>> Live from Washington DC, it's theCUBE covering AWS Public Sector Summit 2018. Brought to you by Amazon Web Services and its ecosystem partners. >> Welcome back to our nation's capital. You're watching theCUBE, the worldwide leader in live tech coverage. I'm Stu Miniman, joined by my co-host Dave Vallante. Happy to welcome to the program Matt Olsen, who is the co-founder, president, and chief revenue officer of IronNet cybersecurity, thanks so much for joining us. >> Yeah, great to be here, Stu. Thanks. >> So, obviously, public sector, we've been talking a lot about the cyber, as it were. As a co-founder, always one of the first, give us the why of the company. Why was it founded and a little bit of background. >> Sure, you know, we were founded, I guess out of some frustration. A number of us, including our CEO, Keith Alexander, who was formerly the director of NSA, we came out of the government. And the frustration was, that what we saw happening to companies, big companies, small companies, and the government was getting hit with cyber attacks, you know, consistently and increasingly sophisticated and disruptive, even destructive cyber attacks. So we left the government around the same time, a number of us, and we decided, can we start a company to really take on these threats? What can we do to develop a technology based on the threat landscape that really takes cyber security to the next level? So our mission has always been to protect companies and governments from these types of attacks that are hitting us all the time. >> Yeah, so there's no shortage of security experts inside the government, especially NSA. Actually, I remember Dave and I had talked to, there was a little company called Squirrel that came out of the NSA a little bit later. Oh, what do you know? AWS acquired them last year. So bring us insight a little bit, you know, what's the offering that IronNet has? How do you differentiate yourself in the marketplace? >> Sure, and you're absolutely right. There is a lot of expertise in places like NSA, where I formally worked and a bunch of us formally worked. The offering basically is, network traffic analytics. So we look at the network traffic inside large companies and, right down to the PCAP, so we're looking at the actual network traffic and running analytics. And what that means is not signature-based, but behavioral analytics. Looking for those indicators of malicious activity that we then can alert the SOC operators in these companies that this is something they need to pay attention to right away. Of course the problem always with this area is false positives. You know, how do you make sure that the alerts you're giving to these operators really mean something? So we've done a lot of work to draw down those false positives so that we're giving them alerts that are actionable and meaningful in the context of, you know, a very difficult threat landscape. So that's the basic offering. >> So what's underneath the covers? I mean, what's the secret sauce? Are you using machine intelligence? Share with us. >> Yeah, sure, I think the secret sauce is really a combination of two things. It's analytics algorithms that our data scientists develop. We've got some world-class folks that came out of places like the Defense Research Agency and universities that develop the analytics, the algorithms, but we combine those, that math with real life operators, people who themselves were on the offense at one point, right? They were working to, you know, break into other networks. They were the hackers who understand how the adversary operates like nobody else does. Combining the mathematics, the analytics with real life operators, that I'd say, you know, Dave, is the secret sauce because those are how we develop the analytics and the expert system to produce the alerts and draw down those false positives. >> Yeah, it was interesting. Last week, we were at Cisco Live, talking a lot about networking, and one of the biggest things for networking people is a lot of the network that they own, they don't actually own it anymore. It's in Amazon, it's in, you know, I've got my SAF stuff, public clouds, all that I'm dealing with. So, you know, where do you sit, are you mostly focused on public clouds like AWS or, you know, where in the network? >> So its a great question because there's clearly a movement, right, from on PRAM solutions to cloud solutions. AWS is part of that. So we're partners with AWS. So we've developed our analytics to run in AWS as one of our key cloud providers. So, we, with some of our customers, we're all on PRAM, we're in their data center. These are companies that want us there inside their perimeter, right? But then, with others, we have the ability to have sensors in their network but then do all the analytics, all the backend work in AWS, in the cloud environment. And that makes a lot of sense for many companies, especially when you talk about companies that are a little smaller maybe or, you know, we're not talking about the biggest companies. So they do, a lot of their applications are running in the cloud, so that's been a key transition for us as we've developed our product. >> Matt, what would you say are the biggest threats to organizations that they should be aware of? >> Yeah, you know, the biggest threats are the obvious ones in some ways, but there's no doubt that the nation-states that are carrying out attacks, whether we're talking about China or Iran or North Korea or Russia, are increasingly active and are especially dangerous in a volatile geopolitical landscape like we face today. So we're concerned in working with our customers to make sure that we're taking on the level of threat that we see from nation-states. And that's something, I think, at IronNet we understand particularly well, given that we were operating at that nation-state level when we were all in government. Of course, the most pervasive problem is the criminals. And you see that in all manner of hacks in cyber attacks, that the most common type of attack, including ransomware are occurring at the hands of criminals. >> So rewarding. But, your behavioral analytics can help with that problem. What about, like, the weaponization of social media? I mean, what do you make of that? And, I don't know, is there an answer to that that you can help with? >> You know, the way that social media has been used, you know, for example in the election in 2016, it's obviously a problem that we all are concerned about as citizens. And part of that is, I think there's a combination of the government working together with the private sector, in particular, the social media companies, to come up with better ways to take on that problem to make sure that people who are using those platforms are actually people, and not bots, not Russian trolls. We need to do an education campaign for American citizens, who are coming into this election cycle that were, you know, better prepared for what we saw happen in 2016. I mean, it's a big effort and, you know, I'm not sure, to be honest, that as a country we've totally come to grips with the nature of that problem. >> Yeah, I think you're right. We're just trying to get our heads around it. I interviewed Robert Gates one time and I asked him this question, and I've asked other security practitioners, and I get all kinds of different responses. He said, I want to tell you what he said and then maybe you can respond. I'm paraphrasing, of course, for Dr. Gates. He said we have to be really careful. I was asking him offense or defense, you know. Should we, we probably have some of the best security people in the world, we could go on offense, is that the future of warfare? He said we have to be really careful because we have a lot to lose as well in critical infrastructure. Others have said, no, we should go on the offense to flex our muscles. What do you think the right posture is there? >> You know, I think that's a great point, Dave. There clearly is a balance. I mean, it begins with defense, right. It begins with hardening our defenses, having the right people with the right experience and the right expertise in place to protect our networks because, you know, the best offense really is a good defense and protecting our networks. But we do need to have the capability, and we do have the capability to take offensive action when warranted. One of the challenges, I think, in this space is that we haven't necessarily developed the rules of engagement. You know, under what circumstances should the United States government take action on offense in cyber? You know, we saw this in going after ISIS. You know, going after some of their capability as a terrorist group, targeting people in the United States and taking out some of that capability. That's one way I think that we've clearly done the right thing in going on the offense. Harder to say when you have some of the cyber attacks going after a critical infrastructure. What's the right role for the government in going on the offense? I think, again, the first step is a good defense. And one element of a good defense is working better together. Companies working together, as well as companies working in close coordination and cooperation with the government. >> So it's not so much the technology. Obviously the technology is there, but it's the process around that, the collaboration with, whether it's within agencies or organizations. >> I think that's right. I think there's a lot of good technology. We're, our company, we provide a common defense platform for companies to work together. That's what we do at IronNet. And we're doing that with a number of energy companies right now. But the, I think it's getting that policy in place so that companies understand the technology exists to be faster and better working together. How can we then break down whatever barriers there are to sharing information and having that sort of collaborative approach? And we see that happening more and more across the critical infrastructure, whether we're talking finance or healthcare or energy. >> Matt, what's IronNet's relationship with Amazon? Are you part of the market place? How do you go to market together? >> Yeah, we're a registered partner with Amazon. Amazon is our, one of our cloud providers for our, as I mentioned, for where we run our analytics. I also mentioned this common defense platform. We run the correlations that we do for companies working together. That's all done in AWS, in the cloud. We've found Amazon to be a, really an extraordinary partner as an industry leader and a cloud provider. And so we're very close to, and with Amazon, in both going to market but also in developing our product, so it's been a great partnership for us. >> What do you think of the show? I mean, it's insane, isn't it? >> Yeah, it's amazing, right? Just the parking, finding a parking space was incredible. But once I got in. >> We didn't have to park. >> Yeah, once I got in, it's a fantastic show. >> We did have to register. (laughter) >> Likewise. No, congratulations, it's a great show and Amazon has been terrific for us at IronNet. >> Well, we're glad to cover it and we appreciate you joining us, Matt, for this segment. Be back with more coverage here from the AWS Public Sector show. For Dave Vallante, I'm Stu Miniman and thanks again for watching theCUBE.