from the cube studios in Palo Alto in Boston bringing you data-driven insights from the cube and ETR this is breaking analysis with Dave vellante the ascendancy of AWS under the leadership of Andy jassy was marked by a tsunami of data and corresponding cloud services to leverage that data now those Services they mainly came in the form of Primitives I.E basic building blocks that were used by developers to create more sophisticated capabilities AWS in the 2020s being led by CEO Adam solipski will be marked by four high-level Trends in our opinion one A Rush of data that will dwarf anything we've previously seen two a doubling or even tripling down on the basic elements of cloud compute storage database security Etc three a greater emphasis on end-to-end integration of AWS services to simplify and accelerate customer adoption of cloud and four significantly deeper business integration of cloud Beyond it as an underlying element of organizational operations hello and welcome to this week's wikibon Cube insights powered by ETR in this breaking analysis we extract and analyze nuggets from John furrier's annual sit-down with the CEO of AWS we'll share data from ETR and other sources to set the context for the market and competition in cloud and we'll give you our glimpse of what to expect at re invent in 2022. now before we get into the core of our analysis Alibaba has announced earnings they always announced after the big three you know a month later and we've updated our Q3 slash November hyperscale Computing forecast for the year as seen here and we're going to spend a lot of time on this as most of you have seen the bulk of it already but suffice to say alibaba's cloud business is hitting that same macro Trend that we're seeing across the board but a more substantial slowdown than we expected and more substantial than its peers they're facing China headwinds they've been restructuring its Cloud business and it's led to significantly slower growth uh in in the you know low double digits as opposed to where we had it at 15 this puts our year-end estimates for 2022 Revenue at 161 billion still a healthy 34 growth with AWS surpassing 80 billion in 2022 Revenue now on a related note one of the big themes in Cloud that we've been reporting on is how customers are optimizing their Cloud spend it's a technique that they use and when the economy looks a little shaky and here's a graphic that we pulled from aws's website which shows the various pricing plans at a high level as you know they're much more granular than that and more sophisticated but Simplicity we'll just keep it here basically there are four levels first one here is on demand I.E pay by the drink now we're going to jump down to what we've labeled as number two spot instances that's like the right place at the right time I can use that extra capacity in the moment the third is reserved instances or RIS where I pay up front to get a discount and the fourth is sort of optimized savings plans where customers commit to a one or three year term and for a better price now you'll notice we labeled the choices in a different order than AWS presented them on its website and that's because we believe that the order that we chose is the natural progression for customers this started on demand they maybe experiment with spot instances they move to reserve instances when the cloud bill becomes too onerous and if you're large enough you lock in for one or three years okay the interesting thing is the order in which AWS presents them we believe that on-demand accounts for the majority of AWS customer spending now if you think about it those on-demand customers they're also at risk customers yeah sure there's some switching costs like egress and learning curve but many customers they have multiple clouds and they've got experience and so they're kind of already up to a learning curve and if you're not married to AWS with a longer term commitment there's less friction to switch now AWS here presents the most attractive plan from a financial perspective second after on demand and it's also the plan that makes the greatest commitment from a lock-in standpoint now In fairness to AWS it's also true that there is a trend towards subscription-based pricing and we have some data on that this chart is from an ETR drill down survey the end is 300. pay attention to the bars on the right the left side is sort of busy but the pink is subscription and you can see the trend upward the light blue is consumption based or on demand based pricing and you can see there's a steady Trend toward subscription now we'll dig into this in a later episode of Breaking analysis but we'll share with you a little some tidbits with the data that ETR provides you can select which segment is and pass or you can go up the stack Etc but so when you choose is and paths 44 of customers either prefer or are required to use on-demand pricing whereas around 40 percent of customers say they either prefer or are required to use subscription pricing again that's for is so now the further mu you move up the stack the more prominent subscription pricing becomes often with sixty percent or more for the software-based offerings that require or prefer subscription and interestingly cyber security tracks along with software at around 60 percent that that prefer subscription it's likely because as with software you're not shutting down your cyber protection on demand all right let's get into the expectations for reinvent and we're going to start with an observation in data in this 2018 book seeing digital author David michella made the point that whereas most companies apply data on the periphery of their business kind of as an add-on function successful data companies like Google and Amazon and Facebook have placed data at the core of their operations they've operationalized data and they apply machine intelligence to that foundational element why is this the fact is it's not easy to do what the internet Giants have done very very sophisticated engineering and and and cultural discipline and this brings us to reinvent 2022 in the future of cloud machine learning and AI will increasingly be infused into applications we believe the data stack and the application stack are coming together as organizations build data apps and data products data expertise is moving from the domain of Highly specialized individuals to Everyday business people and we are just at the cusp of this trend this will in our view be a massive theme of not only re invent 22 but of cloud in the 2020s the vision of data mesh We Believe jamachtagani's principles will be realized in this decade now what we'd like to do now is share with you a glimpse of the thinking of Adam solipsky from his sit down with John Furrier each year John has a one-on-one conversation with the CEO of AWS AWS he's been doing this for years and the outcome is a better understanding of the directional thinking of the leader of the number one Cloud platform so we're now going to share some direct quotes I'm going to run through them with some commentary and then bring in some ETR data to analyze the market implications here we go this is from solipsky quote I.T in general and data are moving from departments into becoming intrinsic parts of how businesses function okay we're talking here about deeper business integration let's go on to the next one quote in time we'll stop talking about people who have the word analyst we inserted data he meant data data analyst in their title rather will have hundreds of millions of people who analyze data as part of their day-to-day job most of whom will not have the word analyst anywhere in their title we're talking about graphic designers and pizza shop owners and product managers and data scientists as well he threw that in I'm going to come back to that very interesting so he's talking about here about democratizing data operationalizing data next quote customers need to be able to take an end-to-end integrated view of their entire data Journey from ingestion to storage to harmonizing the data to being able to query it doing business Intelligence and human-based Analysis and being able to collaborate and share data and we've been putting together we being Amazon together a broad Suite of tools from database to analytics to business intelligence to help customers with that and this last statement it's true Amazon has a lot of tools and you know they're beginning to become more and more integrated but again under jassy there was not a lot of emphasis on that end-to-end integrated view we believe it's clear from these statements that solipsky's customer interactions are leading him to underscore that the time has come for this capability okay continuing quote if you have data in one place you shouldn't have to move it every time you want to analyze that data couldn't agree more it would be much better if you could leave that data in place avoid all the ETL which has become a nasty three-letter word more and more we're building capabilities where you can query that data in place end quote okay this we see a lot in the marketplace Oracle with mySQL Heatwave the entire Trend toward converge database snowflake [ __ ] extending their platforms into transaction and analytics respectively and so forth a lot of the partners are are doing things as well in that vein let's go into the next quote the other phenomenon is infusing machine learning into all those capabilities yes the comments from the michelleographic come into play here infusing Ai and machine intelligence everywhere next one quote it's not a data Cloud it's not a separate Cloud it's a series of broad but integrated capabilities to help you manage the end-to-end life cycle of your data there you go we AWS are the cloud we're going to come back to that in a moment as well next set of comments around data very interesting here quote data governance is a huge issue really what customers need is to find the right balance of their organization between access to data and control and if you provide too much access then you're nervous that your data is going to end up in places that it shouldn't shouldn't be viewed by people who shouldn't be viewing it and you feel like you lack security around that data and by the way what happens then is people overreact and they lock it down so that almost nobody can see it it's those handcuffs there's data and asset are reliability we've talked about that for years okay very well put by solipsky but this is a gap in our in our view within AWS today and we're we're hoping that they close it at reinvent it's not easy to share data in a safe way within AWS today outside of your organization so we're going to look for that at re invent 2022. now all this leads to the following statement by solipsky quote data clean room is a really interesting area and I think there's a lot of different Industries in which clean rooms are applicable I think that clean rooms are an interesting way of enabling multiple parties to share and collaborate on the data while completely respecting each party's rights and their privacy mandate okay again this is a gap currently within AWS today in our view and we know snowflake is well down this path and databricks with Delta sharing is also on this curve so AWS has to address this and demonstrate this end-to-end data integration and the ability to safely share data in our view now let's bring in some ETR spending data to put some context around these comments with reference points in the form of AWS itself and its competitors and partners here's a chart from ETR that shows Net score or spending momentum on the x-axis an overlap or pervasiveness in the survey um sorry let me go back up the net scores on the y-axis and overlap or pervasiveness in the survey is on the x-axis so spending momentum by pervasiveness okay or should have share within the data set the table that's inserted there with the Reds and the greens that informs us to how the dots are positioned so it's Net score and then the shared ends are how the plots are determined now we've filtered the data on the three big data segments analytics database and machine learning slash Ai and we've only selected one company with fewer than 100 ends in the survey and that's databricks you'll see why in a moment the red dotted line indicates highly elevated customer spend at 40 percent now as usual snowflake outperforms all players on the y-axis with a Net score of 63 percent off the charts all three big U.S cloud players are above that line with Microsoft and AWS dominating the x-axis so very impressive that they have such spending momentum and they're so large and you see a number of other emerging data players like rafana and datadog mongodbs there in the mix and then more established players data players like Splunk and Tableau now you got Cisco who's gonna you know it's a it's a it's a adjacent to their core networking business but they're definitely into you know the analytics business then the really established players in data like Informatica IBM and Oracle all with strong presence but you'll notice in the red from the momentum standpoint now what you're going to see in a moment is we put red highlights around databricks Snowflake and AWS why let's bring that back up and we'll explain so there's no way let's bring that back up Alex if you would there's no way AWS is going to hit the brakes on innovating at the base service level what we call Primitives earlier solipsky told Furrier as much in their sit down that AWS will serve the technical user and data science Community the traditional domain of data bricks and at the same time address the end-to-end integration data sharing and business line requirements that snowflake is positioned to serve now people often ask Snowflake and databricks how will you compete with the likes of AWS and we know the answer focus on data exclusively they have their multi-cloud plays perhaps the more interesting question is how will AWS compete with the likes of Specialists like Snowflake and data bricks and the answer is depicted here in this chart AWS is going to serve both the technical and developer communities and the data science audience and through end-to-end Integrations and future services that simplify the data Journey they're going to serve the business lines as well but the Nuance is in all the other dots in the hundreds or hundreds of thousands that are not shown here and that's the AWS ecosystem you can see AWS has earned the status of the number one Cloud platform that everyone wants to partner with as they say it has over a hundred thousand partners and that ecosystem combined with these capabilities that we're discussing well perhaps behind in areas like data sharing and integrated governance can wildly succeed by offering the capabilities and leveraging its ecosystem now for their part the snowflakes of the world have to stay focused on the mission build the best products possible and develop their own ecosystems to compete and attract the Mind share of both developers and business users and that's why it's so interesting to hear solipski basically say it's not a separate Cloud it's a set of integrated Services well snowflake is in our view building a super cloud on top of AWS Azure and Google when great products meet great sales and marketing good things can happen so this will be really fun to watch what AWS announces in this area at re invent all right one other topic that solipsky talked about was the correlation between serverless and container adoption and you know I don't know if this gets into there certainly their hybrid place maybe it starts to get into their multi-cloud we'll see but we have some data on this so again we're talking about the correlation between serverless and container adoption but before we get into that let's go back to 2017 and listen to what Andy jassy said on the cube about serverless play the clip very very earliest days of AWS Jeff used to say a lot if I were starting Amazon today I'd have built it on top of AWS we didn't have all the capability and all the functionality at that very moment but he knew what was coming and he saw what people were still able to accomplish even with where the services were at that point I think the same thing is true here with Lambda which is I think if Amazon were starting today it's a given they would build it on the cloud and I think we with a lot of the applications that comprise Amazon's consumer business we would build those on on our serverless capabilities now we still have plenty of capabilities and features and functionality we need to add to to Lambda and our various serverless services so that may not be true from the get-go right now but I think if you look at the hundreds of thousands of customers who are building on top of Lambda and lots of real applications you know finra has built a good chunk of their market watch application on top of Lambda and Thompson Reuters has built you know one of their key analytics apps like people are building real serious things on top of Lambda and the pace of iteration you'll see there will increase as well and I really believe that to be true over the next year or two so years ago when Jesse gave a road map that serverless was going to be a key developer platform going forward and so lipsky referenced the correlation between serverless and containers in the Furrier sit down so we wanted to test that within the ETR data set now here's a screen grab of The View across 1300 respondents from the October ETR survey and what we've done here is we've isolated on the cloud computing segment okay so you can see right there cloud computing segment now we've taken the functions from Google AWS Lambda and Microsoft Azure functions all the serverless offerings and we've got Net score on the vertical axis we've got presence in the data set oh by the way 440 by the way is highly elevated remember that and then we've got on the horizontal axis we have the presence in the data center overlap okay that's relative to each other so remember 40 all these guys are above that 40 mark okay so you see that now what we're going to do this is just for serverless and what we're going to do is we're going to turn on containers to see the correlation and see what happens so watch what happens when we click on container boom everything moves to the right you can see all three move to the right Google drops a little bit but all the others now the the filtered end drops as well so you don't have as many people that are aggressively leaning into both but all three move to the right so watch again containers off and then containers on containers off containers on so you can see a really major correlation between containers and serverless okay so to get a better understanding of what that means I call my friend and former Cube co-host Stu miniman what he said was people generally used to think of VMS containers and serverless as distinctly different architectures but the lines are beginning to blur serverless makes things simpler for developers who don't want to worry about underlying infrastructure as solipsky and the data from ETR indicate serverless and containers are coming together but as Stu and I discussed there's a spectrum where on the left you have kind of native Cloud VMS in the middle you got AWS fargate and in the rightmost anchor is Lambda AWS Lambda now traditionally in the cloud if you wanted to use containers developers would have to build a container image they have to select and deploy the ec2 images that they or instances that they wanted to use they have to allocate a certain amount of memory and then fence off the apps in a virtual machine and then run the ec2 instances against the apps and then pay for all those ec2 resources now with AWS fargate you can run containerized apps with less infrastructure management but you still have some you know things that you can you can you can do with the with the infrastructure so with fargate what you do is you'd build the container images then you'd allocate your memory and compute resources then run the app and pay for the resources only when they're used so fargate lets you control the runtime environment while at the same time simplifying the infrastructure management you gotta you don't have to worry about isolating the app and other stuff like choosing server types and patching AWS does all that for you then there's Lambda with Lambda you don't have to worry about any of the underlying server infrastructure you're just running code AS functions so the developer spends their time worrying about the applications and the functions that you're calling the point is there's a movement and we saw in the data towards simplifying the development environment and allowing the cloud vendor AWS in this case to do more of the underlying management now some folks will still want to turn knobs and dials but increasingly we're going to see more higher level service adoption now re invent is always a fire hose of content so let's do a rapid rundown of what to expect we talked about operate optimizing data and the organization we talked about Cloud optimization there'll be a lot of talk on the show floor about best practices and customer sharing data solipsky is leading AWS into the next phase of growth and that means moving beyond I.T transformation into deeper business integration and organizational transformation not just digital transformation organizational transformation so he's leading a multi-vector strategy serving the traditional peeps who want fine-grained access to core services so we'll see continued Innovation compute storage AI Etc and simplification through integration and horizontal apps further up to stack Amazon connect is an example that's often cited now as we've reported many times databricks is moving from its stronghold realm of data science into business intelligence and analytics where snowflake is coming from its data analytics stronghold and moving into the world of data science AWS is going down a path of snowflake meet data bricks with an underlying cloud is and pass layer that puts these three companies on a very interesting trajectory and you can expect AWS to go right after the data sharing opportunity and in doing so it will have to address data governance they go hand in hand okay price performance that is a topic that will never go away and it's something that we haven't mentioned today silicon it's a it's an area we've covered extensively on breaking analysis from Nitro to graviton to the AWS acquisition of Annapurna its secret weapon new special specialized capabilities like inferential and trainium we'd expect something more at re invent maybe new graviton instances David floyer our colleague said he's expecting at some point a complete system on a chip SOC from AWS and maybe an arm-based server to eventually include high-speed cxl connections to devices and memories all to address next-gen applications data intensive applications with low power requirements and lower cost overall now of course every year Swami gives his usual update on machine learning and AI building on Amazon's years of sagemaker innovation perhaps a focus on conversational AI or a better support for vision and maybe better integration across Amazon's portfolio of you know large language models uh neural networks generative AI really infusing AI everywhere of course security always high on the list that reinvent and and Amazon even has reinforce a conference dedicated to it uh to security now here we'd like to see more on supply chain security and perhaps how AWS can help there as well as tooling to make the cio's life easier but the key so far is AWS is much more partner friendly in the security space than say for instance Microsoft traditionally so firms like OCTA and crowdstrike in Palo Alto have plenty of room to play in the AWS ecosystem we'd expect of course to hear something about ESG it's an important topic and hopefully how not only AWS is helping the environment that's important but also how they help customers save money and drive inclusion and diversity again very important topics and finally come back to it reinvent is an ecosystem event it's the Super Bowl of tech events and the ecosystem will be out in full force every tech company on the planet will have a presence and the cube will be featuring many of the partners from the serial floor as well as AWS execs and of course our own independent analysis so you'll definitely want to tune into thecube.net and check out our re invent coverage we start Monday evening and then we go wall to wall through Thursday hopefully my voice will come back we have three sets at the show and our entire team will be there so please reach out or stop by and say hello all right we're going to leave it there for today many thanks to Stu miniman and David floyer for the input to today's episode of course John Furrier for extracting the signal from the noise and a sit down with Adam solipski thanks to Alex Meyerson who was on production and manages the podcast Ken schiffman as well Kristen Martin and Cheryl Knight helped get the word out on social and of course in our newsletters Rob hoef is our editor-in-chief over at siliconangle does some great editing thank thanks to all of you remember all these episodes are available as podcasts wherever you listen you can pop in the headphones go for a walk just search breaking analysis podcast I published each week on wikibon.com at siliconangle.com or you can email me at david.valante at siliconangle.com or DM me at di vallante or please comment on our LinkedIn posts and do check out etr.ai for the best survey data in the Enterprise Tech business this is Dave vellante for the cube insights powered by ETR thanks for watching we'll see it reinvent or we'll see you next time on breaking analysis [Music]

(upbeat music) >> Welcome everyone to theCUBE presentation of the AWS Startup Showcase, the theme here is Data as Code. This is season two, episode two of our ongoing series covering the exciting startups from the AWS ecosystem. And talk about the future of data, future of analytics, the future of development and all kind of cool stuff in Multicloud. I'm your host, John Furrier. Today we're joined by Ed Bailey, Senior Technology, Technical Evangelist at Cribl. Thanks for coming on the queue here. >> I thank you for the invitation, thrilled to be here. >> The theme of this session is the observability lake, which I love by the way I'm getting into that in a second. A breach investigation's best friend, which is a great topic. Couple of things, one, I like the breach investigation angle, but I also like this observability lake positioning, because I think this is a teaser of what's coming, more and more data usage where it's actually being applied specifically for things here, it's observability lake. So first, what is an observability lake? Why is it important? >> Why it's important is technology professionals, especially security professionals need data to make decisions. They need data to drive better decisions. They need data to understand, just to achieve understanding. And that means they need everything. They don't need what they can afford to store. They don't need not what vendor is going to let them store. They need everything. And I think as a point of the observability lake, because you couple an observability pipeline with the lake to bring your enterprise of data, to make it accessible for analytics, to be able to use it, to be able to get value from it. And I think that's one of the things that's missing right now in the enterprises. Admins are being forced to make decisions about, okay, we can't afford to keep this, we can afford to keep this, they're missing things. They're missing parts of the picture. And by bringing, able to bring it together, to be able to have your cake and eat it too, where I can get what I need and I can do it affordably is just, I think that's the future, and it just drives value for everyone. >> And it just makes a lot of sense data lake or the earlier concert, throw everything into the lake, and you can figure it out, you can query it, you can take action on it real time, you can stream it. You can do all kinds of things with it. Verb observability is important because it's the most critical thing people are doing right now for all kinds of things from QA, administration, security. So this is where the breach piece comes in. I like that's part of the talk because the breached investigation's best friend, it implies that you got the secret sourced to behind it, right? So, what is the state of the breach investigation today? What's going on with that? Because we know breaches, we see 'em out there, but like, why is this the best friend of a breach investigator? >> Well, and this is unfortunate, but typically there's an enormous delay between breach and detection. And right now, there's an IBM study, I think it's 287 days, but from the actual breach to detection and containment. It's an enormous amount of time. And the key is so when you do detect a breach, you're bringing in your instant, your response team, and typically without an observability lake, without Cribl solutions around observability pipeline, you're going to have an incomplete picture. The incident response team has to first to understand what's the scope of the breach. Is it one server? Is it three servers? Is it all the servers? You got to understand what's been compromised, what's been the end, what's the impact? How did the breach occur in the first place? And they need all the data to stitch that together, and they need it quickly. The more time it takes to get that data, the more time it takes for them to finish their analysis and contain the breach. I mean, hence the, I think about an 87, 90 days to contain a breach. And so by being able to remove the friction, by able to make it easier to achieve these goals, what shouldn't be hard, but making, by removing that friction, you speed up the containment and resolution time. Not to mention for many system administrators, they don't simply have the data because they can afford to store the data in their SIEM. Or they have to go to their backup team to get a restore which can take days. And so that's-- It's just so many obstacles to getting resolution right now. >> I mean, it's just, you're crawling through glass there, right? Because you think about it like just the timing aspect. Where is the data? Where is it stored and relevant and-- >> And do you have it at all? >> And you have it at all, and then, you know, that person doesn't work anywhere, they change jobs. I mean, who is keeping track of all this? You guys have now, this capability where you can come in and do the instrumentation with the observability lake without a lot of change to the environment, which is not the way it used to be. Used to be, buy a tool, build a platform. Cribl has a solution that eases the struggles with the enterprise. What specifically is that pain point? And what do you guys do specifically? >> Well, I'll start out with kind of example, what drew me to Cribl, so back in 2018. I'm running the Splunk team for a very large multinational. The complexity of that, we were dealing with the complexity of the data, the demands we were getting from security and operations were just an enormous issue to overcome. I had vendors come to me all the time that will solve your problems, but that means you got to move to our platform where you have to get rid of Splunk or you have to do this, and I'm losing something. And what Cribl stream brought into, was I could put it between my sources and my destinations and manage my data. And I would have flow control over the data. I don't have to lose anything. I could keep continuing use our existing analytics tools, and that sense of power and control, and I don't have to lose anything. I was like, there's something wrong here. This is too good to be true. And so what we're talking about now in terms of breach investigation, is that with Cribl stream, I can create a clone of my data to an object store. So this is in, this is almost any object store. So it can be AWS, it could be the other vendor object stores. It could be on-prem object stores. And then I can house my data, I can house all my data at the cheapest possible price. So instead of eating up my most expensive storage, I put all my data in my object store. And I only put the data I need for the detections in my SIEM. So if, and hopefully never, but if you do have a breach, lock stream has a wonderful UI that makes a trivial to then pick my data out of my object store and restore it back into my SIEM so that my IR team has to develop a complete picture of how the breach happen. What's the scope? What is their lateral movement and answer those questions. And it just, it takes the friction away. Just like you said, just no more crawling over glass. You're running to your solution. >> You mentioned object store, and you're streaming that in. You talk about the Cribble stream tool. I'm assuming there when you're streaming the pipeline stuff, but is there a schema involved? Is there database challenges? What, how do you guys look at that? I know you're vendor agnostic. I like that piece, you plug in and you leverage all the tools that are out there, Splunk, Datadog, whatever. But how about on the database side, what's the impact there? >> Well, so I'm assuming you're talking about the object store itself, so we don't have to apply the schema. We can fit the data to whichever the object store is. We structure the data so it makes it easier to understand. For example, if I want to see communications from one IP to another IP, we structure it to make it easier to see that and query that, but it is just, we're-- Yeah, it's completely vendor neutral and this makes it so simple, so simple to enable, I think-- >> So no pre-defined schema needed. >> No, not at all. And this, it made it so much easier. I think we enabled this for the enterprise. I think it took us three hours to do, and we were able to then start, I mean, start cutting our retention costs dramatically. >> Yeah, it's great when you get that kind of value, time to value critical and all the skeptics fall to the sides pretty quickly. (chuckles) I got to ask you, well, go ahead. >> So I say, I mean, previously, I would have to go to our backup team. We'd have to open up a ticket, we'd have to have a bridge, then we'd have to go through the process of pulling tape and being, it could take, you know, hours, hours if not days to restore the amount of data we needed. And just it, you know, we were able to run to our goals, and solve business problems instead of focusing on the process steps of getting things done. >> Right, so take me through the architecture here and some customer examples, 'cause you have the Cribble streaming there, observability pipeline. That's key, you mentioned that. >> Yes. >> And then they build out these observability lakes from that. So what is the impact of that? Can you share the customers that are using that solution? What are they seeing for benefits? What are some of the impact? Can you give us some specifics? >> I mean, I can't share with all the exact customer names. I can definitely give you some examples. Like referenceable conference would be TransUnion, so that I came from TransUnion. I was one of the first customers and it solved enormous number of problems for us. Autodesk is another great example. The idea that we're able to automate and data practices. I mean, just for example, what we were talking about with backups. We'd have to, you have to put a lot of time into managing your backups in your inner analytics platforms, you have to. And then you're locked into custom database schemas, you're locked into vendors. And it's also, it's still, it's expensive. So being able to spend a few hours, dramatically cut your costs, but still have the data available, and that's the key. I didn't have to make compromises, 'cause before I was having to say, okay, we're going to keep this, we're going to just drop this and hope for the best. And we just don't, we just didn't have to do that anymore. I think for the same thing for TransUnion and Autodesk, the idea that we're going to lower our cost, we're going to make it easier for our administrators to do their job and so they can spend more time on business value fundamentals, like responding to a breach. You're going to spend time working with your teams, getting value observability solutions and stop spending time on writing custom solutions using to open source tools. 'Cause your engineering time is the most precious asset for any enterprise and you got to focus your engineering time on where it's needed the most. >> Yeah, and they can't underestimate the hassle and cost of ownership, of swapping out pre-existing stuff, just for the sake of having a functionality. I mean that's a big-- >> It's pain and that's a big thing about lock stream is that being vendor neutral is so important. If you want to use the Splunk universal forwarder, that's great. If you want to use Beats, that's awesome. If you want to use Fluentd, even better. If you want to use all three, you can do that too. It's the customer choice and we're saying to people, use what suits your needs. And if you want to write some of your data to elastic, that's great. Some of your data to Splunk, that's even better. Some of it to, pick your pick, fine as well or Exabeam. You have the choices to put together, put your own solutions together and put your data where you need it to be. We're not asking you only in our ecosystem to work with only our partners. We're letting you pick and choose what suits your business. >> Yeah, you know, that's the direction I was just talking about the Amazon folks around their serverless. You know, you can use any tool, you know, you can, they have that core architecture for everything, the S3 and then pick whatever you want to use. SageMaker, just that other thing. This is the new way. That's the way it has to be to be effective. How do you guys handle that? What's been the reaction from customers? Do they like, roll their eyes and doubt you guys, or can you do it? Are they skeptical? How fast can you convert 'em over? (chuckles) >> Right, and that's always the challenge. And that's, I mean, the best part of my day is talking to customers. I love hearing and feedback, what they like, what they don't and what they need. And of course I was skeptical. I didn't believe it when I first saw it because I was like this, you know, because I'm, I was used to being locked in. I was used to having to put a lot of effort, a lot of custom code, like, what do you mean? It's this easy? I believe I did the first, this is 2018, and I did our first demos, like 30 minutes in, and I cut about 1/2 million dollars out of our license in the first 30 minutes in our first demo. And I was stunned because I mean, it's like, this is easy. >> Yeah, I mean-- >> Yeah, exactly. I mean, this is, and then this is the future. And then for example, we needed to bring in so like the security team wanted to bring in a UBA solution that wasn't part of the vendor ecosystem that we were in. And I was like, not a problem. We're going to use log stream. We're going to clone a copy of our data to the UBA solution. We were able to get value from this UBA solution in weeks. What typically is a six month cycle to start getting value. And it just, it was just too easy and the best part of it. And the thing is, it just struck me was my engineers can now spend their time on delivering value instead of integrations and moving data around. >> Yeah, and also we can spend more time preventing breaches. But what's interesting is counterintuitive here is that, if you, as you add more flexibility and choice, you'd think it'd be harder to handle a breach, right? So, now let's go back to the scenario. Now you guys, say an organization has a breach, and they have the observability pipeline, They got the lake in place, your observability lake, take me through the investigation. How easy is it, what happens? How they start it, what goes on? >> So, once your SOC detects a breach, then they bring in the idea. Typically you're going to bring in your incident response team. So what we did, and this is one more way that we removed that friction, we cleaned up the glass, is we delegate to the instant response team, the ability to restore, we call it-- So if Cribl calls it replay, we play data at our object store back into your SIEM. There's a very nice UI that gives you the ability to say, "I want data from this time period, at this time period, I want it to be all the data." Or the ability to filter and say, "I want this, just this IP." For example, if I detected, okay, this IP has been breached then I'm going to pull all the data that mentions this IP and this timeframe, hit a button and it just starts. And then it's going to restore how as fast your IOPS are for your solution. And then it's back in your tool, it's back in your tool. One of the things I also want to mention is we have an amazing enrichment capability. So one of the things that we would do is we would've pipelines so as the data comes out of the object store, it hits the pipeline, and then we enrich it. We hit use GoIP information, perverse and NAS. It gets processed through threat Intel feed. So the data's already enriched and ready for the incident response people to do their job. And so it just, it bamboozle the friction of getting to the point where I can start doing my job. >> You know, at this theme, this episode for this showcase is about Data as Code. And which is, you know, we've been, I've been saying this on theCUBES for since it was being around 13 years ago, that developers are going to be dealing with data like they deal with software code, and you're starting to see, you mentioned enrichment. Where do you see Data as Code going? How relevant in it now, because we really talking about when you add machine learning in here, that has to be enriched, and iterated on too. We're talking about taking things off a branch and putting it back into the core. This is a data discussion, this isn't software, but it sounds the same. >> Right, and this is something that the irony is that, I remember first time saying it to an auditor. I was constantly going with auditors, and that's what I described is I'm going to show you the code that manages the data. This is the data's code that's going to show you how we transform it, how we secure it, where the data goes, how it's enriched. So you can see the whole story, the data life cycle in one place. And that's how we handled our orders. And I think that is enormously, you know, positive because it's so easy to be confused. It's so easy to have complexity to get in the way of progress. And by being able to represent your Data as Code, it's a step forward 'cause the amount of data and the complexity of data, it's not getting simpler, it's getting more complex. So we need to come up with better ways to handle it. >> Now you've been on both sides of the fence. You've been in the trenches as customer, now you're a supplier with Great Solution. What are people doing with this data engineering roles? Because it's not enough data engineering. I mean, 'cause if you say Data as Code, if you believe that to be true and many people do, we do. And you looked at the history of infrastructure risk code that enabled DevOps, AIOps, MLOps, DataOps, it's happening, right? So data stack ops is coming. Obviously security is huge in this. How does that data engineering role evolve? Because it just seems more and more that there's going to be a big push towards an SRE version of data, right? >> I completely agree. I was working with a customer yesterday, and I spent a large part of our conversation talking about implementing development practices for administrators. It's a new role. It's a new way to think of things 'cause traditionally your Splunk or elastic administrators is talking about operating systems and memory and talking about how to use proprietary tools in the vendor, that's just not quite the same. And so we started talking about, you need to have, you need to start getting used to code reviews. Yeah, the idea of getting used to making sure everything has a comment, was one thing I told him was like, you know, if you have a function has to have a comment, just by default, just it has to. Yeah, the standards of how you write things, how you name things all really start to matter. And also you got to start adding, considering your skillset. And this is some mean probably one of the best hire I ever made was I hired a guy with a math degree, because I needed his help to understand how do machine learning works, how to pick the best type of algorithm. And I think this is going to evolve, that you're going to be just away from the gray bearded administrator to some other gray bearded administrator with a math degree. >> It's interesting, it's a step function. You have a data engineer who's got that kind of capabilities, like what the SRA did with infrastructure. The step function of enablement, the value creation from really good data engineering, puts the democratization playback on the table, and changes, >> Thank you very much John. >> And changes that entire landscape. How do you, what's your reaction to that? >> I completely agree 'cause so operational data. So operational security data is the most volatile data in the enterprise. It changes on a whim, you have developers who change things. They don't tell you what happens, vendor doesn't tell you what happened, and so that idea, that life cycle of managing data. So the same types of standards of disciplines that database administrators have done for years is going to have, it has to filter down into the operational areas, and you need tooling that's going to give you the ability to manage that data, manage it in flight in real time, in order to drive detections, in order to drive response. All those business value things we've been talking about. >> So I got to ask you the larger role that you see with observability lakes we were talking before we came on camera live here about how exciting this kind of concept is, and you were attracted to the company because of it. I love the observability lake concept because it puts all that data in one spot, you can manage it. But you got machine learning in AI around the corner that also can help. How has all this changed in the landscape of data security and things because it makes a lot of sense, and I can only see it getting better with machine learning. >> Yeah, definitely does. >> Totally, and so the core issue, and I don't want to say, so when you talk about observability, most people have assumptions around observability is only an operational or an application support process. It's also security process. The idea that you're looking for your unknown, unknowns. This is what keeps security administrators up at night is I'm being attacked by something I don't know about. How do you find those unknown? And that's where your machine learning comes in. And that's where that you have to understand there's so many different types of machine learning algorithms, where the guy that I hired, I mean, had started educating me about the umpteen number of algorithms and how it applies to different data and how you get different value, how you have to test your data constantly. There's no such thing as the magical black box of machine learning that gives you value. You have to implement, but just like the developer practices to keep testing and over and over again, data scientists, for example. >> The best friend of a machine learning algorithm is data, right? You got to keep feeding that data, and when the data sets are baked and secure and vetted, even better, all cool. Had great stuff, great insight. Congratulations Cribl, Great Solution. Love the architecture, love the pipelining of the observability data and streaming that in to a lake. Great stuff. Give a plug for the company where you guys are at, where people can get information. I know you guys got a bunch of live feeds on YouTube, Twitch, here in theCUBE. Where else can people find you? Give the plug. >> Oh, please, please join our slack community, go to cribl.io/community. We have an amazing community. This was another thing that drew me to the company is have a large group of people who are genuinely excited about data, about managing data. If you want to try Cribl out, we have some great tool. Try Cribl tools out. We have a cloud platform, one terabyte up free data. So go to cribl.io/cloud or cribl.cloud, sign up for, you know, just never times out. You're not 30 day, it's forever up to one terabyte. Try out our new products as well, Cribl Edge. And then finally come watch Nick Decker and I, every Thursday, 2:00 PM Eastern. We have live streams on Twitter, LinkedIn and YouTube live. And so just my Twitter handle is EBA 1367. Love to have, love to chat, love to have these conversations. And also, we are hiring. >> All right, good stuff. Great team, great concepts, right? Of course, we're theCUBE here. We got our video lake coming on soon. I think I love this idea of having these video. Hey, videos data too, right? I mean, we've got to keep coming to you. >> I love it, I love videos, it's awesome. It's a great way to communicate, it's a great way to have a conversation. That's the best thing about us, having conversations. I appreciate your time. >> Thank you so much, Ed, for representing Cribl here on the Data as Code. This is season two episode two of the ongoing series covering the hottest, most exciting startups from the AWS ecosystem. Talking about the future data, I'm John Furrier, your host. Thanks for watching. >> Ed: All right, thank you. (slow upbeat music)

>>Yeah. Hello and welcome back to the cubes coverage of AWS public sector summit here in Washington D. C. We're live on the ground for two days. Face to face conference and expo hall and everything here but keith brooks who is the director and head of technical business development for a dress government Govcloud selling brains 10th birthday. Congratulations. Welcome to the cube. Thank you john happy to be E. C. 2 15 S three is 9.5 or no, that maybe they're 10 because that's the same day as sqs So Govcloud. 10 years, 20 years. What time >>flies? 10 years? >>Big milestone. Congratulations. A lot of history involved in Govcloud. Yes. Take us through what's the current situation? >>Yeah. So um let's start with what it is just for the viewers that may not be familiar. So AWS Govcloud is isolated. AWS cloud infrastructure and services that were purposely built for our U. S. Government customers that had highly sensitive data or highly regulated data or applications and workloads that they wanted to move to the cloud. So we gave customers the ability to do that with AWS Govcloud. It is subject to the fed ramp I and D O D S R G I L four L five baselines. It gives customers the ability to address ITAR requirements as well as Seaga's N'est ce MMC and Phipps requirements and gives customers a multi region architecture that allows them to also designed for disaster recovery and high availability in terms of why we built it. It starts with our customers. It was pretty clear from the government that they needed a highly secure and highly compliant cloud infrastructure to innovate ahead of demand and that's what we delivered. So back in august of 2011 we launched AWS GovCloud which gave customers the best of breed in terms of high technology, high security, high compliance in the cloud to allow them to innovate for their mission critical workloads. Who >>was some of the early customers when you guys launched after the C. I. A deal intelligence community is a big one but some of the early customers. >>So the Department of Health and Human Services, the Department of Veterans Affairs, the Department of Justice and the Department of Defense were all early users of AWS GovCloud. But one of our earliest lighthouse customers was the Nasa jet propulsion laboratory and Nasa Jpl used AWS GovCloud to procure Procure resources ahead of demand which allowed them to save money and also take advantage of being efficient and only paying for what they needed. But they went beyond just I. T. Operations. They also looked at how do they use the cloud and specifically GovCloud for their mission programs. So if you think back to all the way to 2012 with the mars curiosity rover, Nasa Jpl actually streamed and processed and stored that data from the curiosity rover on AWS Govcloud They actually streamed over 150 terabytes of data responded to over 80,000 requests per second and took it beyond just imagery. They actually did high performance compute and data analytics on the data as well. That led to additional efficiencies for future. Over there >>were entire kicking they were actually >>hard core missing into it. Mission critical workloads that also adhere to itar compliance which is why they used AWS GovCloud. >>All these compliance. So there's also these levels. I remember when I was working on the jetty uh stories that were out there was always like level for those different classifications. What does all that mean like? And then this highly available data and highly high availability all these words mean something in these top secret clouds. Can you take us through kind of meetings >>of those? Yeah absolutely. So it starts with the federal compliance program and the two most popular programs are Fed ramp and Dodi srg fed ramp is more general for federal government agencies. There are three levels low moderate and high in the short and skinny of those levels is how they align to the fisma requirements of the government. So there's fisma low fisma moderate fisma high depending on the sensitivity of the government data you will have to align to those levels of Fed ramp to use workloads and store data in the cloud. Similar story for D. O. D. With srg impact levels to 45 and six uh impacts levels to four and five are all for unclassified data. Level two is for less sensitive public defense data levels. Four and five cover more sensitive defense data to include mission critical national security systems and impact level six is for classified information. So those form the basis of security and compliance, luckily with AWS GovCloud celebrating our 10th anniversary, we address Fed ramp high for our customers that require that and D. O. D impact levels to four and five for a sensitive defense guy. >>And that was a real nuanced point and a lot of the competition can't do that. That's real people don't understand, you know, this company, which is that company and all the lobbying and all the mudslinging that goes on. We've seen that in the industry. It's unfortunate, but it happens. Um, I do want to ask you about the Fed ramp because what I'm seeing on the commercial side in the cloud ecosystem, a lot of companies that aren't quote targeting public sector are coming in on the Fed ramp. So there's some good traction there. You guys have done a lot of work to accelerate that. Any new, any new information to share their. >>Yes. So we've been committed to supporting the federal government compliance requirements effectively since the launch of GovCloud. And we've demonstrated our commitment to Fed ramp over the last number of years and GovCloud specifically, we've taken dozens of services through Fed ramp high and we're 100% committed to it because we have great relationships with the Fed ramp, Jabor the joint authorization board. We work with individual government agencies to secure agency A. T. O. S. And in fact we actually have more agency A. T. O. S. With AWS GovCloud than any other cloud provider. And the short and skinny is that represents the baseline for cloud security to address sensitive government workloads and sensitive government data. And what we're seeing from industry and specifically highly regulated industries is the standard that the U. S. Government set means that they have the assurance to run control and classified information or other levels of highly sensitive data on the cloud as well. So Fed ramp set that standard. It's interesting >>that the cloud, this is the ecosystem within an ecosystem again within crossover section. So for instance um the impact of not getting Fed ramp certified is basically money. Right. If you're a supplier vendor uh software developer or whatever used to being a miracle, no one no one would know right bed ramp. I'm gonna have to hire a whole department right now. You guys have a really easy, this is a key value proposition, isn't it? >>Correct. And you see it with a number of I. S. V. S. And software as the service providers. If you visit the federal marketplace website, you'll see dozens of providers that have Fed ramp authorized third party SAAS products running on GovCloud industry leading SAAS companies like Salesforce dot com driven technology Splunk essay PNS to effectively they're bringing their best of breed capabilities, building on top of AWS GovCloud and offering those highly compliant fed ramp, moderate fed ramp high capabilities to customers both in government and private industry that need that level of compliance. >>Just as an aside, I saw they've got a nice tweet from Teresa Carlson now it's plunk Govcloud yesterday. That was a nice little positive gesture uh, for you guys at GovCloud, what other areas are you guys moving the needle on because architecturally this is a big deal. What are some areas that you're moving the needle on for the GovCloud? >>Well, when I look back across the last 10 years, there were some pretty important developments that stand out. The first is us launching the second Govcloud infrastructure region in 2018 And that gave customers that use GovCloud specifically customers that have highly sensitive data and high levels of compliance. The ability to build fault tolerant, highly available and mission critical workloads in the cloud in a region that also gives them an additional three availability zones. So the launch of GovCloud East, which is named AWS GovCloud Us East gave customers to regions a total of six availability zones that allowed them accelerate and build more scalable solutions in the cloud. More recently, there is an emergence of another D O D program called the cybersecurity maturity model, C M M C and C M M C is something where we looked around the corner and said we need to Innovate to help our customers, particularly defense customers and the defense industrial based customers address see MMC requirements in the cloud. So with Govcloud back in December of 2020, we actually launched the AWS compliant framework for federal defense workloads, which gives customers a turnkey capability and tooling and resources to spin up environments that are configured to meet see MMC controls and D. O. D. Srg control. So those things represent some of the >>evolution keith. I'm interested also in your thoughts on how you see the progression of Govcloud outside the United States. Tactical Edge get wavelength coming on board. How does how do you guys look at that? Obviously us is global, it's not just the jet, I think it's more of in general. Edge deployments, sovereignty is also going to be world's flat, Right? I mean, so how does that >>work? So it starts back with customer requirements and I tie it back to the first question effectively we built Govcloud to respond to our U. S. Government customers and are highly regulated industry customers that had highly sensitive data and a high bar to meet in terms of regulatory compliance and that's the foundation of it. So as we look to other customers to include those outside of the US. It starts with those requirements. You mentioned things like edge and hybrid and a good example of how we marry the two is when we launched a W. S. Outpost in Govcloud last year. So outpost brings the power of the AWS cloud to on premises environments of our customers, whether it's their data centers or Coehlo environments by bringing AWS services, a. P. I. S and service and points to the customer's on premises facilities >>even outside the United States. >>Well, for Govcloud is focused on us right now. Outside of the U. S. Customers also have availability to use outpost. It's just for us customers, it's focused on outpost availability, geography >>right now us. Right. But other governments gonna want their Govcloud too. Right, Right, that's what you're getting at, >>Right? And it starts with the data. Right? So we we we spent a lot of time working with government agencies across the globe to understand their regulations and their requirements and we use that to drive our decisions. And again, just like we started with govcloud 10 years ago, it starts with our customer requirements and we innovate from there. Well, >>I've been, I love the D. O. D. S vision on this. I know jet I didn't come through and kind of went scuttled, got thrown under the bus or whatever however you want to call it. But that whole idea of a tactical edge, it was pretty brilliant idea. Um so I'm looking forward to seeing more of that. That's where I was supposed to come in, get snowball, snowmobile, little snow snow products as well, how are they doing? And because they're all part of the family to, >>they are and they're available in Govcloud and they're also authorized that fed ramp and Gov srg levels and it's really, it's really fascinating to see D. O. D innovate with the cloud. Right. So you mentioned tactical edge. So whether it's snowball devices or using outposts in the future, I think the D. O. D. And our defense customers are going to continue to innovate. And quite frankly for us, it represents our commitment to the space we want to make sure our defense customers and the defense industrial base defense contractors have access to the best debris capabilities like those edge devices and edge capable. I >>think about the impact of certification, which is good because I just thought of a clean crows. We've got aerospace coming in now you've got D O. D, a little bit of a cross colonization if you will. So nice to have that flexibility. I got to ask you about just how you view just in general, the intelligence community a lot of uptake since the CIA deal with amazon Just overall good health for eight of his gum cloud. >>Absolutely. And again, it starts with our commitment to our customers. We want to make sure that our national security customers are defense customers and all of the customers and the federal government that have a responsibility for securing the country have access to the best of breed capability. So whether it's the intelligence community, the Department of Defense are the federal agencies and quite frankly we see them innovating and driving things forward to include with their sensitive workloads that run in Govcloud, >>what's your strategy for partnerships as you work on the ecosystem? You do a lot with strategy. Go to market partnerships. Um, it's got its public sector pretty much people all know each other. Our new firms popping up new brands. What's the, what's the ecosystem looks like? >>Yeah, it's pretty diverse. So for Govcloud specifically, if you look at partners in the defense community, we work with aerospace companies like Lockheed martin and Raytheon Technologies to help them build I tar compliant E. R. P. Application, software development environments etcetera. We work with software companies I mentioned salesforce dot com. Splunk and S. A. P. And S. To uh and then even at the state and local government level, there's a company called Pay It that actually worked with the state of Kansas to develop the Icann app, which is pretty fascinating. It's a app that is the official app of the state of Kansas that allow citizens to interact with citizens services. That's all through a partner. So we continue to work with our partner uh broad the AWS partner network to bring those type of people >>You got a lot of MST is that are doing good work here. I saw someone out here uh 10 years. Congratulations. What's the coolest thing uh you've done or seen. >>Oh wow, it's hard to name anything in particular. I just think for us it's just seeing the customers and the federal government innovate right? And, and tie that innovation to mission critical workloads that are highly important. Again, it reflects our commitment to give these government customers and the government contractors the best of breed capabilities and some of the innovation we just see coming from the federal government leveraging the count now. It's just super cool. So hard to pinpoint one specific thing. But I love the innovation and it's hard to pick a favorite >>Child that we always say. It's kind of a trick question I do have to ask you about just in general, the just in 10 years. Just look at the agility. Yeah, I mean if you told me 10 years ago the government would be moving at any, any agile anything. They were a glacier in terms of change, right? Procure Man, you name it. It's just like, it's a racket. It's a racket. So, so, but they weren't, they were slow and money now. Pandemic hits this year. Last year, everything's up for grabs. The script has been flipped >>exactly. And you know what, what's interesting is there were actually a few federal government agencies that really paved the way for what you're seeing today. I'll give you some examples. So the Department of Veterans Affairs, they were an early Govcloud user and way back in 2015 they launched vets dot gov on gov cloud, which is an online platform that gave veterans the ability to apply for manage and track their benefits. Those type of initiatives paved the way for what you're seeing today, even as soon as last year with the U. S. Census, right? They brought the decennial count online for the first time in history last year, during 2020 during the pandemic and the Census Bureau was able to use Govcloud to launch and run 2020 census dot gov in the cloud at scale to secure that data. So those are examples of federal agencies that really kind of paved the way and leading to what you're saying is it's kind >>of an awakening. It is and I think one of the things that no one's reporting is kind of a cultural revolution is the talent underneath that way, the younger people like finally like and so it's cooler. It is when you go fast and you can make things change, skeptics turned into naysayers turned into like out of a job or they don't transform so like that whole blocker mentality gets exposed just like shelf where software you don't know what it does until the cloud is not performing, its not good. Right, right. >>Right. Into that point. That's why we spend a lot of time focused on education programs and up skilling the workforce to, because we want to ensure that as our customers mature and as they innovate, we're providing the right training and resources to help them along their journey, >>keith brooks great conversation, great insight and historian to taking us to the early days of Govcloud. Thanks for coming on the cube. Thanks thanks for having me cubes coverage here and address public sector summit. We'll be back with more coverage after this short break. Mhm. Mhm mm.

>>from around the globe. It's the Cube presenting Cuban cloud brought to you by silicon angle. Welcome to the cubes event. Virtual event. Cuban Cloud. I'm John for your host. We're here talking to all the thought leaders getting all the stories around Cloud What's going on this year and next today, Tomorrow and the future. We gotta featured startup here. Jonah Clipper, who is the CEO and founder of Stack Hawks. Developing security software for developers to have them put security baked in from the beginning. Johnny, thanks for coming on and being featured. Start up here is part of our Cuban cloud. Thanks for joining. >>Thanks so much for having me, John. >>So one of our themes this year is obviously Cloud natives gone mainstream. The pandemic has shown that. You know, a lot of things have to be modern. Modern applications, the emerald all they talked about modern applications. Infrastructure is code. Reinvent, um is here. They're talking about the next gen enterprise. Their public cloud. Now you've got hybrid cloud. Now you've got multi cloud. But for developers, you just wanna be building security baked in and they don't care where the infrastructure is. So this is the big trend. Like to get your thoughts on that. But before we jump in, tell us about Stack Hawk What you guys do your founded in 2019. Tell us about your company and what Your mission is >>Awesome. Yeah, our mission is to put application security in the hands of software developers so that they can find and fix upset books before they deployed a production. And we do that through a dynamic application scanning capability. Uh, that's deployable via docker, so engineers can run it locally. They can run it in C I C. D. On every single PR or merge and find bugs in the process of delivering software rather than after it's been production. >>So everyone's talking about shift left, shift left for >>security. What does >>that mean? Uh, these days. And what if some of the hurdles that people are struggling with because all I hear is shift left shift left from, like I mean, what does What does that actually mean? Now, Can you take us through your >>view? Yes, and we use the phrase a lot, and I and I know it can feel a little confusing or overused. Probably. Um, When I think of shift left, I think of that Mobius that we all look at all of the time, Um, and how we deliver and, like, plan, write code, deliver software and then manage it. Monitor it right like that entire Dev ops workflow. And today, when we think about where security lives, it either is a blocker to deploying production. Or most commonly, it lives long after code has been deployed to production. And there's a security team constantly playing catch up, trying to ensure that the development team whose job is to deliver value to their customers quickly, right, deploy as fast as we can, as many great customer facing features, um there, then, looking at it months after software has been deployed and then hurrying and trying to assess where the bugs are. And, um, trying to get that information back to software developers so that they can fix those issues. Shifting left to me means software engineers are finding those bugs as their writing code or in the CIA CD pipeline long before code has been deployed to production. >>And so you guys attack that problem right there so they don't have to ship the code and then come back and fix it again. Or where we forgot what the hell is going on. That point in time some Q 18 gets it. Is that the kind of problem that that's out there? Is that the main pain point? >>Yeah, absolutely. I mean a lot of the way software, specifically software like ours and dynamic applications scanning works is a security team or a pen tester. Maybe, is assessing applications for security vulnerability these, um, veteran prod that's normally where these tools are run and they throw them back over the wall, you know, interrupting sprints and interrupting the developer workflow. So there's a ton of context switching, which is super expensive, and it's very disruptive to the business to not know about those issues before they're in prod. And they're also higher risk issues because they're in fraud s. So you have to be able to see a >>wrong flywheel. Basically, it's like you have a penetration test is okay. I want to do ship this app. Pen test comes back, okay? We gotta fix the bug, interrupts the cycle. They're not coding there in fire drill mode. And then it's a chaotic death spiral at that point, >>right? Or nothing gets done. God, how did >>you What was the vision? How did you get here? What? How did you start? The company's woke up one morning. Seven started a security company. And how did what was the journey? What got you here? >>Sure. Thanks. I've been building software for software engineers since 2010. So the first startup I worked for was very much about making it easy for software engineers to deploy and manage applications super efficiently on any cloud provider. And we did programmatic updates to those applications and could even move them from cloud to cloud. And so that was sort of cutting my teeth and technology and really understanding the developer experience. Then I was a VP of product at a company called Victor Ops. We were purchased by spunk in 2018. But that product was really about empowering software engineers to manage their own code in production. So instead of having a network operations center right who sat in front of screens and was waiting for something to go wrong and would then just end up dialing there, you know, just this middle man trying to dial to find the person who wrote the software so that they can fix it. We made that way more efficient and could just route issues to software engineers. And so that was a very dev ops focused company in terms of, um, improving meantime to know and meantime to resolve by putting up time in the hands of software engineers where it didn't used to live there before it lived in a more traditional operations type of role. But we deploy software way too quickly and way too frequently to production to assume that another human can just sit there and know how to fix it, because the problems aren't repeatable, right? So So I've been living in the space for a long time, and I would go to conferences and people would say, Well, I love for, you know, we have these digital transformation initiatives and I'm in the security team and I don't feel like I'm part of this. I don't know. I don't know how to insert myself in this process. And so I started doing a lot of research about, um, how we can shift this left. And I was actually doing some research about penetration testing at the time, Um, and found just a ton of opportunity, a ton of problems, right that exist with security and how we do it today. So I really think of this company as a Dev Ops first Company, and it just so happens to be that we're taking security, and we're making it, um, just part of the the application testing framework, right? We're testing for security bugs, just like we would test for any other kind of bucks. >>That's an awesome vision of other great great history there. And thanks for sharing that. I think one of the things that I think this ties into that we have been reporting aggressively on is the movement to Dev Stack Up, Dev, Ops Dev SEC Ops. And you know, just doing an interview with the guy who stood up space force and big space conversation and were essentially riffing on the idea that they have to get modern. It's government, but they got to do more commercial. They're using open source. But the key thing was everything. Software defined. And so, as you move into suffer defined, then they say we want security baked in from the beginning and This is the big kind of like sea level conversation. Bake it in from the beginning, but it's not that easy. And this is where I think it's interesting where you start to think, uh, Dev ops for security because security is broken. So this is a huge trend. It sounds easy to say it baked security in whether it's an i o T edge or multi cloud. There's >>a lot >>of work there. What should people understand when they hear that kind of platitude of? I just baked security and it's really easy. It's not. It's not trivial. What's your thoughts on >>that? It isn't trivial. And in my opinion, there aren't a lot of tools on the market that actually make that very easy. You know, there are some you've had sneak on this program and they're doing an excellent job, really speaking to the developer and being part of that modern software delivery workflow. Um, but because a lot of tools were built to run in production, it makes it really difficult to bake them in from the beginning. And so, you know, I think there are several goals here. One is you make the tooling work so that it works for the software engineer and their workflow. And and there's some different values that we have to consider when its foreign engineer versus when it's for a security person, right? Limit the noise, make it as easy as possible. Um, make sure that we only show the most critical things that are worth an engineer. Stopping what they're doing in terms of building business value and going back and fixing that bugs and then create a way to discuss in triage other issues later outside of the development. Workflow. So you really have to have a lot of empathy and understanding for how software is built and how software engineers behave, I think, in order to get this right. So it's not easy. Um, but we're here and other tools air here. Thio support companies in doing that. >>What's the competitive strategy for you guys going forward? Because there's a big sea change. Now I see an inflection point. Obviously, Cove it highlights. It's not the main reason, but Cloud native has proven it's now gone mainstream kubernetes. You're seeing the big movement there. You're seeing scale be a huge issue. Software defined operations are now being discussed. So I think it's It's a simple moment for this kind of solution. How are you guys going to compete? What's what's the winning strategy? How are you guys gonna compete to win? >>Yeah, so there's two pieces to that one is getting the technology right and making sure that it is a product that developers love. And we put a ton of effort into that because when a software engineer says, Hey, I'd love to use the security product, right? CSOs around the world are going to be like, Yes, please. Did a software engineer just ask me, You have the security product. Thank you, Right. We're here to make it so easy for them and get the tech right. And then the other piece, in terms of being competitive, is the business model. There were something like, I don't You would know better than me, but I think the data point I last saw was like 1300 venture backed security companies since 2012 focused on selling to see SOS and Fortune 2000 companies. It is a mess. It's so noisy, nobody can figure out what anybody actually does. What we have done is said no, we're going to take a modern business model approach to security. So you know, it's a SAS platform that makes it super easy for a software engineer or anybody on the team to try and buy the software. So 14 day trial. You don't have to talk to anybody if you don't want Thio Awesome support to make sure that people can get on boarded and with our on boarding flow, we've seen that our customers go from signing up to first successful scan of their platform or whatever app they chose to scan in a knave ridge of about 10 minutes. The fastest is eight, right? So it's about delivering value to our customers really quickly. And there aren't many companies insecurity on the market today. That do that? >>You know, you mentioned pen test earlier. I I hear that word. Nice shit. And, like, pen test penetration test, as it's called, um, Sock reports. I mean, these are things that are kind of like I got to do that again. I know these people are doing things that are gonna be automated, but one of the things that cloud native has proven as be killer app is integrations because when you build a modern app, it has to integrate with someone else. So there you need these kind of pen tests. You gotta have this kind of code review. And as code, um, is part of, say, a purpose built device where it's an I o T. Edge updates have toe happen. So you need mawr automation. You need more scale around both updating software to, ah, purpose built device or for integration. What's your thoughts in reaction to that? Because this is a riel software challenge from a customer standpoint, because there are too many tools out there and every see so that I talk to says, I just want to get rid of half the tools consolidate down around my clouds that I'm working through my environment and b'more developer oriented, not just purchasing stuff. So you have all this going on? What's your reaction to that? You got the you know, the integration and you've got the software updates on purpose built devices. >>Yeah, I mean, we I make a joke a little bit. That security land is like, you know, acronyms. Dio there are so many types of security that you could choose to implement. And they all have a home and different use cases that are certainly valuable toe organizations. Um, what we like to focus on and what we think is interesting and dynamic application scanning is because it's been hard toe automate dynamic application for especially for modern applications. I think a lot of companies have ignored theon pertuan ity Thio really invest in this capability and what's cool about dynamic. And you were mentioning pen testing. Is that because it's actively attacking your app? It when you get a successful test, it's like a It's like a successful negative test. It's that the test executed, which means that bug is present in your code. And so there's a lot less false positives than in other types of scanning or assessment technologies. Not to say there isn't a home for them. There's a lot of we could we could spend a whole hour kind of breaking down all the different types of bugs that the different tools confined. Um, but we think that if you want to get started developer first, you know there's a lot of great technologies. Pick a couple or one right pick stack hawk pick, sneak and just get started and put it in your developer workflow. So integrations are super important. Um, we have integrations with every C I C. D provider, making it easy to scan your code on every merge or release. And then we also have workflow integrations for software engineers associated with where they want to be doing work and how they want to be interrupted or told about an issue. So, you know, we're very early to market, but right out of the gate, we made sure that we had a slack integration so that scans are running. Or as we're finding new things, it's populating in a specific slack channel for those engineers who work on that part of the app and you're a integration right. If we find issues, we can quickly make tickets and route them and make sure that the right people are working on those issues. Eso That's how I think about sort of the integration piece and just getting started. It's like you can't tackle the whole like every accurate, um, at once like pick something that helps you get started and then continue to build out your program, as you have success. >>A lot of these tools can they get in the hands of developers, and then you kind of win their trust by having functionality. Uh, certainly a winning strategy we've seen. You know, Splunk, you mentioned where you worked for Data Dog and very other tools out there just get started easily. If it's good, it will be used. So I love that strategy. Question. I wanna ask you mentioned Dr earlier. Um, they got a real popular environment, but that speaks to the open source area. How do you see the role of open source playing with you guys? Is that gonna be part of your community outreach? Does the feed into the product? Could you share your vision on how stack hawks engaging and playing an open source? >>Yeah, absolutely. Um So when we started this company, my co founders and I, we sat down and said here, What are the problems? Okay, the world doesn't need a better scanner, right? If you walk the floor of, ah, security, uh, conference. It's like our tool finds a million things and someone else is. My tool finds a million and five things. Right, And that's how they're competing on value. It's really about making it easy to use and put in the pipeline. So we decided not to roll. Our own scanner were based on an open source capability called Zap the Set Attack Proxy. Uh, it is the most the world's most downloaded application scanner. And, uh, actually we just hired the founder of Zap to join the Stack Hawk team, and we're really excited to continue to invest in the open source community. There is a ton of opportunity to grow and sort of galvanize that community. And then the work that we do with our customers and the feedback that we get about the bugs we find if there, ah, false positive or this one's commonly risk accepted, we can go back to the community, which were already doing and saying, Hey, ditch this rule, Nobody likes it or we need to improve this test. Um, so it's a really nice relationship that we have, and we are looking forward to continuing to grow that >>great stuff. You guys are hot. Start of love. The software on security angle again def sec. Cox is gonna be It's gonna be really popular. Can you talk about some of the customer success is What's the What's the feedback from customers? Can you share some of the use cases that you guys are participating in where you're winning? You mentioned developers love it and try It can just give us a couple of use cases and examples. >>Yeah. Ah, few things. Um ah, lot of our customers are already selling on the notion. Like before we even went to G A right. They told all of their customers that they scan for security bugs with every single release. So in really critical, uh, industry is like fintech, right. It's really important that their customers trust that they're taking security seriously, which everybody says they dio. But they show it to their customers by saying here, every single deploy I can show you if there were any new security bugs released with that deploy. So that's really awesome. Other things We've heard our, uh, people being able to deploy really quickly thio the Salesforce marketplace, right? Like if they have toe have a scan to prove that that they can sell on Salesforce, they do that really rapidly. Eso all of that's going really well with our customers. >>How would I wanna How would I be a customer if I was interested in, um, using Stack Hawks say we have some software we wanna stand up, and, uh, it's super grade. And so Amazon Microsoft Marketplace Stairs Force They'll have requirements or say I want to do a deal with an integration they don't want. They want to make sure there's no nothing wrong with the code. This seems to be a common use case. How doe I if I was a customer, get involved or just download software? Um, what's the What's the procurement? What's the consumption side of it looked like, >>Yeah, you just go to Stockholm dot com and you create an account. If you'd like to get started that way so you can have a 14 day free trial. We have extremely extensive documentation, so it's really easy to get set up that way. You should have some familiarity. Or grab a software engineer who has familiarity with a couple of things. So one is how to use Docker, right? So Docker is, ah, deployment mechanism for the scanner. We do that so you can run it anywhere that you would like to, and we don't have to do things like pierce firewalls or other protective measures that you've instrumented on your production environment. You just run it, um, wherever you like in your system. So locally, C I c d So docker is an important thing to understand the way we configure our scanner is through a, um, a file. So if you are getting a scan today, either your security team is doing it or you have a pen tester doing it. Um, the whole like getting ready for that engagement takes a lot of time because the people who are running the tests don't know how the software was built. So the way we think about this is, just ask them. So you just fill out a Yamil file with parameters that tell the scanner what to dio tell it how to authenticate and not log out. Um, feed us an A p. I speak if you want, so weaken super efficiently, scan your app and you can be up and running really quickly, and then that's it. You can work with our team at any time if you need help, and then we have a really efficient procurement process >>in my experience some of the pen tests of firms out there, is it? It's like the house keeping seal of approval. You get it once and then you gotta go back again. Software change, new things come in. And it's like, Wait a minute, what's the new pen test? And then you to write a check or engaged to have enough meeting? I mean, this is the problem. I mean, too many meetings. Do you >>guys solve that problem? Do >>you solve that problem? >>We solve a piece of that problem. So I think you know, part of how I talk about our company is this idea that we live in a world where we deploy software every single day. Yet it seems reasonable that once a year or twice a year, we go get a pen test where human runs readily available, open source software on our product and gives us a like, quite literal. Pdf of issues on. It's like this is so intellectually dishonest, like we deploy all of the time. So here's the thing. Pen tests are important and everybody should do them. But that should not be the introduction to these issues that are also easy to automate and find in your system. So the way we think about how we work with pen testers is, um, run, stack hawk or zapped right in an automated fashion on your system, and then give that, give the configuration and give the most recent results to your pen tester and say, Go find the hard stuff. You shouldn't be cutting checks for $30,000 to a pen tester or something that you could easily meet in your flare up. Klein. You could write the checks for finding finding the hard stuff that's much more difficult to automate. >>I totally agree. Final question. Business model Once I get in, is it a service software and services? A monthly fee? How do you guys make money? >>Yep, it is software as a service, it is. A monthly fee were early to market. So I'm not going to pretend that we have perfectly cracked the pricing. Um, but the way that we think about this is this is a team product for software engineers and for, you know, informed constituents, right? You want a product person in the product. You want a security person in the product? Um, and we also want to incent you to scan your APS And the most modern fashion, which is scanning the smallest amount of http that lives in your app, like in a micro services architecture because it makes a lot easier, is easy to isolate the problems where they live and to fix those issues really quickly. So we bundle team and for a UPS and then we scale within, uh, companies as they add more team. So pen users. 10 APS is 3 99 a month. And as you add software engineers and more applications, we scale within your company that way. >>Awesome. So if you're successful, you pay more, but doesn't matter. You already succeeded, and that's the benefit of by As you go Great stuff. Final question. One more thing. Your vision of the future. What are the biggest challenges you see in the next 24 months? Plus beyond, um, that you're trying to attack? That's a preferred future that you see evolving. What's the vision? >>Yeah, you've touched on this a couple of times in this interview with uh being remote, and the way that we need to build software already has been modernizing, and I feel like every company has a digital transformation initiative, but it has toe happen faster. And along with that, we have to figure out how Thio protect and secure these Moderna Gail. The most important thing that we do the hearts and minds of our support engineers and make it really easy for them to use security capabilities and then continue to growth in the organization. And that's not an easy thing tied off. It's easy change, a different way of being security. But I think we have to get their, uh, in order to prepare the security, uh, in these rapidly deployed and developed applications that our customers expect. >>Awesome. Jodi Clippers, CEO and founder of Stack Hawk. Thank you for coming on. I really appreciate it. Thanks for spending the time featured Startup is part of our Cuban cloud. I'm Sean for your host with silicon angle to Cube. Thanks for watching

>>from around the globe. It's the Cube with digital coverage of AWS reinvent 2020. Special coverage sponsored by AWS Worldwide Public sector Welcome to the cubes Coverage of AWS 2020. This is specialized programming for the worldwide public sector. I'm Lisa Martin, and I'm joined by Mick Boccaccio, the security advisor at Splunk Met. Welcome to the Q Virtual Oh, >>thank you for having me. It's great to be here. >>So you have a really interesting background that I wanted to share with our audience. You were the first see so in the history of U. S presidential campaigns with Mayor Pete, you were also branch shape of Threat intelligence at the executive office of the President. Tell us something about about your background is so interesting. >>Uh, yeah, those and I'm a gonna Def con and I teach lock picking for funds. Ease working for Mayor Pete A. C. So the campaign was really, really unique opportunity and I'm glad I did it. I'm hoping that, you know, on both sides of the aisle, no matter what your political preference, people realize that security and campaigns can only be married together. That was an incredible experience and worked with Mayor P. And I learned so much about how campaigns work and just the overall political process. And then previous to that being at the White House and a threat intelligence, role of branch chief they're working over the last election, the 2016 election. I think I learned probably more than any one person wants Thio about elections over that time. So, you know, I'm just a security nerd. That kind of fell into those things. And and and here I am and really, really, really just fortunate to have had those experiences. >>Your phone and your email must have been blowing up the last couple of weeks in the wake of the US presidential election, where the word fraud has brought up many times everyday. But election security. When I saw that you were the first, see so for Pete Buddha Judge, that was so recent, I thought, Really, Why? Why are they just now getting folks like yourself? And you are a self described a cybersecurity nerd? Why are they Why were they just recently starting to catch on to this? >>I think it's, uh like security on the campaign and security anywhere else on credit to the Buddha Judge campaign. There is no federal or mandate or anything like that that says your campaign has toe have a security person at the head of it or any standards to implement those security. So you know that the Buddha Judge campaign kind of leaned into it. We wanna be secure. We saw everything that happened in 2016. We don't want that to be us. And I think Mawr campaigns are getting on that plane. Definitely. You know, you saw recently, uh, Trump's campaign, Biden's campaign. They all had a lot of security folks in, and I think it's the normal. Now people realize how important security is. Uh, not only a political campaign, but I guess the political process overall, >>absolutely. We've seen the rise of cyber attacks and threats and threat vectors this year alone, Ransomware occurring. Everyone attack every 11 seconds or so I was reading recently. So give me an other view of what the biggest threats are right now. >>Two elections and I think the election process in general. You know, like I said, I'm just a security nerd. I've just got a weird background and done some really unique things. Eso I always attack the problems like I'm a security nerd and it comes down to, you know that that triumvirate, the people process and technology people need had to have faith in the process. Faith in the technology. You need to have a a clear source to get their information from the process. To me, I think this year, more than previous elections highlighted the lack of a federal uniforms standard for federal elections. State the state. We have different, different standards, and that kind of leads to confusion with people because, hey, my friend in Washington did it this way. But I'm in Texas and we do it this way. And I think that that standard would help a lot in the faith in the system. And then the last part of that. The technology, uh, you know, voting machines campaigns like I mentioned about campaigns. There's nothing that says a campaign has toe have a security person or a security program, and I think those are the kind of standards for, you know, just voting machines. Um, that needs to be a standard across the board. That's uniforms, so people will will have more faith because It's not different from state to state, and it's a uniformed process. >>E think whole country could have benefited from or uniformed processes in 2020. But one of the things that I like I did my first male and fellow this year always loved going and having that in person voting experience and putting on my sticker. And this year I thought in California we got all of our But there was this massive rise in mainland ballots. I mean, think about that and security in terms of getting the public's confidence. What are some of the things that you saw that you think needs to be uniforms going forward >>again? I think it goes back to when When you look at, you know, you voted by mail and I voted absentee and your ballot was due by this date. Um, you know where I live? Voting absentee. It's Dubai. This state needs we received by the state. Andi, I think this year really highlighted the differences between the states, and I'm hoping that election security and again everyone has done a super fantastic job. Um, sister has done incredible. If you're all their efforts for the working with election officials, secretaries of states on both sides of the aisle. It's an incredible work, and I hope it continues. I think the big problem election security is you know, the election is over, so we don't care again until 2022 or 2024. And I think putting something like a federalized standard, whether it be technology or process putting that in place now so that we're not talking about this in two or four years. I'm hoping that moment, um, continues, >>what would your recommendation be from building security programs to culture and awareness? How would you advise that they start? >>So, uh, one of the things that when I was on the Buddha Judge campaign, you know, like I said, we was the first person to do security for a campaign. And a lot of the staffers didn't quite have the background of professional background of work with security person. No, you know why? What I was doing there Eso my hallmark was You know, I'm trying to build a culture heavy on the cult. Um, you got to get people to buy in. I think this year when you look at what What Krebs and siesta and where the team over there have done is really find a way to tell us. Security story and every facet of the election, whether it be the machines themselves, the transporting the votes, counting the votes, how that information gets out to people websites I started like rumor control, which were were amazing amazing efforts. The public private partnerships that were there I had a chance to work with, uh, MJ and Tanya from from AWS some election project. I think everyone has skin in the game. Everyone wants to make it better. And I hope that moment, um, continues. But I think, you know, embracing that there needs to be a centralized, uniformed place, uh, for every state. And I think that would get rid of a lot of confusion >>when you talk about culture and you mentioned specifically called Do you think that people and agencies and politicians are ready to embrace the culture? Is there enough data to support that? This is really serious. We need to embrace this. We need to buy in a You said, um >>I hope right. I don't know what it could take. I'm hoping so after seeing everything you know, being at the White House from that aperture in 2016. Seeing all of that, I would, you know, think right away. Oh, my gosh. 2018, The midterms, We're gonna be on the ball. And that really didn't happen like we thought it would. 2020. We saw a different kind of technical or I guess, not as technical, uh, security problem. And I think I'm kind of shifting from that to the future. People realize. And I think, uh, both sides of the aisle are working towards security programs and security posture. I think there's a lot of people that have bought into the idea. Um, but I think it kind of starts from the top, and I'm hoping it becomes a standard, so there's not really an option. You will do this just for the security and safety of the campaigns and the electoral process. But I do see a lot more people leaning into it, and a lot more resource is available for those people that are >>talk to me about kind of the status of awareness of security. Needing to combat these issues, be able to remediate them, be able to defend against them where our folks in that awareness cycle, >>I think it ebbs and flows like any other process. Any other you know, incident, event. That happens. And from my experience in the info SEC world, normally there's a compromise. There's an incident, a bunch of money gets thrown at it and then we forget about it a year or two later. Um, I think that culture, that awareness comes in when you have folks that would sustain that effort. And again, you know, on the campaign, um, even at the White House, we try to make everyone apart of security. Security is and all the time thing that everyone has a stake in. Um, you know, I can lock down your email at work. I can make sure this system is super super secure, but it's your personal threat model. You know, your personal email account, your personal social media, putting more security on those and being aware of those, I think that's that awareness is growing. And I Seymour folks in the security community just kind of preaching that awareness more and more and something I'm really, really excited about. >>Yeah, the biggest thing I always think when we talk about security is people that were the biggest threat vector and what happened 89 months ago when so many businesses, um, in any, you know, public sector and private went from on site almost maybe 100% on site to 100% remote people suddenly going, I've got to get connected through my home network. Maybe I'm on my own personal device and didn't really have the time of so many distractions to recognize a phishing email just could come in and propagate. So it's that the people challenge e always seems to me like that might be the biggest challenge. Besides, the technology in the process is what do you think >>I again it goes back. I think it's all part of it. I think. People, um, I've >>looked at it >>slightly. Ah, friend of mine made a really good point. Once he was like, Hey, people gonna click on the link in the email. It's just I think 30% of people dio it's just it's just the nature of people after 20 some odd years and info sec, 20 some odd years and security. I think we should have maybe done a better job of making that link safer, to click on, to click on to make it not militias. But again it goes back, Thio being aware, being vigilant and to your point. Since earlier this year, we've seen a tax increase exponentially specifically on remote desktop protocols from Cove. It related themes and scams and, you know, ransomware targeting healthcare systems. I think it's just the world's getting smaller and we're getting more connected digitally. That vigilance is something you kind of have to building your threat model and build into the ecosystem. When we're doing everything, it's just something you know. I quit a lot, too. You've got junk email, your open your mailbox. You got some junk mail in there. You just throw it out. Your email inbox is no different, and just kind of being aware of that a little more than we are now might go a long way. But again, I think security folks want to do a better job of kind of making these things safer because malicious actors aren't going away. >>No, they're definitely not going away that we're seeing the threat surfaces expanding. I think it was Facebook and TIC Tac and Instagram that were hacked in September. And I think it was unsecured cloud database that was the vehicle. But talking about communication because we talk about culture and awareness communication from the top down Thio every level is imperative. How how do we embrace that and actually make it a standard as possible? >>Uh, in my experience, you know, from an analyst to a C So being able to communicate and communicate effectively, it's gonna save your butt, right? It's if you're a security person, you're You're that cyber guy in the back end, something just got hacked or something just got compromised. I need to be able to communicate that effectively to my leadership, who is gonna be non technical people, and then that leadership has to communicate it out to all the folks that need to hear it. I do think this year just going back to our elections, you saw ah lot of rapid communication, whether it was from DHS, whether it was from, you know, public partners, whether was from the team over Facebook or Twitter, you know, it was ah, lot of activity that they detected and put out as soon as they found it on it was communicated clearly, and I thought the messaging was done beautifully. When you look at all the work that you know Microsoft did on the block post that came out, that information is put out as widely as possible on. But I think it just goes back to making sure that the people have access to it whenever they need it, and they know where to get it from. Um, I think a lot of times you have compromised and that information is slow to get out. And you know that DeLay just creates a confusion, so it clearly concisely and find a place for people, could get it >>absolutely. And how do you see some of these challenges spilling over into your role as the security advisor for Splunk? What are some of the things that you're talking with customers about about right now that are really pressing issues? >>I think my Rolex Plunkett's super super weird, because I started earlier in the year, I actually started in February of this year and a month later, like, Hey, I'm hanging out at home, Um, but I do get a chance to talk to ah, lot of organizations about her security posture about what they're doing. Onda about what they're seeing and you know everything. Everybody has their own. Everybody's a special snowflakes so much more special than others. Um, credit to Billy, but people are kind of seeing the same thing. You know, everybody's at home. You're seeing an increase in the attack surface through remote desktop. You're seeing a lot more fishing. You're singing just a lot. People just under computer all the time. Um, Zoom WebEx I've got like, I don't know, a dozen different chat clients on my computer to talk to people. And you're seeing a lot of exploits kind of coming through that because of that, people are more vigilant. People are adopting new technologies and new processes and kind of finding a way to move into a new working model. I see zero trust architecture becoming a big thing because we're all at home. We're not gonna go anywhere. And we're online more than we're not. I think my circadian rhythm went out the window back in July, so all I do is sit on my computer more often than not. And that caused authentication, just, you know, make sure those assets are secure that we're accessing from our our work resource is I think that gets worse and worse or it doesn't. Not worse, rather. But that doesn't go away, no matter what. Your model is >>right. And I agree with you on that circadian rhythm challenge. Uh, last question for you. As we look at one thing, we know this uncertainty that we're living in is going to continue for some time. And there's gonna be some elements of this that air gonna be permanent. We here execs in many industries saying that maybe we're going to keep 30 to 50% of our folks remote forever. And tech companies that air saying Okay, maybe 50% come back in July 2021. As we look at moving into what we all hope will be a glorious 2021 how can businesses prepare now, knowing some amount of this is going to remain permanent? >>It's a really interesting question, and I'll beyond, I think e no, the team here. It's Plunkett's constantly discussions that start having are constantly evaluating, constantly changing. Um, you know, friends in the industry, it's I think businesses and those executives have to be ready to embrace change as it changes. The same thing that the plans we would have made in July are different than the plans we would have made in November and so on. Andi, I think, is having a rough outline of how we want to go. The most important thing, I think, is being realistic with yourself. And, um, what, you need to be effective as an organization. I think, you know, 50% folks going back to the office works in your model. It doesn't, But we might not be able to do that. And I think that constant ability Thio, adjust. Ah, lot of company has kind of been thrown into the fire. I know my backgrounds mostly public sector and the federal. The federal Space has done a tremendous shift like I never well, rarely got to work, uh, vert remotely in my federal career because I did secret squirrel stuff, but like now, the federal space just leaning into it just they don't have an option. And I think once you have that, I don't I don't think you put Pandora back in that box. I think it's just we work. We work remote now. and it's just a new. It's just a way of working. >>Yep. And then that couldn't be more important to embrace, change and and change over and over again. Make. It's been great chatting with you. I'd love to get dig into some of that secret squirrel stuff. I know you probably have to shoot me, so we will go into that. But it's been great having you on the Cube. Thank you for sharing your thoughts on election security. People processes technology, communication. We appreciate it. >>All right. Thanks so much for having me again. >>My pleasure for McClatchy. Oh, I'm Lisa Martin. You're watching the Cube virtual.

>> From theCUBE studios in Palo Alto in Boston, bringing you data-driven insights from theCUBE at ETR. This is Breaking Analysis with Dave Vellante >> As we've reported extensively, the pandemic has affected cybersecurity markets perhaps more than any other. Remote work has caused CISOs, chief information security officers to shift spending priorities toward identity access management endpoint and cloud security. COVID has been a benefactor for next gen security companies that participate in these sectors. Notably, we believe tactical responses to the coronavirus have resulted in productivity improvements that will create permanent change in the way organizations defend themselves against cyber threats. Hello everyone and welcome to this week's Wikibon CUBE Insights powered by ETR. In this Breaking Analysis, we'll provide you with our quarterly update of the cybersecurity space and share fresh ETR data on the market. We also have some results from Eric Bradley's most recent Venn round table conducted with three senior chief information security officers. Let's start by looking at this notion of a single pane of glass. Now, despite the aspiration, there is no silver bullet to protect organizations from cyber attacks. The complexities of security, they're enormous and they require a layered defense approach. They range from securing internal networks to end points, to DMZ subnets, external traffic security, data in motion, data at rest, protecting from ransomware, dealing with web traffic, emails, phishing, not to mention threats from internal employees and contractors. As we mentioned at the open, there are three areas in particular that have seen significantly elevated spending momentum that is translated into the valuation increases for several companies, including CrowdStrike, Okta, Zscaler and several others. Zero trust security has gone from buzzword to reality. And spending shifts to these technologies have siphoned off demand from traditional hardware based firewalls. Although CISOs seem to be hedging their bets, at some point, they realized that people are actually going to come back to the office, so they have to remain agile. Lack of talent. Well, that remains one of the CISOs biggest challenges to securing applications and data. And automation while sometimes viewed as risky, is becoming increasingly important. Several companies have hit our radar this quarter and were highlighted in the CISO Panel, including Elastic which has seen momentum as an open source alternative to Splunk and notably multiple CIOs in the panel, they cited concerns related to Splunk's pricing and their sales tactics. They actually compared those of Splunk to those of EMC in the past, if anybody remembers how aggressive EMC salespeople could be. CloudFlare also broke into the top 10 in the ETR survey based on net score which is a measure of spending momentum. And that was for those companies with more than 50 mentions in the survey. CloudFlare is a CDN and provides security for websites. Also Netskope, a cloud security specialist cracked the top 10 in terms of net score and received high marks from the CISO panel, particularly with respect to it's vision and roadmap. Microsoft, Palo Alto Networks, Okta, CrowdStrike Cisco, CyberArk, SailPoint, Zscaler and Proofpoint remain focus vendors for us in the ETR survey as measured by spending momentum and their presence in the data set, what we call market share. And we'll talk more about those companies in a moment. Now finally, even CISOs that were skeptical about the permanence of the effects of COVID, they're seeing business benefits that suggest many of these shifts are circular, and not cyclical. Indeed, prior to the pandemic, ETR survey data showed that about 16% of organizations workers were primarily remote. CIOs expect that number to more than double post pandemic to 34%. Let's say you look at some of the cybersecurity vendors. We'll plot some, we don't have enough room to plot all of them, there are so many. But this chart shows one of our favorite XY views. On the Y axis, we measure net score. And that measures against spending velocity by looking at the net percentage of customers that are spending more versus those that are spending less within the ETR survey. The X axis measures market share or pervasiveness in the survey. Now we've included a select list of companies for this view and only include those with more than 50 responses, or 50 Ns, shared Ns, if you will, in the data set. In the upper right, you can see a table that shows the data sorted by both net score and shared Ns for each vendor. Now, as we indicated, Elastic has taken the top spot, just barely edging out Okta who took over from CrowdStrike in the last survey. And you can see the significant market presence of Palo Alto and Splunk and the most pervasive vendor here is Cisco. Note that Cisco also owns Umbrella and Duo which both have meaningful Ns in the survey. Now, if we were to combine these into one view, a single view of Cisco, all three of those, it would pull the company even further up into the right. Security is one of the bright spots in Cisco's portfolio and shows consistent year-on-year growth each quarter. Now having said that, some CISOs complained that Cisco's propensity to rely on acquisitions to fill gaps has caused them integration challenges in the past. Let's go back to Palo Alto for a moment. We'll make some comments later regarding their position relative to Fortinet, but we wanted to call them out here. Look, CISOs, they really liked Palo Alto. They trust the Palo Alto Networks. They consider Palo Alto as a trusted leader with a very strong portfolio and vision. Now let's turn our attention to the pack here, as we mentioned, Okta's momentum is notably elevated and it's meaningfully higher than the others. Its presence continues to increase up to the right, as does CrowdStrike's, or to the right, not necessarily up to the right, but to the right. But CrowdStrike has come off its net score high, so it's coming down actually in the vertical axis. And we're not super concerned about that because they're dramatically increasing their presence on the X axis each survey. But so is Okta, so that's something to watch. In other words, CrowdStrike's coming down in net score while it's increasing its presence, Okta is holding its net score while at the same time increasing its presence, which is really a strong sign. Now that they compete, they don't compete against each other directly, but it's they're still in the same sector. We've also included Carbon Black here because because of their VMware acquisition and VMware CEO, Pat Gelsinger, he's on a mission to fix security and the company has made a number of moves in cyber. VMware has a really good track record could of execution and while fixing Curity is highly aspirational. With its install base and history of success, we wanted to include them here because they're getting more attention of the CISOs in the ETR panel. So we're keeping an eye on VMware and Carbon Black. It's going to take some time, but we'll keep watching them. Now let's take a look at how the players have moved this year over the quarters. We're going to show you four tables here and we're going to compare the net scores and market share of the cyber companies for January, April, July, and October surveys. So pre-COVID and throughout the year. So let's look first at the pre-COVID positions. The left most chart is sorted by net score or spending momentum and the right most chart is the shared Ns, which is the number of mentions in the survey, which is what drives the horizontal axis that I showed you earlier. Now, when you go back to the January survey, you see CrowdStrike was already doing very well with an elevated net score of 68.3% and 123 mentions. By the way, please ignore those companies with less than 50 Ns, I didn't filter the data back then. I was kind of still learning how to use the ETR software platform. Okta was also elevated and you can see the others there as well. Now, last year, we came up with a method to assign stars to those companies that had both top net scores and large shared Ns in the survey. So spending momentum and strong market share. And you can see Microsoft, Splunk, Palo Alto Networks, Proofpoint, CrowdStrike, Zscaler and CyberArk made the cut and all received four stars. And we gave two stars to Cisco and Fortinet because they had strong net scores and very high presence in the survey. Now let's go forward and look at April when the lockdown was in full swing. Okay, so we tightened things up in April and on the presentation of the survey did and only included those companies with more than 50N. And we cut the top 10, that's the red line and we put in their Dell EMC which is RSA and IBM for context. And you can see CrowdStrike, they shot to the top with a 68% net score and increased it's shared N, and you can see the stars right. Now, let's just jump ahead to the July survey. So now we're well into the pandemic. Maybe things are calming down a little bit in the summer. People feeling a little bit more freedom, maybe not as concerned about the work-from-home peace, that's sort of settling in, and CISOs, they had a little time to respond here and that's kind of the picture in the summer. Okta jumped way up on the left, you see in spending momentum and CrowdStrike, they moderated a bit, although they remained elevated. And again, they're not direct competitors, but it's instructive to compare these two firms, 'cause they're both hot and growing. And you see the green lines, they show the direction of the momentum of the net score. CrowdStrike was a bit of a concern because its net score dropped and its presence in the dataset kind of moderated. But the company continued to report strong revenue during its earnings calls and the stock remain a darling. So some mixed signals in the data, one quarter doesn't necessarily make a trend. But Okta, Microsoft, Cisco, Palo Alto, Splunk and several others, they remained very, very strong. Now let's go into the most recent October survey. So again, we continue to fine tune our presentation analysis here. And you can see there are two red lines. The top one is the top 10 cutoff. And the second line is the top 20. As we said, Elastic hit the radar for net score but still not pervasive enough in the dataset on the right to earn some stars with the shared Ns. So Okta in our view continues to hold that top spot for momentum and made the top 10 cut for shared N, two very positive signs. It's shared N, for example, jumped from 139 to 185. So more and more mentions, people are increasingly relying on Okta for identity access management. Now for the green arrows here, the momentum lines, we've tried to take into consideration the shared N. So even though, for example CrowdStrike's net score dropped from 50 down to 43%, it's shared N, or again, the number of mentions, it jumped from 119 to 162. So that's a 36% increase and you might be thinking, well, why is that significant? Well, CIOs and IT buyers in the ETR survey, they're asked to choose the areas with which they are most familiar and then they answer questions on which vendors they use. So the fact that companies like Okta and Palo Alto and CrowdStrike and several others that we've highlighted are increasing their presence in the data set and still maintaining a very strong net score is a really good signal in our view. That's why, for example, take Zscaler, we still give them two stars, even though on a relative basis, it didn't make the top 10 cut. It's net score held relatively firm and it's shared N jumped by 39%. So we continue to like names like Zscaler, Okta, CrowdStrike, CyberArk, Proofpoint Fortinet and of course Microsoft, which consistently shines brightly. Let's look at a comment that underscores the CISOs sentiment and I think the market overall. Here's a comment from a CISO of a global travel and hospitality company. It's a name you would recognize and obviously this individual's business was hit hard by the pandemic. So there's an inherent bias toward hope anyway, toward a return to the normal. But look at the comment, I'll read it. "I was a skeptic on the permanence of the changes due to COVID, but I've seen firsthand, there are legitimate structural changes that are taking place, and that's going to fundamentally shift where companies are investing in cyber. Building leases are expiring, people, they're productive working from home. Products that enable work from home and that are cloud first, that trend will continue and be permanent." And you know what? We agree. Okay, here's a chart that we've been updating since right before the pandemic and it compares the performance of the S & P 500 and Nasdaq with specific security companies that are public. And we've been tracking the revenue multiples on a trailing 12 month revenue basis over time to get a sense of how these companies compare. And we prefer to use forward looking revenue, but find TTM to be more consistent and frankly easier to access quickly. So that's what we're using. Now note that Splunk, Octa, CrowdStrike and Zscaler, those are the guys I've highlighted in red, they have yet to report as of this publication. A couple of points here are worth noting. First, we've been talking a lot about the divergence in valuation between Palo Alto and Fortinet and we'll show some more data on that in a moment but we want to share some CISO comments about Fortinet. People sometimes refer to Fortinet as Forti knife, as in Swiss army knife. They're a Swiss army knife of cyber, Forti everything is what one CISO called it. Fortinet is more price attractive, especially for mid-sized companies who don't have the resources of larger firms that might gravitate toward Palo Alto Networks. And the companies around for awhile and has earned the trust of CISOs because of their portfolio and their track record. Now, the other notable item in this data is the rise in value for Okta, CrowdStrike and Zscaler which have seen values increase 78%, 128%, 124% respectively in the time period we show here. You can see the very highly elevated revenue multiples compared to some of the more mature companies. Splunk, they're a bit of an outlier here 'cause we're showing negative growth in that right-hand column. And that's because of its transition toward a subscription model. That really messes up the income statement. And we just wanted to cite that. Splunk's been doing a good job communicating to the street. There are some concerns in the ETR dataset, which we've talked about. They've sort of moderated lately. There's also concerns about pricing that CISOs have mentioned, but generally there's a real bifurcation in the market in terms of valuations. And we think that while there's a lot of discussion about the so-called stay-at-home stocks and a shift back away from those when the pandemic subsides, we believe that the productivity benefits of remote work are becoming more clear and these next gen security companies are going to continue to thrive. Now let's take a moment to look at the relative performance of Palo Alto and Fortinet. Back in February of this year, we noted that there was a valuation divergence occurring between these two companies. And we cited three factors at the time for this gap. First, we said the Palo Alto was trying to cloud proof its business, and as such, it was in transition. And second, it had some challenges with regard to the pace of that transition, including sales incentives, actually that's part of the first point. That was kind of one A. Secondly, we said that the shift away from appliance-based firewalls was accelerating and that was pressuring Palo Alto's valuation. They were kind of underperforming in that segment. And finally we said the Palo Alto was facing some very tough compares in 2019 relative to 2018. And that was causing investors to pause as Palo Alto began shifting to an annual recurring revenue model. Now we said at the time that CISOs really, they really liked Palo Alto and we felt it would... the company would deal with these issues in 2020. And this chart really shows that and they've begun to reverse this trend. The yellow line is Fortinet. The blue line is Palo Alto and it's showing this sort of relative performance here. And you can see that gap coming into 2020 which extended into the meat of 2020. But now it's starting to compress, thanks to a nice earnings report that beat EPS on revenue this month, as we're talking about Palo Alto. So we continue to believe that Fortinet has done a good job and a better job of moving to the cloud model. And Palo Alto has largely relied on acquisitions to accelerate this trend. And we'll see if they can continue to thrive during this transition to cloud. But there's little doubt that CISOs want to work with Palo Alto networks and they remain committed to having a strategic relationship with the company. Alright, let's wrap. The shift to the subscription model is well underway in the cybersecurity space and it's buoyed by cloud and next generation SAS-based security players. Splunk is in transition. Cisco and Palo Alto emphasize the importance of this trend and virtually all historically on-prem players are being forced to respond. Survey data and anecdotal information from theCUBE community supports what the ETR Venn CISOs are saying, that the internet is becoming the new private network and these trends toward cloud-based and remote worker support are delivering benefits that CEOs and CFOs are going to continue to push to operationalize. CISOs, they got to continue to take a multi-layered approach to defending their data, their applications and their users. And it's such a fragmented market with specialists is going to continue for quite some time. Now, despite these clear trends, CISOs face a real challenge, the timing of the return to semi normal, it's really uncertain. And we still don't have a clear picture of what that future will look like. As such incumbent firms with hardened networks, they're going to have to remain in a hybrid holding pattern to accommodate whatever happens. Why is that important? Well, this means that budgets are going to be stretched. Look, while security remains a top priority, you can't expect an open checkbook going to SecOps team. Throwing money at the problem wouldn't really solve it anyway. Rather CISOs have to take a balanced portfolio of investments, continuing with automation and data analytics and of course, good security practice practices. That's going to be the pattern. Alright, well, thanks everyone for watching this episode of theCUBE insights powered by ETR. There are many ways to get in touch. @dvellante on Twitter, david.vellante@siliconangle.com. You can comment on my LinkedIn posts. I publish weekly on wikibon.com and siliconangle.com and always appreciate the feedback from our community. These episodes, by the way, are all available as podcasts. So you can listen while you multitask and don't forget to check out etr.plus for all the survey action. This is Dave Vellante. Have a great Thanksgiving, be smart, stay safe and we'll see you next time. (light melodic music)

>> From theCube Studios in Palo Alto in Boston, bringing you data driven insights from theCube and ETR, this is breaking analysis with Dave Vellante. >> As we reported in our last episode tech spending overall continues to be significantly muted relative to 2019. Now, our forecast continues to project a 4 to 5% decline in 2020 spending, and a tepid 2% increase in 2021. This is based on the latest data from ETR surveys of CIOs and other it buyers. Nonetheless, there continues to be some sectors and vendor bright spots in what is generally an overall challenging market. Hello everyone, and welcome to this week's Wikibon Cube Insights powered by ETR. My name is Dave Vellante, and in this breaking analysis, we welcome back Erik Bradley from ETR to provide added color from my solo flight from last time. Erik always a pleasure to see you, thanks so much for coming back in theCube. >> I always enjoy it. Happy Friday Dave, We're almost through. >> Happy Friday. They just blend together. Guys, if you would bring up the first slide, I just want to summarize the situation. This is from ETR's latest findings, I just extracted some. And I want to go down very quickly, Erik, and then get your take. As I said, technology buyers expect the downturn for 2020, but this quarter, coming into fourth quarter, minus 3.2% was ETR's forecast, that's year to year spending decline and a 2% uptick in 2021. Now, Erik this is slightly, what I call it slightly less bad, relative to last quarter. So sequentially it's less bad. >> Yeah, there's a couple of things to break down there. So first to begin with, beginning of the year, when we launched not only our spending attention surveys, we did a simultaneous COVID impact survey, and that's where we caught originally a 5% decline was expected. So although negative 3.2 was probably the worst quarter over quarter lapse we've seen, as a matter of fact it is the lowest drop we've had theory, going into 2021, the IT people that we've actually surveyed are actually expecting a 2% increase. So there is a reason for optimism, but if we're looking at the current data set, there is no doubt the picture remains a little bit bleak. We can go into different sectors and vendors where they are impacted, but I think maybe if you're willing, I think it might be worth just sort of breaking down the demographics of the survey a little bit and how we got to that 3.2% survey over survey decline. >> Yeah, and we have a chart on that. But before we get that, I just wanted to lay out some of the other key points of your analysis. The other one, which is we talked about this in the last episode, we call it a slow thawing. Hiring an IT project freezes are thawing, with fewer companies expecting layoffs. So that gives us some bright spots, but there are definitely a widening bifurcation between vendors gaining share and those who are donating share. And then, you know, again, relative to last quarter survey we're seeing government and education and fortune 100, you guys are showing the deepest cuts from the last survey. Where's IT Telco, retail and retail consumer are showing a little bit more stability. And then of course you talked about the work from home which we've covered doubling from pre pandemic. Pretty interesting findings from your COVID survey. >> Yeah, it's a fantastic, and this is the fourth iteration of this survey that we've done now. So we've been able to track it very quickly, launched it in the field when we realized the true impact of what was happening in early March. This is our fourth version, and we've been able to track it overall. Yes, without a doubt government, education are being the biggest impact, the biggest declines without a doubt. Now, clearly the caveat to that is if there's any sort of government policy maybe those could actually help a little bit, but for right now, those are getting hit the most. Retail consumer is fairing much, much better, and the IT companies, as generally, we're seeing in the market as well, they can, you know, are still spending money and still moving. But the reason for optimism actually comes from multiple metrics. And I will say, we have caught a bottom on all of the negative metrics at this point. Now, who knows what will happen the next time we do it, right? The world is always fluid. But based on this, this is our fourth iteration of this survey, whether it be IT projects being frozen, whether it be layoffs, whether it be just overall expected budget increase, everything looks like it is already bottomed and there is some optimism going into 2021. Of course, the January survey that we launched will be able to corroborate that hopefully, and we'll have much more granularity into those findings at that time. >> Great. Okay, now let's get into the demographics that you referenced for. This next slide shows those. The record number of respondents Erik, congratulations on that. And so take us through the makeup of the survey respondents guys, if you bring up this next slide. >> Yeah. So for the October 20, what we're really doing here is we're asking the it decision makers to update the survey responses they gave us in July. We're basically saying, okay, you thought you were going to spend this in the back half, what did you actually do? And in this particular survey we had 1,438 qualified IT decision makers get involved. That's 60% of the fortune 100 is represented, almost a quarter of the global 1000, and we had about 35% of the fortune 500. The industry breakdown is all across the board, whether it's financials/insurance, IT/Telco, we have industrials/manufacturing, we have energy/utilities, we have government. So it's really a great cross section. Now, geographically, that tends to be about 80% North America. We are heavily concentrated in that area, but we also have a 12% EMEA, 5% APAC and remainder is Latin AmErika. If there were any visibility concerns at all would probably be in China. It's just not that easy to get qualified IT decision makers from China to respond to us. But that's an area we are working on going forward, but overall a huge survey response, certainly meaningful end, and we're very happy with the data that we collected this time. >> Okay, thank you for that. Now, I want to go into the next graphic here, and I want to look at how net score has changed over time. And I want to remind people that, so this slide basically goes back to 2016, and shows some ebbs and flows and then some real strength coming in, 'cause you see 17 and 18, and you may forget going into Q4'19 and into 2020, the ETR data was telling us, hey, things are going to slow down a little bit. It's hard to remember that. And so, and the thinking back then was okay, last couple of years, people have spent a lot on digital transformation, and would a lot of experimentation, they were hanging on to their legacy stuff, and with all that technical debt and they were experimenting with a lot of the new technologies. And what we saw coming into Q4 2019 was people beginning to unplug some of that and making bets basically, unplugging some of the legacy stuff. Oh, and by the way, maybe saying hey, the new stuff that we tried didn't work, we're going to do less experimentation. So we saw a somewhat depressed next score, and you can see that in here coming into 2020, and then of course COVID hit and you can see the bottom fell out. But wow what a drop, I mean, that says it all, a lot different than what we're seeing in the stock market. >> Yeah, first of all, just a great recap on what we caught last year. Really well done. So at that time there was concurrent spending. There was a lot of proof of concepts being done. People weren't exactly sure how to transition off, how fast they were going to get into the cloud, how fast they could make that digital transformation. And they were kicking the tires on everything, and there was a ton of spend. It was the golden era of IT spending at the time. But we did catch that some of that was coming down. So what we will see now is obviously that spending was going to cool off either way, but now with the global pandemic impact hitting what we've caught, of course, is the biggest survey over survey decline. 3.2% was matched at one other point in our survey's history, but that was at very elevated spendings, so that drop was not as meaningful. When we're seeing from a more baseline that drop right now is extremely seasonal, and extremely meaningful, my apologies. Now, I do want to make a quick caveat that usually the October survey catches some seasonality, because a lot of people have expected spend in the back half that doesn't always materialize. But make no mistake, this is way beyond our normal seasonality. This trough is a real metric. >> Yeah, and when I talk to buyers and I talk to even salespeople, for if you want the truth, you'll talk to salespeople, if you can get the truth out of them, which you usually can. Sales and engineering, that's really if we want to know what's happening in companies, but they will tell you that their visibility, same with the buyers, they're saying, look, I think I'm going to spend and I think I'm going to get approval on it, but the normal buying signals, you kind of have to take with a grain of salt because it's, the buyers don't know the sellers don't really know. I mean, they think they've got reasonable visibility but things change so fast as we know. So you have to be really, really careful. All right, let's drill in to some of the sectors, and that's really the next two slides, guys, if you bring up the first of the next two. So this shows the change from July to October. So the last survey to this survey, 2020, and the green bars of July, yellow bars are October. And you can see right away, jumps out at you, container orchestration and ML and AI, and we've got some other data on this jump right off the charts. They're still elevated levels, so that's a real positive. You can see AI actually, maybe waning a bit, and I think that's probably, Erik, is a lot of it is just, you don't even see it, it's just embedded. But take us through this first chart and then we'll dig into some of these sectors. What are you seeing? >> Yeah, certainly. So from a sector breakdown point of view, that lesson, none of them were spared, let's be honest, right? There's a slow down in spending. But containers and containerization were by far the most stable. So clearly this is a priority. People are recognizing that they need to go that route. Nobody wants to be tied to any particular cloud provider. So container and containers are moving the best, they are looking about as stable as they can be. When we drill down a little bit further in there, we're seeing Kubernetes of course, Microsoft and AWS really supporting in that sector. Now, when you talk about the ones that had the biggest survey over survey declines, we are looking at ML/AI, but like you said, still elevated spend. So even though there was a big survey over survey decline, the overall spending intentions are healthy. Nobody is getting away from it. Also to corroborate that in the COVID impact study, we asked people, given the current situation where their priorities are, and unfortunately in that area ML/AI and the RPA we're actually not positioned as well. So it actually corroborates the COVID impact survey, corroborates what we're seeing here in our larger intentions. Now, when you look at ML/AI, Microsoft is still very well suited in that area. Virtualization was another big area that dropped, which was interesting because I think the immediate COVID impact and the work from home, we saw a little spike there. I think we definitely saw companies like Citrix, right? F5 and Nutanix and AWS workspaces. They all had a really good impact, positive, when we first hit, but virtualization is dropping quite a bit there. And again, no surprise, Microsoft is well positioned as well. And then lastly, enterprise content management also had a big, big drop-off, and there you're looking at Adobe Box, Open Text, those are the type of companies that seem to be having the biggest survey over survey decline and ECM. >> Yeah. And I just want to make a comment on this first of the two slides. Is you see security, it's okay, there's a little bit of decline, but there's the story of the haves and the have nots. If you're an end point security, you're in cloud security, you're in identity access management, there's some real tailwinds for you right now. You're seeing that with Octa, CrowdStrike and Zscaler, SailPoint, you know, had a really good quarter. So that's the story of kind of the, a mixed bag. If you go to the next slide, guys, what jumps out here on the second sector breakdown, and Erik you alluded to this as RPA, very elevated, although down, somewhat still, again, very elevated and cloud computing. I mean, that's all everybody wants to talk about. This is a large market that continues to grow very, very fast. >> Yeah. It's a A2 cloud, right? I mean, even the cloud, we're kind of shocked and we saw that too. But, you know, again, it's still a healthy survey at 4Cloud. Spending is still there, but what we are seeing is a pretty big survey over-serving decline that is probably, if you had to translate that, it's going to show slower growth. Still double digit growth, but slower than we expected. And interestingly in the cloud, again, Microsoft is very steady, GCP steady. We saw AWS soften a little bit, and that's something that I think we need to keep an eye on there, we are seeing some softening trends. IBM and Oracle, unfortunately, no matter how hard they push, it doesn't really seem to be making a dent, at least with our it decision makers that respond to the survey. But one thing that was interesting was VMware on AWS actually looked much, much better than VMware alone. So on the cloud side, those are pretty interesting takeaways. >> Yeah, we talked about that a couple of episodes back as the, well, couple of things to pick up on your comments. You mentioned IBM and Oracle, they're just so large, they're growing businesses are not growing fast enough and they're not large enough to offset the decline and their declining businesses. Yet they're huge, they have, they throw off a lot of cash and so maybe their stock's not going through the roof, but they're pretty stable companies from that regard. I wonder, maybe AWS is starting to hit some of those, the law of large numbers. I mean, it's still growing very, very rapidly for a 45 plus billion dollar organization, still growing well into the double digits, so it just gets harder. And then, but the other thing I wanted to pick up on is you mentioned VMware cloud on AWS, we're seeing those hybrid solutions really start to pick up the multi-cloud solutions, which I was a real skeptic a couple of years ago 'cause it wasn't really real, now becoming real. And I think when you talk to, you know this well from your Ven discussions, people are looking at options for cloud. They want multiple clouds, the right horse for the right course, they want to reduce their risk, they want to ensure exit strategies and some clouds are just better at some things than others. >> Yeah, completely agree. And as you know, I do interview a lot of these IT decision makers that we survey to get a little more granularity and to dig into the details, and you and I just, great example. We did a session on Data Warehousing as a Service, we're at Snowflake. And the main reason that people love them is 'cause they have cloud portability. They can move across multiple clouds. Nobody wants to be tied to one cloud provider, they need to be agnostic. And if you look at, you know, something like Microsoft, right? Their Software Suite is fantastic. So most people are going to be aligned for them. They provide great active directory, the enterprise applications are absolutely incredible. But if you're looking to do straight ML/AI or straight data warehousing, maybe AWS Redshift, maybe Google Big Query might be a better fit for you. There's no reason to be tied into one. So what we're seeing more and more is those vendors that offer cloud portability or hybrid availability to do some on-prem for security, some cloud, they're really taking a step up in our recent surveys. Another comment you made Dave, if I can just backtrack to it is, you kind of mentioned how some of the vendors are taking more and more share. We are continuing to see this theme of a widening bifurcation, where although the overall spend that pie is shrinking, the leading vendors are taking much bigger slices from that pie. And that is continuing across the entire year. >> Yeah, definitely a time of disruption. So thank you for bringing that up. Okay, the next graphic I want to show you is actually a motion graphic, and what we're showing here is one of our favorite views. On the vertical axis you've got net score, remember, net score, essentially ETR, every quarter like clockwork asks customers are you spending more you're spending less, it's more granular than that, but essentially they subtract the red from the green and that leaves you with net score. So the higher the net score the better on the vertical axis, on the on the horizontal is axis is market share, its presence, its pervasiveness in the dataset. So you want to be up into the right, of course, like all these charts and XY's. And what we're showing here is, we go back to October, 2018. Remember this is the October survey and you can see the movement and what's happening. And a couple of points here really is one is container orchestration and container platforms, cloud, RPA, ML, they all stand out. And now we, you can see the the context of their "market share" as well, and you see that bunching, you see some of the Legacy stuff, the more mature markets like storage and PC tablets and laptops. They don't have a huge next or outsourcing, not a big net score, but they're there and they're kind of bunched up, down in the middle. But you can also see how they've slowly got depressed over time, even the elevated ones. Nobody in the recent survey is over a 60% net net score. I think you guys said that the overall net score was the lowest in history. So this is just a good way to visualize the various sectors and how spending, momentum and share is shifting. >> Yeah, that's a very good point, and you are right. The overall survey net score is actually 25.3% and it is the lowest ever we've captured. So that actually is translating into what we expect to be single digit declines in overall growth in IT budgets, which again is in line with what we've been saying. We caught early on about negative 5 1/2, that is improved now it's in this quarter to about negative 3 1/2, but if you look at the mid point here, we're very clearly in mid single digit declines, and the entire area is being impacted. Now, there are certainly some areas that are more important than others, there's no doubt about it. But yeah, outsourcing is one you mentioned, absolutely getting decimated. Nobody really has the money right now to be doing IT outsourcing, that's just not a priority. The priority is remote connectivity, remote security, how do I get identity access and governance to make sure that my employees are doing what they're supposed to be doing, even though they're not on my network anymore. All of those things are continuing. And as you saw on the COVID-19 Impact Survey, they're not going away. You had mentioned on a solo session you did, I think a week ago, where you have cited our data saying that permanent workforce is going to double from where it was in pre-pandemic levels. So that means a lot of the people that slapped a bandaid on their networking to get their employees to work from home, that bandaid solution is not going to work. They need to find one that's permanent now. So the areas of spend, although it is declining, there are very clear delineations of where that spend is going. >> Yeah, I want to just pick up on something you said about the work from home doubling, 'cause I've shared that data with some folks and had some discussions. We're talking about people that work from home, not come in a couple of times a week, this is the work from home component. And so I think the hybrid is going to increase as well, but the hardcore work from home, I think it was mid-teens, 16% or something doubling in the post pandemic was the expectation. And again, I just wanted to sort of clarify that I think your data there is quite good. How about some of the vendors? I think, now that's Snowflakes public, you guys may be doing some forecasts there. Let's start there. >> Sure, yeah. So it's fun to talk about the high level, right? And talk about the sector breakdown and where we're seeing things, but at the end of the day, people just love to talk about the individual vendors. So there's a few things that were interesting, yeah. We were able to finally come out with a real viewpoint on Snowflake now that they're out in public, and we kind of launched with a positive to neutral viewpoint. I don't think there's going to be anything here that shocks you. We're absolutely outstanding expansion rates. All the commentary we get from our CIOs are just incredible, the market share gains are about as high as you're going to see in the survey, they are extremely well positioned to continue executing, and this is not in the data set, but we also know that that management team is fantastic. I would think that they had set themselves up coming out as a public company not to completely disappoint. And everything in our data set shows absolutely no reason why they would disappoint. >> Well, and so you may be wondering folks, like, well, wait a minute, with all that great news, I mean, how could they be positive to neutral. Maybe it maybe neutral, the reason is because they have a 66, roughly $66 billion valuation. And what ETR is doing is they're taking that into consideration as well relative to, so they're looking at the street forecast, the consensus forecast and saying, okay, how does the data line up to that? And so a lot of people are asking the question, can Snowflake live up to its valuation. I don't think there's any lack of total available market here. I mean, it's very, very large, the data market, it's enormous. And as, just a plug for an event that we're doing on November 17th, it starts, we're doing a global event, and we're going to be looking at this issue very closely, interviewing customers and partners and executives and, you know, you can judge for yourself if you think the vision, they're putting out this vision of a data cloud. You see this, if this vision, you think is going to have a big enough term that they can grow into, and as Erik said, great management team, will they be able to execute? Decide for yourself, but very exciting IPO obviously that we've tracked quite closely. Elastic is another one that you guys have followed quite closely. I know you've got some data there that you want to share as well. >> Yeah, I certainly do. The APM spaces is really interesting. One last quick point on Snowflake. We don't have regression forecasts on them, because they haven't been out public long enough for us to be able to do that sort of back-testing. So without that data science behind us, we will never really go with a full positive. So to your point that saying positive to neutral is not negative or neutral stance whatsoever, it's just without that regression support behind our data, that's what we just tend to do. Because at the end of the day, we're a data science company, so.. >> Yeah. You need some some history there to really make those calls. But yeah, let's talk about Elastic. >> Yeah, sure, you got it. So recently I hosted a panel on the APM and monitoring space. It was incredibly enlightening. It's a very crowded space that our CIOs told us is right for disruption. And it ended up being a little bit of an avalanche in our data, because it wasn't just Elastic, but it was also Splunk and Dynatrace that we ended up putting ratings on. Now, Elastic as we know is an open source model, a freemium to pay type of model. And we normally try to stay away from open source models, 'cause it's kind of hard to predict how that converts to revenue, but the data was so strong that again, we came out with a positive to neutral rating on Elastic. It was based on just elevated spend levels across, there was almost no negativity, we weren't seeing any decrease or replacement indications, really solid positioning in the fortune 500 accounts, which I was a bit surprised about. And the other thing here is that Elastic tends to be really expanding in the information security. This is no longer just about monitoring and logging, they are becoming a very relevant infosec play and they are breathing down the necks of Splunk. They can do the same thing and they can do it much cheaper. The caveat being, you need to have the IT and the human skillset to run Elastic. So it really comes down to, are you sophisticated enough with the human capital management to run it? But everything we saw here just incredibly improved competitive positioning, they actually had the number one net score in all of information security in any vendor that had over 50 citations. It was just too hard to ignore, we had to come out with a positive neutral. >> That's super interesting Erik, and of course, yeah, we covered that space recently. Everybody wants a piece of Splunk and have for a number of years, but, you know, you see in Datadog come after it, then you see some startups getting into the space. Jeremy Burton launched his company, Observe, Honeycomb is in that, they kind of coined the term observability. Kakao Search is another one. Ed Wall's joined that company, and so you see a lot of folks really going after that space, why not? I mean, it's such a successful company. The pickup of SignalFX filling some holes, we talked about that on the Ven, and it's a very interesting space, and one I think has some somewhat depressed levels from a net score standpoint but as some of your Ven observers said, this market is here to stay and it becoming much more important as part of digital transformation, as part of a dashboard of digital transformation. >> Yeah. Coining that term observability really just hit it on the nail on the head. When we just talked about monitoring an application, that's not what it's about anymore, right? You need to have observability in multi hybrid cloud environments, whether it's your infrastructure or people actually writing code for your application. And so that single pane of glass, end-to-end is the holy grail of monitoring, and that's what these guys are pushing for. The New Relics, the Datadog's, the Elastics, they're getting there more quickly than Splunk and Dynatrace or AppDynamics from Cisco are. That's what the people are telling us, the ones I speak to, the CIOs that use it in the field. They're getting there more quickly and they're doing it more cheaply. Now, this is not to say Splunk is not a great company, we know it is. And also Splunk has more API integration into any ecosystem you want. They're not getting pulled or ripped out anytime soon, we're not saying that. But when we look at our data, we had no choice but to come out with a neutral to negative. They are deteriorating and their spending intentions, their customer growth is completely stalling, we're not seeing any more increased perversion in our dataset or among customers. There just wasn't really anything we could really do. Looking at the data set and that's what we do, we had no choice. There's a lot of skepticism heading into the back half of this year and next year, there's so much competition coming after them, and some of these people are just giving it away for free. It's pretty hard to compete with free. >> Yeah, free is very powerful. All right, speaking of skepticism, Rackspace had their IPO, what do you see in there? >> Oh man, I'm not really sure how to start there. But listen, I don't want to beat a company while it's down, but their net scores are actually negative. I think at the negative 20% range, if I could possibly recall that. But listen, Rackspace, when they were private, let's give them some credit, right? They decided to go out and buy a bunch of different managed service providers, they tried to align themselves with AWS, with Oracle. So they've got this whole bundle thing right now that isn't just straight cloud computing anymore. We'll see if that plays out. But clearly we saw that the IPO was not a very special IPO. In this environment the valuations in the technology stocks being very elevated, having a negative IPO was very telling. But sticking straight to the data, basically we're seeing negativity across several years, it's the worst position vendor in cloud computing that we even cover. We just had to take a look at it right now, and just be honest and say according to the data, this is a very negative data set, there just isn't much we can do about it. Wish them the best, I hope their MSP revenue starts kicking in, and hopefully it'll change. But for right now the snapshot of our data was quite dire. >> Okay, Erik, Well, thanks so much. So let's update folks, so the ETR is exiting, it's quiet, period, which I love, because that means I can have the data and share with you. So we'll be updating our cloud scenarios, security, automation, our infrastructure, and many other segments as well. Certainly the data piece, we've been tracking snowflake very closely. And of course, Erik, you guys are already gearing up for your January survey. So, you know... >> It never ends Dave. And I've... >> Well, I got a really... I've got a sizzle panel that I'm doing next week as well, where we got four sizzles talking about security threats and priorities for 2021. So as soon as I wrap that, you'll be the first one I get my summary to. >> Oh, those are great. I mean, there's such deep dives with practitioners, and it's just an open discussion. So Erik Bradley, thanks so much for coming back in theCube. >> Have a great weekend Dave. >> Yeah, you too. And thank you for watching everybody this episode of Cube Insights powered by ETR. Go to etr.plus, that's where all the survey action is. I publish every week on wikibon.com and siliconangle.com. All these episodes are available on podcast. Wherever you watch, you can DM me, I'm @DVelllante. I post on LinkedIn, you can comment there or email me @david.vellanteat, @siliconangle.com. This is Dave Vellante for Erik Bradley. Thanks for watching everybody, we'll see you next time. (upbeat music)

>> Narrator: From around the globe, it's theCUBE with coverage of KubeCon and CloudNativeCon Europe 2020 Virtual brought to you by Red Hat, the Cloud Native Computing Foundation and ecosystem partners. >> Hi I'm Stu Miniman and this is theCUBE's coverage of KubeCon, CloudNativeCon the 2020 European show of course happening virtually and that has put some unique challenges for the people running the show, really happy to welcome to the program she is one of the co-chairs of this event, and she is also a Principal Software Engineer at Splunk, Constance Caramanolis thank you so much for joining us. >> Hi, thank you for having me, I'm really excited to be here, it's definitely an interesting time. >> Alright, so Constance we know KubeCon it's a great community, robust everybody loves to get together there's some really interesting hallway conversations and so much going on, we've been watching, the four or five years we've been doing theCUBE at this show, just huge explosion of the breadth and depth of the content and of course, great people there. Just, if we could start with a little bit, your background, as I mentioned you're the co-chair, you work for Splunk by way of an acquisition, of Omnition try saying that three times fast, and Omnition you were telling me is a company that was bought really before it came out of stealth, but when it comes to the community itself, how long have you been involved in this community? What kind of led you to being co-chair? >> Yeah, I guess I've been involved with the community since 2017, so, I was at Lyft before Omnition Splunk, and I was lucky enough to be one of the first engineers, on Envoy you might've heard of Envoy, sorry I laugh at my own jokes. (laughing) Like my first exposure to KubeCon and seeing the CNCF community was KubeCon Austin and the thing that I was amazed by was actually you said it the hallway tracks, right? I would just see someone and be like, "Hey, like, I think I've seen your code review can I say hi?" And that started back on me at least a little bit involved in terms of talking to more people then they needed people I would work on a PR or in some of the community meetings and that was my first exposure to the community. And so I was involved in Envoy pretty actively involved in Envoy all the way until from 2016 until mid 2018 and then I switched projects and turning it left and did some other stuff and I came back into CNCF community, in OpenTelemetry as of last year, actually almost exactly a year ago now to work on making tracing, I'm going to say useful and the reason why I say useful is that usually people think of tracing as, not as important as metrics and logs, but there is so much to tracing that we tend to undervalue and that's why I got involved with OpenTelemetry and Omnition, because there's some really interesting ways that you could view tracing, use tracing, and you could answer a lot of questions that we have in our day-to-day and so that's kind of that's how I got involved in the second-round community and then ended up getting nominated to be on the co-chair and I obviously said yes, because this is an amazing opportunity to meet more people and have more of that hallway track. >> Alright, so definitely want to talk about OpenTracing, but let's talk about the event first, as we were talking about. >> Yeah. >> That community you always love the speakers, when they finish a session, they get mobbed by people doing questions. When you walk through the expo hall, you go see people so give us a little bit of insight as to how we're trying to replicate that experience, make sure that there's I don't know office hours for the speakers and just places and spaces for people to connect and meet people. >> Yeah, so I will say that like, part of the challenge with KubeCone EU was that it had already been meant to be an in person event and so we're changing it to virtual, isn't going to be as smooth as a KubeCon or we have the China event that's happening in a few weeks or at Boston, right that's still going on, like, those ones are being thought out a lot more as a proper virtual event. So a little bit of the awkwardness of, now everything is going to be online, right? It's like you can't actually shake someone's hand in a hallway but we are definitely trying to be cognizant of when I'm in terms of future load, like probably less content, right. It's harder to sit in front of a screen and listen to everything and so we know that we know we have enough bandwidth we're trying to find, different pieces of software that allow for better Q and A, right? Exactly, like the mobbing after session is go in as a speaker and one as attendee is sometimes like the best part about conferences is you get to like someone might've said something like, "Hey, like this little tidbit "I need to ask you more questions about this." So we're providing software to at least make that as smooth, and I'm putting this in quotation and as you'll be able to tell anyone who's watching as I speak with my hands. Right, so we're definitely trying to provide software to at least make that initial interaction as smooth as possible, maybe as easy as possible we know it's probably going to be a little bit bumpy just because I think it's also our first time, like everyone, every conference is facing this issue so it's going to be really interesting to see how the conference software evolves. It is things that we've talked about in terms of maybe offering their office hours, for that it's still something that like, I think it's going to be really just an open question for all of us, is that how do we maintain that community? And I think maybe we were talking or kind of when I was like planting the seed of a topic beforehand, it's like it's something I think that matters like, how do we actually define community? 'Cause so much of it has been defined off that hallway track or bumping into someone, right? And going into someone's booth and be like, like asking that question there, because it is a lot more less intimidating to ask something in person than is to ask it online when everyone gets to hear your question, right. I know I ask less questions online, I guess maybe one thing I want to say is that for now that am thinking about it is like, if you have a question please ask questions, right? If recording is done, if there's a recording for a talk, the speakers are usually made available online during the session or a bit afterwards, so please ask your questions when things come up, because that's going to be a really good way to, at least have a bit of that question there. And also don't be shy, please, even when I say like in terms of like, when it comes to review, code reviews, but if something's unintuitive or let's say, think about something else, like interact with it, say it or even ask that question on Twitter, if you're brave enough, I wouldn't but I also barely use Twitter, yeah I don't know it's a big open question I don't know what the community is going to look like and if it's going to be harder. >> Yeah, well, one of the things I know every, every time I go to the show conferences, when the keynote when it's always like, okay, "How many people is this your first time at the show?" And you look around and it's somewhere, third or half people attending for the first time. >> Yeah. I know I'm trying to remember if it was year and a half ago, or so there was created a kind of one-on-one track at the show to really help onboard and give people into the show because when the show started out, it was like okay, it was Kubernetes and a couple of other things now you've got the graduated, the incubated, the dozens of sandbox projects out there and then even more projects out there so, cloud-native is quite a broad topic, there is no wrong way where you can start and there's so many paths that you can go on. So any tips or things that we're doing this time, to kind of help broaden and welcome in those new participants? >> Yeah so there's two things, one is actually the one to attract is official for a KubeCon EU so we do have like, there's a few good talks in terms of like, how to approach KubeCon it was meant to originally be for a person but at least helping people in terms of general terms, right? 'Cause sometimes there's so much terminology that it feels like you need to carry, cloud-native dictionary around with you, doing that and giving suggestions there, so that's one of the first talks that's going to be able to watch on KubeCon so I highly suggest that, This is actually a really tough question because a lot of it would have been like, I guess it would have been for me, would have been in person be like, don't be afraid to like, if you see someone that, said something really interesting in a talk you attended, like, even if it's not after the question, just be like, "Hey, I thought what you said was really cool "and I just want to say I appreciate your work." Like expressing that appreciation and just even if it isn't like the most thoughtful question in the world just saying thank you or I appreciate you as a really good way to open things up because the people who are speaking are just as well most people are probably just as scared of going up there and sharing their knowledge as probably or of asking a question. So I think the main takeaway from that is don't be shy, like maybe do a nervous dance to get those jitters out and then after (laughing) and then ask that question or say like, thank you it's really nice to meet you. It's harder to have a virtual coffee, so hopefully they have their own teapot or coffee maker beside them, but offered you that, send an email I think, one thing that is very common and I have a hard time with this is that it's easy to get overwhelmed with how much content there is or you said it's just like, I first feel small and at least if everyone is focusing on Kubernetes, especially like a few years ago, at least and you're like, maybe that there are a lot of people who are really advanced but now that there's so many different people like so many people from all range of expertise in this subject matter experts, and interests that it's okay to be overwhelmed just be like, I need to take a step back because mentally attending like a few talks a day is like, I feel like it's taking like several exams 'cause there's so much information being bombarded on you and you're trying to process it so understand that you can't process it all in one day and that's okay, come back to it, right. It's a great thing is that all of these talks are recorded and so you can watch it another time, and I would say probably just choose like three or four talks that you're really excited about and listen to those, don't need to watch everything because as I said we can't process it all and that's okay and ask questions. >> Some great advice there because right, if we were there in person it was always, attend what you really want to see, are there speakers you want to engage with? Because you can go back and watch on demand that's been one of the great opportunities with the virtual events is you can have access on demand, you can poke and prod, personally I love that a lot of them you can adjust the speed of them so, if it's something that it's kind of an intro talk, I can crank it up to one and a half or 2X speed and get through more content or I can pause it, rewind if I'm not getting it. And the other opportunity is I tell you the last two or three years, when I'm at an event, I try to just spend my time, not looking at my phone, talking to people, but now there's the opportunity, hey, if I can be of help, if anybody in the community has a question or wants to get connected to somebody, we know a lot of people I'm easily reachable on Twitter and I'm not sitting on a plane or in the middle of something that being like, so there is just a great robust community out there, online, and it were great be a part of it. So speaking of projects, you mentioned OpenTelemetry, which is what, your day job works on it's been a really, interesting topic of course for those that don't know the history, there were actually two projects that merged, it was a OpenTracing and OpenCensus created OpenTelemetry, so why don't you bring us up to speed as to where we are with the project, and what people should be looking at at the show and throughout the rest of 2020? >> OpenTelemetry is very exciting, we just did our first beta release so for anyone who's been on the fence of, is OpenTelemetry getting traction, or is it something that you're like at, this is a really great time to want to get involved in OpenTelemetry and start looking into it, if it's as a viable project, but I guess should probably take a step back of what is OpenTelemetry, OpenTelemetry as you mentioned was the merging or the marriage of OpenTracing-OpenCensus, right? It was an acknowledgement that so many engineers were trying to solve the same problem, but as most of us knows, right, we are trying to solve the same problem, but we had two different implementations and we actually ended up having essentially a lot of waste of resources because we're all trying to solve the same problem, but then we're working on two different implementations. So that marriage was to address that because, right it's like if you look at all of the major players, all of the players on OpenTelemetry, right? They have a wide variety of vendor experience, right even as of speaking from the vendor hat, right vendors are really lucky that they get to work with so many customers and they get to see all these different use cases. Then there's also just so many actually end users who are using it and they have very peculiar use cases, too, even with a wide set of other people, they're not going to obviously have that, so OpenTelemetry gets to merge all of those different use cases into one, or I guess not into one, but like into a wide set of implementations, but at least it's maintained by a larger group instead of having two separate. And so the first goal was to unify tracing tracing is really far ahead in terms of implementation,, or several implementations of libraries, like Go, Java, Python, Ruby, like on other languages right now but quite a bit of lists there and there's even a collector too which some people might refer to as an agent, depending on what background they have. And so there's a lot of ways to one, implement tracing and also metrics for your services and also gather that data and manipulate it, right? 'Cause for example, tracings so tracing where it's like you can generate a lot of traces, but sometimes missing data and like the collector is a really great place to add data to that, so going back to the state of OpenTelemetry, OpenTelemetry since we just did a beta release, right, we're getting closer to GA. GA is something that we're tracking for at some point this year, no dates yet but it's something that we're really pushing towards, but we're starting to have a very stable API in terms of tracing a metric was on its way, log was all something we're wrapping up on. It is a really great opportunity to, all the different ways that we are that, we even say like service owners, applications, even business rate that we're trying to collect data and have visibility into our applications, this is a really great way to provide one common framework to generate all that data, to gather all that data and generate all that data. So it was really exciting and I don't know, we just want more users and why we say that is to the earlier point is that the more users that we have who are engaged with community, right if you want to open an issue, have a question if you want to set up a PR please do, like we really want more community engagement. It is a great time to do that because we are just starting to get traction, right? Like hopefully, hopefully in a year or two, like we are one of those really big, big projects right up on a CNCF KubeCon and it's like, let's see how much has grown. And it's a great time to join and help influence a project and so many chances for ownership, I know it's really exciting, the company-- >> Excellent well Constance, it's really exciting >> Yeah. >> Congratulations on the progress there, I'm sure everybody's looking forward to as you said GA later this year, want to give you the final word, yourself and Vicky Cheung as the co-chairs for the event, what's your real goal? What do you hope the takeaway is from this instance of the 2020 European show? Of course, virtual now instead of Amsterdam. I guess like two parts one for the takeaway is that it's probably going to be awkward, right? Especially again going back to the community is that we don't have a lot of that in person things so this will be an awkward interaction, but it's a really great place for us to want to assess what a community means to us and how we interact with the community. So I think it's going to be going into it with an open mindset of just knowing like, don't set the expectations, like any other KubeCon because we just know it won't be right, we can't even have like the after hours, like going out for coffee or drinks and other stuff there so having that there and being open to that being different and then also if you have ideas share it with us, 'cause we want to know how we can make it better, so expect that it's different, but it's still going to provide you with a lot of that content that you've been looking for and we still want to make that as much of a welcoming experience for you, so know that we're doing our best and we're open to feedback and we're here for you. >> Excellent, well Constance thank you so much for the work that you and the team have been doing on. absolutely, one of the events that we always look forward to, thanks so much for joining us. >> Thank you for having me. >> Alright, lots more coverage of theCUBE at KubeCon-Cloud Native on Europe 2020, I'm Stu Miniman and thanks for watching. (soft music)

>> From the SiliconANGLE Media office in Boston, Massachusetts, it's the cube. Now, here's your host, Dave Vellante. >> Hello everyone and welcome to this week's Wikibon cube insights powered by ETR. In this breaking analysis ahead of the RSA conference, we want to update you on the cyber security sector. This year's event is underlined by coronavirus fears, IBM has pulled out of the event and cited the epidemic as the reason and it's also brings to the front the sale of RSA by Dell to STG partners and private equity firm. Now in our last security drill down, we cited several mega trends in the security sector. These included the ever escalating sophistication of the attacker, the increased risk from the data economy, the expanded attack surface with the huge number of IP addresses that are that are exploding out there, and the lack of skills and the number of cyber tools that are coming to the market. Now, as you know, in these segments, we'd like to share insights from the cube. And I want you to listen to two American statesman and what they said, on The Cube. Here's general Keith Alexander, who's the former director of the NSA, along with Dr. Robert Gates, who's the former director of the CIA and former Secretary of Defense, play the clip. >> When you think about threats, you think about nation states, so you can go to Iran, Russia, China, North Korea, and then you think about criminal threats, and all the things like ransomware. Some of the nation state actors are also criminals at night, so they can use nation state tools and my concern about all the evolution of cyber threats is that the attacks are getting more destructive. >> I think cyber and the risks associated with cyber, and IT need to be a regular part of every board's agenda. >> So you hear General Alexander really underscore the danger, as well, Dr. Gates is articulating what we've said many times on the cube that cyber security is a board level agenda item. Now, the comments from both of these individuals represent what I would consider tailwinds for cyber technology companies. Now we're going to drill into some of those today. But it's not all frictionless. There are headwinds to in this market space, cloud migration, the shift from north south south to East West network traffic, its pressure traditional appliance based perimeter security solutions, increase complexity and lack of skills and other macro factors, including questions on ROI. CFO saying, hey, we spend all this cash, why aren't we more secure? Now, I want you to hear from two chief information security officers officers on both the challenges that they face and how they're dealing with them. Roll the clip. >> Lack of talent, I mean, we're starving for talent. Cybersecurity is the only field in the world with negative unemployment. We just don't have the actual bodies to actually fill the gaps that we have and in that lack of talent Cecil's are starving. >> I think that the public cloud offers us a really interesting opportunity to reinvent security right. So if you think about all of the technologies and processes and many of which are manual over the years, I think we have an opportunity to leverage automation to make our work easier in some ways. >> Now I featured Brian Lozada and Katie Jenkins before and breaking analysis segments, and you can hear it from the cyber leaders, we lack the talent, and cloud computing and automation are areas we're pursuing. So this challenges security companies to respond. But at the end of the day, companies have no no choice. In other words, organizations buying security solutions, the sophistication of the attacker is very high and the answer to my CFO and ROI is fear based. If you don't do this, you might lose billions in market cap. Now, I want you to take a listen to these cubilam talking about the attacker of sophistication and the importance of communication skills in order to fund cyber initiatives, really to keep up with the bad guys, please play the clip. >> The adversary is talented and they're patient, they're well funded okay, that's that's where it starts. And so, you know why why bring an interpreter to a host when there's already one there right? Why write all this complicated software distribution when I can just use yours. And so that's that's where the play the game starts. And and the most advanced threats aren't leaving footprints because the footprints already there, you know, they'll get on a machine and behaviorally they'll check the cash to see what's hot. And what's hot in the cash means that behaviorally, it's a fast they can go they're not cutting a new trail most of the time, right? So living off the land is not only the tools that they're using the automation, your automation they're using against you, but it's also behavioral. >> That's why the most the most important talent or skill that a security professional needs is communication skills. If you can't articulate technical risk into a business risk to fund your program, it's, you know, it's very hard for you to actually be successful in security. >> Now, the really insidious thing about what TK Keanini just said is the attackers are living off the land, meaning they're using your tools and your behaviors to sneak around your data unnoticed. And so as Brian Lozada said, as a security Pro, you need to be a great communicator in order to get the funding that you need to compete with the bad guys. Which brings me to the RSA conference. This is why you as a security practitioner attend, you want to learn more, you want to obtain new skills, you want to bring back ideas to the organization. Now one of the things I did to prepare for this segment is to read the RSA conference content agenda, which was co authored by Britta Glade and I read numerous blogs and articles about what to expect at the event and from all that I put together this word cloud, which conveys some of the key themes that I would expect you're going to hear at the shows. Look at skills jump right out, just like Brian was saying, the human element is going to be a big deal this year. IoT and the IT OT schism, everyone's talking about the Olympics, and seeing that as a watershed event for cyber, how to apply machine learning and AI is a big theme, as is cloud with containers and server less. phishing, zero trust and frameworks, framework for privacy, frameworks for governance and compliance, the 2020 election and weaponizing social media with deep fakes, and expect to hear a lot about the challenges of securing 5G networks, open source risks, supply chain risks, and of course, the need for automation. And it's no surprise there's going to be a lot of talk about cyber technology, the products and of course, the companies that sell them. So let's get into the market and unpack some of the ETR spending data and drill into some of these companies. The first chart I want to show you is spending on cyber relative to other initiatives. What this chart shows is the spending on cyber security highlighted in the green in relation to other sectors in the ETR taxonomy. Notice the blue dot. It shows the change in spending expected in 2020 versus 2019. Now, two points here. First, is that despite the top of my narrative that we always hear, the reality is that other initiatives compete for budget and you just can't keep throwing cash at the security problem. As I've said before, we spend like .014% percent of our global GDP on cyber, so we barely scratched the surface. The second point is there's there's there's a solid year on year growth quite high at 12% for a sector that's estimated at 100 to 150 billion dollars worldwide, according to many sources. Now let's take a look at some of the players in this space, who are going to be presenting at the RSA conference. You might remember to my 2020 predictions in that breaking analysis I focused on two ETR metrics, Net Score, which is a measure of spending velocity and Market Share, which measures pervasiveness in the data set. And I anointed nine security players as four star players. These were Microsoft, Cisco, Palo Alto Networks, Splunk, Proofpoint, Fortinet, Oka, Cyber Ark and CrowdStrike. What we're showing here is an update of that data with the January survey data. My four star companies were defined as those in the cyber security sector that demonstrate in both net scores or spending momentum, that's the left hand chart and market share or pervasiveness on the right hand chart. Within the top 22 companies, why did I pick 22? Well, seemed like a solid number and it fit nicely in the screen and allowed more folks. So a few takeaways here. One is that there are a lot of cyber security companies in the green from the standpoint of net score. Number two is that Fortinet and Cisco fell off the four star list because of their net scores. While still holding reasonably well, they dropped somewhat. Also, some other companies like Verona's and Vera code and Carbon Black jumped up on the net score rankings, but Cisco and Fortinet are still showing some strength in the market overall, I'ma talk about that. Cisco security businesses up 9% in the quarter, and Fortinet is breaking away from Palo Alto Networks from a valuation perspective, which I'm going to drill into a bit. So we're going to give Cisco and Fortinet two stars this survey period. But look at Zscaler. They made the cut this time their net score or spending momentum jumped from 38% last quarter to nearly 45% in the January survey, with a sizable shared in at 123. So we've added Zscaler to the four star list, they have momentum, and we're going to continue to watch that quarterly horse race. Now, I'd be remiss if I didn't point out that Microsoft continues to get stronger and stronger in many sectors including cyber. So that's something to really pay attention to. Okay, I want to talk about the valuations a bit. Valuations of cyber security space are really interesting and for reasons we've discussed before the market's hot right now, some people think it's overvalued, but I think the space is going to continue to perform quite well, relative to other areas and tech. Why do I say that? Because cyber continues to be a big priority for organizations, the software and annual recurring revenue contribution ARR continues to grow, M&A is going to continue to be robust in my view, which is going to fuel valuations. So Let's look at some of the public companies within cyber. What I've compiled in this chart is eight public companies that were cited as four star or two star firms, as I defined earlier, now ranked this by market value. In the columns, we show the market cap and trailing 12 month revenue in billions, the revenue multiple and the annual revenue growth. And I've highlighted Palo Alto Networks and Fortinet because I want to drill into those two firms, as there's a valuation divergence going on between those two names, and I'll come back to that in just a minute. But first, I want to make a few points about this data. Number one is there's definitely a proportional relationship between the growth rate and the revenue multiple or premium being paid for these companies. Generally growth ranges between one and a half to three times the revenue multiple being paid. CrowdStrike for example has a 39 x revenue multiple and is growing at 110%, so they're at the high end of that range with a growth at 2.8 times their revenue multiple today. Second, and related, as you can see a wide range of revenue multiples based on these growth rates with CrowdStrike, Okta and now Zscaler as the standouts in this regard. And I have to call at Splunk as well. They're both large, and they have high growth, although they are moving beyond, you know, security, they're going into adjacencies and big data analytics, but you you have to love the performance of Splunk. The third point is this is a lucrative market. You have several companies with valuations in the double digit billions, and many with multi billion dollar market values. Cyber chaos means cash for many of these companies, and, of course for their investors. Now, Palo Alto throw some of these ratios out of whack, ie, why the lower revenue multiple with that type of growth, and it's because they've had some execution issues lately. And this annual growth rate is really not the best reflection of the stock price today. That's really being driven by quarterly growth rates and less robust management guidance. So why don't we look into that a bit. What this chart shows is the one year relative stock prices of Palo Alto Networks in the blue and compared to Fortinet in the red. Look at the divergence in the two stocks, look at they traded in a range and then you saw the split when Palo Alto missed its quarter last year. So let me share what I think is happening. First, Palo Alto has been a very solid performance since an IPO in 2012. It's delivered more than four Rex returns to shareholders over that period. Now, what they're trying to do is cloud proof their business. They're trying to transition more to an AR model, and rely less on appliance centric firewalls, and firewalls are core part of the business and that has underperformed expectations lately. And you just take Legacy Tech and Cloud Wash and Cloud native competitors like Zscaler are taking advantage of this and setting the narrative there. Now Palo Alto Network has also had some very tough compares in 2019 relative to 2018, that should somewhat abate this year. Also, Palo Alto has said some execution issues during this transition, especially related to sales and sales incentives and aligning that with this new world of cloud. And finally, Palo Alto was in the process of digesting some acquisitions like Twistlock, PureSec and some others over the past year, and that could be a distraction. Fortinet on the other hand, is benefiting from a large portfolio refresh is capitalizing on the momentum that that's bringing, in fact, all the companies I listed you know, they may be undervalued despite, of all the company sorry that I listed Fortinet may be undervalued despite the drop off from the four star list that I mentioned earlier. Fortinet is one of those companies with a large solution set that can cover a lot of market space. And where Fortinet faces similar headwinds as Palo Alto, it seems to be executing better on the cloud transition. Now the last thing I want to share on this topic is some data from the ETR regression testing. What ETR does is their data scientists run regression models and fit a linear equation to determine whether Wall Street earnings consensus estimates are consistent with the ETR spending data, they started trying to line those up and see what the divergence is. What this chart shows is the results of that regression analysis for both Fortinet and Palo Alto. And you can see the ETR spending data suggests that both companies could outperform somewhat expectations. Now, I wouldn't run and buy the stock based on this data as there's a lot more to the story, but let's watch the earnings and see how this plays out. All right, I want to make a few comments about the sale of the RSA asset. EMC bought RSA for around the same number, roughly $2 billion that SDG is paying Dell. So I'm obviously not impressed with the return that RSA has delivered since 2006. The interesting takeaway is that Dell is choosing liquidity over the RSA cyber security asset. So it says to me that their ability to pay down debt is much more important to Dell and their go forward plan. Remember, for every $5 billion that Dell pays down in gross debt, it dropped 25 cents to EPS. This is important for Dell to get back to investment grade debt, which will further lower its cost. It's a lever that Dell can turn. Now and also in thinking about this, it's interesting that VMware, which the member is acquiring security assets like crazy and most recently purchased carbon black, and they're building out a Security Division, they obviously didn't paw on the table fighting to roll RSA into that division. You know maybe they did in the financial value of the cash to Dell was greater than the value of the RSA customers, the RSA product portfolio and of course, the RSA conference. But my guess is Gelsinger and VMware didn't want the legacy tech. Gelsinger said many times that security is broken, it's his mission to fix it or die trying. So I would bet that he and VMware didn't see RSA as a path to fixing security, it's more likely that they saw it as a non strategic shrinking asset that they didn't want any part of. Now for the record, and I'm even won't bother showing you the the data but RSA and the ETR data set is an unimpressive player in cyber security, their market share or pervasiveness is middle of the pack, so it's okay but their net score spending velocities in the red, and it's in the bottom 20th percentile of the data set. But it is a known brand, certainly within cyber. It's got a great conference and it's been it's probably better that a PE company owns them than being a misfit toy inside of Dell. All right, it's time to summarize, as we've been stressing in our breaking analysis segments and on the cube, the adversaries are very capable. And we should expect continued escalation. Venture capital is going to keep pouring into startups and that's going to lead to more fragmentation. But the market is going to remain right for M&A With valuations on the rise. The battle continues for best of breed tools from upstarts like CrowdStrike and Okta and Zscaler versus sweets from big players like Cisco, Palo Alto Networks and Fortinet. Growth is going to continue to drive valuations. And so let's keep our eyes on the cloud, remains disruptive and for some provides momentum for others provides friction. Security practitioners will continue to be well paid because there's a skill shortage and that's not going away despite the push toward automation. Got in talk about machine intelligence but AI and ML those tools, there are two edged sword as bad actors are leveraging installed infrastructure, both tools and behaviors to so called live off the land, upping the stakes in the arms race. Okay, this is Dave Vellante for Wikibon's CUBE Insights powered by ETR. Thanks for watching this breaking analysis. Remember, these episodes are all available as podcasted Spotfire or wherever you listen. Connect with me at david.vellante at siliconangle.com, or comment on my LinkedIn. I'm @dvellante on Twitter. Thanks for watching everybody. We'll see you next time. (upbeat music).

>> From the SiliconANGLE Media Office in Boston, Massachusetts, it's theCUBE. Now, here's your host, Dave Vellante. >> Hello everyone and welcome to this week's episode of theCUBE Insights, powered by ETR. In this Breaking Analysis I want to lay out my 2020 predictions using insights gleaned from theCUBE blended with ETR spending data. You know, 2019 marked our 10th year of doing theCUBE. Over that time we've had the pleasure of covering nearly 1000 events and milestones, including the exit from the great softness of 2008 and 2009. You know theCUBE has extensively tracked a 10 year bull market. We've covered the era of data. We saw the rise and profitless prosperity of the big data and opensource Hadoop movement, where we predicted the practitioners, not vendors, would benefit the most from big data. We've covered many dozens of acquisitions including the 60 billion dollar chess move made by Michael Dell acquiring EMC, and a launch of hundreds of startups in flash, hyper-converged, big data, AI, blockchain, crypto, security and SaaS. There'll be other days to talk about theCUBE and review that, today's all about predicting the future, using spending data and insights from the thousands of interviews we've done on theCUBE. So let's get right into the ETR data and start with the high-level spending. Remember in October, ETR released its survey results and stated that we're coming out of a multiyear investment cycle in digital transformation. Enterprise IT buyers have learned what works, and on which technologies they're going to double down. They're now narrowing their investments on emerging technologies, picking those winners for the next gen tech, and at the same time, they're cutting redundancies from legacy players that they were keeping on as a hedge. Buyers are picking bundled suites from a handful of mega vendors, and solidifying their investments. We're seeing a multi-generational dynamic repeat itself, where buyers are creating a balance between the convenience of packaged offerings, i.e. bundles, and leveraging best of breed technologies to drive innovation. So on balance, the ETR data shows that a contraction in spending and tepid CIO sentiment is impacting both emerging vendors as well as traditional players, and these trends are most pronounced in the very largest organizations, which have always been the best bellwether in ETR's data sets. Let me share with you what one IT executive said recently that I think really sums up the situation quite well. He said, "ETR's findings mirror what we're doing today, "in that we spend most of 2018 bringing in "a lot of the new, core technology. "I believe what you're seeing now is not a lull in spend, "but an operationalization of what we've already purchased. "We're not spending on what's next yet, "because we're still rolling out what we just bought." This is from a VP of global IT at a large public manufacturing company, I said he, it could be a she as well. I think that she's summing it up correctly, and it reflects many of what customers on theCUBE tell us. Now, let's take a look at the macroeconomy. GDP growth is going to come in at about 2.3% this year, give or take. It's not going to hit the Trump administration's goal of 3% plus, but consumers are clearly powering steady growth. At least for now. IT spending should grow at about a point or two above GDP, so let's put that at, say, 4%. We're right in the middle of a Santa Claus rally, and the S&P is above 3200 today. Tech has been a powerful tailwind for stocks, and I think stocks, tech stock's going to take a breath in early 2020, but I expect continued strong growth in the economy and tech spending after a Q1 pause. I could see the S&P flirting with 3700 or even higher in 2020, and I think the tech sector will be a benefactor of that momentum, providing an impetus for continued growth. Here's my thinking on that. So much of 2020 is going to be about the election, and to me the election is going to be really about the economy. And I predict the economy is going to remain steady. And as the IT leader I quoted earlier said, customers will be operationalizing what's been previously purchased. Here's what's different in 2020. Tech projects have historically been very risky investments, and have required higher internal rates of return, IRRs, to get approved by CFOs. But the cloud has altered two factors. One, is that it's allowed more experimentation for way less money. The second is cloud, by shifting CAPEX to OPEX, allows for much more incremental, lower risk investments. So I think you'll see continued steady growth, powered by the cloud, which allows experimentation, and importantly higher hit rates of success. These successful projects will throw off cash for companies, and CFOs are getting on board because they realize it's driving innovation. They also realize that IT does matter, maybe not in the form that Nick Carr envisioned, but a new generation of IT that creates competitive advantage. This brings me to my first main prediction, which is the growth of cloud computing is going to moderate, but the cloud will continue to steal significant share from on-prem spending. Now the narrative that the pendulum is swinging back in my view, is a false narrative. Rather, the pendulum has swung, and the cloud is the underpinning of innovation. Now having said that, I do think we're seeing a bit of an equilibrium in spending, where buyers have identified those workloads that are going to remain on-prem, which is why you see, for example, AWS, Azure, and Google making moves in hybrid. Hybrid slash on-prem offerings. What this chart here shows from ETR, so from 2010 through October '19 survey on cloud spending, I had to block out the 2020 survey as it's currently in the field, I'm not allowed to show that data. The yellow line is market share, which in ETR parlance, as you remember, is pervasiveness, or mentions in their survey. The blue line is spending momentum, measured as net score, which essentially subtracts the percent of customers spending less from those spending more. The long, steady march of cloud, as you can see, continues, and there's no indication that it's going to abate. That said, the penetration of cloud has become much more meaningful, so share gains will be more hard-fought for the cloud guys. Now, you may see this as a non-prediction, or a hedge. It's not, let me be clear. Cloud will continue to steal share from on-prem, but share gains for the cloud vendors will be more difficult. Which brings me to part B of this prediction. What I'm showing in this chart is market share from ETR's January 2016 survey through October '19. And I'm showing spending for three on-prem vendors within AWS, Azure, and Google Cloud accounts. And I'm picking on Oracle, IBM, and Dell EMC as three prominent on-prem proxies, and you can see the steady decline in market share for these companies. And even though there's a bit of an uptick in October, I don't see this as a reversal. What's going to happen is that traditional on-prem vendors are going to step up their cloud strategies. Specifically with multicloud management. This is going to be the case with Dell, who's going to leverage VMware, and in the case of IBM, they'll try to take advantage of Red Hat in that multicloud game. Now both IBM and Oracle, who each have public clouds are going to dig their heels in, they're going to get customers in a headlock, and provide big financial incentives for them to use their captive clouds. All right, so with the high-level spending comments that I made earlier, and that cloud discussion that we just had as a backdrop, the question is, which companies will do well in the coming year? I'm going to call out five companies, that I want to highlight where the ETR data intersects what we're seeing on theCUBE. The prediction is these five players will do well in 2020, they're going to power through any downturn in spending, and they're going to thrive in the face of the cloud share shift. So the chart here shows data from the ETR October 2019 survey, and it lays out net score or spending momentum for these companies, that I am predicting will be winners in 2020 and beyond. And the five companies are UIPath, Snowflake, Databricks, HashiCorp, and Rubrik. Let me start with UIPath. They are the leader in robotic process automation. I think RPA is going to do well even in a downturn, because more companies will be looking to automate and save money, even in a softer climate. Automation Anywhere is another player in this space, they're doing pretty well, and I predict that UIPath will come out on top of this space, but both UIPath and Automation Anywhere can thrive. Next company is Snowflake, they are changing the analytic database market, and I've covered them before in previous Breaking Analysis segments. They are going to continue to grow nicely in my view. They are 100% cloud-based, and they participate in all popular cloud platforms. Now ironically, they compete with AWS RedShift, who continues to copy some of the innovations that Snowflake has popularized. But AWS and Snowflake are strong partners, so there's room for both companies to thrive. Snowflake especially, as they play in clouds other than just AWS. Which brings me to Databricks. We're seeing a new type of workload emerge in the cloud for modern analytic databases, where organizations are taking all this data that they have, lots of it in the cloud, and they're structuring it within a Snowflake database, or RedShift, and they're bringing Databricks tooling to the equation to be able to query and visualize the data in near real time. Now of course, as I say, AWS plays here with RedShift, and they're selling a lot of EC2, so they love Snowflake. All major cloud players are seeing this type of workload enter the mix, and it's going to be a strong area of growth in 2020 and beyond. Next thing I want to talk about is HashiCorp. HashiCorp is capitalizing on this trend toward cloud-native computing. The company provides opensource tooling for developers, and is all about simplifying application deployment independent of the underlying platform, whether it's virtual, container, or cloud. Five years ago, the players in the space that got all the attention on theCUBE were Chef, Puppet, Ansible and Salt, and today, especially again on theCUBE, you hear the most about Hashi and Ansible, and in fact we were at AnsibleFest with theCUBE, and we heard lots about HashiCorp, so they both complement and compete with the older players. To me, this reminds me of Spark within the Hadoop ecosystem. Hashi has raised about 174 million in VC, and as you can see they have very strong spending momentum in the ETR dataset, with a net score, as shown, of 63%. Now finally, I want to talk about Rubrik, which has been a consistent performer in the ETR dataset. They're trying to transform backup into data management as a discipline. They compete with established players in the data protection space, guys like Veritas, Dell EMC, IBM and CommVault. Now Rubrik is not the only new or newish player here, that's doing very well, Cohesity, who's relatively new, Veeam, which has been around for a decade, both doing very well and showing up strong in ETR surveys, especially Veeam, but Rubrik has been a consistently strong performer and has been outpacing the others, so I want to call them out. Look for these five to do very well in 2020, and into the next decade. So that brings me to my next prediction, I want to talk about Kubernetes. This prediction is twofold. Kubernetes is going to continue its strong showing as this data from ETR shows. This is Kubernetes' market share in the October 2019 survey, so Kubernetes spend had a 76% net score. So very very strong. But the other part of the prediction is that Kubernetes will become embedded into virtually every platform, and people will stop thinking about it as a separate market. Already today, there's little discussion of the idea of a Kubernetes distro, I mean Anthos is an example of a Kubernetes stack, but it can be run in the cloud, it can be run on-prem, anywhere. VMware Tanzu, Microsoft Azure Arc are other examples, they're really not stacks, but they're management platforms that can manage anyone's Kubernetes instances. I like to think of this as kind of like flash. You remember when everyone looked at flash storage as a separate market, well today it's just embedded everywhere. And that's kind of what's happening with Kubernetes. So spending momentum is going to continue to be strong, but by 2023, Kubernetes will be ubiquitous, and not really thought of as a separate entity. All right, for my next prediction, I want to talk about cybersecurity. I did a Breaking Analysis earlier this year on security, and I showed this slide. And as you can see, I've added a little something in the red stars for my prediction. So what this chart shows is two views of net score, the left-hand side shows the ranking by net score, and you can see CrowdStrike, Okta, Shape Security, which was just, by the way, bought by F5, that was an announcement. Twistlock, which is now Palo Alto Networks, and you can see the others down that list. On the right-hand side is net score, but it's ranked by shared N, which is a measure of pervasiveness in the ETR dataset. What I've added is the four star companies, that is those companies that have both spending momentum and are pervasive in the ETR survey. So the prediction is 2020 we'll see the four star companies maintain their position and gain strength in 2020. These include established players with portfolios where they can bundle like Microsoft, Cisco, Palo Alto Networks, Splunk, Proofpoint, Fortinet, and CyberArk Software. And then the newer companies like Okta and CrowdStrike are going to continue to gain share faster than the larger players. Now you also may see companies like SailPoint, Illumio, and SentinelOne emerge as four star companies over the next 24 months. Now the one company that's not on this list that is a major player in security is AWS. AWS is the cloud security leader, and is in a category all by itself in many ways. As I said in my security segment earlier this year, the market is incredibly fragmented, and it's going to stay that way. Each year we look back and say "Did we spend more on security?" and "Are we more safe?" And every year the answer is yes, and no. And 2020 will be no different. Now if you look at the various data sources, we spend approximately 120 billion dollars annually on cybersecurity. The worldwide economy is about 85 trillion in dollar terms, so on balance, we spend about .14% on securing our economy, so we're barely scratching the surface. The market is going to remain highly fragmented, the rich will get richer if they have four stars, new players will continue to enter the space, and M&A will continue to be robust. Now if you exclude my long shot that the S&P will break through 3700 next year, that makes nine predictions. For my 10th and final prediction, I don't have hard data from ETR, but I have a strong opinion on this, and that is that the edge will be won by developers, you've heard me talk about this before. Specifically, platforms like Outposts, which are essentially programmable infrastructure which bring a cloud development platform to the edge, is how that space will evolve. It won't be won by shoving traditional servers and storage boxes out to the edge. Rather, it will grow by coders being able to build new applications and workloads on top of infrastructure as code. Okay, that wraps up my 2020 predictions. I'd very much like to hear your opinion, so you can leave your thoughts or your own predictions in the comments sections of this video, or go to my LinkedIn posts. You can reach me @DVellante on Twitter, love to hear your thoughts. And don't forget, this series is available on iTunes, Spotify, and other podcast platforms for your listening pleasure. I'd like to wish everyone a safe and restful holiday season and a prosperous, healthy 2020. Enjoy your families, enjoy this time, this is Dave Vellante, signing out from the latest episode of theCUBE Insights powered by ETR, thanks for watching, everybody. We'll see you next time. (techno music)

>> From the SiliconANGLE Media office in Boston, Massachusetts, it's theCUBE. Now, here's your host, Dave Vellante. (dramatic music) >> Hi, everyone, welcome to this week's Breaking Analysis. It's Friday, October 18th, and this is theCUBE Insights, powered by ETR. Today, ETR had its conference call, its webcast. It was in a quiet period, and it dropped this tome. I have spent the last several hours going through this dataset. It's just unbelievable. It's the fresh data from the October survey, and I'm going to share just some highlights with you. I wish I had a couple hours to go through all this stuff, but I'm going to just pull out some of the key points. Spending is flattening. We've talked about this in previous discussions with you. But, things are still healthy. We're just reverting back to pre 2018 levels and, obviously, keeping a very close eye on the spending data and the sectors. There is some uncertainty heading into Q four. It's not only tariffs, you know. 2020's an election year, so that causes some uncertainty and some concerns for people. But, the big theme from ETR is there's less experimentation going on. The last several years have been ones where we're pushing out digital initiatives, and there was a lot of experimentation, a lot of redundancy. So, I'm going to talk more about that. I'm going to focus on a couple of sectors. I'm going to share with you there's the overall sector analysis. Then, I'm going to focus in on Microsoft and AWS and talk a little bit about the cloud. Then, I'm going to give some other highlights and, particularly, around enterprise software. The other thing I'll say is that the folks from ETR are going to be in the Bay Area on October 28th through the 30th, and I would encourage you to spend some time with them. If you want to meet them, just, you know, contact me @dvellante on Twitter or David.Vellante@siliconangle.com. I have no dog in this fight. I get no money from these guys. We're just partners and friends, but I love their data. And, they've given me access to it, and it's great because I can share it with you, our community. So, let's get right into it. Alex, if you just bring up the first slide, what I want to show is the ETR pulse check survey demographics, so every quarter, ETR does these surveys. They've got a dataset comprising 4500 members, panelists if you will, that they survey each quarter. In this survey, 1336 responded, representing 457 billion in spending power, and you can see from this slide, you know, it's got a nice mix of large companies. Very heavily weighted toward North America, but you're talking about, you know, 12% AMIA out of 1300. Certainly substantial and statistically significant to get some trends overseas. You can see across all industries. And then, job titles, a lot of C level executives, VPs, architects, people who know what the spending climate looks like, so I really like the mix of data. Let me make some overall comments, and, Alex, the next slide sort of gives some snapshot here. The big theme is that there's a compression in tech spending, as they say. It's very tough to compare to compare to 2018, which was just a phenomenal year. I mentioned the tariffs. It was an election year. Election years bring uncertainty. Uncertainty brings conservatism, so that's something, obviously, that's weighing, I think, on buyers' minds. And, I'll give you some anecdotal comments in a moment that will underscore that. There's less redundancy in spending. This has been a theme of ETR's for quite some time now. The last few years have been a try everything type of mode. Digital initiatives were launched, let's say, starting in 2016. ETR called this, I love this, Tom DelVecchio, the CEO of ETR, called it a giant IT bake off where you were looking at, okay, cloud versus on prem or SaaS versus conventional models, new databases versus legacy databases, legacy storage versus sort of modern storage stacks. So, you had this big bake off going on. And, what's happening now is you're seeing less experimentation so less adoption of new technologies, and replacements are on the rise. So, people are making their bets. They're saying, "Okay, these technologies "are the ones we're going to bet on, "these emerging disruptive technologies." So, they're narrowing their scope of emerging technologies, and they're saying, "Okay, now, "we're going to replace the legacy stuff." So, you're seeing these new stacks emerging. I mentioned some others before, but things like cloud native versus legacy waterfall approaches. And, these new stacks are hitting both legacy and disruptive companies for the reasons that I mentioned before because we're replacing legacy, but at the same time, we're narrowing the scope of the new stuff. This is not necessarily good for the disruptors. Downturns, sometimes, are good for legacy because they're perceived as a safer bet. So, what I want to do, right now, is share with you some of the anecdotals from the survey, and I'll just, you know, call out some things. By the way, the first thing I would note is, you know, ETR did sort of an analysis of frequency of terms. Cloud, cost, replacing, change, moving, consolidation, migration, and contract were the big ones that stood out. But, let me just call a couple of the anecdotals. When they do these surveys, they'll ask open ended questions, and so these kind of give you a good idea as to how people are thinking. "We're projecting a hold based on impacts from tariffs. "Situation could change if tariff relief is reached. "We're really concerned about EU." Another one, "Shift to SaaS is accelerating "and driving TCO down. "Investing in 2019, we're implementing "and retiring old technologies in 2020. "There's an active effort to consolidate "the number of security vendor solutions. "We're doing more Microsoft." Let's see, "We have moved "to a completely outsourced infrastructure model, "so no longer purchasing storage," interesting. "In general, we're trying to reduce spending "based on current market conditions." So, people, again, are concerned. Storage, as a category, is way down. "We're moving from Teradata to AWS and a data lake." I'll make some comments, as well, later on about EDW and Snowflake in particular, who, you know, remains very healthy. "We're moving our data to G Suite and AWS. "We're migrating our SaaS offering to elastic. "We're sunsetting Cognos," which, of course, is owned by IBM. "Talend, we decided to drop after evaluating. "Tableau, we've decided to not integrate anymore," even though Tableau is, actually, looking very strong subsequent to the sales force acquisition. So, there's some comments there that people, again, are replacing and they're narrowing some of their focus on spending. All right, Alex, bring up the next slide. I want to share with you the sector momentum. So, we've talked about this methodology of net score. Every time ETR does one of these pulse surveys, they ask, "Are you spending more or are you spending less? "Or, are you spending the same?" And then, essentially, they subtract the spending less from the spending more, and the spending more included new adoptions. The spending less includes replacements. And, that comes out with a net score, and that net score is an indicator of momentum. And, what you can see here is, the momentum I've highlighted in red, is container orchestration, the container platforms, machine learning, AI, automation, big theme. We were just at the UiPath conference, huge theme on automation. And, of course, robotic process automation, RPA. Cloud computing remains very strong. This dotted red line that I put in there, that's at the, you know, 30%, 35% level. You kind of want to be above that line to really show momentum. Anything below that line is either holding serve, holding steady, but well below that line, when you start getting into the low 20s and the teens, is a red zone. That's a danger zone. You could see data warehouse software is kind of on that cusp. and I'm not, you know, a huge fan of the sector in general, but I love Snowflake and what they're doing and the share gains that are going on there. So, when you're below that red line, it's a game of share gain. Storage, same thing we've talked about. The overall storage sector is down. It's being pressured by cloud, as that anectdotal suggested. It's also being pressured by the fact that so much flash has been injected into the data center over the last couple of years. That given headroom for buyers. They don't need as much storage, so overall, the sector is soft. But then, you see companies, like Pure, continuing to gain share, so they're actually quite strong in this quarter survey. So, you could see some various sectors here. IT consulting and outsourced IT not looking strong, data center consolidation. By the way, you saw, in IBM's recent earnings, Jim Kavanaugh pointed to their outsourcing business as a real drag, you know. Some of these other sectors, you could see, actually, PC laptop, this is obviously a big impact for Dell and HP, you know, kind of holding steady. Actually, better than storage, so, you know, for that large of a segment, not necessarily such a bad thing. Okay, now, what I want to do, I want to shift focus and make some comments on Microsoft, specifically, and AWS. So, here's just some high level points on this slide on Microsoft. The N out of that total was 1200, so very large proportion of the survey is weighted toward Microsoft. So, a good observation space for Microsoft. Extremely positive spending outlook for this company. There's a lot of ways to get to Microsoft. You want cloud, there's Azure, you know. Visualization, you got Power BI. Collaboration, there's Teams. Of course, email and calendaring is Office 365. You need hiring data? Well, we just bought LinkedIn. CRM, ERP, there's Microsoft Dynamics. So, Microsoft is a lot of roads, to spend with Microsoft. Windows is not the future of Microsoft. Satya Nadella and company have done a great job of sort of getting out of that dogma and really expanding their TAM. You're seeing acceleration from Microsoft across all key sectors, cloud, apps, containers, MI, or machine intelligence, AI and ML, analytics, infrastructure software, data warehousing, servers, GitHub is strong, collaboration, as I mentioned. So, really, across the board, this portfolio of offerings powered by the scale of Azure is very strong. Microsoft has great velocity in the cloud, and it's a key bellwether. Now, the next slide, what it does is compares the cloud computing big three in the US, Azure, AWS, and GCP, Google Cloud Platform. This is, again, net score. This is infrastructure as a service, and so you can see here the yellow is Microsoft, that darker line is AWS, and GCP is that blue line down below. All three are actually showing great strength in the spending data. Azure has more momentum than AWS, so it's growing faster. We've seen this for a while, but I want to make a point here that didn't come up on the ETR call. But, AWS is probably two and a half to three times larger in infrastructure as a service than is Microsoft Azure, so remember, AWS has a $35 billion at least run rate business in infrastructure as a service. And, as I say, it's two and a half to three times, at least, larger than Microsoft, which is probably a run rate of, let's call it, 10 to 12 billion, okay. So, it's quite amazing that AWS is holding at that 66 to now dropping to 63% net score given that it's so large. And, of course, way behind is GCP, much smaller share. In fact, I think, probably, Alibaba has surpassed GCP in terms of overall market share. So, at any rate, you could see all three, strong momentum. The cloud continues its march. I'll make some comments on that a little bit later. But, Azure has really strong momentum. Let's talk, next slide if you will, Alex, about AWS. Smaller sample size, 731 out of the total, which is not surprising, right. Microsoft's been around a lot longer and plays in a lot more sectors. ETR has a positive to neutral outlook on AWS. Now, you have to be careful here because, remember, what ETR is doing is they're looking at the spending momentum and comparing that to consensus estimates, okay. So, ETR's business is helping, largely, Wall Street, you know, buy side analysts make bets, and so it's not only about how much money they make or what kind of momentum they have in aggregate. It's about how they're doing relative to expectation, something that I explained on the last Breaking Analysis. Spending on AWS continues to be very robust. They've got that flywheel effect. Make no mistake that this positive to neutral outlook is relative to expectations. Relative to overall market, AWS is, you know, kicking butt. Cloud, analytics, big data, data warehousing, containers, machine intelligence, even virtualization. AWS is growing and gaining share. My view, AWS will continue to outperform the marketplace for quite some time now, and it's gaining share from legacy players. Who's it hurting? You're seeing the companies within AWS's sort of sphere that are getting impacted by AWS. Oracle, IBM, SAP, you know, cloud Arrow, which we mentioned last time is at all time lows, Teradata. These accounts, inside of AWS respondents, are losing share. Now, who's gaining share? Snowflake is on a tear. Mongo is very strong. Microsoft, interestingly, remains strong in AWS. In fact, AWS runs a lot of Microsoft workloads. That's, you know, fairly well known. But, again, Snowflake, very strong inside of AWS accounts. There's no indication that, despite AWS's emphasis on database and, of course, data warehouse, that Snowflake's being impacted by that. The reverse, Snowflake is taking advantage of cloud momentum. The only real negative you can say about AWS is that Microsoft is accelerating faster than AWS, so that might upset Andy Jassy. But, he'll point out, I guess, what I pointed out before, that they're much larger. Take a look at AWS on this next slide. The net score across all AWS sectors, the ones I mentioned. And, this is the growth in Fortune 500, so you can see, very steady in the large accounts. That's that blue line, you know, dipped in the October 18 survey, but look at how strong it is, holding 67% in Fortune 500 accounts. And then, you can see, the yellow line is the market share. AWS continues to gain share in those large accounts when you weight that out in terms of spending. That's why I say AWS is going to continue to do very well in this overall market. So, just some, you know, comments on cloud. As I said, it continues to march, it continues to really be the watchword, the fundamental operating model. Microsoft, very strong, expanding its TAM everywhere, I mean, affecting, potentially, Slack, Box, Dropbox, New Relic, Splunk, IBM, and Security, Elastic. So, Microsoft, very strong here. AWS continues to grow, not as strong as '18, but much stronger than its peers, very well positioned in database and artificial intelligence. And so, not a lot of softness in AWS. I mentioned on one of the previous Breaking Analysis, Kubernetes', actually, container's a little soft, so we always keep an eye on that one. And, Google, again, struggling to make gains in cloud. One of the comments I made before is that the long term surveys for Google looked positive, but that's not showing up yet in the near term market shares. All right, Alex, if you want to bring up the next slide, I want to make some quick comments before I close, on enterprise software. There was a big workday scare this week. They kind of guided that their core HR business was not going to be as robust as it had been previously, so this pulled back all the SaaS vendors. And, you know, the stock got crushed, Salesforce got hit, ServiceNow got hit, Splunk got hit. But, I tell you, you look at the data in this massive dataset, ServiceNow remains strong, Salesforce looks, very slight deceleration, but very sound, especially in the Fortune 100 in that GPP, the giant public and private companies that I talked about on an earlier call. That's one of the best indicators of strength. Tableau, actually, very strong, especially in large accounts, so Salesforce seems to be doing a good job of integrating there. Splunk, (mumbles) coming up shortly, I think this month. Securities, the category is very strong, lifting all ships. Splunk looks really good. Despite some of the possible competition from Microsoft, there's no indication that Splunk is slowing. There's some anecdotal issues about pricing that I talked about before, but I think Splunk is really dealing with those. UiPath's another company. We were just out there this past week at the UiPath Forward conference. UiPath, in this dataset, when you take out some of the smaller respondents, smaller number of respondents, UiPath has one of the highest net scores in the entire sample. UiPath is on a tear. I talked to dozens of customers this week. Very strong momentum, and then moving into, got new areas, and I'll be focusing on the RPA sector a little later on. But, automation, in general, really has some tailwinds in the marketplace. And, you know, the other comment I'll make about RPA is a downturn actually could help RPA vendors, who, by the way, all the RPA vendors look strong. Automation Anywhere, UiPath, I mentioned, Blue Prism, you know, even some of the legacy companies like Pega look, actually, very strong. A downturn in the economy could help some of the RPA vendors because would be looking to do more with less, and automation, you know, could be something that they're looking toward. Snowflake I mentioned, again, they continue their tear. A very strong share in expansion. Slightly lower than previous quarters in terms of the spending momentum, but the previous quarters were off the charts. So, also very strong in large companies. All right, so let me wrap. So, buyers are planning for a slowdown. I mean, there's no doubt about that. It's something that we have to pay very close attention to, and I think the marker expects that. And, I think, you know, it's okay. There's less spaghetti against the wall, we're going to try everything, and that's having a moderating effect on spending, as is the less redundancy. People were running systems in parallel. As they say, they're placing bets, now, on both disruptive tech and on legacy tech, so they're replacing both in some cases. Or, they're not investing in some of the disruptive stuff because they're narrowing their investments in disruptive technologies, and they're also replacing some legacy. We're clearly seeing new adoptions down, according to ETR, and replacements up, and that's going to affect both legacy and disruptive vendors. So, caution is the watchword, but, overall, the market remains healthy. Okay, so thanks for watching. This is Dave Vellante for CUBE Insights, powered by ETR. Thanks for watching this Breaking Analysis. We'll see you next time. (dramatic music)

>> From the Silicon Angle Media Office in Boston, Massachusetts, it's The Cube. Now, here's your host Dave Vellante. >> Hi everybody. Welcome to this Cube Insights powered by ETR. In this breaking analysis we're going to look at recent spending data from the ETR Spending Intentions Survey. We believe tech spending is slowing down. Now, it's not falling off a cliff but it is reverting to pre-2018 spending levels. There's some concern in the bellwethers of specifically financial services and insurance accounts and large telcos. We're also seeing less redundancy. What we mean by that is in 2017 and 2018 you had a lot of experimentation going on. You had a lot of digital initiatives that were going into, not really production, but sort of proof of concept. And as a result you were seeing spending on both legacy infrastructure and emerging technologies. What we're seeing now is more replacements. In other words people saying, "Okay, we're now going into production. We've tried that. We're not going to go with A, we're going to double down on B." And we're seeing less experimentation with the emerging technology. So in other words people are pulling out, actually some of the legacy technologies. And they're not just spraying and praying across the entire emerging technology sector. So, as a result, spending is more focused. As they say, it's not a disaster, but it's definitely some cause for concern. So, what I'd like to do, Alex if you bring up the first slide. I want to give you some takeaways from the ETR, the Enterprise Technology Research Q4 Pulse Check Survey. ETR has a data platform of 4,500 practitioners that it surveys regularly. And the most recent spending intention survey will actually be made public on October 16th at the ETR Webcast. ETR is in its quiet period right now, but they've given me a little glimpse and allowed me to share with you, our Cube audience, some of the findings. So as I say, you know, overall tech spending is clearly slowing, but it's still healthy. There's a uniform slowdown, really, across the board. In virtually all sectors with very few exceptions, and I'll highlight some of the companies that are actually quite strong. Telco, large financial services, insurance. That's rippling through to AMIA, which is, as I've said, is over-weighted in banking. The Global 2000 is looking softer. And also the global public and private companies. GPP is what ETR calls it. They say this is one of the best indicators of spending intentions and is a harbinger for future growth or deceleration. So it's the largest public companies and the largest private companies. Think Mars, Deloitte, Cargo, Coke Industries. Big giant, private companies. We're also seeing a number of changes in responses from we're going to increase to more flat-ish. So, again, it's not a disaster. It's not falling off the cliff. And there are some clear winners and losers. So adoptions are really reverting back to 2018 levels. As I said, replacements are arising. You know, digital transformation is moving from test everything to okay, let's go, let's focus now and double-down on those technologies that we really think are winners. So this is hitting both legacy companies and the disrupters. One of the other key takeaways out of the ETR Survey is that Microsoft is getting very, very aggressive. It's extending and expanding its TAM further into cloud, into collaboration, into application performance management, into security. We saw the Surface announcement this past week. Microsoft is embracing Android. Windows is not the future of Microsoft. It's all these other markets that they're going after. They're essentially building out an API platform and focusing in on the user experience. And that's paying off because CIOs are clearly more comfortable with Microsoft. Okay, so now I'm going to take you through some themes. I'm going to make some specific vendor comments, particularly in Cloud, software, and infrastructure. And then we'll wrap. So here's some major themes that really we see going on. Investors still want growth. They're punishing misses on earnings and they're rewarding growth companies. And so you can see on this slide that it's really about growth metrics. What you're seeing is companies are focused on total revenue, total revenue growth, annual recurring revenue growth, billings growth. Companies that maybe aren't growing so fast, like Dell, are focused on share gains. Lately we've seen pullbacks in the software companies and their stock prices really due to higher valuations. So, there's some caution there. There's actually a somewhat surprising focus given the caution and all the discussion about, you know, slowing economy. There's some surprising lack of focus on key performance indicators like cash flow. A few years ago, Splunk actually stopped giving, for example, cash flow targets. You don't see as much focus on market capitalization or shareholders returns. You do see that from Oracle. You see that last week from the Dell Financial Analyst Meeting. I talked about that. But it's selective. You know these are the type of metrics that Oracle, Dell, VMware, IBM, HPE, you know generally HP Inc. as well will focus on. Another thing we see is the Global M&A across all industries is back to 2016 levels. It basically was down 16% in Q3. However, well and that's by the way due to trade wars and other uncertainties and other economic slowdowns and Brexit. But tech M&A has actually been pretty robust this year. I mean, you know take a look at some examples. I'll just name a few. Google with Looker, big acquisitions. Sales Force, huge acquisition. A $15 billion acquisition of Tableau. It also spent over a billion dollars on Click software. Facebook with CTRL-labs. NVIDIA, $7 billion acquisition of Mellanox. VMware just plunked down billion dollars for Carbon Black and its own, you know, sort of pivotal within the family. Splunk with a billion dollar plus acquisition of SignalFx. HP over a billion dollars with Cray. Amazon's been active. Uber's been active. Even nontraditional enterprise tech companies like McDonald's trying to automate some of the drive-through technology. Mastercard with Nets. And of course the stalwart M&A companies Apple, Intel, Microsoft have been pretty active as well as many others. You know but generally I think what's happening is valuations are high and companies are looking for exits. They've got some cool tech so they're putting it out there. That you know, hey now's the time to buy. They want to get out. That maybe IPO is not the best option. Maybe they don't feel like they've got, you know, a long-term, you know, plan that is going to really maximize shareholder value so they're, you know, putting forth themselves for M&A today. And so that's been pretty robust. And I would expect that's going to continue for a little bit here as there are, again, some good technology companies out there. Okay, now let's get into, Alex if you pull up the next slide of the Company Outlook. I want to start with Cloud. Cloud, as they say here, continues it's steady march. I'm going to focus on the Big 3. Microsoft, AWS, and Google. In the ETR Spending Surveys they're all very clearly strong. Microsoft is very strong. As I said it's expanding it's total available market. It's into collaboration now so it's going after Slack, Box, Dropbox, Atlassian. It's announced application performance management capabilities, so it's kind of going after new relic there. New SIM and security products. So IBM, Splunk, Elastic are some targets there. Microsoft is one of the companies that's gaining share overall. Let me talk about AWS. Microsoft is growing faster in Cloud than AWS, but AWS is much, much larger. And AWS's growth continues. So it's not as strong as 2018 but it's stronger, in fact, much stronger than its peers overall in the marketplace. AWS appears to be very well positioned according to the ETR Surveys in database and AI it continues to gain momentum there. The only sort of weak spot is the ECS, the container orchestration area. And that looks a little soft likely due to Kubernetes. Drop down to Google. Now Google, you know, there's some strength in Google's business but it's way behind in terms of market share, as you all know, Microsoft and AWS. You know, its AI and machine learning gains have stalled relative to Microsoft and AWS which continue to grow. Google's strength and strong suit has always been analytics. The ETR data shows that its holdings serve there. But there's deceleration in data warehousing, and even surprisingly in containers given, you know, its strength in contributing to the Kubernetes project. But the ETR 3 Year Outlook, when they do longer term outlook surveys, shows GCP, Google's Cloud platform, gaining. But there's really not a lot of evidence in the existing data, in the near-term data to show that. But the big three, you know, Cloud players, you know, continue to solidify their position. Particularly AWS and Microsoft. Now let's turn our attention to enterprise software. Just going to name a few. ETR will have an extensive at their webcast. We'll have an extensive review of these vendors, and I'll pick up on that. But I just want to pick out a few here. Some of the enterprise software winners. Workday continues to be very, very strong. Especially in healthcare and pharmaceutical. Salesforce, we're seeing a slight deceleration but it's pretty steady. Very strong in Fortune 100. And Einstein, its AI offering appears to be gaining as well. Some of the acquisitions Mulesoft and Tableu are also quite strong. Demandware is another acquisition that's also strong. The other one that's not so strong, ExactTarget is somewhat weakening. So Salesforce is a little bit mixed, but, you know, continues to be pretty steady. Splunk looks strong. Despite some anecdotal comments that point to pricing issues, and I know Splunk's been working on, you know, tweaking its pricing model. And maybe even some competition. There's no indication in the ETR data yet that Splunk's, you know, momentum is attenuating. Security as category generally is very, very strong. And it's lifting all ships. Splunk's analytics business is showing strength is particularly in healthcare and pharmaceuticals, as well as financial services. I like the healthcare and pharmaceuticals exposure because, you know, in a recession healthcare will, you know, continue to do pretty well. Financial services in general is down, so there's maybe some exposure there. UiPath, I did a segment on RPA a couple weeks ago. UiPath continues its rapid share expansion. The latest ETR Survey data shows that that momentum is continuing. And UiPath is distancing itself in the spending surveys from its broader competition as well. Another company we've been following and I did a segment on the analytics and enterprise data warehousing sector a couple weeks ago is Snowflake. Snowflake continues to expand its share. Its slightly slower than its previous highs, which were off the chart. We shared with you its Net Score. Snowflake and UiPath have some of the highest Net Scores in the ETR Survey data of 80+%. Net Score remembers. You take the we're adding the platform, we're spending more and you subtract we're leaving the platform or spending less and that gives you the Net Score. Snowflake and UiPath are two of the highest. So slightly slower than previous ties, but still very very strong. Especially in larger companies. So that's just some highlights in the software sector. The last sector I want to focus on is enterprise infrastructure. So Alex if you'd bring that up. I did a segment at the end of Q2, post Q2 looking at earning statements and also some ETR data on the storage spending segment. So I'll start with Pure Storage. They continue to have elevative spending intentions. Especially in that giant public and private, that leading indicator. There are some storage market headwinds. The storage market generally is still absorbing that all flash injection. I've talked about this before. There's still some competition from Cloud. When Pure came out with its earnings last quarter, the stock dropped. But then when everybody else announced, you know, negative growth or, in Dell's case, Dell's the leader, they were flat. Pure Storage bounced back because on a relative basis they're doing very well. The other indication is Pure storage is very strong in net app accounts. Net apps mix, they don't call them out here but we'll do some further analysis down the road of net apps. So I would expect Pure to continue to gain share and relative to the others in that space. But there are some headwinds overall in the market. VMware, let's talk about VMware. VMware's spending profile, according to ETR, looks like 2018. It's still very strong in Fortune 1000, or 100 rather, but weaker in Fortune 500 and the GPP, the global public and private companies. That's a bit of a concern because GPP is one of the leading indicators. VMware on Cloud on AWS looks very strong, so that continues. That's a strategic area for them. Pivotal looks weak. Carbon Black is not pacing with CrowdStrike. So clearly VMware has some work to do with some of its recent acquisitions. It hasn't completed them yet. But just like the AirWatch acquisition, where AirWatch wasn't the leader in that space, really Citrix was the leader. VMware brought that in, cleaned it up, really got focused. So that's what they're going to have to do with Carbon Black and Security, which is going to be a tougher road to hoe I would say than end user computing and Pivotal. So we'll see how that goes. Let's talk about Dell, Dell EMC, Dell Technologies. The client side of the business is holding strong. As I've said many times server and storage are decelerating. We're seeing market headwinds. People are spending less on server and storage relative to some of the overall initiatives. And so, that's got to bounce back at some point. People are going to still need compute, they're still going to need storage, as I say. Both are suffering from, you know, the Cloud overhang. As well, storage there was such a huge injection of flash it gave so much headroom in the marketplace that it somewhat tempered storage demand overall. Customers said, "Hey, I'm good for a while. Cause now I have performance headroom." Whereas before people would buy spinning discs, they buy the overprovision just to get more capacity. So, you know, that was kind of a funky value proposition. The other thing is VxRail is not as robust as previous years and that's something that Dell EMC talks about as, you know, one of the market share leaders. But it's showing a little bit of softness. So we'll keep an eye on that. Let's talk about Cisco. Networking spend is below a year ago. The overall networking market has been, you know, somewhat decelerating. Security is a bright spot for Cisco. Their security business has grown in double digits for the last couple of quarters. They've got work to do in multi-Cloud. Some bright spots Meraki and Duo are both showing strength. HP, talk about HPE it's mixed. Server and storage markets are soft, as I've said. But HPE remains strong in Fortune 500 and that critical GPP leading indicator. You know Nimble is growing, but maybe not as fast as it used to be and Simplivity is really not as strong as last year. So we'd like to see a little bit of an improvement there. On the bright side, Aruba is showing momentum. Particularly in Fortune 500. I'll make some comments about IBM, even though it's really, you know, this IBM enterprise infrastructure. It's really services, software, and yes some infrastructure. The Red Hat acquisition puts it firmly in infrastructure. But IBM is also mixed. It's bouncing back. IBM Classic, the core IBM is bouncing back in Fortune 100 and Fortune 500 and in that critical GPP indicator. It's showing strength, IBM, in Cloud and it's also showing strength in services. Which is over half of its business. So that's real positive. Its analytics and EDW software business are a little bit soft right now. So that's a bit of a concern that we're watching. The other concern we have is Red Hat has been significantly since the announcement of the merger and acquisition. Now what we don't know, is IBM able to inject Red Hat into its large service and outsourcing business? That might be hidden in some of the spending intention surveys. So we're going to have to look at income statement. And the public statements post earnings season to really dig into that. But we'll keep an eye on that. The last comment is Cloudera. Cloudera once was the high-flying darling. They are hitting all-time lows. They made the acquisition of Hortonworks, which created some consolidation. Our hope was that would allow them to focus and pick up. CEO left. Cloudera, again, hitting all-time lows. In particular, AWS and Snowflake are hurting Cloudera's business. They're particularly strong in Cloudera's shops. Okay, so let me wrap. Let's give some final thoughts. So buyers are planning for a slowdown in tech spending. That is clear, but the sky is not falling. Look we're in the tenth year of a major tech investment cycle, so slowdown, in my opinion, is healthy. Digital initiatives are really moving into higher gear. And that's causing some replacement on legacy technologies and some focus on bets. So we're not just going to bet on every new, emerging technology, were going to focus on those that we believe are going to drive business value. So we're moving from a try-everything mode to a more focused management style. At least for a period of time. We're going to absorb the spend, in my view, of the last two years and then double-down on the winners. So not withstanding the external factors, the trade wars, Brexit, other geopolitical concerns, I would expect that we're going to have a period of absorption. Obviously it's October, so the Stock Market is always nervous in October. You know, we'll see if we get Santa Claus rally going into the end of the year. But we'll keep an eye on that. This is Dave Vellante for Cube Insights powered by ETR. Thank you for watching this breaking analysis. We'll see you next time. (upbeat tech music)

>> From the SiliconANGLE Media Office in Boston, Massachusetts, it's theCUBE! Now here's your host, Dave Vellante. >> Hi, everybody, welcome to this Cube Insights, powered by ETR. In this breaking analysis I want to talk to you about what I learned this week at Dell Technology's financial analyst meeting in New York. They gathered all the financial analysts, Rob Williams hosted it, he's the head of IR, Michael Dell of course was there. They had Dennis Hoffman who is the head of strategic planning, Jeff Clarke who basically runs the business and Tom Sweet, of course, who was the star of the show, the CFO, all the analysts want to see him. Dell laid out its longterm goals, it provided much clearer understanding of its strategic direction, basically focused on three areas. Dell believes that IT is getting more complex, we know that, they want to capitalize on that by simplifying IT. We'll talk about that. And then they want to position for the wave of digital transformations that are coming and they also believe, Dell believes, that it can capitalize on the consolidation trend, consolidating vendors, so I'll talk about each of those. And so let me bring up the first slide, Alex, if you would. The takeaways from the Dell financial analyst meeting. Let me share with you the overall framework that Tom Sweet laid out. And I have to say, the messaging was very consistent, these guys were very well-prepared. I think Dell is, from a management perspective, very well-run company. They're targeting three to 5% growth on what they're saying is a 4% GDP forecast. Or sorry, 4%, I have GDP here, it's really 4% industry growth. GDP's a little lower than that obviously. So this is IDC data, Gartner data, 4% industry growth. So that's an error on my part, I apologize. The strategies to grow relative to their competition. So grow share on a relative basis. So whatever the market does, again, not GDP, but whatever the market does, Dell wants to grow faster than the market. So it wants to gain share, that's its primary metric. From there they want to grow operating income and they want to grow that faster than revenue, that's going to throw off cash. And then they're going to also continue to delever the balance sheet. I think they paid down 17 billion in debt since the EMC acquisition. They want to get to a two X debt to EBITA ratio within 18 months. And what they're saying is, you know, they talked about, Tom Sweet talked about this consistent march toward investment-grade rating. They've been talkin' about that for awhile. He made the comment, we don't need to have a triple A rating but we want to get to the point where we can reduce our interest expense, and that will, 'cause they'll drop right into the bottom line. So they talked about these various levers that they can turn, some of them under the P and L, gaining share, some are their operating structure and their organizational structure, and one big one is obviously their debt structure. The other key issue here is will this cut the liquidity discount that Dell faces? What do I mean by that? Well, VMware has about a $60 billion valuation. Dell owns about 80% of VMware, which would equate to 48 billion. But if you look at Dell's market cap, it's only 37 billion. So it essentially says that Dell's core business is worth minus 11 billion. We used to talk about this when EMC owned VMware. Its core business only comprised about 40% of the overall value of the company, in this case because of the high debt, Dell has a negative value. And it's not just the high debt. Michael Dell has control over the voting shares, it's essentially a conglomerate structure, there's very high debt, and it's a relatively low margin business, notwithstanding VMware. And so as a result, Dell trades at a discount relative to what you would think it should trade at, given its prominence in the market, $92 billion company, the leader in every category under the sun. So that's the big question is can Dell turn these levers, drop EBITA or cash to the bottom line, affect operating income, and then ultimately pay down its debt and affect that discount that it trades at? Okay, bring up, if you would, Alex, the next slide. Now I want to share with you the takeaways from the Dell line of business focus. This really was Jeff Clarke's presentations that I'm going to draw from. Servers, we know, they're softer demand, but the key there is they're really faced tough compares. Last year, Dell's server business grew like crazy. So this year the comparisons are lessened. But there's less spending on servers. I'll share with you some of the ETR data. Storage, they call it holding serve, you saw last quarter I did an analysis, I took the ETR data and the income statement, it showed Pure was gaining share at like 22% growth from the income statement standpoint. Dell was 0% growth but is actually growing faster than its competitors. With the exception of Pure. It's growing faster than the market. So Dell actually gained share with 0% growth. Dell's really focused on consolidating the portfolio. They've cut the portfolio down from 80, I think actually the right number is 88 products, down to 20 by May of 2020. They've got some new mid-range coming, they've just refreshed their data protection portfolio, so again, by May of next year, by Dell Technologies World they'll have a much, much more simplified portfolio. And they're gaining back share. They've refocused on the storage business. You might recall after the acquisition, EMC was kind of a mess. It was losing share before the acquisition, it was so distracted with all the Elliott Management stuff goin' on. And kind of took its eye off the ball, and then after the acquisition it took awhile for them to get their act together. They gained back about 375 basis points in the last 18 months. Remember a basis point is 1/100th of 1%. So gaining share and their consistent focus on trying to do that. Their PC business, which is actually doin' quite well, is focused on the commercial segment and focused on higher margins. They made the statement that the PCs are kind of undersupply right now so it's helping margins. There's a big focus in Jeff Clarke's organization on VMware integration. To me this makes a lot of sense. To the extent that you can take the VMware platform and make Dell hardware run VMware better, that's something that is an advantage for Dell, obviously. And at the same time, VMware has to walk the fine line with the ecosystem. But certainly it's earned the presence in the market now that it can basically do what I just said, tightly integrate with Dell and at the same time serve the ecosystem, 'cause frankly, the ecosystem has no choice. It must serve VMware customers. The strategy, essentially, is to, as I say, capitalize on vendor consolidation, leverage value across the portfolio, so whether it's pivotal, VMware integration, the security portfolio, try to leverage that and then differentiate with scale. And Dell really has the number one supply chain in the tech business. Something that Dave Donatelli at HP, when he was at HP, used to talk about. HPE doesn't really talk about that supply chain advantage anymore 'cause essentially it doesn't have it. Dell does. So Jeff Clarke's reorganization, he came in, he streamlined the organization, really from the focus on R and D to product to collaboration across the organization and the VMware integration. I actually was quite impressed with when I first met Jeff Clarke I guess two years ago now, what he and the organization have accomplished since then. No BS kind of person. And you can see it's starting to take effect. So we'll keep an eye on that. The next slide I want to show you, I want to bring in the ETR data. We've been sharing with you the ETR spending intention surveys for the last couple of weeks and months. ETR, enterprise technology research, they have a data platform that comprises 4,500 practitioners that share spending data with them. CIOs, IT managers, et cetera. What I'm showing here is a cut off of the server sector. So I'm going to drill down into server and storage. So these are spending intentions from the July survey asking about the second half of 2019 relative to the first half of 2019. And this is a drill-down into the giant public and private firms. Why do I do that? Because in meeting the ETR, this is the best indicator. So it's big, big public companies and big private companies. Think Uber. Private companies that spend a ton of dough on IT. UPS before it went public, for example. So those companies are in here. And they're, according to ETR, the best indicators. What this chart shows, so the bars show, and I've shared this with you a number of times, the lime green is we're adding, we're new to this platform, we're new adoption. The evergreen is we're spending more, the gray is we're spending the same, the light red or pink is we're spending less, and the dark red is we're leaving the platform. So if you subtract the red from the green you get what's called a net score, and that's that blue line. And this is the overall server spending intentions from that July survey. The end is about 525 respondents out of the 4,500. And this is, again, those that just answered the question on server. So you can see the net score on server spend is dropping. And you can see the market share on server is dropping. The takeaway here is that servers, as a percentage of overall IT spend, are on a downward slope, and have been for quite some time. Back to the January '16 survey. Okay, so that's going to serve us. Let's take a look at the same data for storage. So if, Alex, if you bring up the storage sector slide, You can see kind of a similar trend. And I would argue what's happening here, a couple of things. You've got the CLOB effect, I'll talk about that some more, and you've also got, in this case, the flash, all-flash array effect. What happened was you had all-flash arrays and flash come into the data center, and that gave performance a huge headroom. Remember, spinning disk was the last bastion of mechanical movement and it was the main bottleneck in terms of overall application performance. IO was the problem. Well you put a bunch of flash into the system and it gives a lot of headroom. People used to over-provision capacity just for performance reasons. So flash has had the effect of customers saying, hey, my performance is good, I don't need to over-provision anymore, I don't need to buy so much. So that combined with cloud, I think, has put down the pressure on the storage business as well. Now the next slide, Alex, that I want you to bring up is the vendor net scores, the server spending intentions. And what I've done is I've highlighted Dell EMC. Now what's happening here in the slide, and I realize it's an eye chart, but basically where you want to be in this chart is in the left-hand side. What it shows is the spending intentions and the momentum from the October '18, which is the gray, the April '19, which is the blue, and then the July '19 which is the most recent one. Again, the end is 525 in the servers for the July '19 survey. And you can see Dell's kind of in the middle of the pack. You'd love to be in the left-hand side, you know, Docker, Microsoft, VMware, Intel, Ubuntu. And you don't want to be on the right-hand side, you know, Fujitsu, IBM, is sort of below the line. Dell's kind of in the middle there, Dell EMC. The next slide I want to show you is that same slide for storage. And again, you can see here is that on-- So this is vendor net scores, the storage spending intentions. On the left-hand side it's all the high growth companies. Rubrik, Cohesity, Nutanix, Pure, VMware with vSAN, Veeam. You see Dell EMC's VxRail. On the right-hand side, you see the guys that are losing momentum. Veritas, Iron Mountain, Barracuda, HitachiHDS, Fusion-io still comes up in the survey after the acquisition by Western Digital. Again, you see Dell EMC kind of holding serve in the middle there. Not great, not bad. Okay, so that's kind of just some other ETR data that I wanted to share. All right, next thing we're going to talk about is the macros market summary. And Alex, I've got some bullet points on this, so if you bring up that slide, let me talk about that a little bit. So five points here. First, cloud continues to eat away at on-prem, despite all this talk about repatriation, which I know does happen. People try to throw everything to the cloud and they go, whoa! Look at my Amazon bill, yeah, I get that. That's at the margin. The main trend is that cloud continues to grow. That whole repatriation thing is not moving the on-prem market. On-prem is kind of steady eddy. Storage is still working through that AFA injection. Got a lot of headroom from performance standpoint. So people don't need to buy as much as they used to because you had that step function in performance. Now eventually the market will catch up, all this digital transformation is happening, all this data is flowing through the system and it will catch up, and the storage market is elastic. As NAN prices fall, people will, I predict, will buy more storage. But there's been somewhat of a lull in the overall storage market. It's not a great market right now, frankly, at the macro level. Now ETR does these surveys on a quarterly basis. They're just about to release the October survey, and they put out a little glimpse on Friday about this survey. And I'll share some bullet points there. Overall IT spending clearly is softening. We kind of know that, everybody kind of realizes that. Here's the nuance. New adoptions are reverting to pre-2018 levels, and the replacements are rising. What does this mean? So the number of respondents that said, oh yes, we're adopting this platform for the first time is declining, and the replacements are actually accelerating. Why is that? Well I was at ETR last week and we were talking about this and one of the theories, and I think it's a good one, is that 2016, 2017 was kind of experimentation around digital transformation. 2018, people started to put things into production or closer to production, they were running systems in parallel, and now they're making their bets, they're saying, hey, this test worked, let's put this heavy into production in 2019, and now we're going to start replacing. So we're not going to adopt as much stuff 'cause we're not doing as much experimentation. We're going to now focus and narrow in on those things that are going to drive our business, and we're going to replace those things that aren't going to drive our business. We're going to start unplugging them. So that's some of what's happening. Another big trend is Microsoft. Microsoft is extending its presence throughout. They're goin' after collaboration, you saw the impact that they had on Slack and Slack stock recently. So Slack Box, Dropbox, are kind of exposed there. They're goin' after security, they've just announced a SIM product. So Splunk and IBM, they're kind of goin' after that base. The application performance management vendors. For instance, New Relic. Microsoft goin' after them. Obviously they got a huge presence in cloud. Their Windows 10 cycle is a little slower this time around, but they've got other businesses that are really starting to click. So Microsoft is one of the few vendors that really is showing accelerated spending momentum in the ETR data. Financial services and telcos, which are always leading spender indicators, are actually very weak right now. That's having a spillover effect into Europe, which is over-banked, if I can use that term. Banking heavy, if you will. So right now it's not a pretty picture, but it's not a disaster. I don't want to necessarily suggest this as like going back to 2007, 2008, it's not. It's really just a matter of things are softening and it's, you know, maybe taking a little breath. Okay, so let me summarize the meeting overall. Again, it was a very well-run meeting. Started at 9:00, ended at 12:00, bagged lunch, go home. Nice and crisp. So these guys are very well-prepared. I think, again, Dell is a extremely well-managed company. They laid out a much clearer vision for Wall Street of its strategy, where it's headed. As they say, they're going after IT complexity. I want to make a comment on this. You think about Legacy EMC. Legacy EMC was not the company that you would expect to deal with complexity. In fact, they were the culprit of complexity. One of the things that Jeff Clarke did when he came in, he said, this portfolio's too complex, needs to be simplified. Joe Tucci used to say, overlap is better than gaps. Jeff Clarke said we got too much overlap. We don't have a lot of gaps so let's streamline that portfolio. Taking advantage of vendor consolidation, this is an interesting one. Ever since I've been in this business, which has been quite a long time now, I've been hearing that buyers want to consolidate the number of vendors that they have. They've really not succeeded in doing that. Now can they do that now 'cause there are less vendors? Well, in a sense, yes, there are less sort of on-prem big vendors. EMC's no longer in the market, you don't have companies like Sun and Digital anymore, Compact is gone. HP split in two, but still. You're not seeing a huge number of new vendors, at scale, come into the market. Except you've got AWS and Google as new players there. So I think that injects sort of a new dynamic that a lot of people like to put cloud aside and kind of ignore it and talk about the old on-prem business, but I think that you're going to see a lot of experimentations and workload ins and outs, particularly with AWS and Google and of course Azure, which is in itself, their cloud is almost a separate force. So we'll see how that shakes up. As I say, servers right now, Dell's got a very tough compare. I think Dell will be fine in the server space. Storage, it's all about simplifying the portfolio, they've got a refreshed portfolio focused on regaining share. They've rebranded everything Power, so their whole line is going to be Power by, if it's not already, by May of next year, Dell Technologies World. It's a much more scalable portfolio. And I think Dell's got a lot of valuation levers. They're a $92 billion company, they've got their current operations, their current P and L, their share gains, their cross-company synergies, particularly with VMware, they can expand their TAM into cloud with partnerships like they're doing with AWS and others, Google, Microsoft. The Edge is a TAM expansion opportunity to them. And also corporate structure. You've seen them. VMware acquired Pivotal. They're cleaning that up. I'm sure they could potentially make some other moves. Secureworks is out there, for example. Maybe they'll do some things with RSA. So they got that knob to turn and they can delever. Paying down the debt to the extent that they can get back to investment grade, that will lower their interest rates, that'll drop right to the bottom line, and they'll be able to reinvest that. And Tom Sweet said, within 18 months, we'll be able to get there with that two X ratio relative to EBITA, and that's when they're going to start having conversations with the rating agencies to talk about you know, hey, maybe we can get a better rating and lower our interest expense. Bottom line, did Wall Street buy the story? Yes. But I don't think it's going to necessarily change anything in the near term. This is a show me from Missouri, prove it, execute, and then I think Dell will get rewarded. Okay, so this is Dave Vellante, thanks for watching this Cube Insights powered by ETR. We'll see ya next time. (electronic music)

(orchestral music) >> Hi everybody my name is Dave Vallate and welcome to the special CUBE community event. You know, customers are on a digital journey. They're trying to transform themselves into a digital business, what's the difference between a business and a digital business? Well we think it's the way in which they use data. So we're here with a company Infinidat who's all about using data at multi petabyte scale. We have news, we have announcements, we're gonna drill down with subject matter experts, and we're gonna start with Brian Carmody, who's the chief technology officer of Infinidat. Brian, it's good to see you again. >> Good to see you too, Dave. And I can't believe it's been a year. >> It has been a year since we last sat down. If you had to summarize, Brian, the last twelve months in one word, what would it be? >> How about two words, "insane growth". >> Insane growth, okay. >> Yes, yes. >> Talk about that. >> Yeah so, as of this morning at least, Infinidat has a hair over 4.6 exabytes of customer data under management, which is just insanely cool and I'm not sure if I counted all of the zeroes properly, but it looks like it's around 180 trillion IOs served to happy customers so far as of this morning. >> Some mind boggling numbers, so let me ask you a question. Is this growth coming from, sort of traditional workloads? Is it new workloads, is it a mix? >> Oh, that's a great question. So you know, early in the Infinidat ramp, our early traction was with core banking, transaction processing applications. It was all about consolidation and replacing rows of venoxes with a single floor tile, Infinibox. But in the past year, virtually all of our growth has been an expansion outside of that core, and it's a movement into greenfield applications. So basically, obviously our customers are going into hardcore digital transformation, and this kind of changes the types of workloads that we're looking at, that we're supporting, but it also changes the value proposition, consolidation and stuff like that is all about the bottom line, it's about making storage more efficient, but once we get into the digital transformation, these greenfield applications which is what most of our new growth is, it's actually all about using your digital infrastructure as a revenue generating machine for opening up new markets, new opportunities, new applications et cetera. >> So when people talk about cloud native, that would be an example, using cloud native tool chains, that's what's happening on your systems. Is that correct? >> Yeah absolutely. And I can give you some examples. So I recently spent a day with a group of engineers that are working with autonomous vehicle sensor data. So this is telemetry coming off of self driving cars. And they're working with these ridiculously large, like multi petabyte data sets, and the purpose of this system is to make the vehicles more smarter, and more resistance to collisions, and ultimately more safe. A little bit before that, me and a bunch of other people from the team spent a day with another partner, they're also working with sensor data, but they're doing biometrics off of wearables. So they've perfected an algorithm that can, in real time, detect a heart attack from your pulse. And will immediately dispatch an ambulance to your geolocation of where, hopefully your arm is still connected to your body. And immediately send your electronic medical health records to that nearest hospital, and only then you get a video call on your phone from a doctor who says hey, are you sitting down? Your gonna be fine, you're having a heart attack, and an ambulance is gonna be there in two minutes. And the whole purpose of this is just to shave precious minutes off of that critical period of getting a person who's having a heart attack, to get them the medical care they need. >> Yeah, I'd say that's a non traditional workload. And the impact is saving lives, that's awesome. Now let's talk a little bit about your journey. You know, our friends at Gartner, they do these magic quadrants, a lot of people don't like 'em, I happen to think they're quite useful, as a guidepost, you guys have always been strong on the vision, and you've been executing. Where are you today in that quadrant? >> Yeah, it's an extreme honor. Gartner elevated us into the Leader's Quadrant last year, so customers take that very, very seriously. And the ability to execute access, is, what Gartner says it's, are you influencing the market? Are you causing the incumbents to change their strategies? And with our disruptive pricing, with our liability guarantees, our SLAs and stuff like that, Gartner felt like we met the criteria. And it's a huge honor, and we absolutely have our customers to thank for that because the magic quadrant isn't about what you tell Gartner, it's about what your customers tell Gartner. >> Congratulations on that, and I know the peer insight, you guys have done very well on that also. I want you to talk about the team, you're growing. To grow, you've gotta bring on good people. You've added some folks, talk about that a little bit. >> Yeah, yeah, well speaking of Gartner, we got Stan Zafos who recently joined. He's gonna be running product marketing for us. We're working with Doc, so he's a legend in the industry, so we're delighted to have him on board. Also, Steiny came over from Pure to join us as our field CTO, another legend who needs no introduction. So really, really happy about that. But also, it's not just, those are guys that customers see. But we're also experiencing this on the engineering side. So we, for example, we recently were very amused to realize that there are now more EMC fellows working at Infinidat, if you count Moshe, more EMC fellows working at Infinidat then working at Dell EMC, which is just, you know a humorous, kind of funny thing. So as the business has grown and has gotten momentum, you know, just like we're continuously amazed by the creativity and the things our customers are doing with data, every day, I am continuously amazed and humbled by the caliber of people that I get to work with every day. >> That's awesome. >> We're really, really happy about that. >> All right, well thank you for the recap of the past year, let's get into sort of some of the announcements today, and I wanna talk about the vision, so you have this Infinidat elastic data fabric, I'm interested in what that is, but I'm also, frankly even more interested in why. What's the "why" behind that? >> Sure. So elastic data fabric is Infinidat's roadmap, and our shared vision with customers for the future of enterprise storage. And the "why" is because customers demanded it. If we look at what's happening in the industry and the way that real customers are dealing with data right now, they have some of their data, and some of their workloads are running across public clouds. Some of them are in managed service providers. Some of them are SASs, and then they have on premises storage arrays, and elastic data fabric is Infinidat's solution that glues all of that together. It turns it into a single platform that spans on premises, colo, Infinidat powered managed service providers, Google, Amazon and Azure, and it glues it into a single platform for running workloads, so over the course of this of these presentations, we're gonna drill down into some of the enabling technologies that make this possible, but the net net, is that it is a brand new, next generation data plane for let's say for example, within a customer data center it allows customers to cluster multiple Infiniboxes together into what we call availability zones, and then manage that as a single entity. And that scales from a petabyte up to an exabyte of capacity per data center, and typically a customer would have one availability zone per data center and then one availability zone that can span multiple clouds, so that's the data plane. The control plane is the ability to manage all of this, no matter where the data lives, no matter where the workload is or needs to be and to manage it with a single pane of glass. And those are the kind of pieces of enabling technology that we're gonna unpack in the technical sessions. >> Two questions on that if I may. So you've got the data plane and the control plane, if I want to plug in to some other control plane, you know VMware control plane for instance, your API based architecture allows me to do that? Is that correct? >> Oh yeah, it's application aware, so for instance if you're running a VMware environment or a Kubernetes environment, it seamlessly integrates into that, and you manage it from a single API endpoint, and it's elastic, it scales up and down, and it's infinite and immortal. And probably the biggest problem that this solves for customers is it makes data migrations obsolete. It gives us the ability to decouple the data lifecycle from the hardware refresh lifecycle, which is a game changer for customers. >> I think you just answered my second question, which is what makes this unique? And that's at least one aspect of course. >> Yeah, I mean that's the, data migrations are the bane of customer's existence. And the larger the customer is, the more filer and erase sprawl they have, the more of a data migration headache they have. So when we kicked this project off five years ago, our call to action, the kernel of an idea that became elastic data fabric, was find a way to make it so that the next generation of infrastructure engineers that are graduated from college right now, will never know what a data migration is, and make it a story that old men in our industry talk about. >> Well that's huge because it is the bane of customers' existences. Very expensive, minimum $50,000 per migration, and many, many months, thanks Brian, for kicking this off, we've got a lot of ground to cover, and so we're gonna get into it now. We're gonna get into the news, we're gonna double click on some of the technologies and architectures, we're gonna hear from customers. And then it's your turn, we're gonna jump into the crowd chat and hear from you, so keep it right there. We'll be right back, right after this short break. (calming music) We're back with Doc D'Errico, the CMO of Infinidat. We're gonna talk about agility and manageability. Good to see you Doc. >> Good to see you again, Dave. >> All right, let's start in reverse order, let's start with manageability. What's your story there? >> Sure, happy to do that, you know Dave, we get great feedback from our customers on how simple and easy our systems are to manage. We have products like Infinimetrics which give them a lot of insights into the system. We have APIs, very simple and easy to use. But our customers keep asking for more insights into their environment, leveraging the analytics that we already do, now you've also heard just now about our elastic data fabric, which is our vision, Infinidat's vision for the data center, not just for today, but into the future. And our first instantiation of that vision in answering those customer responses, is a new cloud based platform, initially to provide some better monitoring and analytics, but then you're going to go into data migrations, auto provisioning, storage availability zones, and really your whole customer experience with Infinidat. >> So for my understanding, this is a SAS solution, is that correct? >> It is, it's a secure, multi site solution, so in other words, all of your Infinidat systems, wherever they are around the world, all visible through a single pane of glass. But the cloud based system gives us a lot of great power too, it gives us the agility to provide faster development and rapid enhancement based on feedback and feature requests. It also then provides you customizable dashboards in your system, dashboards that we can create very rapidly, giving you advisors and insights into a variety of different things. And we have lots of customers who are already engaged in using this. >> So I'm interested in this advisors and insights, my understanding is you guys got a data lake in the backend. You're mining that data, performing analytics on it. What kinds of benefits do customers get out of that? >> Well they can search into things, like abandoned volumes within their system. Tracking the growth of their storage environment. Configuration errors, like asymmetric ports and paths, or even just performance behaviors, like abnormal latencies or bandwidth patterns. >> So when you're saying abandoned volumes, your talking about like, reclaiming wasted space? >> Absolutely. >> To be able to reuse it. I mean people in the old days have done that because of a log structured file and they had to do it for performance, but you're doing it to give back money to the customers, is that right? >> That's exactly right, you know customers very often get requests from business units to spin off additional volume sets for whether it be a test environment or some specific application that they're running for some period of time. And then when they spin down the environment they sometimes leave the data set there thinking that they might need it again in the not so distant future, and then it sort of dies on the vine, it sits there taking up space and it's never used again, so we give them insights into when the last time things were accessed, how often it's accessed, what the IO patterns are, how many copies there might be, with snapshots and things like that. >> You mentioned strong customer feedback. Everybody says they get great customer feedback. But you've been with a lot of companies. How is this different, and what specifically is that feedback? >> Yeah, the analytics and insights are very unique, this is exactly what customers have been asking for from other vendors. Nobody does it, you know we're hearing such great stories about the impact on their costs. Like the capacity utilization, reclaiming all that abandoned capacity, being able to put new workloads and grow their environment without having to pay any additional costs is exciting to them. Identifying and correcting configuration issues, getting ahead of performance problems before they occur. Our customers are already saving time and money by leveraging this in our environment. >> All right let's pivot to agility. You've got Flex, what's your story there? What is Flex? >> Well Dave, imagine a world if you will, if you didn't have to worry about hardware anymore, right, it sounds like a science fiction story but it's not. >> Sounds like cloud. >> It sounds like cloud, and people have been migrating to the cloud and in the public cloud environment, we have a solution that we talked about a year ago called Neutrix Cloud, providing a sovereign based storage solution so that you can get the resilience and the performance of Infinibox or Infiniguard in your system today, but people want that experience on premises, so for the on premise experience, we're announcing Infinibox Flex, and Inifiniguard Flex, an environment where, you don't have to worry about the hardware, you manage your data, we'll manage the hardware, and you get to pay for what you use as you need it. You can scale up an down, we'll guarantee the availability. 100% availability, and with this environment, you'll get free hardware for life. >> Okay a lot of questions, so this sounds like your on prem cloud, right, you're bringing that cloud experience to the data, wherever it lives, you say you can scale up and scale down, how does that work, you're over provisioning, or, and you're not charging me for what I don't use, can you give us some details there? >> Well just like with an Infinibox, we're going to try to provide the customer with the Infinibox that they need not just for today, but for tomorrow. We're gonna work with the customer to look into the future and try to determine what are their performance requirements and capacity requirements over time. The customer will have the ability to manage the data configuration and the allocation of the storage and add or remove storage as they need it. As they need it, as they scale up, and we'll build them based on the daily average, just like the cloud experience, and if, as they reduce, same thing, it will adjust the daily average and build accordingly. >> Am I right, the customer will make some minimum commitment, and then if they go over that, you'll charge 'em for it, if they don't, then you won't charge 'em for it, is that correct? >> If they go over it, we'll charge them for the period they go over, if they continue to use it forever, we'll charge them that. If they reduce it back, then we'll charge them the reduced amount. >> So that gives them the flexibility there and the agility. Okay 100% availability, what's behind that? >> You know, we have a seven nines reliability metric that we manage to on a day to day basis. We have customers who have been running systems for years without any noticeable downtime, and when you have seven ninths, that's 3.16 seconds of availability per year. Right, the life cycle of an IO timeout is much longer than that, so effectively from the customer's application perspective, it's 100% available. We're willing to put our money where our mouth is. So if you experience downtime that's caused by our system at any time during that monthly period, you get the next month for free for the entire capacity. >> Okay, so that's a guarantee that you're making. >> That's a guarantee. >> Okay, read the fine print. But it sounds like the fine print is just what you said it is. >> It's pretty straight forward. >> Free hardware for life. Free, like a puppy? (laughs) >> No, free like in free, free meaning you're paying for the service, we're providing the capacity for you to put your data, and every three years, we will refresh that entire system with new hardware. And the minimum is three years, if you prefer because of your business practices to change that cycle, we'll work with you to find the time that makes the most sense. >> So I could do four years or five years if I wanted. >> You could do four years or five years. You could do three years and three months. And you'll get the latest and greatest hardware. We'll also, by the way provide the data migration services which is part of this cloud vision. So your not going to have to do any of the work. You're not going to have to pay for additional capital expense so that you have two sets of hardware on the floor for six months to a year while you do migration and work it into your schedules. We'll do that entire thing transparently for you in your environment, completely non disruptive to you. >> So you guys are all about petabyte scale. Hard enterprise problems, this isn't a mom and pop sort of small business solution, where do you see this play? Obviously service providers are gonna eat this stuff up. Give us some -- >> Yeah you know, service providers is a great opportunity for this. It's also a wonderful opportunity for Infiniverse. But any large scale environment this should be a shoo-in. And you know what, even if you're in a small scale environment that has a need that you wanna maintain that environment on premises, you're small scale, you wanna take advantage of your data more. You know you're going to grow your environment, but you're not quite sure how you're gonna do it. Or you have these sporadic workloads. Perhaps in the finance industry, you know we're in tax season right now, taxes just ended half a month ago right, there are plenty of businesses who need additional capacity for maybe four months of the year, so they can scale up for those four months and then scale back down. >> Okay, give us the bottom line on the customer impact. >> So the customer impact is really all about greater agility, the ability to provide that capacity and flexible model without big impact to their overall budget over the course of the year. >> All right Doc, thank you very much. Appreciate your time and the insight. >> It's my pleasure, Dave. >> All right, let's year from the customer, and we'll be right back. Right after this short break. >> Michael Gray is here, he's the chief technology officer of Boston based Thrive, Michael, good to see you. Thanks for coming on. >> Hey, glad to be here. >> So tell us about Thrive, what are you guys all about? >> You know, Thrive started almost 20 years ago as a traditional managed service provider. But really in the past four to five years transformed into a next generation managed service provider, primarily now, we're focusing on cyber security, cloud hosting and public cloud hosting, as well as disaster recovery. To me, and this is something that's primary to Thrive's focus, is application enablement. We're an application enablement company. So if your application is best run in Azure, then we wanna put it there, a lot of times we'll find that just due to business problems or legacy technologies, we have to build private clouds. Or even for security reasons, we want to build private cloud, or purely just because we're running into a lot of public cloud refugees. You know they didn't realize a lot of the, maybe incidental fees along the way actually climbed up to be a fairly big budget number. So you know, we wanna really look at people's applications and enable them to be high performance but also highly secure. >> So I'm curious as to when you brought in Infinidat, what the business impact was economically. There's all the sort of non TCO factors that I wanna explore, so was it the labor costs that got reduced, did you redeploy those resources? Was it actually the hardware, or? >> First and foremost, and you know this is going back many years, and I think I would say this is true for any data center cloud provider. The minute the phone rings and someone says my storage is slow, we're losing money. Okay, because we've had to pick up the phone and someone needs to address that. We have eliminated all storage performance help desk issues, it's now one thing I don't need to think about anymore. We know that we can rely on our performance. And we know we don't need to worry about that on a day to day basis, and that is not in question. Now the other thing is really, as we started to expand our Infinidat footprint geographically, we suddenly started to realize, not only do we have this great foundation built but we can leverage an investment we made to do things that we couldn't do before. Maybe we could do them but they required another piece of technology, maybe we could do them but they required some more licensing. Something like that, but really when we started the standardization, we did it for operational efficiency reasons, and then suddenly realized that we had other opportunities here. And I have to hand it to Infinidat. They're actually the ones that helped us craft this story. Not only is this just a solid foundation but it's something you can build on top of. >> Has that been your experience, that it's sort of reduced or eliminated traditional storage bottlenecks? >> Oh absolutely, and you know I mentioned before that storage forms have now become an afterthought to me. You know, and a little bit the way we look at our storage platform is from a performance standpoint, not a capacity standpoint, we can throw whatever we want at the Infinidat, and sort of the running joke internally is that we'll just smile and say is that all you got? >> You mean like mix workloads so you don't have to sort of tune each array for a particular workload? >> Yeah, and you know I can image that as someone who might be listening to what I'm saying, well hey come on, it can't really be that good. And I'm telling you from seeing it day to day, again you can just throw the workloads at it, and it will do what it says it does. You don't see that everyday, now as far as capacity goes, there's this capacity on demand model, which we're a huge fan of, they also have some other models, the flex model, which is very useful for budgeting purposes, what I will tell you is you have to sacrifice at least one floor tile for Infinidat, it's very off putting first on day one, and I remember my reaction. But again, as I was saying earlier, when you start peeling back the pieces of the technology and why theses things are, and the different flexibility on the financial side, you realize this actually isn't a downside, it's an upside. >> We're gonna talk performance with Craig Hebbert who's vice president with Infinidat, he focuses on strategic accounts, Craig, thanks for coming on. >> Thanks for having me. >> All right, so let's talk performance, everybody talks about performance they have their bench marketing, everybody's throwing Flash at the problem, you guys, you use Flash, but you didn't hop on that all Flash bandwagon, why and how are you different? >> Great question, we get it a lot with our customers. So we innovated, we spent over five years looking at the big picture, what the box would need today. What it would need in the future, and how would we arrive there by doing it economically? And so as you said, we use a small amount of Flash, that's a small percentage, two, three, four percent of the total box, but we do it by having a foundation that nobody else has, instead of throwing hardware at the solution, we have some specific mechanisms that nobody else has, we have a tri, which is a multi value structure that allows us to dynamically trace and track all of the IOs that come into the box, we ship intelligence. Everybody else ships dumb blocks of data. And so their only course of action to adopt new strategies is to bolt on the latest and greatest media. I've had a lot of experience at other companies where they've tried to shoehorn in new techniques whether it be a NAS Blade into an existing storage box or whether it be thin provisioning after the fact. And things that are done sort of like after the design is done never pan out very well. And the beauty with Infinibox is that all our protocols work the same way. I-ska-zin, NAS Block, it is all structured the same way. And that makes performance equal over all those protocols. And it makes it also easy to manage via the same API structure. >> So you're claiming that you can give equivalent or better performance with a combination of Flash and Spinning Disk than your competitors who are all Flash. Can you kind of add some color to that? >> Absolutely, so we use DRAM, all of our writes are ingested into the box through DRAM. We have 130 microsecond latency. Which is actually the lowest speed that fiber channel can attain, and so we're able to do things very, very quickly, it's 800 times faster NAND which is what our competitors are using. We have no raid structure on the SSD at all. So as things flow out of DRAM and go onto the SSD, our SSD is faster than everybody else's. Even though we use the same, so there's a mechanism there that we optimize. We write in large sequential blocks to the SSD. So the wear rate isn't the same as what our competitors are using, so everything we do is with an optimization, both for the present data and also the recall, and one of the things that culminates in a massive success for us, how we have those three tiers of data, but how we're able to out performance all Flash arrays, is that we do something, we hold data in cache for a massive amount of time, the average write latency in something like a VMAX is something like 13 seconds, the maximum is 28, we hold things for an astounding five minutes, and what that allows us to do is put profiles around things and remove randomness, randomness is something that's plagued data storage vendors for years. Whether it's random writes or random reads. If you can remove that randomness, then you can write out what are the slowest spinning disks out there, the Nearline SAS drives, but they're the fastest disks for sequential read, so if everything you write out is sequential, you can use the lowest cost disk, the Nearline SAS disk, and maximize their performance. And it's that technology, it's those patterns, 138 patterns that allow us to do all of these 38 steps in the process which augment our ability to serve customers data at a vastly reduced price. >> So your secret sauce is architecture intelligence as you call it, and then your able to provide lower cost media, and of course if Flash were lower cost, you'd be able to use that. There's no reason that you couldn't. Is that correct? >> We could but we wouldn't gain anything from it. A lot of customers say to us, why aren't you using more Flash, why don't you build an all Flash array? Why don't you use NVME? And we are actually the next version of the soft-wool-ship and the ME Capable as well as storage class memory. Why we don't do it is because we don't need it. Our customers have often said to us why don't you use 16 gig fiber channel or 32. And we haven't made that move because we don't move bottlenecks, we give customers a solution which is an end to end appliance, and so when we refresh the software stack, and we change the config with that, we make sure that the fiber channel is upgraded, we make sure that the three port, the Infiniban, everything comes with an uplift so there's not just one single area of a bottleneck. We could use more SSD but it would just be more money and we wouldn't be able to give you any more performance than we are today. >> So you have some hard news today. Tell us about that. >> Yeah I will. So we are a software company, and going back to the gen one I was here on day one when we started selling in the United States, when the first box was released it was 300,000 IOs, Moshe said he wanted a million IOs without changing the platform. We got up to about 900,000, that's a massive increase by just software tweaks, and so what we do is once the product has gone through its second year we go back and we optimize and we reevaluate. Which is what we did in the fall of 2018. And we were able to give a 30% uplift to our existing customers just with software tweaks in that area, so now we move to another config where we will introduce the 16, the 32 gig fiber channel cards and the MEO for fabric and storage class memory and all those things that are up and coming, but we don't need to utilize those until the price point drops. Right now if we did that, we'd just be like everybody else, and we would be driving up the price point, we're making the box ready to adapt those when the price point becomes accessible to our customers. >> Okay, last question, you spent a lot of time with strategic accounts, financial services, healthcare, insurance, what are some of the most pressing problems that you're hearing from them that you guys are helping them solve? >> It's a great question, so we see people with sprawl, managing many, many arrays, one of our competitors for instance for Splunk, they'll give you one array with one interface for the hot indexes, another mid tier array with another interface for the warm indexes. >> Brute force. >> Yeah, and then they'll give you a bunch of cold now storage on the back end with another disparate interface, all three of them are managed separately and you can't even control them from the same API. So what customers like about us, and just Splunk is one example. So we come in with just one 19 inch array and one rack, the hot indexes are handled by the DRAM, the warm indexes are handled by the SSD, and cold data's right there on the Nearline Sass drives. So they see from us this powerful, all encompassing solution that's better, faster, and cheaper. We sell on real, not effective, and so when encryption and things like this get turned on, the price point doesn't go up with Infinidat customers. They already know what they're buying. Everything else is just cream. And it's massive for economical reasons, as well as technological reasons. >> Excellent, Craig, thank you. >> Thank you very much for having me. >> Okay keep it right there everybody. We'll be right back after this short break. (calming music) We're back with Ken Steinhart who's a field CTO with Infinidat, Ken, good to see you again. >> Great to see you Dave, it's been a long while. >> It sure has, thanks for coming back on the CUBE here. So you have the customer perspective. You've worked with a lot of customers. You've been a customer, availability, high availability, obviously important, especially in the context of storage. What's Infinidat's story there? >> Well high availability's been a cornerstone for Infinidat obviously from the beginning. And it's really driven some pretty amazing things. Not the least of which has been seven nines of availability proven by the product. What's new and different now, is we're extending that with the ability to do active active clustering and it's the real deal, we're talking about the ability to have the exact same volume now at synchronous distances, presenting itself to both sites as if it were just a single volume. Now this is technology that's based upon the existing synchronous replication and Infinisnap technology that Infinidat has already had, and this is gonna provide always on, continuous operation, even able to be resilient against site failures, component failures, storage failures, server failures, whatever, we will provide true zero RPO and true zero RTO at distance, and it's able to provide the ability to provide consistency also by using a very lightweight witness which presents itself as a third, completely separate fault domain to be able to see both sites to ensure the integrity of information, while being able to read and write simultaneously at two sites to what logically looks like one single volume. This is gonna be supported with all the major cluster software and server environments. And it's incredibly easy to deploy. So that's really the first point associated with this. >> So let me follow up on that, so a lot of people talk about active active, a lot of companies. How is this specifically different? >> It's different in that it is going to be able to now change the economics, first and foremost. Up until now, typically, people have had to trade off between RPO, RTO and cost, and usually you can get two of the three to be positive but not all three. It's sort of like if you buy a car. RPO equates to the quality of the solution, RTO equates to the speed or time, cost is cost. If you buy a car, if it's good and it's fast it won't be cheap, if it's good and it's cheap, it won't be fast, and if it's fast and it's cheap it won't be good, so we're able to break that paradigm for the first time here, and we're gonna be able to now take the economics of multi site, disaster tolerant, cluster type solutions and do it at costs to what are comparable to what most people would do for just a single site implementation. >> And your secret sauce there is the architecture, it's the software behind it. >> Well it's actually a key point, the software is standard and included. And it's all about the software, this is an extension of the existing synchronous replication technology that Infinidat has had, standard and included, no additional costs, no separate quirky gateways or anything, being able to now have one single volume logically presented to two different sites in real time continuously for high availability. >> So what's the customer impact? >> The customer impact is continuous operation at economics that are comparable to what single site solutions have typically looked like. And that's just gonna be huge, we see this as possibly bringing multi site disaster tolerance and active active clustering to people that have never been able to afford it or didn't think they could afford it previously. That really brings us to the third part of this. The last piece is that, when you take an architecture such as Infinidat with Infinibox, that has been able to demonstrate seven nines of availability, and now you can couple that across at distance in synchronous distances to two data centers or two completely different sites, we are now able to offer a 100% uptime guarantee. Something that statistically hasn't really been particularly practical in the past, for a vendor to talk about, but we're now able to do it because of the technology that this architecture affords our customers. >> So guarantee as in, when I read the fine print, what does it say? >> Obviously we'll give the opportunity for our customers to read the fine print. But basically it's saying we're gonna stand behind this product relative to its ability to deliver for them, and obviously this is something customers we think are gonna be very, very excited about. >> Ken, thinks so much for coming on the CUBE, appreciate it. >> Pleasure's mine, Dave. As always. >> Great to see you. Okay, thank you for watching, keep it right there. We'll be right back, right after this short break. (calming music) Okay we're back for the wrap up with Brian Carmody. Brian, let's geek out a little bit. You guys are technologists, let's start with the software tech that we heard about today. What are the takeaways? >> Sure, so there's a huge amount of content in here, and software is most of it, so we have, first is R5. This is the latest software release for Infinibox. It improves performance, it improves availability with active active, it introduces non disruptive data mobility which is a game changer for customers for manageability and agility. Also as part of that, we have the availability of Infiniverse, which is our cloud based analytics and monitoring platform for Infinidat products, but it's also the next generation control plane that we're building. And when we talk about our roadmap, it's gonna grow into a lot more than it is today, so it's a very strategic product for us. But yeah, that's the net net on software. >> Okay, so but the software has to run on some underlying hardware, so what are the innovations there? >> Yeah, so I'm not sure if I'd call 'em innovations, I mean in our model, hardware is boring and commoditized and really all the important stuff happens in software. But we have listened, customers have asked us for it, we are delivering, 16 gigabit fiber channel is a standard option, and we're also giving a option for a 32 gig fiber channel, and a 25 gig ethernet, 25 gig ethernet, which is again, things that customers asking for 'em, and we've delivered, and also while we're on the topic of protocols and stuff like that, we're also demonstrating our NVMe over fabrics implementation, which is deployed with select customers right now, it is the world's fastest NVMe over fabrics implementation, it is a round trip latency of 52 microseconds which is half the time, roundtrip for us, is half the time that it takes a NAND Flash cell to recall its data, forgetting about the software stack on the round trip, that's gonna be available in the future for all of our customers, general availability via a software only update. >> That's incredible, all right, so to get out what that means for the road map. >> Oh sure, so basically with our road map, is we're laying out a very ambitious vision for the next 18 months of how to give customers ultimately what they are screaming for which is help us evolve our on premises storage from old school storage arrays and turn them into elastic data center scale clouds in my own data centers, and then come up and give us an easy, seamless way to integrate that into our public cloud and our off premises technologies, and that's where we're gonna be. Starting today, and taking us out the next 18 months. >> Well we covered a lot of ground today. Pretty remarkable, congratulations on the announcements. We covered all the abilities, even performance ability. We'll throw that one in there. So thank you for that, final word? >> The final word is probably just a message to our customers to say thank you, and for trusting us with your data. We take that covenant very seriously. And we hope that you with all of this work that we've done, that you feel we're delivering on our promise of value, to help them enable competitive advantage and do it at multi petabyte scale. >> Great, all right thank you Brian. And thank you, now it's your turn. Hop into the crowd chat, we've got some questions for you, you can ask questions of the experts that are on the call. Thanks everybody for watching. This is Dave Vallante signing out from the CUBE.