, reinvest, be more agile, more innovative, which again, returns a value to your business and value to your customers. It's a flywheel effect. >> Yeah. It's kind of that gain sharing. Right? >> It is. >> And, you know, it's harder to do that in a, in an on-prem world, which everything is kind of, okay, it's working. Now boom, make it static. Oh, I want to bring in this capability or this, you know, AI. And then there's an integration challenge >> That's true. >> Going on. Not, not that there's, you know, there's differences in, APIs. But that's, to me is the opportunity to build on top of it. I just, again, talking to my line, I remember Andy Jassy saying, Hey, we purposefully have created our services at a really atomic level so that we can get down to the primitives and change as the market changes. To me, that's an opportunity for builders to create abstraction layers on top of that, you know, you've kind of, Amazon has kind of resisted that over the years, but, but almost on purpose. There's some of that now going on specialization and maybe certain industry solutions, but in general, your philosophy is to maintain that agility at the really granular level. >> It is, you know, we go back a long way. And as you said, I've built a lot of boxes and I'm proud of a lot of the boxes I've built, but a box is still a box, right? You have constraints. And when you innovate and build on the Cloud, when you move to the Cloud, you do not have those constraints, right? You have the agility, you can stand up a file system in three seconds, you can grow it and shrink it whenever you want. And you can delete it, get rid of it whenever you want back it up and then delete it. You don't have to worry about your infrastructure. You don't have to worry about is it going to be there in three months? It will be there in three seconds. So the agility of each of these services, the unique elements of all of these services allow you to capitalize on their value, use what you need and stop using it when you don't, and you don't have the same capabilities when you use more traditional products. >> So when you're designing a box, how is your mindset different than when you're designing a service? >> Well. You have physical constraints. You have to worry about the physical resources on that device for the life of that device, which is years. Think about what changes in three or five years. Think about the last two years alone and what's changed. Can you imagine having been constrained by only having boxes available to you during this last two years versus having the Cloud and being able to expand or contract based on your business needs, that would be really tough, right? And it has been tough. And that's why we've seen customers for every industry accelerate their use of the Cloud during these last two years. >> So I get that. So what's your mindset when you're building storage services and data services. >> So. Each of the surfaces that we have in object block file, movement services, data services, each of them provides very specific customer value and each are deeply integrated with the rest of AWS, so that when you need object services, you start using them. The integrations come along with you. When, if you're using traditional block, we talked about EBS io2 Block Express. When you're using file, just the example alone today with ONTAP, you know, you get to use what you need when you need it, and the way that you're used to using it without any concerns. >> (Dave mumbles) So your mindset is how do I exploit all these other services? You're like the chef and these are ingredients that you can tap and give a path to your customers to explore it over time. >> Yeah. Traditionally, for instance, if you were to have a filer, you would run multiple applications on that filer you're worried about. Cause you should, as a storage administrator, will each of those applications have the right amount of resources to run at peak. When you're on the Cloud, each of those applications will just spin up in seconds, their own file system. And those file systems can grow and shrink at whatever, however they need to do so. And you don't have to worry about one application interfering with the other application. It's not your concern anymore. And it's not really that fun to do. Anyway. It's kind of the hard work that nobody really you know, really wants to reward you for. So you can take your time and apply it to more business generate, you know, value for your business. >> That's great. Thank you for that. Okay. I'll I'll give you the last word. Give us the bumper sticker on AWS Storage day. Exciting day. The third AWS storage day. You guys keep getting bigger, raising the bar. >> And we're happy to keep doing it with you. >> Awesome. >> So thank you for flying out from Boston to see me. >> Pleasure, >> As they say. >> So, you know, this is a great opportunity for us to talk to customers, to thank them. It's a privilege to build what we build for customers. You know, our customers are leaders in their organizations and their businesses for their customers. And what we want to do is help them continue to be leaders and help them to continue to build and deliver we're here for them. >> Wayne. It's great to see you again. Thanks so much. >> Thanks. >> Maybe see you back at home. >> All right. Go Sox. All right. Yeah, go Sox. [Wayne Laughs] All right. Thank you for watching everybody. Back to Jenna Canal and Darko in the studio. Its Dave Volante. You're watching theCube. [Outro Music]

(upbeat music) >> Hello and welcome today's session of the cube presentation of the 80 best startup showcase. The next big thing in security featuring Anitian for the security track. I'm your host John Furrier. We're here with the CEO of Anitian, Rakesh Narasimhan, and Aditya Muppavarapu global segment leader of Dev ops for 80 minutes partner network, Rakesh, Aditya, Thanks for coming on. Appreciate it. >> Thank you very much, John. Pleasure is mine. >> So this is the track session. We're going to get into the, the into the details on the leadership of digital transformation and dev sec ops automation, cloud security and compliance. So let's get started. But first Rakesh, we last talked you guys had some awards, RSA conference, 2021, virtual. You guys got some serious awards. Give us the update. >> Yeah, thank you very much, John. Yeah, we were, you know, humbled to be recognized. You know, industry recognition is always a great thing. We deliver value for customers and the industry is recognizing it. So at the RSA conference, we got seven different awards you know, very excited that we were chosen for, you know publishers choice and security company of the year editor's choice and blood security and heart company in cloud security automation. So really thrilled about the recognition thanks. >> Awesome. Seven awards. I mean, RSA is obviously a show that's in transition itself. They're transforming no longer part of Dell technologies now kind of on their own kind of speaks to the wave we're in. So congratulations on the success. They're hot startup here in security track. Give us a quick overview what you guys are enabling because this transformation is everywhere. It's in every sector, it's in every vertical dev sec ops shifting left, you know day two operations get ops. All. This is all talking to one thing, developer, productivity programmable infrastructure with security. Rakesh give us a quick overview of >> Yeah. Exactly. Right. John, I think there's a big shift happening obviously to the cloud and, you know, affects every one of our lives in productivity in enterprise applications, consumers you name it. There's a huge change happening, but central to that theme is security. And so it's one of the areas we focus on Anitian is the fastest way for both existing and new applications to be developed in the cloud. And so we make sure that you can get there fastest time to value and time to revenue pretty quickly by providing the best secure and compliance environment for you. That's really the core of what we do as a company. And we look forward to helping all of our customers and the industry >> Aditya you're a global segment lead at AWS partner network. You seeing on successful companies, you've got a winner here, obviously a success story. I want to get your take on this because this is a trend in cloud native scale, you know, heart, you know horizontally scalable, large scale, but shifting left, okay. Get ops big topics where code is being inspected in real time. People want automation. So I've got to ask you, what does shift left mean to to being out there and this in the security world? What does that mean? >> So, instead of applying your security and compliance guard rails only in production, we also need to apply them across your application development and delivery cycles. Instead of having one gate that becomes a bottleneck we should have multiple checkpoints at various stages. This provides a fast feedback for the developers while they're still in the context of developing that feature. So it's easier and less expensive fix the issues and what it is not is this doesn't mean you move all your focus to dev and ignore production. It also doesn't mean developers are now responsible for security and you can get rid of your security teams. We needed a process and a mechanism in place to leverage the expertise off the security teams and offer their services to the developers very early on in the development cycles, thereby enabling and empowering developers to write secure and compliant code >> I mean, to me not to put my old school hat on, but it's, you know I think to me, I view it as security at the point of coding right at the point of, I don't want to say point of sale but the point of writing the code and the old days it used to be like a patches and getting updates and provisioned into, into production. Same that kind of concept. But as a developer, that's kind of the focus is getting the latest knowledge either through tools and technologies to make it easier for me as a developer to inject at the point of code. Is that right? >> That's right. Yeah. >> So what makes Anitian so different and what's successful within AWS? That's, what's the why the success there? Can you share with us why they're so unique in AWS? >> So I think the biggest case for that is really you know, security, oftentimes security is thought of as an impediment sometimes actually believe it or not. So the configuration, the management, the deployment all of that, you got to be able to do and you got to be able to do that at scale. The great thing about the cloud at is scale and a big portion of that is automation. So what we at Anitian have done is taken that lifecycle of taking, you know applications on a variety of states. If you will, if you're trying to get to production you're trying to do one of two things. You're either you're trying to get into a compliance standard, like Fed Ramp you want a very predictable process, or you're just trying to get an application secure pretty quickly. So how can you do either one of those things becomes the challenge and we help you do that by having a pre-engineered environment where configuration defining deployment all that becomes very consistent and very predictable which means we've automated it in a way that it can scale. You can sort of almost have this regularly happening and not just one application with multiple applications for any company. That is, I think the biggest obstacle that has happened for a lot of folks in the enterprise for sure, to try to get to production and keep that cycle going continuously. And we help with that in a big way. That's one of the reasons why we're having a lot of adoption customers working with partners of course and getting industry recognition for it. >> Yeah. I mean, this is one of the benefits of cloud. I want to get you guys both reaction to this, where as things get going, it's kind of like that, you're you you got to take advantage. You can take advantage of all these solutions. So how many of his customer, I want to look for solutions that help me move the ball forward, not backwards right? So, or help me move the ball forward without building anything that I don't need or that's already been built. So here it sounds like if I get this right Anitian is saying, Hey if you're an Amazon customer I can accelerate you with Fed Ramp compliance. So you don't have to spend all these cycle times getting ready or hiring or operationalizing it is that right? I mean, is that the value proposition? >> They're very accurate, John. So what happens is, you know, we're working with Amazon web services, who's really innovated quite a bit in building all the building blocks, if you will. And so, you know, we're standing on the shoulders of giants if you will, to basically get the max level of automation and acceleration happen. So that just like customers have gotten used to not having to buy servers, but guide, compute and storage. If you will, now they're able to secure and also become compliant with the services that we offer. That level of acceleration I think is needed. If you believe that there's going to be a lot more cloud applications, lot more cloud. If you're going to achieve scale, you've got to automate. And if you want to automate, but secure as well you need a mechanism to doing that. That's really where Anitian comes in, if you will. >> Yeah. And I think Fedramp to me is just a great low hanging fruit example because everyone wants to get into the public sector market. They know how hard it is. Kind of like, you know, we want to do it, but stand in line we've got to get some resources. I'm not kind of get that. But the question I want to get to you Rakesh and Aditya is the bigger picture, which is, as you said more cloud applications are coming. So customers in the enterprise have, have or are building fast dev ops teams accelerate the security paradigm. How do you help those, those folks? Because that's really kind of where the action's going. The puck is going to go there too. Right? So beyond Fed Ramp there's other things >> Right? So I think, I think the way we approached it is really, there's like at least two different sets of customers, right? In the federal market itself. You just think about a commercial SAS companies who are trying to enter the, the, the, the the public sector market. Well, you need to clear a standard like Fed Ramp. So we're the fastest way to not just complete it but be able to start selling and producing revenue. That'd be market per using that functionality. If you will, to that market. Similarly, there's a lot of public sector organizations who are trying to move to the cloud because they have traditionally developed applications and architectures based on what they've done over the last 20 plus years. Well guess what, they're also trying to migrate. So how do you help both commercial companies as well as public sector companies transition, if you will to the cloud in a secure way, but also meeting a public standard. We're helping both those organizations to do that migration and that journey if you will, but it's premised on with pre-engineered it, it's the fastest way for you to get there for you to be able to provide your capability and functionality to the larger marketplace. That's one of the main reasons why I think the productivity jump is enormously high because that's how you get to larger marketplace, if you will, to serve that market >> Aditya. So they have to change your title from global segment leader, dev ops to dev sec ops 80 of his partner network here with this solution in a way it's kind of becoming standard. >> Yeah. Security is getting him embedded into all of your development and delivery life cycle. So that dev sec Ops is becoming more and more critical with customers migrating to the cloud and modernizing their applications. >> How much has automation playing into this? Because one of the things we're talking about fueling digital transformation is the automation component of the security piece here Rakesh How important is automation and what how do you set yourself up for that to be successful? >> That's big question. I think that the big key to that is automation. I think automation is there in general in the cloud space. People expect it, frankly. But I think that the key thing what we have done is pre-integrated not just our platform but a variety of the partner ecosystem are on AWS. And so when a customer is looking forward to taking an application and going to the cloud they're not just getting functionality from us and AWS but also a lot of partner functionality around it so that they don't have to build it. Remember this discussion we had earlier about how do you jumpstart that? Well, it's, it's, it's really, instead of them having the best of breed assemble we've pre done it for them, which means it's predictable, it's consistent it's configured correctly. They can rely on it. That allows us to be able to help them move faster which means they can go serve larger markets and obviously make money around it. >> Rakesh, I got to follow up on that and ask you specifically around this business model. Obviously cloud has become great service. Everyone kind of knows that and then kind of sees the edge coming next and all these other issues that are going to provide more opportunities. But I got to ask you for your company what industries and business models are you disrupting? >> Yeah, I think primarily to we're a classic example of software eating the world, right? Primarily what happens is most of the folks that certainly in the compliance arena are really trying to figure out how to do it themselves, right? And then that's primarily the group of people who are sort of trying to figure that out. And then there's a class of who do consulting who are trying to consult with you and what you should do. And we have taken a very software oriented approach built on Amazon that we will not only help you fast forward that but also, you know, get you compliant but also keep you compliant because it's a cycle much like in other industries you've seen there used to be a time when people that email and they used to run email servers and ran the email servers and backups and things of that nature that transitioned over time where people procure that service from somebody else. And it's still a secure, it's still a scalable and they can rely on that service without having to be in that business if you will. So we see us disrupting the consulting and do it yourself world to actually providing a dependable service out there that you can rely on for security and compliance. >> Awesome. Aditya, I got to ask you on the Amazon side obviously you see a lot of it there. What are some of the challenges that you see with security? >> One of the main challenges I see that is that the landscape itself is rapidly changing. As customers are migrating to the cloud and modernizing what used to be a simple monolithic application running on a server and a office or a data center is now distributed hybrid and spans across development practices like microservices managed services, packaged applications, et cetera and also in the infrastructure platform choices have dramatically increased to from on-prem to call data centers, to edge computing, IOT VMs containers, serverless a lot more options. All these leads to more complexity and it increased the number of threat vectors exponentially though this advancement was great from a usability perspective. It now created a whole slew of challenges. This, this is complex. It's very hard to keep up. It's not something you set and forget. One needs to make sure you have the right guardrails in place to make sure you're continuously compliant with with your own policies are also with regulatory compliance frameworks that are needed for your business. Like GDPR, PCI, DSS, Nast, HIPAA Sox, Fed Ramp, et cetera >> For Rakesh. We're specifically on the dev ops efficiency with Amazon. What do you guys, what's your top few value proposition points? You say >> Biggest value proposition honestly is keeping and maintaining security while you're in compliance at scale with speed. I think those are big issues for companies. Like if you, if you're a company you're trying to be in the cloud, you want to enter the federal market. For example, you got to get that quickly. So what could take a lot of money? 18 - 24 months, our prawn malleable we've just completely automated back. And so within a quarter, depending on quickly the two organizations can work. We can get you into the marketplace. That that speed is of enormous value to companies. But also to remember that as Aditya pointed out there's a lot of complexity in the kind of architecture that is evolved but we have to feel like people like in the issue of what we can help customers would is as much as you take advantage of all the cloud style architecture providing the simplicity of providing security consistently and providing compliance consistently quickly. I think there'll always be a value for that because people are always trying to get faster and cheaper quicker. And I think we're able to do that. But remember, security is not just about fast. It's got to be secure, right? We got to be effective, not just efficient but I think that's a big value prop that we're able to bring to the table on AWS. >> Well I want to go, I got you here. I'll see what showcasing you guys as the hot startup who is your customer on Amazon? I'll see, you have customers that sell in marketplace for fedramp. That's a huge, that's the people who are in business to sell software but also other enterprises as well. Right? So could you just quickly break down your customers? And then when do they know it's time to call a Anitian? >> Yeah, so we have two large groups of customers. If you will. Certainly the commercial segment, as well as in the public sector and the commercial side, you have lots of companies in the cyber security enterprise collaboration as a little robotic process automation, all those categories of companies in the commercial environment they're trying to enter the public sector federal market to go sell their services. Well, you have to get compliant. We are the fastest path to get you there time to value type of revenue we can accomplish for you. That's a group of customers we, we have in market. And then we have the other side, which is a lot of government agencies who are themselves trying to migrate to the cloud. So if you're trying to get your applications for sure once on hybrid or on-premise, and you're trying to go to the AWS cloud, well, we're a great way for you to have a pre-engineered environment into which you can move in. So not only are you secure it's, pre-built, it can scale to the cloud that you're in front of migrate to. So we have both those particular sites if you will, of the marketplace. And then in market, we have lots of agencies, big and small and the government side, but also all these categories in the commercial side that I mentioned >> For Rakesh, Anitian's helping a lot of companies sell them to the public sector market. How big is the public sector federal market >> Right? Yeah. Billions of dollars. More than $250 billion is what people say but it's a very large market, but, but remember it's any any commercial SAS company who's trying to go into that federal market is a target market. We can help that customer get in into that market. >> And just real quick, their choice alternative to not working with the Anitian is what? months the pain. And what's the heavy lift as Andy Jassy would say the heavy lifting, undifferentiated lifting a lot of paperwork, a lot of hoops to jump through. Good. Can you just paint a picture of the paths with, and without >> There's three key areas that I think customers or, you know companies have to do, A. they have to understand the standard B. They have to really figure out the technology the integration, the partners, and the platform itself. It's a lift to basically get all of that together and then actually produce the documentation produce all the configuration and in a repeatable way. And that's just to get one application up there. Well, guess what? Not only do you need to get that up there you need to keep that compliant. And then our future standards come in. You need to go upgrade to that. So the best way for me to describe that is either you you come to the Anitian and we make that age just a service that is subscribed to to keep you compliant and grow or you can try to build it yourself, or you try to go get consulting companies to tell you what to do. You still have to do the work. So those are your sort of choices, if you will, which is one of the reasons why we're enjoying the growth we are because we're making it easy and productive for for companies to get there faster. >> Aditya, I want to get to you real quick. Obviously AWS partnering, they're also known as APN. You guys see some of the best hot startups. They all kind of have the same pattern like this. They do something that's hard. They make it easier. They go faster, more. Cost-effective what's the pattern in this cloud-scale world as startups. We're going to be featuring, you know, every as much as we can hot startups coming out of your network, there's a pattern here. What would you say? They are? Well as the DevOps obviously cloud native, besides iterate, move faster. What's the pattern you're seeing for the successful companies. >> It's like, like Andy's says, it's figuring out how to continuously reinvent yourself is the key to stay successful in this market. >> Awesome. For Rakesh, real big success. Congratulations on your awards. I got to ask you, we're asking all the, all the companies this question, what is your defining contribution to the future of cloud scale? >> Great question. I think when I think about what can be accomplished in the future, not just in the past, I think cloud is a huge phenomenon that has completely up-ended the architecture for all sorts of things commercial government, you know, consumer and enterprise. If you will, I would think we would be humbly the people who will ensure that lots of B2B companies and government organizations are able to move to the cloud and are able to be secure and compliant because I believe that there'll be more and more of that happening in the cloud. And the more that is available, just like the commercial world is takes advantage of all those features. I feel like public government organizations also can accomplish the same things very quickly because of folks like us, which means you have a larger segment of population that you can support. That's only going to make the planet more successful. I'm a big optimist when it comes to tech. I know there's a lot of folks who would look down upon tech or I'll think about it as not great. I'm a very big optimist around tech improving people's lives. And I think we have our own humble role in enabling that to happen in the security and compliance >> Well, anything, in my opinion I'm really a big fan of your work and your team. Anything that could bring great innovation into the public sector faster and more effective as good win for society. So I think it's a great mission. Thanks for, for sharing and congratulations on your awards and thanks for being part of our 80 best startup showcase. Appreciate it Rakesh thank you >> Thank you. >> Okay. This is the cube coverage of 80 startup showcase. I'm John for your host of the cube. This is the next big thing in security Anitian in the security track. Thanks for watching. (Up beat music)