foreign welcome back to re invent 2022 we're wrapping up four days well one evening and three solid days wall-to-wall of cube coverage I'm Dave vellante John furrier's birthday is today he's on a plane to London to go see his nephew get married his his great Sister Janet awesome family the furriers uh spanning the globe and uh and John I know you wanted to be here you're watching in Newark or you were waiting to uh to get in the plane so all the best to you happy birthday one year the Amazon PR people brought a cake out to celebrate John's birthday because he's always here at AWS re invented his birthday so I'm really pleased to have two really special guests uh former Cube host Cube Alum great wikibon contributor Stu miniman now with red hat still good to see you again great to be here Dave yeah I was here for that cake uh the twitterverse uh was uh really helping to celebrate John's birthday today and uh you know always great to be here with you and then with this you know Awesome event this week and friend of the cube of many time Cube often Cube contributor as here's a cube analyst this week as his own consultancy sarbj johal great to see you thanks for coming on good to see you Dave uh great to see you stu I'm always happy to participate in these discussions and um I enjoy the discussion every time so this is kind of cool because you know usually the last day is a getaway day and this is a getaway day but this place is still packed I mean it's I mean yeah it's definitely lighter you can at least walk and not get slammed but I subjit I'm going to start with you I I wanted to have you as the the tail end here because cause you participated in the analyst sessions you've been watching this event from from the first moment and now you've got four days of the Kool-Aid injection but you're also talking to customers developers Partners the ecosystem where do you want to go what's your big takeaways I think big takeaways that Amazon sort of innovation machine is chugging along they are I was listening to some of the accessions and when I was back to my room at nine so they're filling the holes in some areas but in some areas they're moving forward there's a lot to fix still it doesn't seem like that it seems like we are done with the cloud or The Innovation is done now we are building at the millisecond level so where do you go next there's a lot of room to grow on the storage side on the network side uh the improvements we need and and also making sure that the software which is you know which fits the hardware like there's a specialized software um sorry specialized hardware for certain software you know so there was a lot of talk around that and I attended some of those sessions where I asked the questions around like we have a specialized database for each kind of workload specialized processes processors for each kind of workload yeah the graviton section and actually the the one interesting before I forget that the arbitration was I asked that like why there are so many so many databases and IRS for the egress costs and all that stuff can you are you guys thinking about reducing that you know um the answer was no egress cost is not a big big sort of uh um show stopper for many of the customers but but the from all that sort of little discussion with with the folks sitting who build these products over there was that the plethora of choice is given to the customers to to make them feel that there's no vendor lock-in so if you are using some open source you know um soft software it can be on the you know platform side or can be database side you have database site you have that option at AWS so this is a lot there because I always thought that that AWS is the mother of all lock-ins but it's got an ecosystem and we're going to talk about exactly we'll talk about Stu what's working within AWS when you talk to customers and where are the challenges yeah I I got a comment on open source Dave of course there because I mean look we criticized to Amazon for years about their lack of contribution they've gotten better they're doing more in open source but is Amazon the mother of all lock-ins many times absolutely there's certain people inside Amazon I'm saying you know many of us talk Cloud native they're like well let's do Amazon native which means you're like full stack is things from Amazon and do things the way that we want to do things and you know I talk to a lot of customers they use more than one Cloud Dave and therefore certain things absolutely I want to Leverage The Innovation that Amazon has brought I do think we're past building all the main building blocks in many ways we are like in day two yes Amazon is fanatically customer focused and will always stay that way but you know there wasn't anything that jumped out at me last year or this year that was like Wow new category whole new way of thinking about something we're in a vocals last year Dave said you know we have over 200 services and if we listen to you the customer we'd have over two thousand his session this week actually got some great buzz from my friends in the serverless ecosystem they love some of the things tying together we're using data the next flywheel that we're going to see for the next 10 years Amazon's at the center of the cloud ecosystem in the IT world so you know there's a lot of good things here and to your point Dave the ecosystem one of the things I always look at is you know was there a booth that they're all going to be crying in their beer after Amazon made an announcement there was not a tech vendor that I saw this week that was like oh gosh there was an announcement and all of a sudden our business is gone where I did hear some rumbling is Amazon might be the next GSI to really move forward and we've seen all the gsis pushing really deep into supporting Cloud bringing workloads to the cloud and there's a little bit of rumbling as to that balance between what Amazon will do and their uh their go to market so a couple things so I think I think we all agree that a lot of the the announcements here today were taping seams right I call it and as it relates to the mother of all lock-in the reason why I say that it's it's obviously very much a pejorative compare Oracle company you know really well with Amazon's lock-in for Amazon's lock-in is about bringing this ecosystem together so that you actually have Choice Within the the house so you don't have to leave you know there's a there's a lot to eat at the table yeah you look at oracle's ecosystem it's like yeah you know oracle is oracle's ecosystem so so that is how I think they do lock in customers by incenting them not to leave because there's so much Choice Dave I agree with you a thousand I mean I'm here I'm a I'm a good partner of AWS and all of the partners here want to be successful with Amazon and Amazon is open to that it's not our way or get out which Oracle tries how much do you extract from the overall I.T budget you know are you a YouTube where you give the people that help you create a large sum of the money YouTube hasn't been all that profitable Amazon I think is doing a good balance of the ecosystem makes money you know we used to talk Dave about you know how much dollars does VMware make versus there um I think you know Amazon is a much bigger you know VMware 2.0 we used to think talk about all the time that VMware for every dollar spent on VMware licenses 15 or or 12 or 20 were spent in the ecosystem I would think the ratio is even higher here sarbji and an Oracle I would say it's I don't know yeah actually 1 to 0.5 maybe I don't know but I want to pick on your discussion about the the ecosystem the the partner ecosystem is so it's it's robust strong because it's wider I was I was not saying that there's no lock-in with with Amazon right AWS there's lock-in there's lock-in with everything there's lock-in with open source as well but but the point is that they're they're the the circle is so big you don't feel like locked in but they're playing smart as well they're bringing in the software the the platforms from the open source they're picking up those packages and saying we'll bring it in and cater that to you through AWS make it better perform better and also throw in their custom chips on top of that hey this MySQL runs better here so like what do you do I said oh Oracle because it's oracle's product if you will right so they are I think think they're filing or not slenders from their go to market strategy from their engineering and they listen to they're listening to customers like very closely and that has sort of side effects as well listening to customers creates a sprawl of services they have so many services and I criticized them last year for calling everything a new service I said don't call it a new service it's a feature of a existing service sure a lot of features a lot of features this is egress our egress costs a real problem or is it just the the on-prem guys picking at the the scab I mean what do you hear from customers so I mean Dave you know I I look at what Corey Quinn talks about all the time and Amazon charges on that are more expensive than any other Cloud the cloud providers and partly because Amazon is you know probably not a word they'd use they are dominant when it comes to the infrastructure space and therefore they do want to make it a little bit harder to do that they can get away with it um because um yeah you know we've seen some of the cloud providers have special Partnerships where you can actually you know leave and you're not going to be charged and Amazon they've been a little bit more flexible but absolutely I've heard customers say that they wish some good tunning and tongue-in-cheek stuff what else you got we lay it on us so do our players okay this year I think the focus was on the upside it's shifting gradually this was more focused on offside there were less talk of of developers from the main stage from from all sort of quadrants if you will from all Keynotes right so even Werner this morning he had a little bit for he was talking about he he was talking he he's job is to Rally up the builders right yeah so he talks about the go build right AWS pipes I thought was kind of cool then I said like I'm making glue easier I thought that was good you know I know some folks don't use that I I couldn't attend the whole session but but I heard in between right so it is really adopt or die you know I am Cloud Pro for last you know 10 years and I think it's the best model for a technology consumption right um because of economies of scale but more importantly because of division of labor because of specialization because you can't afford to hire the best security people the best you know the arm chip designers uh you can't you know there's one actually I came up with a bumper sticker you guys talked about bumper sticker I came up with that like last couple of weeks The Innovation favorite scale they have scale they have Innovation so that's where the Innovation is and it's it's not there again they actually say the market sets the price Market you as a customer don't set the price the vendor doesn't set the price Market sets the price so if somebody's complaining about their margins or egress and all that I think that's BS um yeah I I have a few more notes on the the partner if you you concur yeah Dave you know with just coming back to some of this commentary about like can Amazon actually enable something we used to call like Community clouds uh your companies like you know Goldman and NASDAQ and the like where Industries will actually be able to share data uh and you know expand the usage and you know Amazon's going to help drive that API economy forward some so it's good to see those things because you know we all know you know all of us are smarter than just any uh single company together so again some of that's open source but some of that is you know I think Amazon is is you know allowing Innovation to thrive I think the word you're looking for is super cloud there well yeah I mean it it's uh Dave if you want to go there with the super cloud because you know there's a metaphor for exactly what you described NASDAQ Goldman Sachs we you know and and you know a number of other companies that are few weeks at the Berkeley Sky Computing paper yeah you know that's a former supercloud Dave Linthicum calls it metacloud I'm not really careful I mean you know I go back to the the challenge we've been you know working at for a decade is the distributed architecture you know if you talk about AI architectures you know what lives in the cloud what lives at the edge where do we train things where do we do inferences um locations should matter a lot less Amazon you know I I didn't hear a lot about it this show but when they came out with like local zones and oh my gosh out you know all the things that Amazon is building to push out to the edge and also enabling that technology and software and the partner ecosystem helps expand that and Pull It in it's no longer you know Dave it was Hotel California all of the data eventually is going to end up in the public cloud and lock it in it's like I don't think that's going to be the case we know that there will be so much data out at the edge Amazon absolutely is super important um there some of those examples we're giving it's not necessarily multi-cloud but there's collaboration happening like in the healthcare world you know universities and hospitals can all share what they're doing uh regardless of you know where they live well Stephen Armstrong in the analyst session did say that you know we're going to talk about multi-cloud we're not going to lead with it necessarily but we are going to actually talk about it and that's different to your points too than in the fullness of time all the data will be in the cloud that's a new narrative but go ahead yeah actually Amazon is a leader in the cloud so if they push the cloud even if they don't say AWS or Amazon with it they benefit from it right and and the narrative is that way there's the proof is there right so again Innovation favorite scale there are chips which are being made for high scale their software being tweaked for high scale you as a Bank of America or for the Chrysler as a typical Enterprise you cannot afford to do those things in-house what cloud providers can I'm not saying just AWS Google cloud is there Azure guys are there and few others who are behind them and and you guys are there as well so IBM has IBM by the way congratulations to your red hat I know but IBM won the award um right you know very good partner and yeah but yeah people are dragging their feet people usually do on the change and they are in denial denial they they drag their feet and they came in IBM director feed the cave Den Dell drag their feed the cave in yeah you mean by Dragon vs cloud deniers cloud deniers right so server Huggers I call them but they they actually are sitting in Amazon Cloud Marketplace everybody is buying stuff from there the marketplace is the new model OKAY Amazon created the marketplace for b2c they are leading the marketplace of B2B as well on the technology side and other people are copying it so there are multiple marketplaces now so now actually it's like if you're in in a mobile app development there are two main platforms Android and Apple you first write the application for Apple right then for Android hex same here as a technology provider as and I I and and I actually you put your stuff to AWS first then you go anywhere else yeah they are later yeah the Enterprise app store is what we've wanted for a long time the question is is Amazon alone the Enterprise app store or are they partner of a of a larger portfolio because there's a lot of SAS companies out there uh that that play into yeah what we need well and this is what you're talking about the future but I just want to make a point about the past you talking about dragging their feet because the Cube's been following this and Stu you remember this in 2013 IBM actually you know got in a big fight with with Amazon over the CIA deal you know and it all became public judge wheeler eviscerated you know IBM and it ended up IBM ended up buying you know soft layer and then we know what happened there and it Joe Tucci thought the cloud was Mosey right so it's just amazing to see we have booksellers you know VMware called them books I wasn't not all of them are like talking about how great Partnerships they are it's amazing like you said sub GC and IBM uh with the the GSI you know Partnership of the year but what you guys were just talking about was the future and that's what I wanted to get to is because you know Amazon's been leading the way I I was listening to Werner this morning and that just reminded me of back in the days when we used to listen to IBM educate us give us a master class on system design and decoupled systems and and IO and everything else now Amazon is you know the master educator and it got me thinking how long will that last you know will they go the way of you know the other you know incumbents will they be disrupted or will they you know keep innovating maybe it's going to take 10 or 20 years I don't know yeah I mean Dave you actually you did some research I believe it was a year or so ago yeah but what will stop Amazon and the one thing that worries me a little bit um is the two Pizza teams when you have over 202 Pizza teams the amount of things that each one of those groups needs to take care of was more than any human could take care of people burn out they run out of people how many amazonians only last two or three years and then leave because it is tough I bumped into plenty of friends of mine that have been you know six ten years at Amazon and love it but it is a tough culture and they are driving werner's keynote I thought did look to from a product standpoint you could say tape over some of the seams some of those solutions to bring Beyond just a single product and bring them together and leverage data so there are some signs that they might be able to get past some of those limitations but I still worry structurally culturally there could be some challenges for Amazon to keep the momentum going especially with the global economic impact that we are likely to see in the next year bring us home I think the future side like we could talk about the vendors all day right to serve the community out there I think we should talk about how what's the future of technology consumption from the consumer side so from the supplier side just a quick note I think the only danger AWS has has that that you know Fred's going after them you know too big you know like we will break you up and that can cause some disruption there other than that I think they they have some more steam to go for a few more years at least before we start thinking about like oh this thing is falling apart or anything like that so they have a lot more they have momentum and it's continuing so okay from the I think game is on retail by the way is going to get disrupted before AWS yeah go ahead from the buyer's side I think um the the future of the sort of Technology consumption is based on the paper uh use and they actually are turning all their services to uh they are sort of becoming serverless behind the scenes right all analytics service they had one service left they they did that this year so every service is serverless so that means you pay exactly for the amount you use the compute the iops the the storage so all these three layers of course Network we talked about the egress stuff and that's a problem there because of the network design mainly because Google has a flatter design and they have lower cost so so they are actually squeezing the their their designing this their services in a way that you don't waste any resources as a buyer so for example very simple example when early earlier In This Cloud you will get a VM right in Cloud that's how we started so and you can get 20 use 20 percent of the VM 80 is getting wasted that's not happening now that that has been reduced to the most extent so now your VM grows as you grow the usage and if you go higher than the tier you picked they will charge you otherwise they will not charge you extra so that's why there's still a lot of instances like many different types you have to pick one I think the future is that those instances will go away the the instance will be formed for you on the fly so that is the future serverless all right give us bumper sticker Stu and then Serb G I'll give you my quick one and then we'll wrap yeah so just Dave to play off of sharp G and to wrap it up you actually wrote about it on your preview post for here uh serverless we're talking about how developers think about things um and you know Amazon in many ways you know is the new default server uh you know for the cloud um and containerization fits into the whole serverless Paradigm uh it's the space that I live in uh you know every day here and you know I was happy to see the last few years serverless and containers there's a blurring a line and you know subject we're still going to see VMS for a long time yeah yeah we will see that so give us give us your book Instagram my number six is innovation favorite scale that's my bumper sticker and and Amazon has that but also I I want everybody else to like the viewers to take a look at the the Google Cloud as well as well as IBM with others like maybe you have a better price to Performance there for certain workloads and by the way one vendor cannot do it alone we know that for sure the market is so big there's a lot of room for uh Red Hats of the world and and and Microsoft's the world to innovate so keep an eye on them they we need the competition actually and that's why competition Will Keep Us to a place where Market sets the price one vendor doesn't so the only only danger is if if AWS is a monopoly then I will be worried I think ecosystems are the Hallmark of a great Cloud company and Amazon's got the the biggest and baddest ecosystem and I think the other thing to watch for is Industries building on top of the cloud you mentioned the Goldman Sachs NASDAQ Capital One and Warner media these all these industries are building their own clouds and that's where the real money is going to be made in the latter half of the 2020s all right we're a wrap this is Dave Valente I want to first of all thank thanks to our great sponsors AWS for for having us here this is our 10th year at the cube AMD you know sponsoring as well the the the cube here Accenture sponsor to third set upstairs upstairs on the fifth floor all the ecosystem partners that came on the cube this week and supported our mission for free content our content is always free we try to give more to the community and we we take back so go to thecube.net and you'll see all these videos go to siliconangle com for all the news wikibon.com I publish weekly a breaking analysis series I want to thank our amazing crew here you guys we have probably 30 35 people unbelievable our awesome last session John Walls uh Paul Gillen Lisa Martin Savannah Peterson John Furrier who's on a plane we appreciate Andrew and Leonard in our ear and all of our our crew Palo Alto Boston and across the country thank you so much really appreciate it all right we are a wrap AWS re invent 2022 we'll see you in two weeks we'll see you two weeks at Palo Alto ignite back here in Vegas thanks for watching thecube the leader in Enterprise and emerging Tech coverage [Music]

>>Hey everyone, and welcome back to Las Vegas. Viva Las Vegas, baby. This is the Cube live at AWS Reinvent 2022 with tens of thousands of people. Lisa Martin here with Dave Valante. Dave, we've had some great conversations. This is day one of four days of wall to wall coverage on the cube. We've been talking data. Every company is a data company. Data protection, data resiliency, absolutely table stakes for organizations to, >>And I think ecosystem is the other big theme. And that really came to life last year. You know, we came out of the pandemic and it was like, wow, we are entering a new era. People no longer was the ecosystem worried about it, AWS competing with them. They were more worried about innovating and building on top of AWS and building their own value. And that's really, I think, the theme of the 2020s within the ecosystem. >>And we're gonna be talking about building on top of aws. Two guests join us, two alumni join us. Stephen Manley is here, the CTO of Druva. Welcome back. Jason crat as well is here. CIO and CTO of Summit Carbon Solutions. Guys, great to have you back on the program. >>Thank you. >>Let's start with you giving the audience an understanding of the company. What do you guys do? What do you deliver value for customers? All that good >>Stuff. Yeah, no, for sure. So Summit Carbon is the world's largest carbon capture and sequestration company capturing close to 15 million tons of carbon every year. So it doesn't go into the atmosphere. >>Wow, fantastic. Steven, the, the risk landscape today is crazy, right? There's, there's been massive changes. We've talked about this many times. What are some of the things, you know, ransomware is a, is, I know as you say, this is a, it's not a, if it's gonna happen, it's when it's how frequent, it's what's gonna be the damage. What are some of the challenges and concerns that you're hearing from customers out there today? >>Yeah, you know, it really comes down to three things. And, and everybody is, is terrified of ransomware and justifiably so. So, so the first thing that comes up is, how do I keep up? Because I have so much data in so many places, and the threats are evolving so quickly. I don't have enough money, I don't have enough people, I don't have enough skilled resources to be able to keep up. The second thing, and this ties in with what Dave said, is, is ecosystem. You know, it used to be that your, your backup was siloed, right? They'd sit in the basement and, and you wouldn't see, see them. But now they're saying, I've gotta work with my security team. So rather than hoping the security team stays away from me, how do I integrate with them? How do I tie together? And then the third one, which is on everybody's mind, is when that attack happens, and like you said, it's win and, and the bell rings and they come to me and they say, all right, it's time for you to recover. It's time for, for all this investment we've put in. Am I gonna be ready? Am I going to be able to execute? Because a ransom or recovery is so different than any other recovery they've ever done. So it's those three things that really are top of mind for >>How, so what is the, what are the key differences, if you could summarize? I mean, I >>Know it's so, so the first one is you can't trust the environment you're restoring into. Even with a disaster, it would finish and you'd say, okay, I'm gonna get my data center set up again and I'm gonna get things working. You know, when I try to recover, I don't know if everything's clean yet. I'm trying to recover while I'm still going through incident response. So that's one big difference. A second big difference is I'm not sure if the thing I'm recovering is good, I've gotta scan it. I've gotta make sure what's inside it is, is, is alright. And then the third thing is what we're seeing is the targets are usually not necessarily the crown jewels because those tend to be more protected. And so they're running into this, I need to recover a massive amount of what we might call tier two, tier three apps that I wasn't ready for because I've always been prepared for that tier one disaster. And so, so those three things they go, it's stuff I'm not prepared or covering. It's a flow. I'm not used to having to check things and I'm not sure where I'm gonna recover too when the, when the time comes. >>Yeah, just go ahead. Yeah, that's right. I mean, I think for me, the biggest concern is the blind spots of where did I actually back it up or not. You know, what did I get it? Cuz you, we always protect our e r p, we always protect these sort of classes of tiers of systems, but then it's like, oh, that user's email box didn't get it. Oh, that, you know, that one drive didn't get it. You know, or, or, or whatever it is. You know, the infrastructure behind it all. I forgot to back that up. That to me the blind spots are the scariest part of a ransomware attack. >>And, and if you think about it, some of the most high profile attacks, you know, on the, on the colonial pipeline, they didn't go after the core assets. They went after billing. That's right. But billing brought everything down so they're smart enough to say, right, I'm not gonna take the, the castle head on. Is there is they're that. Exactly. >>And so how do you, I get, I mean you can air gap and do things like that in terms of protecting the, the, the data, the corrupt data. How do you protect the corrupt environment? Like that's, that's a really challenging issue. Is >>It? I don't know. I mean, I'll, I'll you can go second here. I think that what's interesting to me about is that's what cloud's for. You can build as many environments as you want. You only pay for what you use, right? And so you have an opportunity to just reconstruct it. That's why things, everything is code matters. That's why having a cloud partner like Druva matters. So you can just go restore wherever you need to in a totally clean environment. >>So the answer is you gotta do it in the cloud. Yeah. What if it's on prem? >>So if it's on prem, what we see people do is, and, and, and this is where testing and, and where cloud can still be an asset, is you can look and say a lot of those assets I'm running in the data center, I could still recover in the cloud. And so you can go through DR testing and you can start to define what's in your on-prem so that you could make it, you know, so you can make it cloud recoverable. Now, a lot of the people that do that then say, well actually why am I even running this on prem anymore in the first place? I should just move this to the cloud now. But, but, but there are people in that interim step. But, but, but it's really important because you, you're gonna need a clean environment to play in. And it's so hard to have a clean environment set up in a data center cuz it basically means I'm not touching this, I'm just paying for something to sit idle. Whereas cloud, I can spin that up, right? Get a, a cloud foundation suite and, and just again, infrastructures code, spin things up, test it, spin it down. It doesn't cost me money on a daily basis. >>Jason, talk a little bit about how you are using Druva. Why Druva and give us a kind of a landscape of your IT environment with Druva. >>Yeah. You know, so when we first started, you know, we did have a competitor solution and, and, and it was only backing up, you know, we were a startup. It was only backing up our email. And so as you pointed out, the ecosystem really matters because we grew out of email pretty quick as a startup. And we had to have real use cases to protect and the legacy product just wouldn't support us. And so our whole direction, or my direction to my team is back it up wherever it is, you know, go get it. And so we needed somebody in the field, literally in the middle of Nebraska or Iowa to have their laptop backed up. We needed our infrastructure, our data center backed up and we needed our, our SaaS solutions backed up. We needed it all. And so we needed a partner like Druva to help us go get it wherever it's at. >>Talk about the value in, with Druva being cloud native. >>Yeah. To us it's a big deal, right? There's all sorts of products you could go by to go just do endpoint laptop protection or just do SAS backups. For us, the value is in learning one tool and mastering it and then taking it to wherever the data is. To me, we see a lot of value for that because we can have one team focus on one product, get good at it, and drive the value. >>That consolidation theme is big right now, you know, the economic headwinds and so forth. What was the catalyst for you? Was it, is that something you started, you know, years ago? Just it's good practice to do that? What's, >>Well, no, I mean luckily I'm in a very good position as a startup to do define it, you know, but I've been in those legacy organizations where we've got a lot of tech debt and then how do you consolidate your portfolio so that you can gain more value, right? Cause you only get one budget a year, right? And so I'm lucky in, in the learnings I've had in other enterprises to deal with this head on right now as we grow, don't add tech debt, put it in right. Today. >>Talk to us a little bit about the SaaS applications that you're backing up. You know, we, we talk a lot with customers, the shared, the shared responsibility model that a lot of customers aren't aware of. Where are you using that competing solution to protect SaaS applications before driven and talk about Yeah. The, the value in that going, the data protection is our responsibility and not the SA vendor. >>No, absolutely. I mean, and it is funny to go to, you know, it's like Office 365 applications and go to our, our CFO and a leadership and be like, no, we really gotta back it up to a third party. And they're like, but why? >>It's >>In the cloud, right? And so there's a lot of instruction I have to provide to my peers and, and, and my users to help them understand why these things matter. And, and, and it works out really well because we can show value really quick when anything happens. And now we get, I mean, even in SharePoint, people will come to us to restore things when they're fully empowered to do it. But my team's faster. And so we can just get it done for them. And so it's an extra from me, it's an extra SLA or never service level I can provide to my internal customers that, that gives them more faith and trust in my organization. >>How, how are the SEC op teams and the data protection teams, the backup teams, how are they coming together? Is is, is data protection backup just morphing into security? Is it more of an adjacency? What's that dynamic like? >>So I'd say right now, and, and I'll be curious to hear Jason's organization, but certainly what we see broadly is, you know, the, the teams are starting to work together, but I wouldn't say they're merging, right? Because, you know, you think of it in a couple of ways. The first is you've got a production environment and that needs to be secured. And then you've got a protection environment. And that protection environment also has to be secured. So the first conversation for a lot of backup teams is, alright, I need to actually work with the security team to make sure that, that my, my my backup environment, it's air gapped, it's encrypted, it's secured. Then I think the, the then I think you start to see people come together, especially as they go through, say, tabletop exercises for ransomware recovery, where it's, alright, where, where can the backup team add value here? >>Because certainly recovery, that's the basics. But as there log information you can provide, are there detection pieces that you can offer? So, so I think, you know, you start to see a partnership, but, but the reality is, you know, the, the two are still separate, right? Because, you know, my job as a a protection resiliency company is I wanna make sure that when you need your data, it's gonna be there for you. And I certainly want to, to to follow best secure practices and I wanna offer value to the security team, but there's a whole lot of the security ecosystem that I want to plug into. I'm not trying to replace them again. I want to be part of that broader ecosystem. >>So how, how do you guys approach it? Yeah, >>That's interesting. Yeah. So in my organization, we, we are one team and, and not to be too cheesy or you know, whatever, but as Amazon would say, security is job one. And so we treat it as if this is it. And so we never push something into production until we are ready. And ready to us means it's got a security package on it, it's backed up, the users have tested it, we are ready to go. It's not that we're ready just be to provide the service or the thing. It's that we are actually ready to productionize this. And so it's ready for production data and that slows us down in some cases. But that's where DevOps and this idea of just merging everything together into a central, how do we get this done together, has worked out really well for us. So, >>So it's really the DevOps team's responsibility. It's not a separate data protection function. >>Nope. Nope. We have specialists of course, right? Yeah, yeah. Because you need the extra level, the CISSPs and those people Yeah, yeah. To really know what they're doing, but they're just part of the team. Yeah. >>Talk about some of the business outcomes that you're achieving with Druva so far. >>Yeah. The business outcomes for me are, you know, I meet my SLAs that's promising. I can communicate that I feel more secure in the cloud and, and all of my workloads because I can restore it. And, and that to me helps everybody in my organization sleep well, sleep better. We are, we transport a lot of the carbon in a pipeline like Colonial. And so to us, we are, we are potential victims of, of a pipe, a non pipeline group, right? Attacking us, but it's carbon, you know, we're trying to get it outta atmosphere. And so by protecting it, no matter where it is, as long as we've got internet access, we can back it up. That provides tons of value to my team because we have hundreds of people in the field working for us every day who collect data and generate it. >>What would you say to a customer who's maybe on the fence looking at different technologies, why dva? >>You know, I think, you know, do the research in my mind, it'll win if you just do the research, right? I mean, there might be vendors that'll buy you nice dinners or whatever, and those are, those are nice things, but the, the reality is you have to protect your data no matter where it is. If it's in a SaaS application, if it's in a cloud provider, if it's infrastructure, wherever it is, you need it. And if you just go look at the facts, there it is, right? And so I, I'd say be objective. Look at the facts, it'll prove itself. >>Look at the data. There you go. Steven Druva recently announced a data resiliency guarantee with a big whopping financial sum. Talk to us a little bit about that, the value in it for your customers and for prospects, >>Right? So, so basically there's, there's really two parts to this guarantee. The first is, you know, across five different SLAs, and I'll talk about those, you know, if we violate those, the customers can get a payout of up to 10 million, right? So again, putting, putting our money where our mouth is in a pretty large amount. But, but for me, the exciting part, and this is, this is where Jason went, is it's about the SLAs, right? You know, one of Drew's goals is to say, look, we do the job for you, we do the service for you so you can offer that service to your company. And so the SLAs aren't just about ransomware, some of them certainly are, you know, that, that you're going to be able to recover your data in the event of a ransomware attack, that your data won't get exfiltrated as part of a ransomware attack. >>But also things like backup success rates, because as much as recovery matters a lot more than backup, you do need a backup if you're gonna be able to get that recovery done. There's also an SLA to say that, you know, if 10 years down the road you need to recover your data, it's still recoverable, right? So, so that kind of durability piece. And then of course the availability of the service because what's the point of a service if it's not there for you when you need it? And so, so having that breadth of coverage, I think really reflects who Druva is, which is we're doing this job for you, right? We want to make this this service available so you can focus on offering other value inside your business. And >>The insurance underwriters, if they threw holy water on >>That, they, they, they were okay with it. The legal people blessed it, you know, it, you know, the CEO signed off on it, the board of directors. So, you know, it, and it, it's all there in print, it's all there on the web. If you wanna look, you know, make sure, one of the things we wanted to be very clear on is that this isn't just a marketing gimmick that we're, we're putting, that we're putting substance behind it because a lot of these were already in our contracts anyway, because as a SAS vendor, you're signing up for service level agreements anyway. >>Yeah. But most of the service level agreements and SaaS vendors are crap. They're like, you know, hey, you know, if something bad happens, you know, we'll, we'll give you a credit, >>Right? >>For, you know, for when you were down. I mean, it's not, you never get into business impact. I mean, even aws, sorry, I mean, it's true. We're a customer. I read define print, I know what I'm signing up for. But, so that's, >>We read it a lot and we will not, we don't really care about the credits at all. We care about is it their force? Is it a partner? We trust, we fight that every day in our SLAs with our vendors >>In the end, right? I mean this, we are the last line of defense. We are the thing that keeps the business up and running. So if your business, you know, can't get to his data and can't operate, me coming to you and saying, Dave, I've got some credits for you after you, you know, after you declare bankruptcy, it'll be great. Yeah, that's not a win. >>It's no value, >>Not helpful. The goal's gotta be, your business is up and running cuz that's when we're both successful. So, so, so, you know, we view this as we're in it together, right? We wanna make sure your business succeeds. Again, it's not about slight of hand, it's not about, you know, just, just putting fine print in the contract. It's about standing up and delivering. Because if you can't do that, why are we here? Right? The number one thing we hear from our customers is Dr. Just works. And that's the thing I think I'm most proud of is Druva just works. >>So, speaking of Juva, just working, if there's a billboard in Santa Clara near the new offices about Druva, what's, what's the bumper sticker? What's the tagline? >>I, I, I think, I think that's it. I think Druva just works. Keeps your data safe. Simple as that. Safe and secure. Druva works to keep your data safe and secure. >>Saved me. >>Yeah. >>Truva just works. Guys, thanks so much for joining. David, me on the program. Great to have you back on the cube. Thank you. Talking about how you're working together, what Druva is doing to really putting, its its best foot forward. We appreciate your insights and your time. Thank >>You. Thanks guys. It's great to see you guys. Likewise >>The show for our guests and Dave Ante. I'm Lisa Martin, you're watching the Cube, the leader in enterprise and emerging tech coverage.

foreign to the AWS re invent Cube coverage I'm John Furrier here with thecube got a great guest line up here talking about computer vision at the edge and saramba product lead AWS events mobile app and Steven White solution architect for Edge ml thanks for joining me today computer vision at the edge with adios Panorama thanks for coming on happy to be here so what is Ada's Panorama let's get that out there right away what's the focus of that let's define what that is and we'll get into this computer vision at the Edge Story yeah so thanks Sean uh AWS Panorama is our managed uh computer vision at the Ed service and so to put that perspective you know imagine with me the last time that you've been into a restaurant or maybe your favorite retail store or even office building and didn't notice a camera and so we were talking to customers and trying to understand you know what is it that they do with all of this uh video content that they're collecting and surprisingly we found out that large part of this data just sits on a hard drive somewhere and never gets used and so as we dug in a little deeper to better understand you know why this data is just sitting there I think there were three main themes that continue to come up across the board uh one is you know around privacy right privacy security a lot of the data that's being captured with these cameras tend to be either intellectual property that is you know focused on kind of the Manifest factoring process or maybe about their products that they don't want to get out there you know or and or it could just be a private pii data privacy data related to their employee Workforce and and maybe even customers so you know privacy is is a big concern second was just the amount of bandwidth that cameras create and produce tend to be uh prohibitive from for you know sending back to a centralized location for processing uh each camera stream tends to generate about a couple of megabytes of data so it could get very voluminous as you've got tons of cameras at your location and the other issue was around just the latency required to take action on the data so a lot of times especially in the manufacturing space um you know as as you've got a manufacturing line of products that are coming through and you need to take action in milliseconds and so latency is extremely important from process processing time to taking action so those three uh main drivers you know we ended up developing this AWS service called Panorama that addressed these three main challenges with uh you know with analyzing video content and database Panorama in particular there's there's two main components right we've got the compute platform that is about the size of a sheet of paper your standard you know eight and a half by eleven size sheet of paper so the platform itself is extremely compact it's a it's a video and and deep learning algorithms it sits at the customer premise and directly interfaces with video cameras using the standard IP protocols collects that data uh processes it and then immediately deletes the data so there isn't any any information that's actually stored at the location and you know basically the only thing that's left over is just metadata that describes that data and then the other key component here is the cloud um you know service component which helps manage the fleet of devices that are existing so all of these Panorama appliances that are sitting at your premise there's a cloud component that helps you configure you know operationalize check the health as well as deploy applications and configure cameras so that's uh basically you know the the service is really hopefully optimal or you know is focused on um helping customers really make use of all of their video data at the edge you know the theme here at re invent this year is applications we've seen things like connect add value to customers this is one of those situations where everyone's got cameras it's easy to connect to an IP address and Cloud kind of gives you all those Services there are a lot of real world applications that people can can Implement with this because with the cloud you kind of have this ability to kind of stand it up and get value out of that data what are some of the real world applications that it was because they're implementing with the camera because I mean I can see a lot of use cases here where I can you don't have to build the clouds there for me I can stand it up and start getting value what kind of use cases do you see implementing from your customers yeah so our customers are really amazing with the different types of problems um and opportunities that they bring to us for uh using computer vision at the edge in their data um you know we've got everything from animal Warfare use cases to being able to use you know video to uh to to make sure that you know food processing and just you know the health of animals is uh is uh sufficient we've got cases in manufacturing doing visual inspection and anomaly detection so looking at products that are on the conveyor belt as they're being manufactured and put together to make sure that obviously they're they're put together in the right in the right way um and then we've got different port authority and airports that use uh for you know security and cargo tracking to make sure that the products get to where they're supposed to go in a timely and efficient manner manager manage and then finally one of the use cases that really show facing a re invent this year is a part of our retail analytics portfolio which is line counting and so in particular we see a lot of customers in the retail space such as quick service restaurants even you know Peril retail and convenience stores where they want to better understand um you know whether their product is being made to the customer specification we've got like french fry use cases to see how the quality of that french fry is um you know over time and if they need to make a new batch when they've got a influx of customers coming in and to understanding employee to customer ratio maybe they need to put somebody on the cash register you know at busy time so there's really just a big number of customers you know opportunities that we've really solving with the computer vision service looks like a great service Panorama looking good and I want to get your thoughts you have the events happy the product lead take us through with your app I know you have decided to use it was Panorama I was a fit for you this year at re invent 2022 but you know you've been doing this event app for a while now take us through the app when it started how it's evolved and kind of what's the focus this year of course Sean app started in 26 4 re invent and since we've really expanded this year we've actually supported up to 34 events for AWS and continue to expand that for future years for this year though specifically we wanted to contribute to the overall event experience at re invent by helping people go through the process of checking in and picking up their badge in a more formed and efficient way so we decided that the AWS Panorama team and their computer vision and Edge capabilities were the best fit to analyze the lines and the registration kiosks that we have on site at both the Venetian and MGM at the airport we'll have digital signage showcasing our bad pickup wait times that will help attendees select which badge pickup location that they want to go to and see the current wait times live on those signs as well as through the mobile app so I can basically um get the feel for the line size when to come in does it give me a little recognition of who I am and kind of when I get there there's a TIA pull up my records as I do a little intelligence behind the scenes give us a little peek under the covers what's the solution look like so you do have to sign into the mobile app with your registration and so with that we will have your QR code specific for your check-in experience available to you you'll see that at the top of the screen and we'll know once you've checked in that will disappear but if you haven't checked in that Banner is at the top of the event screen and when you tap that that's when you can see all the different options where you can go and pick up your badge we do have five locations this year for badge pickup and the app will help you kind of navigate which one of those options will be best for you given you know maybe you want to pick it up right away at the airport or you may want to go even to one of your other Hotel options that we'll have um to pick it up at foreign okay now I gotta get I got to ask you on the app what's the coolest thing you got going on this year what's new every year there seems to be a new feature what's the focus this year so can you share a a peek on some of the key features yeah so our biggest and most popular features are always around the session catalog and calendar as you can utilize both to of course organize your event schedule and really stay on top of what you want to do on site and get the most out of your reinvent experience this year we have a few new exciting features of course badge pickup line counting is is one of our biggest but we also will have a one-way calendar sync so you can sync all of your calendar activities to your native device calendar as well as pure talk which is our newest feature that we launched at the start of November where you can interact with other attendees who have opted in and even set up time on site to meet one-on-one with them we've also filled that experience with peer talk experts that include AWS experts that are ready to meet and interact with attendees who have interest on site you know I love this topic it's a very cool video we love video we're doing this remote video I'm getting ready for you know all the action and and analyzing it video's cool and so to me if we could look at the video and say hey we haven't soon that might have body cams in the future um video is great people love videos very engaging but always people that say what about my privacy so how do you guys put in place uh mechanisms to preserve attendee privacy yeah I think so I'm not I think you know you and our customers share the same concern and so we have built uh foundationally that AWS Panorama to address you know both privacy and security concerns with uh associated with all this video content and so in particular the AWS Panorama Appliance is something that sits at the customer premise it interface directly with video cameras uh the data all the video that's processed is immediately deleted nothing stored um and you know the outcome of the processing is just simple metadata so it's Text data that you know as an example in the case of the AWS uh line counting solution that we're demoing this year at Panorama along with you know the events team uh it's simply a count of the number of people in the video at any given time so so you know we we do take privacy uh at heart and have made every effort to address them and what are some of the things that you're doing at the event app I mean I'm imagining you're probably looking at space I mean there's a fire marshal issues around you know people do you take it to that level I mean what's how far are you pushing the envelope on on Panorama what are some of the things that you guys are doing besides check-ins or anything you can share on what's Happening the area where we're utilizing you know Anonymous attendee data otherwise other things in the app are very Anonymous just in nature I mean you do sign in but besides that everything we collect is anonymous and we don't collect unless you consent with the cookie consent that appears right when you first launch the app experience besides that we do have as I mentioned peer talk and and that's just where you're sharing information that you want to share with other attendees on site and then we do have session surveys where you can provide information that you wish about how this survey or how the sessions rather went that you attended on-site yeah Stephen you're you're uh your title has you the solution architect for Edge ml this is the Ultimate Edge use case you're seeing here I mean it's a big part of the future of how companies are going to use video and data just what's your reaction to all this I mean we're at a time it's very kind of an interesting time in the history of the industry as you look at this this is a really big part of of the future with video and Edge like I mentioned users are involved people are involved spaces are involved kind of a fun area what's your reaction to where this is right now so personally I'm very passionate about this uh particular solution and service I've been doing computer vision now for 12 years I started doing in the cloud but when I heard about you know customers really looking for an edge component solution and this you know AWS was still in the early stages I knew I had to be a part of it and so I I you know work with some amazing talented engineers and scientists putting this solution together and of course you know our customers continue to bring us these amazing use cases that you know that just I wouldn't get an opportunity to um you know witness without without you know the support of our customers and so we've got some amazing opportunity amazing projects and you know I just love the love to uh experience that with our customers and partners yeah and and Stephen this is like one of those times where the industry has always had this everyone's scratching the niche somewhere but then you get cloud and scale and data come in and just it accelerates some of these areas that were you know I won't say not growing fast but very interesting like computer vision video events technology in the cloud is changing in a good way some of these areas uh and we're seeing that like computer vision as you mentioned Stephen so Ann event same thing I can imagine this event app will blow up to probably be all things Amazon events and and be the touch Touchstone for all customers and attendees I'm probably thinking the road map there's looking pretty interesting with all the vision you have there what's your what's your reaction to the cloud scale meets events absolutely yeah I know we we have a lot of events that happen at AWS and our goal is to have as many of them in the app as possible where it makes sense right we have a lot of partial Day events to multi-day events and the multi-day events are definitely the area where it's harder for an attendee to organize all that they have to do going on on site as well as everything surrounding the event pre-event uh topics and sessions looking up what they want to do to make sure that they're getting the most of their time on site so we really want to make sure that that's something that an attendee can do with our app as well as it showcase as many of the AWS Services as we have like we are doing here with Panorama we have a few other services in the app as well Amazon location service and Amazon connect to name a couple and we hope to just include more and more with each year as well as more events as the time goes on I'm sure your roadmaps looking great the computer vision is awesome I mean this is a mashup integration apis are going to come around the corner so much excitement after re invent love to follow up with you guys and find out more I think this is a super interesting area the convergence of what you guys are working on to kind of wrap up where do you guys see um AWS Panorama going and where can people learn more about how to get involved how to use the service how to test it out where's this going and how do people learn more but first off you can get customers can get more information about panorama from our website aws.amazon.com Panorama and you know I think where we're going is super exciting you know we continue to improve the product to add support for as an example containers we've added support for Hardware acceleration to improve the number of cameras that we can support so we've you know we've got um you know we can support now with a single device up to 30 40 cameras we've got the ability now to support many different uh we continue to expand the interface types that we support um you know and the different types of even adding sensors and you know expanding to Sensor Fusion so not just computer vision but we've learned from customers that they actually want to incorporate other uh other sensor types and other interfaces so we're bringing in the ability to handle you know computer vision and video but also many other data types as well all right and and Stephen thank you for sharing great stuff computer vision at the edge with Panorama thanks for coming on thecube appreciate it thanks for coming on thank you okay AWS coverage here in the cube I'm John for your host thanks for watching

>>Hi everyone. Welcome to the Cube special presentation here in Palo Alto, California. I'm John Foer, host of the Cube. We've got two great guests, one for calling in from Germany, our videoing in from Germany, one from Maryland. We've got VMware and aws. This is the customer successes with VMware cloud on AWS showcase, accelerating business transformation here in the showcase with Samir Candu Worldwide. VMware strategic alliance solution, architect leader with AWS Samir. Great to have you and Daniel Re Myer, principal architect global AWS synergy at VMware. Guys, you guys are, are working together. You're the key players in the re relationship as it rolls out and continues to grow. So welcome to the cube. >>Thank you. Greatly appreciate it. >>Great to have you guys both on, As you know, we've been covering this since 2016 when Pat Geling, then CEO and then then CEO AWS at Andy Chasy did this. It kind of got people by surprise, but it really kind of cleaned out the positioning in the enterprise for the success. OFM workloads in the cloud. VMware's had great success with it since, and you guys have the great partnerships. So this has been like a really strategic, successful partnership. Where are we right now? You know, years later we got this whole inflection point coming. You're starting to see, you know, this idea of higher level services, more performance are coming in at the infrastructure side. More automation, more serverless, I mean, and a, I mean it's just getting better and better every year in the cloud. Kinda a whole nother level. Where are we, Samir? Let's start with you on, on the relationship. >>Yeah, totally. So I mean, there's several things to keep in mind, right? So in 2016, right, that's when the partnership between AWS and VMware was announced, and then less than a year later, that's when we officially launched VMware cloud on aws. Years later, we've been driving innovation, working with our customers, jointly engineering this between AWS and VMware day in, day out. As far as advancing VMware cloud on aws. You know, even if you look at the innovation that takes place with a solution, things have modernized, things have changed, there's been advancements, you know, whether it's security focus, whether it's platform focus, whether it's networking focus, there's been modifications along the way, even storage, right? More recently, one of the things to keep in mind is we're looking to deliver value to our customers together. These are our joint customers. So there's hundreds of VMware and AWS engineers working together on this solution. >>And then factor in even our sales teams, right? We have VMware and AWS sales teams interacting with each other on a constant daily basis. We're working together with our customers at the end of the day too. Then we're looking to even offer and develop jointly engineered solutions specific to VMware cloud on aws, and even with VMware's, other platforms as well. Then the other thing comes down to is where we have dedicated teams around this at both AWS and VMware. So even from solutions architects, even to our sales specialists, even to our account teams, even to specific engineering teams within the organizations, they all come together to drive this innovation forward with VMware cloud on AWS and the jointly engineered solution partnership as well. And then I think one of the key things to keep in mind comes down to we have nearly 600 channel partners that have achieved VMware cloud on AWS service competency. So think about it from the standpoint there's 300 certified or validated technology solutions, they're now available to our customers. So that's even innovation right off the top as well. >>Great stuff. Daniel, I wanna get to you in a second. Upon this principal architect position you have in your title, you're the global a synergy person. Synergy means bringing things together, making it work. Take us through the architecture, because we heard a lot of folks at VMware explore this year, formerly world, talking about how the, the workloads on it has been completely transforming into cloud and hybrid, right? This is where the action is. Where are you? Is your customers taking advantage of that new shift? You got AI ops, you got it. Ops changing a lot, you got a lot more automation edges right around the corner. This is like a complete transformation from where we were just five years ago. What's your thoughts on the >>Relationship? So at at, at first, I would like to emphasize that our collaboration is not just that we have dedicated teams to help our customers get the most and the best benefits out of VMware cloud on aws. We are also enabling US mutually. So AWS learns from us about the VMware technology, where VMware people learn about the AWS technology. We are also enabling our channel partners and we are working together on customer projects. So we have regular assembled globally and also virtually on Slack and the usual suspect tools working together and listening to customers, that's, that's very important. Asking our customers where are their needs? And we are driving the solution into the direction that our customers get the, the best benefits out of VMware cloud on aws. And over the time we, we really have involved the solution. As Samia mentioned, we just added additional storage solutions to VMware cloud on aws. We now have three different instance types that cover a broad range of, of workload. So for example, we just added the I four I host, which is ideally for workloads that require a lot of CPU power, such as you mentioned it, AI workloads. >>Yeah. So I wanna guess just specifically on the customer journey and their transformation. You know, we've been reporting on Silicon angle in the queue in the past couple weeks in a big way that the OPS teams are now the new devs, right? I mean that sounds OP a little bit weird, but operation IT operations is now part of the, a lot more data ops, security writing code composing, you know, with open source, a lot of great things are changing. Can you share specifically what customers are looking for when you say, as you guys come in and assess their needs, what are they doing? What are some of the things that they're doing with VMware on AWS specifically that's a little bit different? Can you share some of and highlights there? >>That, that's a great point because originally VMware and AWS came from very different directions when it comes to speaking people at customers. So for example, aws very developer focused, whereas VMware has a very great footprint in the IT ops area. And usually these are very different, very different teams, groups, different cultures, but it's, it's getting together. However, we always try to address the customers, right? There are customers that want to build up a new application from the scratch and build resiliency, availability, recoverability, scalability into the application. But there are still a lot of customers that say, well we don't have all of the skills to redevelop everything to refactor an application to make it highly available. So we want to have all of that as a service, recoverability as a service, scalability as a service. We want to have this from the infrastructure. That was one of the unique selling points for VMware on premise and now we are bringing this into the cloud. >>Samir, talk about your perspective. I wanna get your thoughts, and not to take a tangent, but we had covered the AWS remar of, actually it was Amazon res machine learning automation, robotics and space. It was really kinda the confluence of industrial IOT software physical. And so when you look at like the IT operations piece becoming more software, you're seeing things about automation, but the skill gap is huge. So you're seeing low code, no code automation, you know, Hey Alexa, deploy a Kubernetes cluster. Yeah, I mean, I mean that's coming, right? So we're seeing this kind of operating automation meets higher level services meets workloads. Can you unpack that and share your opinion on, on what you see there from an Amazon perspective and how it relates to this? >>Yeah, totally. Right. And you know, look at it from the point of view where we said this is a jointly engineered solution, but it's not migrating to one option or the other option, right? It's more or less together. So even with VMware cloud on aws, yes it is utilizing AWS infrastructure, but your environment is connected to that AWS VPC in your AWS account. So if you wanna leverage any of the native AWS services, so any of the 200 plus AWS services, you have that option to do so. So that's gonna give you that power to do certain things, such as, for example, like how you mentioned with iot, even with utilizing Alexa or if there's any other service that you wanna utilize, that's the joining point between both of the offerings. Right off the top though, with digital transformation, right? You, you have to think about where it's not just about the technology, right? There's also where you want to drive growth in the underlying technology. Even in your business leaders are looking to reinvent their business. They're looking to take different steps as far as pursuing a new strategy. Maybe it's a process, maybe it's with the people, the culture, like how you said before, where people are coming in from a different background, right? They may not be used to the cloud, they may not be used to AWS services, but now you have that capability to mesh them together. Okay. Then also, Oh, >>Go ahead, finish >>Your thought. No, no, I was gonna say, what it also comes down to is you need to think about the operating model too, where it is a shift, right? Especially for that VS four admin that's used to their on-premises at environment. Now with VMware cloud on aws, you have that ability to leverage a cloud, but the investment that you made and certain things as far as automation, even with monitoring, even with logging, yeah. You still have that methodology where you can utilize that in VMware cloud on AWS two. >>Danielle, I wanna get your thoughts on this because at at explore and, and, and after the event, now as we prep for Cuban and reinvent coming up the big AWS show, I had a couple conversations with a lot of the VMware customers and operators and it's like hundreds of thousands of, of, of, of users and millions of people talking about and and peaked on VM we're interested in v VMware. The common thread was one's one, one person said, I'm trying to figure out where I'm gonna put my career in the next 10 to 15 years. And they've been very comfortable with VMware in the past, very loyal, and they're kind of talking about, I'm gonna be the next cloud, but there's no like role yet architects, is it Solution architect sre. So you're starting to see the psychology of the operators who now are gonna try to make these career decisions, like how, what am I gonna work on? And it's, and that was kind of fuzzy, but I wanna get your thoughts. How would you talk to that persona about the future of VMware on, say, cloud for instance? What should they be thinking about? What's the opportunity and what's gonna happen? >>So digital transformation definitely is a huge change for many organizations and leaders are perfectly aware of what that means. And that also means in, in to to some extent, concerns with your existing employees. Concerns about do I have to relearn everything? Do I have to acquire new skills? And, and trainings is everything worthless I learned over the last 15 years of my career? And the, the answer is to make digital transformation a success. We need not just to talk about technology, but also about process people and culture. And this is where VMware really can help because if you are applying VMware cloud on a, on AWS to your infrastructure, to your existing on-premise infrastructure, you do not need to change many things. You can use the same tools and skills, you can manage your virtual machines as you did in your on-premise environment. You can use the same managing and monitoring tools. If you have written, and many customers did this, if you have developed hundreds of, of scripts that automate tasks and if you know how to troubleshoot things, then you can use all of that in VMware cloud on aws. And that gives not just leaders, but but also the architects at customers, the operators at customers, the confidence in, in such a complex project, >>The consistency, very key point, gives them the confidence to go and, and then now that once they're confident they can start committing themselves to new things. Samir, you're reacting to this because you know, on your side you've got higher level services, you got more performance at the hardware level. I mean, lot improvement. So, okay, nothing's changed. I can still run my job now I got goodness on the other side. What's the upside? What's in it for the, for the, for the customer there? >>Yeah, so I think what it comes down to is they've already been so used to or entrenched with that VMware admin mentality, right? But now extending that to the cloud, that's where now you have that bridge between VMware cloud on AWS to bridge that VMware knowledge with that AWS knowledge. So I will look at it from the point of view where now one has that capability and that ability to just learn about the cloud, but if they're comfortable with certain aspects, no one's saying you have to change anything. You can still leverage that, right? But now if you wanna utilize any other AWS service in conjunction with that VM that resides maybe on premises or even in VMware cloud on aws, you have that option to do so. So think about it where you have that ability to be someone who's curious and wants to learn. And then if you wanna expand on the skills, you certainly have that capability to do so. >>Great stuff. I love, love that. Now that we're peeking behind the curtain here, I'd love to have you guys explain, cuz people wanna know what's goes on in behind the scenes. How does innovation get happen? How does it happen with the relationship? Can you take us through a day in the life of kind of what goes on to make innovation happen with the joint partnership? You guys just have a zoom meeting, Do you guys fly out, you write go do you ship thing? I mean I'm making it up, but you get the idea, what's the, what's, how does it work? What's going on behind the scenes? >>So we hope to get more frequently together in person, but of course we had some difficulties over the last two to three years. So we are very used to zoom conferences and and Slack meetings. You always have to have the time difference in mind if we are working globally together. But what we try, for example, we have reg regular assembled now also in person geo based. So for emia, for the Americas, for aj. And we are bringing up interesting customer situations, architectural bits and pieces together. We are discussing it always to share and to contribute to our community. >>What's interesting, you know, as, as events are coming back to here, before you get, you weigh in, I'll comment, as the cube's been going back out to events, we are hearing comments like what, what pandemic we were more productive in the pandemic. I mean, developers know how to work remotely and they've been on all the tools there, but then they get in person, they're happy to see people, but there's no one's, no one's really missed the beat. I mean it seems to be very productive, you know, workflow, not a lot of disruption. More if anything, productivity gains. >>Agreed, right? I think one of the key things to keep in mind is, you know, even if you look at AWS's and even Amazon's leadership principles, right? Customer obsession, that's key. VMware is carrying that forward as well. Where we are working with our customers, like how Daniel said met earlier, right? We might have meetings at different time zones, maybe it's in person, maybe it's virtual, but together we're working to listen to our customers. You know, we're taking and capturing that feedback to drive innovation and VMware cloud on AWS as well. But one of the key things to keep in mind is yes, there have been, there has been the pandemic, we might have been disconnected to a certain extent, but together through technology we've been able to still communicate work with our customers. Even with VMware in between, with AWS and whatnot. We had that flexibility to innovate and continue that innovation. So even if you look at it from the point of view, right? VMware cloud on AWS outposts, that was something that customers have been asking for. We've been been able to leverage the feedback and then continue to drive innovation even around VMware cloud on AWS outposts. So even with the on premises environment, if you're looking to handle maybe data sovereignty or compliance needs, maybe you have low latency requirements, that's where certain advancements come into play, right? So the key thing is always to maintain that communication track. >>And our last segment we did here on the, on this showcase, we listed the accomplishments and they were pretty significant. I mean go, you got the global rollouts of the relationship. It's just really been interesting and, and people can reference that. We won't get into it here, but I will ask you guys to comment on, as you guys continue to evolve the relationship, what's in it for the customer? What can they expect next? Cuz again, I think right now we're in at a, an inflection point more than ever. What can people expect from the relationship and what's coming up with reinvent? Can you share a little bit of kind of what's coming down the pike? >>So one of the most important things we have announced this year, and we will continue to evolve into that direction, is independent scale of storage. That absolutely was one of the most important items customer asked us for over the last years. Whenever, whenever you are requiring additional storage to host your virtual machines, you usually in VMware cloud on aws, you have to add additional notes. Now we have three different note types with different ratios of compute, storage and memory. But if you only require additional storage, you always have to get also additional compute and memory and you have to pay. And now with two solutions which offer choice for the customers, like FS six one, NetApp onap, and VMware cloud Flex Storage, you now have two cost effective opportunities to add storage to your virtual machines. And that offers opportunities for other instance types maybe that don't have local storage. We are also very, very keen looking forward to announcements, exciting announcements at the upcoming events. >>Samir, what's your, what's your reaction take on the, on what's coming down on your side? >>Yeah, I think one of the key things to keep in mind is, you know, we're looking to help our customers be agile and even scale with their needs, right? So with VMware cloud on aws, that's one of the key things that comes to mind, right? There are gonna be announcements, innovations and whatnot with outcoming events. But together we're able to leverage that to advance VMware cloud on AWS to Daniel's point storage, for example, even with host offerings. And then even with decoupling storage from compute and memory, right now you have the flexibility where you can do all of that. So to look at it from the standpoint where now with 21 regions where we have VMware cloud on AWS available as well, where customers can utilize that as needed when needed, right? So it comes down to, you know, transformation will be there. Yes, there's gonna be maybe where workloads have to be adapted where they're utilizing certain AWS services, but you have that flexibility and option to do so. And I think with the continuing events that's gonna give us the options to even advance our own services together. >>Well you guys are in the middle of it, you're in the trenches, you're making things happen, you've got a team of people working together. My final question is really more of a kind of a current situation, kind of future evolutionary thing that you haven't seen this before. I wanna get both of your reaction to it. And we've been bringing this up in, in the open conversations on the cube is in the old days it was going back this generation, you had ecosystems, you had VMware had an ecosystem they did best, had an ecosystem. You know, we have a product, you have a product, biz dev deals happen, people sign relationships and they do business together and they, they sell to each other's products or do some stuff. Now it's more about architecture cuz we're now in a distributed large scale environment where the role of ecosystems are intertwining. >>And this, you guys are in the middle of two big ecosystems. You mentioned channel partners, you both have a lot of partners on both sides. They come together. So you have this now almost a three dimensional or multidimensional ecosystem, you know, interplay. What's your thoughts on this? And, and, and because it's about the architecture, integration is a value, not so much. Innovation is only, you gotta do innovation, but when you do innovation, you gotta integrate it, you gotta connect it. So what is, how do you guys see this as a, as an architectural thing, start to see more technical business deals? >>So we are, we are removing dependencies from individual ecosystems and from individual vendors. So a customer no longer has to decide for one vendor and then it is a very expensive and high effort project to move away from that vendor, which ties customers even, even closer to specific vendors. We are removing these obstacles. So with VMware cloud on aws moving to the cloud, firstly it's, it's not a dead end. If you decide at one point in time because of latency requirements or maybe it's some compliance requirements, you need to move back into on-premise. You can do this if you decide you want to stay with some of your services on premise and just run a couple of dedicated services in the cloud, you can do this and you can mana manage it through a single pane of glass. That's quite important. So cloud is no longer a dead and it's no longer a binary decision, whether it's on premise or the cloud. It it is the cloud. And the second thing is you can choose the best of both works, right? If you are migrating virtual machines that have been running in your on-premise environment to VMware cloud on aws, by the way, in a very, very fast cost effective and safe way, then you can enrich later on enrich these virtual machines with services that are offered by aws. More than 200 different services ranging from object based storage, load balancing and so on. So it's an endless, endless possibility. >>We, we call that super cloud in, in a, in a way that we be generically defining it where everyone's innovating, but yet there's some common services. But the differentiation comes from innovation where the lock in is the value, not some spec, right? Samir, this is gonna where cloud is right now, you guys are, are not commodity. Amazon's completely differentiating, but there's some commodity things. Having got storage, you got compute, but then you got now advances in all areas. But partners innovate with you on their terms. Absolutely. And everybody wins. >>Yeah. And a hundred percent agree with you. I think one of the key things, you know, as Daniel mentioned before, is where it it, it's a cross education where there might be someone who's more proficient on the cloud side with aws, maybe more proficient with the viewers technology, but then for partners, right? They bridge that gap as well where they come in and they might have a specific niche or expertise where their background, where they can help our customers go through that transformation. So then that comes down to, hey, maybe I don't know how to connect to the cloud. Maybe I don't know what the networking constructs are. Maybe I can leverage that partner. That's one aspect to go about it. Now maybe you migrated that workload to VMware cloud on aws. Maybe you wanna leverage any of the native AWS services or even just off the top 200 plus AWS services, right? But it comes down to that skill, right? So again, solutions architecture at the back of, back of the day, end of the day, what it comes down to is being able to utilize the best of both worlds. That's what we're giving our customers at the end of the >>Day. I mean, I just think it's, it's a, it's a refactoring and innovation opportunity at all levels. I think now more than ever, you can take advantage of each other's ecosystems and partners and technologies and change how things get done with keeping the consistency. I mean, Daniel, you nailed that, right? I mean, you don't have to do anything. You still run the fear, the way you working on it and now do new things. This is kind of a cultural shift. >>Yeah, absolutely. And if, if you look, not every, not every customer, not every organization has the resources to refactor and re-platform everything. And we gave, we give them a very simple and easy way to move workloads to the cloud. Simply run them and at the same time they can free up resources to develop new innovations and, and grow their business. >>Awesome. Samir, thank you for coming on. Danielle, thank you for coming to Germany, Octoberfest, I know it's evening over there, your weekend's here. And thank you for spending the time. Samir final give you the final word, AWS reinvents coming up. Preparing. We're gonna have an exclusive with Adam, but Fry, we do a curtain raise, a dual preview. What's coming down on your side with the relationship and what can we expect to hear about what you got going on at reinvent this year? The big show? >>Yeah, so I think, you know, Daniel hit upon some of the key points, but what I will say is we do have, for example, specific sessions, both that VMware's driving and then also that AWS is driving. We do have even where we have what I call a chalk talks. So I would say, and then even with workshops, right? So even with the customers, the attendees who are there, whatnot, if they're looking for to sit and listen to a session, yes that's there. But if they wanna be hands on, that is also there too. So personally for me as an IT background, you know, been in CIS admin world and whatnot, being hands on, that's one of the key things that I personally am looking forward. But I think that's one of the key ways just to learn and get familiar with the technology. Yeah, >>Reinvents an amazing show for the in person. You guys nail it every year. We'll have three sets this year at the cube. It's becoming popular. We more and more content. You guys got live streams going on, a lot of content, a lot of media, so thanks, thanks for sharing that. Samir Daniel, thank you for coming on on this part of the showcase episode of really the customer successes with VMware Cloud Ons, really accelerating business transformation withs and VMware. I'm John Fur with the cube, thanks for watching. Hello everyone. Welcome to this cube showcase, accelerating business transformation with VMware cloud on it's a solution innovation conversation with two great guests, Fred and VP of commercial services at aws and NA Ryan Bard, who's the VP and general manager of cloud solutions at VMware. Gentlemen, thanks for joining me on this showcase. >>Great to be here. >>Hey, thanks for having us on. It's a great topic. You know, we, we've been covering this VMware cloud on abus since, since the launch going back and it's been amazing to watch the evolution from people saying, Oh, it's the worst thing I've ever seen. It's what's this mean? And depress work were, we're kind of not really on board with kind of the vision, but as it played out as you guys had announced together, it did work out great for VMware. It did work out great for a D and it continues two years later and I want just get an update from you guys on where you guys see this has been going. I'll see multiple years. Where is the evolution of the solution as we are right now coming off VMware explorer just recently and going in to reinvent, which is only a couple weeks away, feels like tomorrow. But you know, as we prepare a lot going on, where are we with the evolution of the solution? >>I mean, first thing I wanna say is, you know, PBO 2016 was a someon moment and the history of it, right? When Pat Gelsinger and Andy Jessey came together to announce this and I think John, you were there at the time I was there, it was a great, great moment. We launched the solution in 2017, the year after that at VM Word back when we called it Word, I think we have gone from strength to strength. One of the things that has really mattered to us is we have learned froms also in the processes, this notion of working backwards. So we really, really focused on customer feedback as we build a service offering now five years old, pretty remarkable journey. You know, in the first years we tried to get across all the regions, you know, that was a big focus because there was so much demand for it. >>In the second year we started going really on enterprise grade features. We invented this pretty awesome feature called Stretch clusters, where you could stretch a vSphere cluster using VSA and NSX across two AZs in the same region. Pretty phenomenal four nine s availability that applications start started to get with that particular feature. And we kept moving forward all kinds of integration with AWS direct connect transit gateways with our own advanced networking capabilities. You know, along the way, disaster recovery, we punched out two, two new services just focused on that. And then more recently we launched our outposts partnership. We were up on stage at Reinvent, again with Pat Andy announcing AWS outposts and the VMware flavor of that VMware cloud and AWS outposts. I think it's been significant growth in our federal sector as well with our federal and high certification more recently. So all in all, we are super excited. We're five years old. The customer momentum is really, really strong and we are scaling the service massively across all geos and industries. >>That's great, great update. And I think one of the things that you mentioned was how the advantages you guys got from that relationship. And, and this has kind of been the theme for AWS since I can remember from day one. Fred, you guys do the heavy lifting as as, as you always say for the customers here, VMware comes on board, takes advantage of the AWS and kind of just doesn't miss a beat, continues to move their workloads that everyone's using, you know, vSphere and these are, these are big workloads on aws. What's the AWS perspective on this? How do you see it? >>Yeah, it's pretty fascinating to watch how fast customers can actually transform and move when you take the, the skill set that they're familiar with and the advanced capabilities that they've been using on Preem and then overlay it on top of the AWS infrastructure that's, that's evolving quickly and, and building out new hardware and new instances we'll talk about. But that combined experience between both of us on a jointly engineered solution to bring the best security and the best features that really matter for those workloads drive a lot of efficiency and speed for the, for the customer. So it's been well received and the partnership is stronger than ever from an engineering standpoint, from a business standpoint. And obviously it's been very interesting to look at just how we stay day one in terms of looking at new features and work and, and responding to what customers want. So pretty, pretty excited about just seeing the transformation and the speed that which customers can move to bmc. Yeah, >>That's what great value publish. We've been talking about that in context too. Anyone building on top of the cloud, they can have their own supercloud as we call it. If you take advantage of all the CapEx and and investment Amazon's made and AWS has made and, and and continues to make in performance IAS and pass all great stuff. I have to ask you guys both as you guys see this going to the next level, what are some of the differentiations you see around the service compared to other options on the market? What makes it different? What's the combination? You mentioned jointly engineered, what are some of the key differentiators of the service compared to others? >>Yeah, I think one of the key things Fred talked about is this jointly engineered notion right from day one. We were the earlier doctors of AWS Nitro platform, right? The reinvention of E two back five years ago. And so we have been, you know, having a very, very strong engineering partnership at that level. I think from a VMware customer standpoint, you get the full software defined data center or compute storage networking on EC two, bare metal across all regions. You can scale that elastically up and down. It's pretty phenomenal just having that consistency globally, right on aws EC two global regions. Now the other thing that's a real differentiator for us that customers tell us about is this whole notion of a managed service, right? And this was somewhat new to VMware, but we took away the pain of this undifferentiated heavy lifting where customers had to provision rack, stack hardware, configure the software on top, and then upgrade the software and the security batches on top. >>So we took, took away all of that pain as customers transitioned to VMware cloud and aws. In fact, my favorite story from last year when we were all going through the lock for j debacle industry was just going through that, right? Favorite proof point from customers was before they put even race this issue to us, we sent them a notification saying we already patched all of your systems, no action from you. The customers were super thrilled. I mean these are large banks, many other customers around the world, super thrilled they had to take no action, but a pretty incredible industry challenge that we were all facing. >>Nora, that's a great, so that's a great point. You know, the whole managed service piece brings up the security, you kind of teasing at it, but you know, there's always vulnerabilities that emerge when you are doing complex logic. And as you grow your solutions, there's more bits. You know, Fred, we were commenting before we came on camera, there's more bits than ever before and, and at at the physics layer too, as well as the software. So you never know when there's gonna be a zero day vulnerability out there. Just, it happens. We saw one with fornet this week, this came outta the woodwork. But moving fast on those patches, it's huge. This brings up the whole support angle. I wanted to ask you about how you guys are doing that as well, because to me we see the value when we, when we talk to customers on the cube about this, you know, it was a real, real easy understanding of how, what the cloud means to them with VMware now with the aws. But the question that comes up that we wanna get more clarity on is how do you guys handle support together? >>Well, what's interesting about this is that it's, it's done mutually. We have dedicated support teams on both sides that work together pretty seamlessly to make sure that whether there's a issue at any layer, including all the way up into the app layer, as you think about some of the other workloads like sap, we'll go end to end and make sure that we support the customer regardless of where the particular issue might be for them. And on top of that, we look at where, where we're improving reliability in, in as a first order of, of principle between both companies. So from an availability and reliability standpoint, it's, it's top of mind and no matter where the particular item might land, we're gonna go help the customer resolve. That works really well >>On the VMware side. What's been the feedback there? What's the, what are some of the updates? >>Yeah, I think, look, I mean, VMware owns and operates the service, but we have a phenomenal backend relationship with aws. Customers call VMware for the service for any issues and, and then we have a awesome relationship with AWS on the backend for support issues or any hardware issues. The BASKE management that we jointly do, right? All of the hard problems that customers don't have to worry about. I think on the front end, we also have a really good group of solution architects across the companies that help to really explain the solution. Do complex things like cloud migration, which is much, much easier with VMware cloud aws, you know, we are presenting that easy button to the public cloud in many ways. And so we have a whole technical audience across the two companies that are working with customers every single day. >>You know, you had mentioned, I've got a list here, some of the innovations the, you mentioned the stretch clustering, you know, getting the GOs working, Advanced network, disaster recovery, you know, fed, Fed ramp, public sector certifications, outposts, all good. You guys are checking the boxes every year. You got a good, good accomplishments list there on the VMware AWS side here in this relationship. The question that I'm interested in is what's next? What recent innovations are you doing? Are you making investments in what's on the lists this year? What items will be next year? How do you see the, the new things, the list of accomplishments, people wanna know what's next. They don't wanna see stagnant growth here, they wanna see more action, you know, as as cloud kind of continues to scale and modern applications cloud native, you're seeing more and more containers, more and more, you know, more CF C I C D pipe pipelining with with modern apps, put more pressure on the system. What's new, what's the new innovations? >>Absolutely. And I think as a five yearold service offering innovation is top of mind for us every single day. So just to call out a few recent innovations that we announced in San Francisco at VMware Explorer. First of all, our new platform i four I dot metal, it's isolate based, it's pretty awesome. It's the latest and greatest, all the speeds and feeds that we would expect from VMware and aws. At this point in our relationship. We announced two different storage options. This notion of working from customer feedback, allowing customers even more price reductions, really take off that storage and park it externally, right? And you know, separate that from compute. So two different storage offerings there. One is with AWS Fsx, with NetApp on tap, which brings in our NetApp partnership as well into the equation and really get that NetApp based, really excited about this offering as well. >>And the second storage offering for VMware cloud Flex Storage, VMware's own managed storage offering. Beyond that, we have done a lot of other innovations as well. I really wanted to talk about VMware cloud Flex Compute, where previously customers could only scale by hosts and a host is 36 to 48 cores, give or take. But with VMware cloud Flex Compute, we are now allowing this notion of a resource defined compute model where customers can just get exactly the V C P memory and storage that maps to the applications, however small they might be. So this notion of granularity is really a big innovation that that we are launching in the market this year. And then last but not least, talk about ransomware. Of course it's a hot topic in industry. We are seeing many, many customers ask for this. We are happy to announce a new ransomware recovery with our VMware cloud DR solution. >>A lot of innovation there and the way we are able to do machine learning and make sure the workloads that are covered from snapshots and backups are actually safe to use. So there's a lot of differentiation on that front as well. A lot of networking innovations with Project Knot star for ability to have layer flow through layer seven, you know, new SaaS services in that area as well. Keep in mind that the service already supports managed Kubernetes for containers. It's built in to the same clusters that have virtual machines. And so this notion of a single service with a great TCO for VMs and containers and sort of at the heart of our office, >>The networking side certainly is a hot area to keep innovating on. Every year it's the same, same conversation, get better, faster networking, more, more options there. The flex computes. Interesting. If you don't mind me getting a quick clarification, could you explain the Drew screen resource defined versus hardware defined? Because this is kind of what we had saw at Explore coming out, that notion of resource defined versus hardware defined. What's the, what does that mean? >>Yeah, I mean I think we have been super successful in this hardware defined notion. We we're scaling by the hardware unit that we present as software defined data centers, right? And so that's been super successful. But we, you know, customers wanted more, especially customers in different parts of the world wanted to start even smaller and grow even more incrementally, right? Lower their costs even more. And so this is the part where resource defined starts to be very, very interesting as a way to think about, you know, here's my bag of resources exactly based on what the customers request for fiber machines, five containers, its size exactly for that. And then as utilization grows, we elastically behind the scenes, we're able to grow it through policies. So that's a whole different dimension. It's a whole different service offering that adds value and customers are comfortable. They can go from one to the other, they can go back to that post based model if they so choose to. And there's a jump off point across these two different economic models. >>It's kind of cloud of flexibility right there. I like the name Fred. Let's get into some of the examples of customers, if you don't mind. Let's get into some of the ex, we have some time. I wanna unpack a little bit of what's going on with the customer deployments. One of the things we've heard again on the cube is from customers is they like the clarity of the relationship, they love the cloud positioning of it. And then what happens is they lift and shift the workloads and it's like, feels great. It's just like we're running VMware on AWS and then they would start consuming higher level services, kind of that adoption next level happens and because it it's in the cloud, so, So can you guys take us through some recent examples of customer wins or deployments where they're using VMware cloud on AWS on getting started, and then how do they progress once they're there? How does it evolve? Can you just walk us through a couple of use cases? >>Sure. There's a, well there's a couple. One, it's pretty interesting that, you know, like you said, as there's more and more bits you need better and better hardware and networking. And we're super excited about the I four and the capabilities there in terms of doubling and or tripling what we're doing around a lower variability on latency and just improving all the speeds. But what customers are doing with it, like the college in New Jersey, they're accelerating their deployment on a, on onboarding over like 7,400 students over a six to eight month period. And they've really realized a ton of savings. But what's interesting is where and how they can actually grow onto additional native services too. So connectivity to any other services is available as they start to move and migrate into this. The, the options there obviously are tied to all the innovation that we have across any services, whether it's containerized and with what they're doing with Tanu or with any other container and or services within aws. >>So there's, there's some pretty interesting scenarios where that data and or the processing, which is moved quickly with full compliance, whether it's in like healthcare or regulatory business is, is allowed to then consume and use things, for example, with tech extract or any other really cool service that has, you know, monthly and quarterly innovations. So there's things that you just can't, could not do before that are coming out and saving customers money and building innovative applications on top of their, their current app base in, in a rapid fashion. So pretty excited about it. There's a lot of examples. I think I probably don't have time to go into too, too many here. Yeah. But that's actually the best part is listening to customers and seeing how many net new services and new applications are they actually building on top of this platform. >>Nora, what's your perspective from the VMware sy? So, you know, you guys have now a lot of headroom to offer customers with Amazon's, you know, higher level services and or whatever's homegrown where's being rolled out? Cuz you now have a lot of hybrid too, so, so what's your, what's your take on what, what's happening in with customers? >>I mean, it's been phenomenal, the, the customer adoption of this and you know, banks and many other highly sensitive verticals are running production grade applications, tier one applications on the service over the last five years. And so, you know, I have a couple of really good examples. S and p Global is one of my favorite examples. Large bank, they merge with IHS market, big sort of conglomeration. Now both customers were using VMware cloud and AWS in different ways. And with the, with the use case, one of their use cases was how do I just respond to these global opportunities without having to invest in physical data centers? And then how do I migrate and consolidate all my data centers across the global, which there were many. And so one specific example for this company was how they migrated thousand 1000 workloads to VMware cloud AWS in just six weeks. Pretty phenomenal. If you think about everything that goes into a cloud migration process, people process technology and the beauty of the technology going from VMware point A to VMware point B, the the lowest cost, lowest risk approach to adopting VMware, VMware cloud, and aws. So that's, you know, one of my favorite examples. There are many other examples across other verticals that we continue to see. The good thing is we are seeing rapid expansion across the globe that constantly entering new markets with the limited number of regions and progressing our roadmap there. >>Yeah, it's great to see, I mean the data center migrations go from months, many, many months to weeks. It's interesting to see some of those success stories. So congratulations. One >>Of other, one of the other interesting fascinating benefits is the sustainability improvement in terms of being green. So the efficiency gains that we have both in current generation and new generation processors and everything that we're doing to make sure that when a customer can be elastic, they're also saving power, which is really critical in a lot of regions worldwide at this point in time. They're, they're seeing those benefits. If you're running really inefficiently in your own data center, that is just a, not a great use of power. So the actual calculators and the benefits to these workloads is, are pretty phenomenal just in being more green, which I like. We just all need to do our part there. And, and this is a big part of it here. >>It's a huge, it's a huge point about the sustainability. Fred, I'm glad you called that out. The other one I would say is supply chain issues. Another one you see that constrains, I can't buy hardware. And the third one is really obvious, but no one really talks about it. It's security, right? I mean, I remember interviewing Stephen Schmidt with that AWS and many years ago, this is like 2013, and you know, at that time people were saying the cloud's not secure. And he's like, listen, it's more secure in the cloud on premise. And if you look at the security breaches, it's all about the on-premise data center vulnerabilities, not so much hardware. So there's a lot you gotta to stay current on, on the isolation there is is hard. So I think, I think the security and supply chain, Fred is, is another one. Do you agree? >>I I absolutely agree. It's, it's hard to manage supply chain nowadays. We put a lot of effort into that and I think we have a great ability to forecast and make sure that we can lean in and, and have the resources that are available and run them, run them more efficiently. Yeah, and then like you said on the security point, security is job one. It is, it is the only P one. And if you think of how we build our infrastructure from Nitro all the way up and how we respond and work with our partners and our customers, there's nothing more important. >>And naron your point earlier about the managed service patching and being on top of things, it's really gonna get better. All right, final question. I really wanna thank you for your time on this showcase. It's really been a great conversation. Fred, you had made a comment earlier. I wanna kind of end with kind of a curve ball and put you eyes on the spot. We're talking about a modern, a new modern shift. It's another, we're seeing another inflection point, we've been documenting it, it's almost like cloud hitting another inflection point with application and open source growth significantly at the app layer. Continue to put a lot of pressure and, and innovation in the infrastructure side. So the question is for you guys each to answer is what's the same and what's different in today's market? So it's kind of like we want more of the same here, but also things have changed radically and better here. What are the, what's, what's changed for the better and where, what's still the same kind of thing hanging around that people are focused on? Can you share your perspective? >>I'll, I'll, I'll, I'll tackle it. You know, businesses are complex and they're often unique that that's the same. What's changed is how fast you can innovate. The ability to combine manage services and new innovative services and build new applications is so much faster today. Leveraging world class hardware that you don't have to worry about that's elastic. You, you could not do that even five, 10 years ago to the degree you can today, especially with innovation. So innovation is accelerating at a, at a rate that most people can't even comprehend and understand the, the set of services that are available to them. It's really fascinating to see what a one pizza team of of engineers can go actually develop in a week. It is phenomenal. So super excited about this space and it's only gonna continue to accelerate that. That's my take. All right. >>You got a lot of platform to compete on with, got a lot to build on then you're Ryan, your side, What's your, what's your answer to that question? >>I think we are seeing a lot of innovation with new applications that customers are constant. I think what we see is this whole notion of how do you go from desktop to production to the secure supply chain and how can we truly, you know, build on the agility that developers desire and build all the security and the pipelines to energize that motor production quickly and efficiently. I think we, we are seeing, you know, we are at the very start of that sort of of journey. Of course we have invested in Kubernetes the means to an end, but there's so much more beyond that's happening in industry. And I think we're at the very, very beginning of this transformations, enterprise transformation that many of our customers are going through and we are inherently part of it. >>Yeah. Well gentlemen, I really appreciate that we're seeing the same thing. It's more the same here on, you know, solving these complexities with distractions. Whether it's, you know, higher level services with large scale infrastructure at, at your fingertips. Infrastructures, code, infrastructure to be provisioned, serverless, all the good stuff happen in Fred with AWS on your side. And we're seeing customers resonate with this idea of being an operator, again, being a cloud operator and developer. So the developer ops is kind of, DevOps is kind of changing too. So all for the better. Thank you for spending the time and we're seeing again, that traction with the VMware customer base and of us getting, getting along great together. So thanks for sharing your perspectives, >>I appreciate it. Thank you so >>Much. Okay, thank you John. Okay, this is the Cube and AWS VMware showcase, accelerating business transformation. VMware cloud on aws, jointly engineered solution, bringing innovation to the VMware customer base, going to the cloud and beyond. I'm John Fur, your host. Thanks for watching. Hello everyone. Welcome to the special cube presentation of accelerating business transformation on vmc on aws. I'm John Furrier, host of the Cube. We have dawan director of global sales and go to market for VMware cloud on adb. This is a great showcase and should be a lot of fun. Ashish, thanks for coming on. >>Hi John. Thank you so much. >>So VMware cloud on AWS has been well documented as this big success for VMware and aws. As customers move their workloads into the cloud, IT operations of VMware customers has signaling a lot of change. This is changing the landscape globally is on cloud migration and beyond. What's your take on this? Can you open this up with the most important story around VMC on aws? >>Yes, John. The most important thing for our customers today is the how they can safely and swiftly move their ID infrastructure and applications through cloud. Now, VMware cloud AWS is a service that allows all vSphere based workloads to move to cloud safely, swiftly and reliably. Banks can move their core, core banking platforms, insurance companies move their core insurance platforms, telcos move their goss, bss, PLA platforms, government organizations are moving their citizen engagement platforms using VMC on aws because this is one platform that allows you to move it, move their VMware based platforms very fast. Migrations can happen in a matter of days instead of months. Extremely securely. It's a VMware manage service. It's very secure and highly reliably. It gets the, the reliability of the underlyings infrastructure along with it. So win-win from our customers perspective. >>You know, we reported on this big news in 2016 with Andy Chas, the, and Pat Geling at the time, a lot of people said it was a bad deal. It turned out to be a great deal because not only could VMware customers actually have a cloud migrate to the cloud, do it safely, which was their number one concern. They didn't want to have disruption to their operations, but also position themselves for what's beyond just shifting to the cloud. So I have to ask you, since you got the finger on the pulse here, what are we seeing in the market when it comes to migrating and modern modernizing in the cloud? Because that's the next step. They go to the cloud, you guys have done that, doing it, then they go, I gotta modernize, which means kind of upgrading or refactoring. What's your take on that? >>Yeah, absolutely. Look, the first step is to help our customers assess their infrastructure and licensing and entire ID operations. Once we've done the assessment, we then create their migration plans. A lot of our customers are at that inflection point. They're, they're looking at their real estate, ex data center, real estate. They're looking at their contracts with colocation vendors. They really want to exit their data centers, right? And VMware cloud and AWS is a perfect solution for customers who wanna exit their data centers, migrate these applications onto the AWS platform using VMC on aws, get rid of additional real estate overheads, power overheads, be socially and environmentally conscious by doing that as well, right? So that's the migration story, but to your point, it doesn't end there, right? Modernization is a critical aspect of the entire customer journey as as well customers, once they've migrated their ID applications and infrastructure on cloud get access to all the modernization services that AWS has. They can correct easily to our data lake services, to our AIML services, to custom databases, right? They can decide which applications they want to keep and which applications they want to refactor. They want to take decisions on containerization, make decisions on service computing once they've come to the cloud. But the most important thing is to take that first step. You know, exit data centers, come to AWS using vmc or aws, and then a whole host of modernization options available to them. >>Yeah, I gotta say, we had this right on this, on this story, because you just pointed out a big thing, which was first order of business is to make sure to leverage the on-prem investments that those customers made and then migrate to the cloud where they can maintain their applications, their data, their infrastructure operations that they're used to, and then be in position to start getting modern. So I have to ask you, how are you guys specifically, or how is VMware cloud on s addressing these needs of the customers? Because what happens next is something that needs to happen faster. And sometimes the skills might not be there because if they're running old school, IT ops now they gotta come in and jump in. They're gonna use a data cloud, they're gonna want to use all kinds of machine learning, and there's a lot of great goodness going on above the stack there. So as you move with the higher level services, you know, it's a no brainer, obviously, but they're not, it's not yesterday's higher level services in the cloud. So how are, how is this being addressed? >>Absolutely. I think you hit up on a very important point, and that is skills, right? When our customers are operating, some of the most critical applications I just mentioned, core banking, core insurance, et cetera, they're most of the core applications that our customers have across industries, like even, even large scale ERP systems, they're actually sitting on VMware's vSphere platform right now. When the customer wants to migrate these to cloud, one of the key bottlenecks they face is skill sets. They have the trained manpower for these core applications, but for these high level services, they may not, right? So the first order of business is to help them ease this migration pain as much as possible by not wanting them to, to upscale immediately. And we VMware cloud and AWS exactly does that. I mean, you don't have to do anything. You don't have to create new skill set for doing this, right? Their existing skill sets suffice, but at the same time, it gives them that, that leeway to build that skills roadmap for their team. DNS is invested in that, right? Yes. We want to help them build those skills in the high level services, be it aml, be it, be it i t be it data lake and analytics. We want to invest in them, and we help our customers through that. So that ultimately the ultimate goal of making them drop data is, is, is a front and center. >>I wanna get into some of the use cases and success stories, but I want to just reiterate, hit back your point on the skill thing. Because if you look at what you guys have done at aws, you've essentially, and Andy Chassey used to talk about this all the time when I would interview him, and now last year Adam was saying the same thing. You guys do all the heavy lifting, but if you're a VMware customer user or operator, you are used to things. You don't have to be relearn to be a cloud architect. Now you're already in the game. So this is like almost like a instant path to cloud skills for the VMware. There's hundreds of thousands of, of VMware architects and operators that now instantly become cloud architects, literally overnight. Can you respond to that? Do you agree with that? And then give an example. >>Yes, absolutely. You know, if you have skills on the VMware platform, you know, know, migrating to AWS using via by cloud and AWS is absolutely possible. You don't have to really change the skills. The operations are exactly the same. The management systems are exactly the same. So you don't really have to change anything but the advantages that you get access to all the other AWS services. So you are instantly able to integrate with other AWS services and you become a cloud architect immediately, right? You are able to solve some of the critical problems that your underlying IT infrastructure has immediately using this. And I think that's a great value proposition for our customers to use this service. >>And just one more point, I want just get into something that's really kind of inside baseball or nuanced VMC or VMware cloud on AWS means something. Could you take a minute to explain what on AWS means? Just because you're like hosting and using Amazon as a, as a work workload? Being on AWS means something specific in your world, being VMC on AWS mean? >>Yes. This is a great question, by the way, You know, on AWS means that, you know, VMware's vse platform is, is a, is an iconic enterprise virtualization software, you know, a disproportionately high market share across industries. So when we wanted to create a cloud product along with them, obviously our aim was for them, for the, for this platform to have the goodness of the AWS underlying infrastructure, right? And, and therefore, when we created this VMware cloud solution, it it literally use the AWS platform under the eighth, right? And that's why it's called a VMs VMware cloud on AWS using, using the, the, the wide portfolio of our regions across the world and the strength of the underlying infrastructure, the reliability and, and, and sustainability that it offers. And therefore this product is called VMC on aws. >>It's a distinction I think is worth noting, and it does reflect engineering and some levels of integration that go well beyond just having a SaaS app and, and basically platform as a service or past services. So I just wanna make sure that now super cloud, we'll talk about that a little bit in another interview, but I gotta get one more question in before we get into the use cases and customer success stories is in, in most of the VM world, VMware world, in that IT world, it used to, when you heard migration, people would go, Oh my God, that's gonna take months. And when I hear about moving stuff around and doing cloud native, the first reaction people might have is complexity. So two questions for you before we move on to the next talk. Track complexity. How are you addressing the complexity issue and how long these migrations take? Is it easy? Is it it hard? I mean, you know, the knee jerk reaction is month, You're very used to that. If they're dealing with Oracle or other old school vendors, like, they're, like the old guard would be like, takes a year to move stuff around. So can you comment on complexity and speed? >>Yeah. So the first, first thing is complexity. And you know, what makes what makes anything complex is if you're, if you're required to acquire new skill sets or you've gotta, if you're required to manage something differently, and as far as VMware cloud and AWS on both these aspects, you don't have to do anything, right? You don't have to acquire new skill sets. Your existing idea operation skill sets on, on VMware's platforms are absolutely fine and you don't have to manage it any differently like, than what you're managing your, your ID infrastructure today. So in both these aspects, it's exactly the same and therefore it is absolutely not complex as far as, as far as, as far as we cloud and AWS is concerned. And the other thing is speed. This is where the huge differentiation is. You have seen that, you know, large banks and large telcos have now moved their workloads, you know, literally in days instead of months. >>Because because of VMware cloud and aws, a lot of time customers come to us with specific deadlines because they want to exit their data centers on a particular date. And what happens, VMware cloud and AWS is called upon to do that migration, right? So speed is absolutely critical. The reason is also exactly the same because you are using the exactly the same platform, the same management systems, people are available to you, you're able to migrate quickly, right? I would just reference recently we got an award from President Zelensky of Ukraine for, you know, migrating their entire ID digital infrastructure and, and that that happened because they were using VMware cloud database and happened very swiftly. >>That's been a great example. I mean, that's one political, but the economic advantage of getting outta the data center could be national security. You mentioned Ukraine, I mean Oscar see bombing and death over there. So clearly that's a critical crown jewel for their running their operations, which is, you know, you know, world mission critical. So great stuff. I love the speed thing. I think that's a huge one. Let's get into some of the use cases. One of them is, the first one I wanted to talk about was we just hit on data, data center migration. It could be financial reasons on a downturn or our, or market growth. People can make money by shifting to the cloud, either saving money or making money. You win on both sides. It's a, it's a, it's almost a recession proof, if you will. Cloud is so use case for number one data center migration. Take us through what that looks like. Give an example of a success. Take us through a day, day in the life of a data center migration in, in a couple minutes. >>Yeah. You know, I can give you an example of a, of a, of a large bank who decided to migrate, you know, their, all their data centers outside their existing infrastructure. And they had, they had a set timeline, right? They had a set timeline to migrate the, the, they were coming up on a renewal and they wanted to make sure that this set timeline is met. We did a, a complete assessment of their infrastructure. We did a complete assessment of their IT applications, more than 80% of their IT applications, underlying v vSphere platform. And we, we thought that the right solution for them in the timeline that they wanted, right, is VMware cloud ands. And obviously it was a large bank, it wanted to do it safely and securely. It wanted to have it completely managed, and therefore VMware cloud and aws, you know, ticked all the boxes as far as that is concerned. >>I'll be happy to report that the large bank has moved to most of their applications on AWS exiting three of their data centers, and they'll be exiting 12 more very soon. So that's a great example of, of, of the large bank exiting data centers. There's another Corolla to that. Not only did they manage to manage to exit their data centers and of course use and be more agile, but they also met their sustainability goals. Their board of directors had given them goals to be carbon neutral by 2025. They found out that 35% of all their carbon foot footprint was in their data centers. And if they moved their, their ID infrastructure to cloud, they would severely reduce the, the carbon footprint, which is 35% down to 17 to 18%. Right? And that meant their, their, their, their sustainability targets and their commitment to the go to being carbon neutral as well. >>And that they, and they shift that to you guys. Would you guys take that burden? A heavy lifting there and you guys have a sustainability story, which is a whole nother showcase in and of itself. We >>Can Exactly. And, and cause of the scale of our, of our operations, we are able to, we are able to work on that really well as >>Well. All right. So love the data migration. I think that's got real proof points. You got, I can save money, I can, I can then move and position my applications into the cloud for that reason and other reasons as a lot of other reasons to do that. But now it gets into what you mentioned earlier was, okay, data migration, clearly a use case and you laid out some successes. I'm sure there's a zillion others. But then the next step comes, now you got cloud architects becoming minted every, and you got managed services and higher level services. What happens next? Can you give us an example of the use case of the modernization around the NextGen workloads, NextGen applications? We're starting to see, you know, things like data clouds, not data warehouses. We're not gonna data clouds, it's gonna be all kinds of clouds. These NextGen apps are pure digital transformation in action. Take us through a use case of how you guys make that happen with a success story. >>Yes, absolutely. And this is, this is an amazing success story and the customer here is s and p global ratings. As you know, s and p global ratings is, is the world leader as far as global ratings, global credit ratings is concerned. And for them, you know, the last couple of years have been tough as far as hardware procurement is concerned, right? The pandemic has really upended the, the supply chain. And it was taking a lot of time to procure hardware, you know, configure it in time, make sure that that's reliable and then, you know, distribute it in the wide variety of, of, of offices and locations that they have. And they came to us. We, we did, again, a, a, a alar, a fairly large comprehensive assessment of their ID infrastructure and their licensing contracts. And we also found out that VMware cloud and AWS is the right solution for them. >>So we worked there, migrated all their applications, and as soon as we migrated all their applications, they got, they got access to, you know, our high level services be our analytics services, our machine learning services, our, our, our, our artificial intelligence services that have been critical for them, for their growth. And, and that really is helping them, you know, get towards their next level of modern applications. Right Now, obviously going forward, they will have, they will have the choice to, you know, really think about which applications they want to, you know, refactor or which applications they want to go ahead with. That is really a choice in front of them. And, but you know, the, we VMware cloud and AWS really gave them the opportunity to first migrate and then, you know, move towards modernization with speed. >>You know, the speed of a startup is always the kind of the Silicon Valley story where you're, you know, people can make massive changes in 18 months, whether that's a pivot or a new product. You see that in startup world. Now, in the enterprise, you can see the same thing. I noticed behind you on your whiteboard, you got a slogan that says, are you thinking big? I know Amazon likes to think big, but also you work back from the customers and, and I think this modern application thing's a big deal because I think the mindset has always been constrained because back before they moved to the cloud, most IT, and, and, and on-premise data center shops, it's slow. You gotta get the hardware, you gotta configure it, you gotta, you gotta stand it up, make sure all the software is validated on it, and loading a database and loading oss, I mean, mean, yeah, it got easier and with scripting and whatnot, but when you move to the cloud, you have more scale, which means more speed, which means it opens up their capability to think differently and build product. What are you seeing there? Can you share your opinion on that epiphany of, wow, things are going fast, I got more time to actually think about maybe doing a cloud native app or transforming this or that. What's your, what's your reaction to that? Can you share your opinion? >>Well, ultimately we, we want our customers to utilize, you know, most of our modern services, you know, applications should be microservices based. When desired, they should use serverless applic. So list technology, they should not have monolithic, you know, relational database contracts. They should use custom databases, they should use containers when needed, right? So ultimately, we want our customers to use these modern technologies to make sure that their IT infrastructure, their licensing, their, their entire IT spend is completely native to cloud technologies. They work with the speed of a startup, but it's important for them to, to, to get to the first step, right? So that's why we create this journey for our customers, where you help them migrate, give them time to build the skills, they'll help them mo modernize, take our partners along with their, along with us to, to make sure that they can address the need for our customers. That's, that's what our customers need today, and that's what we are working backwards from. >>Yeah, and I think that opens up some big ideas. I'll just say that the, you know, we're joking, I was joking the other night with someone here in, in Palo Alto around serverless, and I said, you know, soon you're gonna hear words like architectural list. And that's a criticism on one hand, but you might say, Hey, you know, if you don't really need an architecture, you know, storage lists, I mean, at the end of the day, infrastructure is code means developers can do all the it in the coding cycles and then make the operations cloud based. And I think this is kind of where I see the dots connecting. Final thought here, take us through what you're thinking around how this new world is evolving. I mean, architecturals kind of a joke, but the point is, you know, you have to some sort of architecture, but you don't have to overthink it. >>Totally. No, that's a great thought, by the way. I know it's a joke, but it's a great thought because at the end of the day, you know, what do the customers really want? They want outcomes, right? Why did service technology come? It was because there was an outcome that they needed. They didn't want to get stuck with, you know, the, the, the real estate of, of a, of a server. They wanted to use compute when they needed to, right? Similarly, what you're talking about is, you know, outcome based, you know, desire of our customers and, and, and that's exactly where the word is going to, Right? Cloud really enforces that, right? We are actually, you know, working backwards from a customer's outcome and using, using our area the breadth and depth of our services to, to deliver those outcomes, right? And, and most of our services are in that path, right? When we use VMware cloud and aws, the outcome is a, to migrate then to modernize, but doesn't stop there, use our native services, you know, get the business outcomes using this. So I think that's, that's exactly what we are going through >>Actually, should actually, you're the director of global sales and go to market for VMware cloud on Aus. I wanna thank you for coming on, but I'll give you the final minute. Give a plug, explain what is the VMware cloud on Aus, Why is it great? Why should people engage with you and, and the team, and what ultimately is this path look like for them going forward? >>Yeah. At the end of the day, we want our customers to have the best paths to the cloud, right? The, the best path to the cloud is making sure that they migrate safely, reliably, and securely as well as with speed, right? And then, you know, use that cloud platform to, to utilize AWS's native services to make sure that they modernize their IT infrastructure and applications, right? We want, ultimately that our customers, customers, customer get the best out of, you know, utilizing the, that whole application experience is enhanced tremendously by using our services. And I think that's, that's exactly what we are working towards VMware cloud AWS is, is helping our customers in that journey towards migrating, modernizing, whether they wanna exit a data center or whether they wanna modernize their applications. It's a essential first step that we wanna help our customers with >>One director of global sales and go to market with VMware cloud on neighbors. He's with aws sharing his thoughts on accelerating business transformation on aws. This is a showcase. We're talking about the future path. We're talking about use cases with success stories from customers as she's thank you for spending time today on this showcase. >>Thank you, John. I appreciate it. >>Okay. This is the cube, special coverage, special presentation of the AWS Showcase. I'm John Furrier, thanks for watching.

>>Good afternoon, brilliant humans, and welcome back to the Cube. We're live in Detroit, Michigan at Cub Con, and I'm joined by John Furrier. John three exciting days buzzing. How you doing? >>That's great. I mean, we're coming down to the third day. We're keeping the energy going, but this segment's gonna be awesome. The CD foundation's doing amazing work. Developers are gonna be running businesses and workflows are changing. Productivity's the top conversation, and you're gonna start to see a coalescing of the communities who are continuous delivery, and it's gonna be awesome. >>And, and our next guess is an outstanding person to talk about this. We are joined by Stephen Chin, the chair of the CD Foundation. Steven, thanks so much for being here. >>No, no, my pleasure. I mean, this has been an amazing week quote that CubeCon with all of the announcements, all of the people who came out here to Detroit and, you know, fantastic. Like just walking around, you bump into all the right people here. Plus we held a CD summit zero day events, and had a lot of really exciting announcements this week. >>Gotta love the shirt. I gotta say, it's one of my favorites. Love the logos. Love the love the branding. That project got traction. What's the news in the CD foundation? I tried to sneak in the back. I got a little laid into your co-located event. It was packed. Everyone's engaged. It was really looked, look really cool. Give us the update. >>What's the news? Yeah, I know. So we, we had a really, really powerful event. All the key practitioners, the open source leads and folks were there. And one of, one of the things which I think we've done a really good job in the past six months with the CD foundation is getting back to the roots and focusing on technical innovation, right? This is what drives foundations, having strong projects, having people who are building innovation, and also bringing in a new innovation. So one of the projects which we added to the CD foundation this week is called Persia. So it's a, it's a decentralized package repository for getting open source libraries. And it solves a lot of the problems which you get when you have centralized infrastructure. You don't have the right security certificates, you don't have the right verification libraries. And these, these are all things which large companies provision and build out inside of their infrastructure. But the open source communities don't have the benefit of the same sort of really, really strong architecture. A lot of, a lot of the systems we depend upon. It's >>A good point, yeah. >>Yeah. I mean, if you think about the systems that developers depend upon, we depend upon, you know, npm, ruby Gems, Mayn Central, and these systems been around for a while. Like they serve the community well, right? They're, they're well supported by the companies and it's, it's, it's really a great contribution that they give us. But every time there's an outage or there's a security issue, guess, guess how many security issues that our, our research team found at npm? Just ballpark. >>74. >>So there're >>It's gotta be thousands. I mean, it's gotta be a lot of tons >>Of Yeah, >>They, they're currently up to 60,000 >>Whoa. >>Vulnerable, malicious packages in NPM and >>Oh my gosh. So that's a super, that's a jar number even. I know it was gonna be huge, but Holy mo. >>Yeah. So that's a software supply chain in actually right there. So that's, that's open source. Everything's out there. What's, how do, how does, how do you guys fix that? >>Yeah, so per peria kind of shifts the whole model. So when, when you think about a system that can be sustained, it has to be something which, which is not just one company. It has to be a, a, a set of companies, be vendor neutral and be decentralized. So that's why we donated it to the Continuous Delivery Foundation. So that can be that governance body, which, which makes sure it's not a single company, it is to use modern technologies. So you, you, you just need something which is immutable, so it can't be changed. So you can rely on it. It has to have a strong transaction ledger so you can see all of the history of it. You can build up your software, build materials off of it, and it, it has to have a strong peer-to-peer architecture, so it can be sustained long term. >>Steven, you mentioned something I want to just get back to. You mentioned outages and disruption. I, you didn't, you didn't say just the outages, but this whole disruption angle is interesting if something happens. Talk about the impact of the developer. They stalled, inefficiencies create basically disruption. >>No, I mean, if, if, so, so if you think about most DevOps teams in big companies, they support hundreds or thousands of teams and an hour of outage. All those developers, they, they can't program, they can't work. And that's, that's a huge loss of productivity for the company. Now, if you, if you take that up a level when MPM goes down for an hour, how many millions of man hours are wasted by not being able to get your builds working by not being able to get your codes to compile. Like it's, it's >>Like, yeah, I mean, it's almost hard to fathom. I mean, everyone's, It's stopped. Exactly. It's literally like having the plug pulled >>Exactly on whenever you're working on, That's, that's the fundamental problem we're trying to solve. Is it, it needs to be on a, like a well supported, well architected peer to peer network with some strong backing from big companies. So the company is working on Persia, include J Frog, which who I work for, Docker, Oracle. We have Deploy hub, Huawei, a whole bunch of other folks who are also helping out. And when you look at all of those folks, they all have different interests, but it's designed in a way where no single party has control over the network. So really it's, it's a system system. You, you're not relying upon one company or one logo. You're relying upon a well-architected open source implementation that everyone can rely >>On. That's shared software, but it's kind of a fault tolerant feature too. It's like, okay, if something happens here, you have a distributed piece of it, decentralized, you're not gonna go down. You can remediate. All right, so where's this go next? I mean, cuz we've been talking about the role of developer. This needs to be a modern, I won't say modern upgrade, but like a modern workflow or value chain. What's your vision? How do you see that? Cuz you're the center of the CD foundation coming together. People are gonna be coalescing multiple groups. Yeah. >>What's the, No, I think this is a good point. So there, there's a, a lot of different continuous delivery, continuous integration technologies. We're actually, from a Linux Foundation standpoint, we're coalescing all the continued delivery events into one big conference >>Next. You just made an announcement about this earlier this week. Tell us about CD events. What's going on, what's in, what's in the cooker? >>Yeah, and I think one of the big announcements we had was the 0.1 release of CD events. And CD events allows you to take all these systems and connect them in an event scalable, event oriented architecture. The first integration is between Tecton and Capin. So now you can get CD events flowing cleanly between your, your continuous delivery and your observability. And this extends through your entire DevOps pipeline. We all, we all need a standards based framework Yep. For how we get all the disparate continuous integration, continuous delivery, observability systems to, to work together. That's also high performance. It scales with our needs and it, it kind of gives you a future architecture to build on top of. So a lot of the companies I was talking with at the CD summit Yeah. They were very excited about not only using this with the projects we announced, but using this internally as an architecture to build their own DevOps pipelines on. >>I bet that feels good to hear. >>Yeah, absolutely. Yeah. >>Yeah. You mentioned Teton, they just graduated. I saw how many projects have graduated? >>So we have two graduated projects right now. We have Jenkins, which is the first graduated project. Now Tecton is also graduated. And I think this shows that for Tecton it was, it was time, the very mature project, great support, getting a lot of users and having them join the set of graduated projects. And the continuous delivery foundation is a really strong portfolio. And we have a bunch of other projects which also are on their way towards graduation. >>Feels like a moment of social proof I bet. >>For you all. Yeah, yeah. Yeah. No, it's really good. Yeah. >>How long has the CD Foundation been around? >>The CD foundation has been around for, i, I won't wanna say the exact number of years, a few years now. >>Okay. >>But I, I think that it, it was formed because what we wanted is we wanted a foundation which was purpose built. So CNCF is a great foundation. It has a very large umbrella of projects and it takes kind of that big umbrella approach where a lot of different efforts are joining it, a lot of things are happening and you can get good traction, but it produces its own bottlenecks in process. Having a foundation which is just about continuous delivery caters to more of a DevOps, professional DevOps audience. I think this, this gives a good platform for best practices. We're working on a new CDF best practices Yeah. Guide. We're working when use cases with all the member companies. And it, it gives that thought leadership platform for continuous delivery, which you need to be an expert in that area >>And the best practices too. And to identify the issues. Because at the end of the day, with the big thing that's coming out of this is velocity and more developers coming on board. I mean, this is the big thing. More people doing more. Yeah. Well yeah, I mean you take this open source continuous thunder away, you have more developers coming in, they be more productive and then people are gonna even either on the DevOps side or on the straight AP upside. And this is gonna be a huge issue. And the other thing that comes out that I wanna get your thoughts on is the supply chain issue you talked about is hot verifications and certifications of code is such big issue. Can you share your thoughts on that? Because Yeah, this is become, I won't say a business model for some companies, but it's also becoming critical for security that codes verified. >>Yeah. Okay. So I, I think one of, one of the things which we're specifically doing with the Peria project, which is unique, is rather than distributing, for example, libraries that you developed on your laptop and compiled there, or maybe they were built on, you know, a runner somewhere like Travis CI or GitHub actions, all the libraries being distributed on Persia are built by the authorized nodes in the network. And then they're, they're verified across all of the authorized nodes. So you nice, you have a, a gar, the basic guarantee we're giving you is when you download something from the Peria network, you'll get exactly the same binary as if you built it yourself from source. >>So there's a lot of trust >>And, and transparency. Yeah, exactly. And if you remember back to like kind of the seminal project, which kicked off this whole supply chain security like, like whirlwind it was SolarWinds. Yeah. Yeah. And the exact problem they hit was the build ran, it produced a result, they modified the code of the bill of the resulting binary and then they signed it. So if you built with the same source and then you went through that same process a second time, you would've gotten a different result, which was a malicious pre right. Yeah. And it's very hard to risk take, to take a binary file Yep. And determine if there's malicious code in it. Cuz it's not like source code. You can't inspect it, you can't do a code audit. It's totally different. So I think we're solving a key part of this with Persia, where you're freeing open source projects from the possibility of having their binaries, their packages, their end reduces, tampered with. And also upstream from this, you do want to have verification of prs, people doing code reviews, making sure that they're looking at the source code. And I think there's a lot of good efforts going on in the open source security foundation. So I'm also on the governing board of Open ssf >>To Do you sleep? You have three jobs you've said on camera? No, I can't even imagine. Yeah. Didn't >>You just spin that out from this open source security? Is that the new one they >>Spun out? Yeah, So the Open Source Security foundation is one of the new Linux Foundation projects. They, they have been around for a couple years, but they did a big reboot last year around this time. And I think what they really did a good job of now is bringing all the industry players to the table, having dialogue with government agencies, figuring out like, what do we need to do to support open source projects? Is it more investment in memory, safe languages? Do we need to have more investment in, in code audits or like security reviews of opensource projects. Lot of things. And all of those things require money investments. And that's what all the companies, including Jay Frogger doing to advance open source supply chain security. I >>Mean, it's, it's really kind of interesting to watch some different demographics of the developers and the vendors and the customers. On one hand, if you're a hardware person company, you have, you talk zero trust your software, your top trust, so your trusted code, and you got zero trust. It's interesting, depending on where you're coming from, they're all trying to achieve the same thing. It means zero trust. Makes sense. But then also I got code, I I want trust. Trust and verified. So security is in everything now. So code. So how do you see that traversing over? Is it just semantics or what's your view on that? >>The, the right way of looking at security is from the standpoint of the hacker, because they're always looking for >>Well said, very well said, New >>Loop, hope, new loopholes, new exploits. And they're, they're very, very smart people. And I think when you, when you look some >>Of the smartest >>Yeah, yeah, yeah. I, I, I work with, well former hackers now, security researchers, >>They converted, they're >>Recruited. But when you look at them, there's like two main classes of like, like types of exploits. So some, some attacker groups. What they're looking for is they're looking for pulse zero days, CVEs, like existing vulnerabilities that they can exploit to break into systems. But there's an increasing number of attackers who are now on the opposite end of the spectrum. And what they're doing is they're creating their own exploits. So, oh, they're for example, putting malicious code into open source projects. Little >>Trojan horse status. Yeah. >>They're they're getting their little Trojan horses in. Yeah. Or they're finding supply chain attacks by maybe uploading a malicious library to NPM or to pii. And by creating these attacks, especially ones that start at the top of the supply chain, you have such a large reach. >>I was just gonna say, it could be a whole, almost gives me chills as we're talking about it, the systemic, So this is this >>Gnarly nation state attackers, like people who wanted serious >>Damages. Engineered hack just said they're high, highly funded. Highly skilled. Exactly. Highly agile, highly focused. >>Yes. >>Teams, team. Not in the teams. >>Yeah. And so, so one, one example of this, which actually netted quite a lot of money for the, for the hacker who exposed it was, you guys probably heard about this, but it was a, an attack where they uploaded a malicious library to npm with the same exact namespace as a corporate library and clever, >>Creepy. >>It's called a dependency injection attack. And what happens is if you, if you don't have the right sort of security package management guidelines inside your company, and it's just looking for the latest version of merging multiple repositories as like a, like a single view. A lot of companies were accidentally picking up the latest version, which was out in npm uploaded by Alex Spearson was the one who did the, the attack. And he simultaneously reported bug bounties on like a dozen different companies and netted 130 k. Wow. So like these sort of attacks that they're real Yep. They're exploitable. And the, the hackers >>Complex >>Are finding these sort of attacks now in our supply chain are the ones who really are the most dangerous. That's the biggest threat to us. >>Yeah. And we have stacker ones out there. You got a bunch of other services, the white hat hackers get the bounties. That's really important. All right. What's next? What's your vision of this show as we end Coan? What's the most important story coming outta Coan in your opinion? And what are you guys doing next? >>Well, I, I actually think this is, this is probably not what most hooks would say is the most exciting story to con, but I find this personally the best is >>I can't wait for this now. >>So, on, on Sunday, the CNCF ran the first kids' day. >>Oh. >>And so they had a, a free kids workshop for, you know, underprivileged kids for >>About, That's >>Detroit area. It was, it was taught by some of the folks from the CNCF community. So Arro, Eric hen my, my older daughter, Cassandra's also an instructor. So she also was teaching a raspberry pie workshop. >>Amazing. And she's >>Here and Yeah, Yeah. She's also here at the show. And when you think about it, you know, there's always, there's, there's, you know, hundreds of announcements this week, A lot of exciting technologies, some of which we've talked about. Yeah. But it's, it's really what matters is the community. >>It this is a community first event >>And the people, and like, if we're giving back to the community and helping Detroit's kids to get better at technology, to get educated, I think that it's a worthwhile for all of us to be here. >>What a beautiful way to close it. That is such, I'm so glad you brought that up and brought that to our attention. I wasn't aware of that. Did you know that was >>Happening, John? No, I know about that. Yeah. No, that was, And that's next generation too. And what we need, we need to get down into the elementary schools. We gotta get to the kids. They're all doing robotics club anyway in high school. Computer science is now, now a >>Sport, in my opinion. Well, I think that if you're in a privileged community, though, I don't think that every school's doing robotics. And >>That's why Well, Cal Poly, Cal Poly and the universities are stepping up and I think CNCF leadership is amazing here. And we need more of it. I mean, I'm, I'm bullish on this. I love it. And I think that's a really great story. No, >>I, I am. Absolutely. And, and it just goes to show how committed CNF is to community, Putting community first and Detroit. There has been such a celebration of Detroit this whole week. Stephen, thank you so much for joining us on the show. Best Wishes with the CD Foundation. John, thanks for the banter as always. And thank you for tuning in to us here live on the cube in Detroit, Michigan. I'm Savannah Peterson and we are having the best day. I hope you are too.

(soft upbeat music) >> The past two and a half years have seen a dramatic change in the security posture of virtually all organizations. By accelerating the digital business mandate, the isolation economy catalyzed a move toward cloud computing to support remote workers. This, we know. This had several ripple effects on CISO and CIO strategies that were highly visible at the board of directors level. Now, the first major change was to recognize that the perimeter had suddenly been vaporized. Protection, as a result, moved away from things like perimeter-based firewalls toward more distributed endpoints, cloud security, and modern identity management. The second major change was a heightened awareness of the realities of ransomware. Ransomware as a service, for example, emerged as a major threat where virtually anyone with access to critical data and criminal intentions could monetize corporate security exposures. The third major change was a much more acute understanding of how data protection needed to become a fundamental component of cyber security strategies. And more specifically, CIOs quickly realized that their business resilient strategies were too narrowly DR-focused, that their DR approach was not cost efficient and needed to be modernized, and that new approaches to operational resilience were needed to reflect the architectural and business realities of this new environment. Hello and welcome to Why Ransomware isn't your Only Problem, a service of theCUBE made possible by Druva, and in collaboration with IDC. I'm your host, Dave Vellante, and today we're presenting a three-part program. We'll start with the data. IDC recently conducted a global survey of 500 business technology practitioners across 20 industries to understand the degree to which organizations are aware of and prepared for the threats they face in today's new world. IDC Research Vice President, Phil Goodwin is here to share the highlights of the study and summarize the findings from a recent research report on the topic. After that, we're going to hear from Curtis Preston, who's the Chief Technical Evangelist at Druva. I've known Curtis for decades. He's one of the world's foremost experts on backup and recovery, specifically in data protection generally. Curtis will help us understand how the survey data presented by IDC aligns with the real world findings from the field, from his point of view. And he'll discuss why so many organizations have failed to successfully recover from an attack without major pains and big costs, and how to avoid such operational disruptions and disasters. And then finally, we'll hear from the technical experts at Druva, Stephen Manley and Anjan Srinivas. Stephen is a 10-time (indistinct) and chief technology officer at Druva. And Anjan is vice president and general manager of product management at the company. And these individuals will specifically address how Druva is closing the gaps presented in the IDC survey through their product innovation. Right now I'm going to toss it to Lisa Martin, another one of the hosts, for today's program. Lisa, over to you. (soft upbeat music) >> Phil Goodwin joins me next, the VP of research at IDC. We're going to be breaking down what's going on in the threat landscape. Phil, welcome to the program. It's great to have you back on theCUBE. >> Hey, Lisa, it's great to be here with you. >> So talk to me about the state of the global IT landscape as we see cyber attacks massively increasing, the threat landscape changing so much, what is IDC seeing? >> You really hit the top topic that we find from IT organizations as well as business organizations. And really it's that digital resilience that ransomware that has everybody's attention. And it has the attention not just of the IT people, but of the business people alike, because it really does have profound effects across the organization. The other thing that we're seeing, Lisa, is really a move towards cloud. And I think part of that is driven by the economics of cloud, which fundamentally changed the way that we can approach disaster recovery, but also was accelerated during the pandemic for all the reasons that people have talked about in terms of work from home and so on. And then really the third thing is the economic uncertainty. And this is relatively new for 2022. But within IDC we've been doing a lot of research around what are those impacts going to be. And what we find people doing is they want greater flexibility, they want more cost certainty, and they really want to be able to leverage those cloud economics to be have the scale up or scale down on demand nature of cloud. So those are in a nutshell kind of the three things that people are looking at. >> You mentioned ransomware. It's a topic we've been talking about a lot. It's a household word these days. It's now, Phil, no longer if we're going to get attacked, it's when, it's how often, it's the severity. Talk about ransomware as a priority all the way up the stack to the C-suite. And what are they trying to do to become resilient against it? >> Well, what some of the research that we did is we found that about 77% of organizations have digital resilience as a top priority within their organization. And so what you're seeing is organizations trying to leverage things to become more resilient, more digitally resilient, and to be able to really hone in on those kinds of issues that are keeping them awake at night, quite honestly. If you think about digital resilience, it really is foundational to the organization, whether it's through digital transformation or whether it's simply data availability, whatever it might happen to be. Digital resilience is really a large umbrella term that we use to describe that function that is aimed at avoiding data loss, assuring data availability, and helping the organization to extract value from their data. >> And digital resilience, data resilience, as every company these days has to be a data company to be competitive. Digital resilience, data resilience, are you using those terms interchangeably or is data resilience defined as something a little bit different? >> Well, sometimes yeah, that we do get caught using them when one is the other. But data resilience is really a part of digital resilience, if you think about the data itself in the context of of IT computing. So it really is a subset of that. But it is foundational to IT resilience. You can't have it resilience without data resilience. So that's where we're coming from on it >> Inextricably linked. And it's becoming a corporate initiative, but there's some factors that can complicate digital resilience, data resilience, for organizations. What are some of those complications that organizations need to be aware of? >> Well, one of the biggest is what you mentioned at the top of the segment, and that is the area of ransomware. The research that we found is about 46% of organizations have been hit within the last three years. It's kind of interesting how it's changed over the years. Originally, being hit by ransomware had a real stigma attached to it. Organizations didn't want to admit it, and they really avoided confronting that. Nowadays, so many people have been hit by it, that that stigma has gone. And so really it is becoming more of a community kind of effort as people try to defend against these ransomwares. The other thing about it is, it's really a lot like Whack-A-Mole. They attack us in one area, and we defend against it, so they attack us in another area, and we defend against it. And in fact, I had an individual come up to me at a show not long ago and said, "You know, one of these days we're going to get pretty well defended against ransomware and it's going to go away." And I responded, "I don't think so, because we're constantly introducing new systems, new software, and introducing new vulnerabilities. And the fact is ransomware is so profitable the bad guys aren't going to just fade into the night without giving it a lot of fight." So I really think that ransomware is one of those things that is here for the long term, and something that we have to address and have to get proactive about. >> You mentioned some stats there, and recently IDC and Druva did a white paper together that really revealed some quite shocking results. Talk to me about some of the things. Let's talk a little bit about the demographics of the survey and then talk about what was the biggest finding there, especially where it's concerning ransomware. >> Yeah, this was in a worldwide study, it was sponsored by Druva and conducted by IDC as an independent study. And what we did, we surveyed 500, is a little over 500 different individuals across the globe, in North America, select countries in Western Europe as well as several in Asia-Pacific. And we did it across industries where 20 different industries represented. They're all evenly represented. We had surveys that included IT practitioners, primarily CIOs, CTOs, VP of infrastructure, managers of data centers, things like that. And the biggest finding that we had in this, Lisa, was really finding that there is a huge disconnect, I believe, between how people think they are ready and what the actual results are when they get attacked. Some of the statistics that we learned from this, Lisa, include 83% of organizations believe, or told us that they have a playbook that they have for ransomware. I think 93% said that they have a high degree, or a high or very high degree of confidence in their recovery tools and are fully automated. And yet when you look at the actual results, I told you a moment ago, 46% have been attack successfully. I can also tell you that in separate research, fewer than a third of organizations were able to fully recover their data without paying the ransom. And some two thirds actually had to pay the ransom. And even when they did, they didn't necessarily achieve their full recovery. The bad guys aren't necessarily to be trusted. And so the software that they provide sometimes is fully recovered, sometimes it's not. So you look at that and you go, "Wow." On the one hand, people think they're really prepared, and on the other hand, the results are absolutely horrible. Two thirds of people having to pay the ransom. So you start to ask yourself, "Well, what's going on there?" And I believe that a lot of it comes down to... kind of reminds me of the old quote from Mike Tyson. "Everybody has a plan until they get punched in the mouth." And I think that's kind of what happens with ransomware. You think you know what you're doing, you think you're ready, based on the information you have, and these people are smart people and they're professionals, but oftentimes you don't know what you don't know. And like I say, the bad guys are always dreaming up new ways to attack us. And so I think for that reason a lot of these have been successful. So that was kind of the key finding to me in kind of the "aha" moment, really, in this whole thing, Lisa. >> That's a massive disconnect, with the vast majority saying, "We have a cyber recovery playbook," yet, nearly half being the victims of ransomware in the last three years, and then half of them experiencing data loss. What is it then that organizations in this situation across any industry can do to truly enable cyber resilience, data resilience, as we said, this is a matter of this is going to happen, just a matter of when and how often? >> It is a matter, yeah, as you said, it's not if when or how often, it's really how badly. So I think what organizations are really doing now is starting to turn more to cloud-based services. Finding professionals who know what they're doing, who have that breadth of experience, and who have seen the kinds of necessary steps that it takes to do a recovery. And the fact of the matter is a disaster recovery and a cyber recovery are really not the same thing. And so organizations need to be able to plan the kinds of recovery associated with cyber recovery in terms of forensics, in terms of scanning, in terms of analysis, and so forth. So they're turning to professionals in the cloud much more in order to get that breadth of experience and to take advantage of cloud-based services that are out there. >> Talk to me about some of the key advantages of cloud-based services for data resilience versus traditional legacy on-prem equipment. What are some of the advantages? Why is IDC seeing this big shift to cloud where data resilience is concerned? >> Well, the first and foremost is the economics of it. You can have on-demand resources. And in the old days when we had disaster recoveries where there we had two different data centers and a failover and so forth, you had double the infrastructure if your financial services, it might even be triple the infrastructure. It was very complicated, very difficult. By going to the cloud, organizations can subscribe to disaster recovery as a service. And increasingly what we see is a new market of cyber recovery as a service. So being able to leverage those resources to be able to have the forensic analysis available to them, to be able to have the other resources available that are on-demand, and to have that plan in place to have those resources in place. I think what happens in a number of situations, Lisa, is that organizations think they're ready, but then all of a sudden they get hit, and all of a sudden they have to engage with outside consultants, or they have to bring in other experts. And that extends the time to recover that they have, and it also complicates it. So if they have those resources in place, then they can simply turn them on, engage them, and get that recover going as quickly as possible. >> So what do you think the big issue here is? Is it that these IT practitioners, over 500 that you surveyed across 20 industries, this a global survey, do they not know what they don't know? What's the overlying issue here? >> Yeah, I think that's right. It's you don't know what you don't know and until you get into a specific attack... there are so many different ways that organizations can be attacked. And in fact, from this research that we found, is that in many cases, data exfiltration exceeds data corruption by about 50%. And when you think about that, the issue is, once I have your data, what are you going to do? I mean, there's no amount of recovery that is going to help. So organizations are either faced with paying the ransom to keep the data from perhaps being used on the dark web or whatever, or simply saying no and taking their chances. So best practice things like encryption, immutability, things like that that organizations can put into place. Certainly air gaps, having a solid backup foundation to where data is, you have a high probability of recovery, things like that, those are the kinds of things that organizations have to put into place, really is a baseline to assure that they can recover as fast as possible and not lose data in the event of a ransomware attack. >> Given some of the disconnect that you articulated, the stats that show so many think, "We are prepared, we've got a playbook," yet so many are are being attacked, the vulnerabilities as the landscape, threat landscape, just gets more and more amorphous, what do you recommend organizations? Do you talk to the IT practitioners, but does this go all the way up to the board level in terms of, "Hey guys, across every industry we are vulnerable, this is going to happen, we've got to make sure that we are truly resilient and proactive"? >> Yes, and in fact, what we found from this research is in more than half of cases, the CEO is directly involved in the recovery. So this is very much a C-suite issue. And if you look at the the consequences of ransomware it's not just the ransom, it's the lost productivity, it's the loss of revenue, it's the loss of customer faith and goodwill. And organizations that have been attacked have suffered those consequences, and many of them are permanent. So people at the board level, whether it's the CEO, the CFO, the CIO, the CISO, whoever it is, they're extremely concerned about this. And I can tell you they are fully engaged in addressing these issues within their organization. >> So all the way at the top critically important, business critical for any industry. I imagine some industries may be a little bit more vulnerable than others, financial services, healthcare, education, we've just seen big attack in Los Angeles County. But in terms of establishing data resilience, you mentioned ransomware isn't going anywhere, it's a big business, it's very profitable, but what is IDC's prediction where ransomware is concerned? Do you think that organizations, if they truly adopt cloud and status-based technologies, can they get to a place where the C-suite doesn't have to be involved to the point where they really actually have a functioning playbook? >> I don't know if we'll ever get to the point where the C-suite is not involved. It's probably very important to have that level of executive sponsorship. But what we are seeing is, in fact, we predict predict that by 2025, 55% of organizations will have shifted to a cloud-centric strategy for their data resilience. And the reason we say that is workloads on premises aren't going away, so that's the core. We have an increasing number of workloads in the cloud and at the edge, and that's really where the growth is. So being able to take that cloud-centric model and take advantage of cloud resources, like immutable storage, being able to move data from region to region inexpensively and easily, and to be able to take that cloud-centric perspective and apply it on premises as well as in the cloud and at the edge, is really where we believe that organizations are shifting their focus. >> Got it. We're just cracking the surface here, Phil. I wish we had more time. But I had a chance to read the Druva-sponsored IDC white paper. Fascinating finds. I encourage all of you to download that. Take a read. You're going to learn some very interesting statistics and recommendations for how you can really truly deploy data resilience in your organization. Phil, it's been a pleasure to have you on the program. Thank you for joining me. >> No problem. Thank you, Lisa. (gentle music)

>> All right, we'll be back in a moment. We'll have Stephen Manly, the CTO, and Anjan Srinivas, the GM and VP of Product Management will join me. You're watching theCUBE, the leader in high tech enterprise coverage. >> Ransomware is top of mind for everyone. The attacks are becoming more frequent and more sophisticated. It's a problem you can't solve alone anymore. Ransomware is built to exploit weaknesses in your backup solution, destroying data and your last line of defense. With many vendors, it can take a lot of effort and configuration to ensure your backup environment is secure. Criminals also know that it's easy to fall behind on best practices like vulnerability scans, patches and updates. In fact, 42% of vulnerabilities are exploited after a patch has been released. After an attack, recovery can be a long and manual process that still may not restore clean or complete data. The good news is that you can keep your data safe and recover faster with the Druva data resiliency cloud on your side. The Druva platform functions completely in the cloud with no hardware, software, operating system, or complex configurations. Which means there are none of the weaknesses that ransomware commonly uses to attack backups. Our software is a service model delivers 24/7 365 fully managed security operations for your backup environment. We handle all the vulnerability scans, patches and upgrades for you. Druva also makes zero trust security easy with built in multi-factor authentication, single sign on and roll based access controls. In the event of an attack, Druva helps you stop the spread of ransomware and quickly understand what went wrong with built in access insights and anomaly detection. Then you can use industry first tools and services to automate the recovery of clean unencrypted data from the entire timeframe of the attack. Cyber attacks are a major threat, but you can make protection and recovery easy with Druva. (upbeat music) >> Welcome back everyone to theCUBE special presentation with Druva on Why Ransomware Isn't Your Only Problem. I'm John Furrier, host of theCUBE. Our next guest are Stephen Manly's, Chief Technology Officer of Druva and Anjan Srinivas, who is the general manager and Vice President of Product Management at Druva. Gentleman, you got the keys to the kingdom, the technology, ransomware, data resilience. This is the topic the IDC white paper that you guys put together with IDC really kind of nails it out. I want to get into it right away. Welcome to this segment, I really appreciate it. Thanks for coming on. >> Great to be here John. >> So what's your thoughts on the survey's conclusion, obviously, the resilience is huge. Ransomware continues to thunder away at businesses and causes a lot of problems. Disruption, I mean, it's endless ransomware problems. What's your thoughts on the conclusion? >> So I'll say the thing that pops out to me is on the one hand everybody who sees the survey, who reads it's is going to say, well, that's obvious. Of course, ransomware continues to be a problem. Cyber resilience is an issue that's plaguing everybody. But I think when you dig deeper and there's a lot of subtleties to look into. But one of the things that I hear on a daily basis from the customers is it's because the problem keeps evolving. It's not as if the threat was a static thing to just be solved and you're done. Because the threat keeps evolving, it remains top of mind for everybody because it's so hard to keep up with what's happening in terms of the attacks. >> And I think the other important thing to note, John, is that people are grappling with this ransomware attack all of a sudden where they were still grappling with a lot of legacy in their own environment. So they were not prepared for the advanced techniques that these ransomware attackers were bringing to market. It's almost like these ransomware attackers had a huge leg up in terms of technology that they had in their favor while keeping the lights on was keeping it ideally from all the tooling that needed to do. A lot of people are even still wondering when that happens next time what do I even do? So clearly not very surprising. Clearly I think it's here to stay. And I think as long as people don't retool for a modern era of data management, this is going to stay this way. >> Yeah, I mean, I hear this whole time in our CUBE conversations with practitioners. It's kind of like the security program, give me more tools I'll buy anything that comes in the market, I'm desperate. There's definitely attention, but it doesn't seem like people are satisfied with the tooling that they have. Can you guys share kind of your insights into what's going on in the product side because people claim that they have tools at fine points of recovery opportunities but they can't get there. So it seems to be that there's a confidence problem here in the market. How do you guys see that? Because I think this is where the rubber meets the road with ransomware 'cause it is a moving train, it's always changing but it doesn't seem as confidence. Can you guys talk about that? What's your reaction? >> Yeah, let me jump in first and Stephen can add to it. What happens is I think this is a panic buying and they have accumulated this tooling now just because somebody said it could solve your problem. But they haven't had a chance to take a relook from a ground up perspective to see where are the bottlenecks, where are the vulnerabilities and which tooling set needs to lie where, where does the logic need to reside. And what at Druva of we are watching people do and people do it successfully, is that as they have adopted Druva technology which is ground up built for the cloud, and really built in a way which is driven at a data insight level where we have people even monitoring our service for anomalies and activities that are suspicious. We know where we need to play a role in really kind of mitigating this ransomware. And then there is a whole plethora of ecosystem players that kind of combine to really really finish the story so to say, right? So I think this has been a panic buying situation. This is like, get me any help you can give me. And I think as this settles down and people really understand that longer term as they really build out a true defense mechanism, they need to think really ground up. They will start to really see the value of technologies like Druva and try to identify the right set of ecosystem to really bring together to solve it meaningfully. >> I was going to say I mean, one of the really interesting things in this survey for me and for a moment, little more than a moment it made me think was the large number of respondents who said, I've got a really efficient well run back up environment. Who then on basically the next question said, and I have no confidence that I can recover from a ransomware attack. And you scratch your head and you think, well, if your backup environment is so good, why do you have such low confidence? And I think that's the moment when we dug deeper and we realized, if you've got a traditional architecture and let's face it, the disbase architecture has been around for almost two decades now in terms of disbased backup. You can have that tune to the help, that can be running as efficiently as you want it. But it was built before the ransomware attacks, before all these cyber issues really started hitting companies. And so I have this really well run traditional backup environment that is not at all built for these modern threat vectors. And so that's really why customers are saying, I'm doing the best I can, but as Anjan pointed out, the architecture, the tooling isn't there to support what problems I need to solve today. >> Well, that's a great point. And before we get into the customer side I want to get to in second. I interviewed Jaspreet, the founded and CEO many years ago even before the pandemic and you mentioned modern. You guys have always had the cloud with Druva, this is huge. Now that you're past the pandemic, what is that modern cloud edge that you guys have? Because that's a great point. A lot of stuff was built kind of back up and recovery bolted on, not really kind of designed into the current state of the infrastructure and the cloud native application modern environment we're seeing right now is a huge issue. >> I think to me there's three things that come up over and over and over again as we talk to people in terms of being built in cloud, being cloud native, why isn't an advantage? The first one is security and ransomware. And we can go deeper but the most obvious one that always comes up is every single backup you do with Druva is air gapped, offsite, managed under a separate administrative domain so that you're not retrofitting any sort of air gap network and buying another appliance or setting up your own cloud environment to manage this. Every backup is ransomware protected, guaranteed. I think the second advantage is the scalability. And this certainly plays into account as your business grows or in some cases as you shrink or repurpose workloads you're only paying for what you use. But it also plays a big role again when you start thinking of ransomware recoveries because we can scale your recovery in cloud on premises as much or as little as you want. And then I think the third one is we're seeing basically things evolving, new workloads, data sprawl, new threat vectors. And one of the nice parts of being SaaS service in the cloud is you're able to roll out new functionality every two weeks and there's no upgrade cycle, there's no waiting. The customer doesn't have to say, wow, I need it six months in the lab before I upgrade it and it's an 18 month, 24 month cycle before the functionality releases. You're getting it every two weeks and it's backed by Druva to make sure it works. >> That says it. Anjan, you got the product side, it's a challenging job 'cause you have so many customers asking for things probably on the roadmap you probably go hour for that one. But I want to get your thoughts on what you're hearing and seeing from customers. we just reviewed the IDC with Phil. How are you guys responding to your customer's needs? Because it seems that it's highly accelerated probably on the feature request, but also structurally as as ransomware continues to evolve. What are you hearing, what's the key customer need? How are you guys responding? >> Yeah, actually I have two things that I hear very clearly when I talk to customers. One, I think after listening to their security problems and their vulnerability challenges because we see customers and help customers who are getting challenged by ransomware on a weekly basis. And what I find that this problem is not just a technology problem, it's an operating model problem. So in order to really secure themselves, they need a security operating model and a lot of them haven't figured out that security operating model in totality. Now, where we come in as Druva is that we are providing them the cloud operating model and a data protection operating model combined with a data insights operating model which all fit into their overall security operating model that they are really owning and they need to manage and operate. Because this is just not about a piece of technology. On top of that, I think our customers are getting challenged by all the same challenges of not just spending time on keeping the lights on, but innovating faster with less. And that has been this age old problem, do more with less. But in this whole, they're like trying to innovate we're in the middle of the war so to say, right? The war is happening, they're getting attacked, but there's also net new shadow IT challenges that's forcing them to make sure that they can manage all the new applications that are getting developed in the cloud. There is thousands of SaaS applications that they're consuming not knowing which data is critical to their success and which ones to protect and govern and secure. So all of these things are coming at them at 100 miles per hour while they're just trying to live one day at a time. And unless they really develop this overall security operating model helped by cloud native technologies like Druva that is really providing them a true cloud native model of really giving like a touchless and an invisible protection infrastructure not just beyond backups, beyond just the data protection that we all know of into this kind of this mindset of kind of being able to look at where each of those functionalities need to lie. That's where I think they're grappling with. Now Druva is clearly helping them with keep up to pace with the public cloud innovations that they need to do and how to protect data. We just launched our EC2 offering to protect EC2 virtual machines back in AWS. And we are going to be continuing to evolve that to further many services that public cloud software 'cause our customers are really kind of consuming them at breakneck speed. >> So the new workloads, the new security capabilities. Love that, good call out there. Stephen there's still the issue of the disruption side of it. You guys have a guarantee, there's a cost to ownership as you get more tools. Can you talk about that angle of it? Because you got new workloads, you got the new security needs, what's the disruption impact? Because you won't avoid that, how much is it going to cost you? And you guys have this guarantee, can you explain that? >> Yeah, absolutely. So Druva launched our $10 million data resiliency guarantee. And for us, there were really two key parts to this. The first obviously is $10 million means that, again, we're willing to put our money where our mouth is and that's a big deal, right? That we're willing to back this with the guarantee. But then the second part and this is the part that I think reflects that sort of model that Anjan was talking about. We sort of look at this and we say, the goal of Druva is to do the job of protecting and securing your data for you. So that you as a customer don't have to do it anymore. And so the guarantee actually protects you against multiple types of risks all with SLAs. So everything from your data is going to be recoverable in the case of a ransomware attack. Okay, that's good. Of course, for it to be recoverable we're also guaranteeing your backup success rate. We're also guaranteeing the availability of the service. We're guaranteeing that the data that we're storing for you can't be compromised or leaked externally. And we're guaranteeing the long term durability of the data so that if you back up with us today and you need to recover it 30 years from now, that data is going to be recovered. So we wanted to really attack the end to end risks that affect our customers. Cybersecurity is a big deal but it is not the only problem out there. And the only way for this to work is to have a service that can provide you SLAs across all of the risks because that means, again, as a SaaS vendor, we're doing the job for you so you're buying results as opposed to technology. >> That's great point. Ransomware isn't the only problem, that's the title of this presentation. But it's a big one and people concerned about it so great stuff. And the last five minutes guys if you don't mind, I'd love to have you share what's on the horizon for Druva. You mentioned the new workloads Anjan, you mentioned this new security hearing shift left, DevOps is now the developer model, they're running IT. Yet data and security teams now stepping in and trying to be as high velocity as possible for the developers and enterprises. What's on the horizon for Druva? What trends is the company watching and how are you guys putting that together to stay ahead in the marketplace and the competition? >> I think listening to our customers, what we realize is they need help with the public cloud number one. I think that's a big wave of consumption. People are consolidating their data centers moving to the public cloud. They need help in expanding data protection which becomes the basis of a lot of the security operating model that I talked about. They need that first from Druva before they can start to get into much more advanced level of insights and analytics on that data to protect themselves and secure themselves and do interesting things with that data. So we are expanding our coverage on multiple fronts there. The second key thing is to really bring together a very insightful presentation layer which I think is very unique to Druva because only we can look at multiple tenants, multiple customers because we are a SaaS vendor. And look at insights and give them best practices and guidances and analytics that nobody else can give. There's no silo anymore because we are able to take a good big vision view and now help our customers with insights that otherwise that information map is completely missing. So we are able to guide them down a path where they can optimize which workloads need what kind of protection and then how to secure them. So that is the second level of insights and analytics that we are building. And there's a whole plethora of security offerings that we are going to build all the way from a feature level where we have things like recycle bin that's already available to our customers today to prevent any anomalous behavior and attacks that would delete their backups and then they still have a way to recover from it. But also things to curate and get back to that point in time where it is safe to recover and help them with a sandbox which they can recover confidently knowing it's not going to jeopardize them again and reinfect the whole environment again. So there's a whole bunch of things coming, but the key themes are public cloud, data insights and security. And that's where my focus is to go and get those features delivered. And Stephen can add a few more things around services that Stephen is looking to build and launch. >> Sure. So John, I think one of the other areas that we see just an enormous groundswell of interest. So public cloud is important, but there are more and more organizations that are running hundreds if not thousands of SaaS applications. And a lot of those SaaS applications have data. So there's the obvious things like Microsoft 365, Google Workspace, but we're also seeing a lot of interest in protecting Salesforce. Because if you think about it, if someone deletes some really important records in Salesforce, that's actually kind of the record of your business. And so we're looking at one more SaaS application protection and really getting deep in that application awareness. It's not just about backup and recovery. When you look at something like a Salesforce or something like a Microsoft 365, you do want to look into sandboxing, you want to look into long term archival. Because this is the new record of the business, what used to be in your on-premises databases that all lives in cloud and SaaS applications now. So that's a really big area of investment for us. The second one, just to echo what Anjan said is, one of the great things of being a SaaS provider is I have metadata that spans across thousands of customers and tens of billions of backups a year. And I'm tracking all sorts of interesting information that is going to enable us to do things like make backups more autonomous. So that customers, again, I want to do the job for them, we'll do all the tuning, we'll do all the management for them. To be able to better detect ransomware attacks, better respond to ransomware attacks because we're seeing across the globe. And then of course, being able to give them more insight into what's happening in their data environment so they can get a better security posture before any attack happens. Because let's face it, if you can set your data up more cleanly, you're going to be a lot less worried and a lot less exposed when that attack happens. So we want to be able to again, cover those SaaS applications in addition to the public cloud. And then we want to be able to use our metadata and use our analytics and use this massive pipeline we've got to deliver value to our customers. Not just charts and graphs, but actual services that enable them to focus their attention on other parts of the business. >> That's great stuff, Anjan. >> And remember John, I think all this while keeping things really easy to consume, consumer grade UI, APIs. And during the power of SaaS as a service simplicity to kind of continue on amongst kind of keeping these complex technologies together. >> Anjan, that's a great call out. I was going to mention ease of use and self-service, big part of the developer and IT experience expected it's a table stakes, love the analytic angle. I think that brings the scale to the table and faster time to value to get to learn best practices. But at the end of the day, automation, cross cloud protection and security to protect and recover. This is huge and this is a big part of not only just protecting against ransomware and other things, but really being fast and being agile. So really appreciate the insights. Thanks for sharing on this segment, really under the hood and really kind of the value of the product. Thanks for coming on, appreciate it. >> Thank you very much. >> Okay, there it is. You got the experts talk about the hood, the product, the value, the future of what's going on with Druva and the future of cloud native protecting and recovering. This is what it's all about. It's not just ransomware they have to worry about. In a moment, Dave Allante will give you some closing thoughts on the subject here. You're watching theCUBE, the leader in high tech enterprise coverage. >> As organizations migrate their business processes to multi-cloud environments, they still face numerous threats and risks of data loss. With a growing number of cloud platforms and fragmented applications, it leads to an increase in data silos, sprawl and management complexity. As workloads become more diverse, it's challenging to effectively manage data growth, infrastructure, and resource costs across multiple cloud deployments. Using numerous backup vendor solutions for multiple cloud platforms can lead to management complexity. More importantly, the lack of centralized visibility and control can leave you exposed to security vulnerabilities, including ransomware that can cripple your business. The Druva data resiliency cloud is the only 100% SaaS data resiliency platform that provides centralized, secure air gapped and immutable backup and recovery. With Druva, your data is safe with multiple layers of protection and is ready for fast recovery from cyber attacks, data corruption, or accidental data loss. Through a simple, easy to manage platform, you can seamlessly protect fragmented, diverse data at scale, across public clouds and your business critical SaaS applications. Druva is the only 100% SaaS vendor that can manage, govern, and protect data across multiple clouds and business critical SaaS applications. It supports not just backup up and recovery, but also data resiliency across high value use cases such as e-discovery, sensitive data governance, ransomware and security. No other vendor can match Druva for customer experience, infinite scale, storage optimization, data immutability and ransomware protection. The Druva data resiliency cloud, your data always safe, always ready. Visit druva.com today to schedule a free demo. (upbeat music) >> One of the big takeaways from today's program is that in the scramble to keep business flowing over the past two plus years, a lot of good technology practices have been put into place. But there's much more work to be done, specifically because the frequency of attacks is on the rise and the severity of lost, stolen or inaccessible data is so much higher today. Business resilience must be designed into architectures and solutions from the start. It cannot be an afterthought. Well, actually it can be, but you won't be happy with the results. Now, part of the answer is finding the right partners, of course, but it also means taking a systems view of your business, understanding the vulnerabilities and deploying solutions that can balance cost efficiency with appropriately high levels of protection, flexibility, and speed/accuracy of recovery. We hope you found today's program useful and informative. Remember, this session is available on demand in both its full format and the individual guest segments. All you got to do is go to thecube.net and you'll see all the content. Or you can go to druva.com. There are tons of resources available including analyst reports, customer stories. There's this cool TCO calculator. You can find out what pricing looks like and lots more. Thanks for watching Why Ransomware Isn't Your Only Problem made possible by Druva. A collaboration with IDC and presented by theCUBE, your leader in enterprise and emerging tech coverage. (upbeat music)

>> The past 2 1/2 years have seen a dramatic change in the security posture of virtually all organizations. By accelerating the digital business mandate, the isolation economy catalyzed a move toward cloud computing to support remote workers. This we know. This had several ripple effects on CSO and CIO strategies that were highly visible at the Board of Directors' level. Now, the first major change was to recognize that the perimeter had suddenly been vaporized. Protection, as a result, moved away from things like perimeter-based firewalls toward more distributed endpoints, cloud security, and modern identity management. The second major change was a heightened awareness of the realities of ransomware. Ransomware as a service, for example, emerged as a major threat where virtually anyone with access to critical data and criminal intentions could monetize corporate security exposures. The third major change was a much more acute understanding of how data protection needed to become a fundamental component of cybersecurity strategies, and more specifically, CIOs quickly realized that their business resilience strategies were too narrowly DR-focused, that their DR approach was not cost efficient and needed to be modernized, and that new approaches to operational resilience were needed to reflect the architectural and business realities of this new environment. Hello, and welcome to "Why Ransomware isn't Your Only Problem," a service of theCUBE made possible by Druva, and in collaboration with IDC. I'm your host, Dave Vellante, and today, we're presenting a three-part program. We'll start with the data. IDC recently conducted a global survey of 500 business technology practitioners across 20 industries to understand the degree to which organizations are aware of and prepared for the threats they face in today's new world. IDC Research Vice President Phil Goodwin is here to share the highlights of the study and to summarize the findings from a recent research report on the topic. After that, we're going to hear from Curtis Preston, who's the Chief Technical Evangelist at Druva. I've known Curtis for decades. He's one of the world's foremost experts on backup and recovery, specifically, and data protection, generally. Curtis will help us understand how the survey data presented by IDC aligns with the real world findings from the field from his point of view. And he'll discuss why so many organizations have failed to successfully recover from an attack without major pains and big costs, and how to avoid such operational disruptions and disasters. And then finally, we'll hear from the technical experts at Druva, Stephen Manley and Anjan Srinivas. Stephen is a 10-time CUBE alum and Chief Technology Officer at Druva, and Anjan is Vice President and General Manager of Product Management at the company. And these individuals will specifically address how Druva is closing the gaps presented in the IDC survey through their product innovation. But right now I'm going to toss it to Lisa Martin, another one of the hosts for today's program. Lisa, over to you. (upbeat music) >> Bill Goodwin joins me next, the VP of Research at IDC. We're going to be breaking down what's going on in the threat landscape. Phil, welcome to the program. It's great to have you back on theCUBE. >> Hey, Lisa, it's great to be here with you. >> So talk to me about the state of the global IT landscape as we see cyberattacks massively increasing, the threat landscape changing so much. What is IDC seeing? >> You know, you really hit the top topic that we find from IT organizations as well as business organizations. And really, it's that digital resilience, that ransomware that has everybody's attention, and it has the attention, not just of the IT people, but of the business people alike, because it really does have profound effects across the organization. The other thing that we're seeing, Lisa, is really a move towards cloud. And I think part of that is driven by the economics of cloud, which fundamentally changed the way that we can approach disaster recovery, but also has accelerated during the pandemic for all the reasons that people have talked about in terms of work from home and so on. And then really the third thing is the economic uncertainty, and this is relatively new for 2022, but within IDC we've been doing a lot of research around what are those impacts going to be? And what we find people doing is they want greater flexibility, they want more cost certainty, and they really want to be able to leverage those cloud economics to have the scale up or scale down on demand nature of cloud. So those are, in a nutshell, kind of the three things that people are looking at. >> You mentioned ransomware. It's a topic we've been talking about a lot. It's a household word these days. It's now, Phil, no longer if we're going to get attacked, it's when, it's how often, it's the severity. Talk about ransomware as a priority all the way up the stack to the C-suite, and what are they trying to do to become resilient against it? >> Well, what some of the research that we did is we found that about 77% of organizations have digital resilience as a top priority within their organization. And so what you're seeing is organizations trying to leverage things to become more resilient, more digitally resilient, and to be able to really hone in on those kinds of issues that are keeping them awake at night, quite honestly. If you think about digital resilience, it really is foundational to the organization, whether it's through digital transformation or whether it's simply data availability, whatever it might happen to be. Digital resilience is really a large umbrella term that we use to describe that function that is aimed at avoiding data loss, assuring data availability, and helping the organization to extract value from their data. >> And digital resilience, data resilience, as every company these days has to be a data company to be competitive. Digital resilience, data resilience, are you using those terms interchangeably or is data resilience defined as something a little bit different? >> Well, sometimes yeah, we do get caught using them when one is the other. But data resilience is really a part of digital resilience, if you think about the data itself in the context of IT computing. So it really is a subset of that, but it is foundational to IT resilience. You can't have IT resilience without data resilience. So that's where we're coming from on it. >> Inextricably linked, and it's becoming a corporate initiative, but there's some factors that can complicate digital resilience, data resilience for organizations. What are some of those complications that organizations need to be aware of? >> Well, one of the biggest is what you mentioned at the top of the segment, and that is the area of ransomware. The research that we found is about 46% of organizations have been hit within the last three years. You know, it's kind of interesting how it's changed over the years. Originally, being hit by ransomware had a real stigma attached to it. Organizations didn't want to admit it, and they really avoided confronting that. Nowadays, so many people have been hit by it that that stigma has gone. And so really it is becoming more of a community kind of effort as people try to defend against these ransomers. The other thing about it is it's really a lot like Whac-A-Mole, you know. They attack us in one area and we defend against it so they attack us in another area, and we defend against it. And in fact, I had an individual come up to me at a show not long ago and said, "You know, one of these days we're going to get pretty well defended against ransomware and it's going to go away." And I responded I don't think so because we're constantly introducing new systems, new software, and introducing new vulnerabilities. And the fact is ransomware is so profitable, the bad guys aren't going to just fade into the night without giving it a a lot of fight. So I really think that ransomware is one of those things that is here for the long term and something that we have to address and have to get proactive about. >> You mentioned some stats there, and recently IDC and Druva did a white paper together that really revealed some quite shocking results. Talk to me about some of the things. Let's talk a little bit about the demographics of the survey and then talk about what was the biggest finding there, especially where it's concerning ransomware? >> Yeah, this was a worldwide study. It was sponsored by Druva and conducted by IDC as an independent study. And what we did, we surveyed 500, it was a little over 500 different individuals across the globe in North America, select countries in Western Europe, as well as several in Asia Pacific. And we did it across industries there were 20 different industries represented, they're all evenly represented. We had surveys that included IT practitioners, primarily CIOs, CTOs, VP of infrastructure, you know, managers of data centers, things like that. And the biggest finding that we had in this, Lisa, was really finding that there is a huge disconnect, I believe, between how people think they are ready and what the actual results are when they get attacked. Some of the statistics that we learned from this, Lisa, include 83% of organizations believe, or told us that they have a playbook that they have for ransomware. I think 93% said that they have a high degree, or a high or very high degree of confidence in their recovery tools and are fully automated. And yet, when you look at the actual results, you know, I told you a moment ago, 46% have been attacked successfully. I can also tell you that in separate research, fewer than 1/3 of organizations were able to fully recover their data without paying the ransom, and some 2/3 actually had to pay the ransom. And even when they did, they didn't necessarily achieve their full recovery. You know, the bad guys aren't necessarily to be trusted, and so the software that they provide sometimes is fully recovered, sometimes it's not. So you look at that and you go, wow. On the one hand, people think they're really, really prepared, and on the other hand, the results are absolutely horrible. You know, 2/3 of people having to pay the ransom. So you start to ask yourself, well, what's going on there? And I believe that a lot of it comes down to, kind of reminds me of the old quote from Mike Tyson. "Everybody has a plan until they get punched in the mouth." And I think that's kind of what happens with ransomware. You think you know what you're doing. You think you're ready, based on the information you have. And these people are smart people, and they're professionals, but oftentimes, you don't know what you don't know. And like I said, the bad guys are always dreaming up new ways to attack us. And so, I think, for that reason, a lot of these have been successful. So that was kind of the key finding to me and kind of the aha moment really in this whole thing, Lisa. >> That's a massive disconnect with the vast majority saying, "We have a cyber recovery playbook," yet nearly 1/2 being the victims of ransomware in the last three years, and then 1/2 of them experiencing data loss. What is it then that organizations in this situation across any industry can do to truly enable cyber resilience, data resilience? As we said, this is a matter of this is going to happen, just a matter of when and how often. >> It is a matter, yeah, as you said, it's not if, when, or how often, it's really how badly. So I think what organizations are really doing now is starting to turn more to cloud-based services, you know, finding professionals who know what they're doing, who have that breadth of experience and who have seen the kinds of necessary steps that it takes to do a recovery. And the fact of the matter is a disaster recovery and a cyber recovery are really not the same thing. And so organizations need to be able to plan the kinds of recovery associated with cyber recovery in terms of forensics, in terms of scanning, in terms of analysis, and so forth. So they're turning to professionals in the cloud much more, in order to get that breadth of experience, and to take advantage of cloud-based services that are out there. >> Talk to me about some of the key advantages of cloud-based services for data resilience versus traditional legacy on-prem equipment. What are some of the advantages? Why is IDC seeing this big shift to cloud where data resilience is concerned? >> Well, the first and foremost is the economics of it. You know, you can have on-demand resources. In the old days, when we had disaster recoveries where we had two different data centers and a failover and so forth, you know, you had double the infrastructure. If you're financial services, it might even be triple the infrastructure. It was very complicated, very difficult. By going to the cloud, organizations can subscribe to disaster recovery as a service. And increasingly what we see is a new market of cyber recovery as a service. So being able to leverage those resources, to be able to have the forensic analysis available to them, to be able to have the other resources available that are on demand, and to have that plan in place to have those resources in place. I think what happens in a number of situations, Lisa, is that organizations think they're ready, but then all of a sudden they get hit, and all of a sudden they have to engage with outside consultants, or they have to bring in other experts, and that extends the time to recover that they have and it also complicates it. So if they have those resources in place, then they can simply turn them on, engage them, and get that recovery going as quickly as possible. >> So what do you think the big issue here is? Is it that these IPT practitioners, over 500 that you surveyed across 20 industries, this a global survey, do they they not know what they don't know? What's the overlying issue here? >> Yeah, I think that's right. You don't know what you don't know, and until you get into a specific attack, you know, there are so many different ways that organizations can be attacked. And, in fact, from this research that we found is that, in many cases, data exfiltration exceeds data corruption by about 50%. But when you think about that, the issue is, once I have your data, what are you going to do? I mean, there's no amount of recovery that is going to help. So organizations are either faced with paying the ransom to keep the data from perhaps being used on the dark web, or whatever, or simply saying no, and taking their chances. So best practice things like encryption, immutability, things like that that organizations can put into place. Certainly air gaps, having a solid backup foundation to where data is, you have a high recovery, high probability of recovery, things like that. Those are the kinds of things that organizations have to put into place, really as a baseline to assure that they can recover as fast as possible and not lose data in the event of a ransomware attack. >> Given some of the disconnect that you articulated, the stats that show so many think we are prepared, we've got a playbook, yet so many are being attacked, the vulnerabilities as the landscape, threat landscape, just gets more and more amorphous. What do you recommend organizations do? You talked to the IT practitioners, but does this go all the way up to the board level in terms of, hey guys, across every industry, we are vulnerable, this is going to happen. We've got to make sure that we are truly resilient and proactive? >> Yes, and in fact, what we found from this research is in more than 1/2 of cases, the CEO is directly involved in the recovery. So this is very much a C-suite issue. And if you look at the consequences of ransomware, it's not just the ransom, it's the lost productivity, it's the loss of revenue. It's the loss of customer faith and goodwill, and organizations that have been attacked have suffered those consequences, and many of them are permanent. So people at the board level, whether it's the CEO, the CFO, the CIO, the CSO, you know, whoever it is, they're extremely concerned about these. And I can tell you, they are fully engaged in addressing those issues within their organization. >> So all the way at the top, and critically important, business critical for any industry. I imagine some industries may be a little bit more vulnerable than others, financial services, healthcare, education. We've just seen a big attack in Los Angeles County. But in terms of establishing data resilience, you mentioned ransomware isn't going anywhere, it's a big business, it's very profitable. But what is IDC's prediction where ransomware is concerned? Do you think that organizations, if they truly adopt cloud and SaaS-based technologies, can they get to a place where the C-suite doesn't have to be involved to the point where they really actually have a functioning playbook? >> I don't know if we'll ever get to the point where the C-suite is not involved. It's probably very important to have that level of executive sponsorship. But what we are seeing is, in fact, we predict that by 2025, 55% of organizations will have shifted to a cloud-centric strategy for their data resilience. And the reason we say that is, you know, workloads on premises aren't going away. So that's the core. We have an increasing number of workloads in the cloud and at the edge, and that's really where the growth is. So being able to take that cloud-centric model and take advantage of cloud resources like immutable storage, being able to move data from region to region inexpensively and easily, and to be able to take that cloud-centric perspective and apply it on premises as well as in the cloud and at the edge is really where we believe that organizations are shifting their focus. >> Got it, we're just cracking the surface here, Phil. I wish we had more time, but I had a chance to read the Druva-sponsored IDC white paper. Fascinating finds. I encourage all of you to download that, take a read. You're going to learn some very interesting statistics and recommendations for how you can really truly deploy data resilience in your organization. Phil, it's been a pleasure to have you on the program. Thank you for joining me. >> No problem. Thank you, Lisa. >> In a moment, John Furrier will be here with his next guest. For right now, I'm Lisa Martin, and you are watching theCUBE, the leader in live tech coverage. >> We live in a world of infinite data. Sprawling, dispersed, valuable, but also vulnerable. So how do organizations achieve data resiliency when faced with ever expanding workloads, increasing security threats, and intensified regulations? Unfortunately, the answer often boils down to what flavor of complexity do you like best? The common patchwork approaches are expensive, convoluted, and difficult to manage. There's multiple software and hardware vendors to worry about, different deployments for workloads running on-premises or in the cloud. And an inconsistent security framework resulting in enterprises maintaining four to five copies of the same data, increasing costs and risk, building to an incoherent mess of complications. Now, imagine a world free from these complexities. Welcome to the the Druva Data Resiliency Cloud, where full data protection and beautiful simplicity converge. No hardware, no upgrades, no management, just total data resilience. With just a few clicks, you can get started integrating all of your data resiliency workflows in minutes. Through a true cloud experience built on Amazon Web Services, the Druva platform automates and manages critical daily tasks, giving you time to focus on your business. In other words, get simplicity, scalability, and security instantly. With the Druva Data Resiliency Cloud, your data isn't just backed up, it's ready to be used 24/7 to meet compliance needs and to extract critical insights. You can archive data for long-term retention, be protected against device failure and natural disasters, and recover from ransomware lightning fast. Druva is trusted with billions of backups annually by thousands of enterprises, including more than 60 of the Fortune 500, costing up to 50% less than the convoluted hardware, software, and appliance solutions. As data grows and becomes more critical to your business advantage, a data resiliency plan is vital, but it shouldn't be complicated. Druva makes it simple. (upbeat music) (mouse clicks) >> Welcome back, everyone, to theCUBE and the Druva special presentation of "Why Ransomware isn't Your Only Problem." I'm John Furrier, host of theCUBE. We're here with W Curtis Preston, Curtis Preston, as he's known in the industry, Chief Technical Evangelist at Druva. Curtis, great to see you. We're here at "Why Ransomware isn't Your Only Problem." Great to see you, thanks for coming on. >> Happy to be here. >> So we always see each other at events now events are back. So it's great to have you here for this special presentation. The white paper from IDC really talks about this in detail. I'd like to get your thoughts, and I'd like you to reflect on the analysis that we've been covering here in this survey data, how it lines up with the real world that you're seeing out there. >> Yeah, I think it's, the survey results really, I'd like to say, I'd like to say that they surprised me, but unfortunately, they didn't. The data protection world has been this way for a while where there's this difference in belief, or difference between the belief and the reality. And what we see is that there are a number of organizations that have been hit, successfully hit by ransomware, paid the ransom and/or lost data, and yet the same people that were surveyed, they had high degrees of confidence in their backup system. And, you know, I could probably go on for an hour as to the various reasons why that would be the case, but I think that this long running problem that as long as I've been associated with backups, which, you know, has been a while, it's that problem of, you know, nobody wants to be the backup person. And people often just, they don't want to have anything to do with the backup system, and so it sort of exists in this vacuum. And so then management is like, "Oh, the backup system's great," because the backup person often, you know, might say that it's great because maybe it's their job to say so. But the reality has always been very, very different. >> It's funny, you know. "We're good, boss, we got this covered." >> Yeah, it's all good, it's all good. >> And the fingers crossed, right? So again, this is the reality, and as it becomes backup and recovery, which we've talked about many times on theCUBE, certainly we have with you before, but now with ransomware, also, the other thing is people get ransomware hit multiple times. So it's not only like they get hit once, so, you know, this is a constant chasing the tail on some ends, but there are some tools out there, You guys have a solution, and so let's get into that. You know, you have had hands-on backup experience. What are the points that surprise you the most about what's going on in this world and the realities of how people should be going forward? What's your take? >> Well, I would say that the one part in the survey that surprised me the most was people that had a huge, you know, there was a huge percentage of people that said that they had, you know, a ransomware response, you know, and readiness program. And you look at that, and how could you be, you know, that high a percentage of people be comfortable with their ransomware readiness program, which includes a number of things, right? There's the cyberattack aspect of responding to a ransomware attack, and then there's the recovery aspect. And so you believe that your company was ready for that, and then you go, and I think it was 67% of the people in the survey paid the ransom, which as a person who, you know, has spent my entire career trying to help people successfully recover their data, that number, I think, just hurt me the most is that because, you talked about re-infections. The surest way to guarantee that you get re-attacked and reinfected is to pay the ransom. This goes back all the way to ransom since the beginning of time, right? Everyone knows if you pay the blackmail, all you're telling people is that you pay blackmail. >> You're in business, you're a good customer >> Yeah, yeah, exactly. >> for ransomware. >> Yeah, so the fact that, you know, 60, what, 2/3 of the people that were attacked by ransomware paid the ransom. That one statistic just hurt my heart. >> Yeah, and I think this is the reality. I mean, we go back, and even the psychology of the practitioners was, you know, it's super important to get backup and recovery, and that's been around for a long time, but now that's an attack vector, okay? And there's dollars involved, like I said, I'm joking, but there's recurring revenue for the bad guys if they know you're paying up and if you're stupid enough not to change your tooling. So again, it works both ways. So I got to ask you, why do you think so many owners are unable to successfully respond after an attack? Is it because, they know it's coming, I mean, they're not that dumb. I mean, they have to know it's coming. Why aren't they responding successfully to this? >> I think it's a litany of things, starting with that aspect that I mentioned before, that nobody wants to have anything to do with the backup system, right? So nobody wants to be the one to raise their hand because if you're the one that raises their hand, "You know, that's a good idea, Curtis, why don't you look into that?" Nobody wants to be- >> Where's that guy now? He doesn't work here anymore. Yeah, I hear where you coming from. >> Exactly. >> It's psychology (indistinct) >> Yeah, so there's that. But then the second is that because of that, no one's looking at the fact that backups are the attack vector. They become the attack vector. And so because they're the attack vector, they have to be protected as much, if not more than the rest of the environment. The rest of the environment can live off of Active Directory and, you know, and things like Okta, so that you can have SSO and things like that. The backup environment has to be segregated in a very special way. Backups have to be stored completely separate from your environment. The login and authentication and authorization system needs to be completely separate from your typical environment. Why? Because if that production environment is compromised, now knowing that the attacks or that the backup systems are a significant portion of the attack vector, then if the production system is compromised, then the backup system is compromised. So you've got to segregate all of that. And I just don't think that people are thinking about that. You know, and they're using the same backup techniques that they've used for many, many years. >> So what you're saying is that the attack vectors and the attackers are getting smarter. They're saying, "Hey, we'll just take out the backup first so they can't backup. So we got the ransomware." It makes sense. >> Yeah, exactly. The largest ransomware group out there, the Conti ransomware group, they are specifically targeting specific backup vendors. They know how to recognize the backup servers. They know how to recognize where the backups are stored, and they are exfiltrating the backups first, and then deleting them, and then letting you know you have ransom. >> Okay, so you guys have a lot of customers. They all kind of have the same problem. What's the patterns that you're seeing? How are they evolving? What are some of the things that they're implementing? What is the best practice? >> Well, again, you've got to fully segregate that data, and everything about how that data is stored and everything about how that data's created and accessed, there are ways to do that with other, you know, with other commercial products. You can take a standard product and put a number of layers of defense on top of it, or you can switch to the way Druva does things, which is a SaaS offering that stores your data completely in the cloud in our account, right? So your account could be completely compromised. That has nothing to do with our account. It's a completely different authentication and authorization system. You've got multiple layers of defense between your computing environment and where we store your backups. So basically, what you get by default with the way Druva stores your backups is the best you can get after doing many, many layers of defense on the other side and having to do all that work. With us, you just log in and you get all of that. >> I guess, how do you break the laws of physics? I guess that's the question here. >> Well, because that's the other thing is that by storing the data in the cloud, and I've said this a few times, you get to break the laws of physics, and the only way to do that is time travel. (both laughing) So yes, so Druva has time travel. And this is a Curtisism, by the way, I don't think this is our official position, but the idea is that the only way to restore data as fast as possible is to restore it before you actually need it, and that's kind of what I mean by time travel, in that you, basically, you configure your DR, your disaster recovery environment in Druva one time, and then we are pre-restoring your data as often as you tell us to do, to bring your DR environment up to the, you know, the current environment as quickly as we can so that in a disaster recovery scenario, which is part of your ransomware response, right? Again, there are many different parts, but when you get to actually restoring the data, you should be able to just push a button and go. The data should already be restored. And that's the way that you break the laws of physics is you break the laws of time. >> (laughs) Well, all right, everyone wants to know the next question, and this is a real big question is, are you from the future? >> (laughs) Yeah. Very much the future. >> What's it like in the future, backup, recovery? How does it restore? Is it air gapping everything? >> Yeah, well, it's a world where people don't have to worry about their backups. I like to use the phrase get out of the backup business, just get into the restore business. You know, I'm a grandfather now, and I love having a granddaughter, and I often make the joke that if I'd have known how great grandkids were, I would've skipped straight to them, right? Not possible. Just like this. Recoveries are great. Backups are really hard. So in the future, if you use a SaaS data protection system and data resiliency system, you can just do recoveries and not have to worry about backups. >> Yeah, and what's great about your background is you've got a lot of historical perspective. You've seen that, the waves of innovation. Now it really is about the recovery and real time. So a lot of good stuff going on. And got to think automated, things got to be rocking and rolling. >> Absolutely. Yeah. I do remember, again, having worked so hard with many clients over the years, back then, we worked so hard just to get the backup done. There was very little time to work on the recovery. And I really, I kid you not, that our customers don't have to do all of those things that all of our competitors have to do to, you know, to break, to try to break the laws of physics, I've been fighting the laws of physics my entire career, to get the backup done in the first place, then to secure all the data, and to air gap it and make sure that a ransomware attack isn't going to attack it. Our customers get to get straight to a fully automated disaster recovery environment that they get to test as often as possible and they get to do a full test by simply pressing a single button. And you know, I wish everybody had that ability. >> Yeah, I mean, security's a big part of it. Data's in the middle of it all. This is now mainstream, front lines, great stuff. Curtis, great to have you on, bring that perspective, and thanks for the insight. Really appreciate it. >> Always happy to talk about my favorite subject. >> All right, we'll be back in a moment. We'll have Stephen Manley, the CTO, and Anjan Srinivas, the GM and VP of Product Management will join me. You're watching theCUBE, the leader in high tech enterprise coverage. >> Ransomware is top of mind for everyone. Attacks are becoming more frequent and more sophisticated. It's a problem you can't solve alone anymore. Ransomware is built to exploit weaknesses in your backup solution, destroying data, and your last line of defense. With many vendors, it can take a lot of effort and configuration to ensure your backup environment is secure. Criminals also know that it's easy to fall behind on best practices like vulnerability scans, patches, and updates. In fact, 42% of vulnerabilities are exploited after a patch has been released. After an attack, recovery can be a long and manual process that still may not restore clean or complete data. The good news is that you can keep your data safe and recover faster with the Druva Data Resiliency Cloud on your side. The Druva platform functions completely in the cloud with no hardware, software, operating system, or complex configurations, which means there are none of the weaknesses that ransomware commonly uses to attack backups. Our software as a service model delivers 24/7/365 fully managed security operations for your backup environment. We handle all the vulnerability scans, patches, and upgrades for you. Druva also makes zero trust security easy with built-in multifactor authentication, single sign-on, and role-based access controls. In the event of an attack, Druva helps you stop the spread of ransomware and quickly understand what went wrong with built-in access insights and anomaly detection. Then you can use industry first tools and services to automate the recovery of clean, unencrypted data from the entire timeframe of the attack. Cyberattacks are a major threat, but you can make protection and recovery easy with Druva. (electronic music) (upbeat music) (mouse clicks) >> Welcome back, everyone, to theCUBE's special presentation with Druva on "Why Ransomware isn't Your Only Problem." I'm John Furrier, host of theCUBE. Our next guests are Stephen Manley, Chief Technology Officer of Druva, and Anjan Srinivas, who is the General Manager and Vice President of Product Management at Druva. Gentlemen, you got the keys to the kingdom, the technology, ransomware, data resilience. This is the topic. The IDC white paper that you guys put together with IDC really kind of nails it out. I want to get into it right away. Welcome to this segment. I really appreciate it. Thanks for coming on. >> Great to be here, John. >> So what's your thoughts on the survey's conclusion? Obviously, the resilience is huge. Ransomware continues to thunder away at businesses and causes a lot of problems, disruption. I mean, it's endless ransomware problems. What's your thoughts on the conclusion? >> So I'll say the thing that pops out to me is, on the one hand, everybody who sees the survey and reads it is going to say, "Well, that's obvious." Of course, ransomware continues to be a problem. Cyber resilience is an issue that's plaguing everybody. But I think when you dig deeper and there's a lot of subtleties to look into, but one of the things that I hear on a daily basis from the customers is, it's because the problem keeps evolving. It's not as if the threat was a static thing to just be solved and you're done. Because the threat keeps evolving, it remains top of mind for everybody because it's so hard to keep up with what's happening in terms of the attacks. >> And I think the other important thing to note, John, is that people are grappling with this ransomware attack all of a sudden where they were still grappling with a lot of legacy in their own environment. So they were not prepared for the advanced techniques that these ransomware attackers were bringing to market. It's almost like these ransomware attackers had a huge leg up in terms of technology that they had in their favor while keeping the lights on was keeping IT away from all the tooling that they needed to do. A lot of people are even still wondering, when that happens next time, what do I even do? So clearly not very surprising. Clearly, I think it's here to stay, and I think as long as people don't retool for a modern era of data management, this is going to to stay this way. >> Yeah, I hear this all the time in our CUBE conversations with practitioners. It's kind of like the security pro, give me more tools, I'll buy anything that comes in the market, I'm desperate. There's definitely attention, but it doesn't seem like people are satisfied with the tooling that they have. Can you guys share kind of your insights into what's going on in the product side? Because, you know, people claim that they have tools at crime points of recovery opportunities, but they can't get there. So it seems to be that there's a confidence problem here in the market. How do you guys see that? 'cause I think this is where the rubber meets the road with ransomware 'cause it is a moving train, it's always changing, but it doesn't seem there's confidence. Can you guys talk about that? What's your reaction? >> Yeah, let me jump in first, and Stephen can add to it. What happens is, I think this is a panic buying and they have accumulated this tooling now just because somebody said they could solve your problem, but they haven't had a chance to take a real look from a ground up perspective to see where are the bottlenecks? Where are the vulnerabilities? And which tooling set needs to lie where? Where does the logic need to reside? And what, in Druva, we are watching people do and people do it successfully, is that as they have adopted Druva technology, which is ground up built for the cloud, and really built in a way which is, you know, driven at a data insight level where we have people even monitoring our service for anomalies and activities that are suspicious. We know where we need to play a role in really kind of mitigating this ransomware, and then there's a whole plethora of ecosystem players that kind of combine to really finish the story, so to say, right? So I think this has been a panic buying situation. This is like, "Get me any help you can give me." And I think as this settles down and people really understand that longer term as they really build out a true defense mechanism, they need to think really ground up. They will start to really see the value of technologies like Druva, and try to identify the right set of ecosystem to really bring together to solve it meaningfully. >> Yes, Stephen? >> I was going to say, I mean, one of the the really interesting things in the survey for me, and for a moment, a little more than a moment, it made me think was that the large number of respondents who said, "I've got a really efficient, well-run back environment," who, then, on basically the next question said, "And I have no confidence that I can recover from a ransomware attack." And you scratch your head and you think, "Well, if your backup environment is so good, why do you have such low confidence?" And I think that's the moment when we dug deeper and we realized, if you've got a traditional architecture, and let's face it, the disk-based architecture's been around for almost two decades now, in terms of disk-based backup, you can have that tuned to the hilt. That can be running as efficiently as you want it, but it was built before the ransomware attacks, before all these cyber issues, you know, really start hitting companies. And so I have this really well-run traditional backup environment that is not at all built for these modern threat vectors. And so that's really why customers are saying, "I'm doing the best I can," but as Anjan pointed out, the architecture, the tooling isn't there to support what problems I need to solve today. >> Yeah, great point. >> And so, yeah. >> Well, that's a great point. Before we get into the customer side I want to get to in second, you know, I interviewed Jaspreet, the founder and CEO many years ago, even before the pandemic, and you mentioned modern. You guys have always had the cloud with Druva. This is huge. Now that you're past the pandemic, what is that modern cloud edge that you guys have? 'Cause that's a great point. A lot of stuff was built kind of backup and recovery bolted on, not really kind of designed into the current state of the infrastructure and the cloud native application modern environment we're seeing right now. It's a huge issue. >> I think, to me there's three things that come up over and over and over again as we talk to people in terms of, you know, being built in cloud, being cloud native, why is it an advantage? The first one is security and ransomware. And we can go deeper, but the most obvious one that always comes up is every single backup you do with Druva is air gapped, offsite, managed under a separate administrative domain so that you're not retrofitting any sort of air gap network and buying another appliance or setting up your own cloud environment to manage this. Every backup is ransomware protected, guaranteed. The second advantage is the scalability. And you know, this certainly plays into account as your business grows, or, in some cases, as you shrink or repurpose workloads, you're only paying for what you use. But it also plays a big role, again, when you start thinking of ransomware recoveries because we can scale your recovery in cloud, on premises as much or as little as you want. And then I think the third one is we're seeing, basically, things evolving, new workloads, data sprawl, new threat vectors. And one of the nice parts of being a SaaS service in the cloud is we're able to roll out new functionality every two weeks and there's no upgrade cycle, there's no waiting. The customer doesn't have to say, "Wow, I needed six months in the lab before I upgrade it and it's an 18-month, 24-month cycle before the functionality releases. You're getting it every two weeks, and it's backed by Druva to make sure it works. >> Anjan, you know, you got the product side, you know, it's a challenging job 'cause you have so many customers asking for things, probably on the roadmap, you probably can go an hour for that one, but I want to get your thoughts on what you're hearing and seeing from customers. We just reviewed the IDC with Phil. How are you guys responding to your customer's needs? Because it seems that it's highly accelerated, probably on the feature requests, but also structurally as ransomware continues to evolve. What are you hearing? What's the key customer need? How are you guys responding? >> Yeah, actually, I have two things that I hear very clearly when I talk to customers. One, I think, after listening to their security problems and their vulnerability challenges, because we see customers and help customers who are getting challenged by ransomware on a weekly basis. And what I find that this problem is not just a technology problem, it's an operating model problem. So in order to really secure themselves, they need a security operating model and a lot of them haven't figured out that security operating model in totality. Now where we come in, as Druva, is that we are providing them the cloud operating model and a data protection operating model, combined with a data insights operating model which all fit into their overall security operating model that they are really owning and they need to manage and operate, because this is not just about a piece of technology. On top of that, I think our customers are getting challenged by all the same challenges of not just spending time on keeping the lights on, but innovating faster with less. And that has been this age old problem, do more with less. But in this whole, they're like trying to innovate in the middle of the war, so to say. The war is happening, they're getting attacked, but there's also net new shadow IT challenges that's forcing them to make sure that they can manage all the new applications that are getting developed in the cloud. There is thousands of SaaS applications that they're consuming, not knowing which data is critical to their success and which ones to protect and govern and secure. So all of these things are coming at them at 100 miles per hour, while they're just trying to live one day at a time. And unless they really develop this overall security operating model, helped by cloud native technologies like Druva that really providing them a true cloud native model of really giving like a touchless and an invisible protection infrastructure. Not just beyond backups, beyond just the data protection that we all know of into this mindset of kind of being able to look at where each of those functionalities need to lie. That's where I think they're grappling with. Now Druva is clearly helping them with keep up to pace with the public cloud innovations that they need to do and how to protect data. We just launched our EC2 offering to protect EC2 virtual machines back in AWS, and we are going to be continuing to evolve that to further the many services that public cloud software 'cause our customers are really kind of consuming them at breakneck speed. >> So new workloads, new security capabilities. Love that. Good call out there. Stephen, there's still the issue of the disruption side of it. You guys have a guarantee. There's a cost of ownership as you get more tools. Can you talk about that angle of it? You got new workloads, you got the new security needs, what's the disruption impact? 'Cause you want to avoid that. How much is it going to cost you? And you guys have this guarantee, can you explain that? >> Yeah, absolutely. So Druva launched our $10 million data resiliency guarantee. And for us, there were really two key parts to this. The first obviously is $10 million means that, you know, again, we're willing to put our money where our mouth is, and that's a big deal, right? That we're willing to back this with the guarantee. But then the second part, and this is the part that I think reflects that sort of model that Anjan was talking about. We sort of look at this and we say the goal of Druva is to do the job of protecting and securing your data for you so that you, as a customer, don't have to do it anymore. And so the guarantee actually protects you against multiple types of risks, all with SLAs. So everything from your data's going to be recoverable in the case of a ransomware attack. Okay, that's good. Of course, for it to be recoverable, we're also guaranteeing your backup success rate. We're also guaranteeing the availability of the service. We're guaranteeing that the data that we're storing for you can't be compromised or leaked externally, and we're guaranteeing the long-term durability of the data so that if you backup with us today and you need to recover 30 years from now, that data's going to be recovered. So we wanted to really attack the end-to-end risks that affect our customers. Cybersecurity is a big deal, but it is not the only problem out there, and the only way for this to work is to have a service that can provide you SLAs across all of the risks, because that means, as a SaaS vendor, we're doing the job for you so you're buying results as opposed to technology. >> That's great. Great point. Ransomware isn't the only problem. That's the title of this presentation, but it's a big one. (laughs) People are concerned about it, so great stuff. In the last five minutes, guys, if you don't mind, I'd love to have you share what's on the horizon for Druva? You mentioned the new workloads, Anjan. You mentioned this new security. You're going to shift left. DevOps is now the developer model. They're running IT. Get data and security teams now stepping in and trying to be as high velocity as possible for the developers and enterprises. What's on the horizon for Druva? What trends is the company watching, and how are you guys putting that together to stay ahead in the marketplace and the competition? >> Yeah, I think, listening to our customers, what we realize is they need help with the public cloud, number one. I think that's a big wave of consumption. People are consolidating their data centers, moving to the public cloud. They need help in expanding data protection, which becomes the basis of a lot of the security operating model that I talked about. They need that first, from Druva, before they can start to get into much more advanced level of insights and analytics around that data to protect themselves and secure themselves and do interesting things with that data. So we are expanding our coverage on multiple fronts there. The second key thing is to really bring together a very insightful presentation layer, which, I think, is very unique to Druva because only we can look at multiple tenants, multiple customers because we are a SaaS vendor, and look at insights and give them best practices and guidances and analytics that nobody else can give. There's no silo anymore because we are able to take a good big vision view and now help our customers with insights that otherwise that information map is completely missing. So we are able to guide them down a path where they can optimize which workloads need what kind of protection, and then how to secure them. So that is the second level of insights and analytics that we are building. And there's a whole plethora of security offerings that we are going to build, all the way from a feature level where we have things like (audio distorts) that's already available to our customers today to prevent any anomalous behavior and attacks that would delete their backups and then they still have a way to recover from it, but also things to curate and get back to that point in time where it is safe to recover and help them with a sandbox which they can recover confidently knowing it's not going to jeopardize them again and reinfect the whole environment again. So there's a whole bunch of things coming, but the key themes are public cloud, data insights, and security, and that's where my focus is, to go and get those features delivered, and Stephen can add a few more things around services that Stephen is looking to build and launch. >> Sure, so, yeah, so John, I think one of the other areas that we see just an enormous groundswell of interest. So public cloud is important, but there are more and more organizations that are running hundreds, if not thousands of SaaS applications, and a lot of those SaaS applications have data. So there's the obvious things, like Microsoft 365, Google Workspace, but we're also seeing a lot of interest in protecting Salesforce because, if you think about it, if someone you know deletes some really important records in Salesforce, that's actually kind of the record of your business. And so, we're looking at more and more SaaS application protection, and really getting deep in that application awareness. It's not just about backup and recovery when you look at something like a Salesforce, or something like Microsoft 365. You do want to look into sandboxing, you want to look into long-term archival, because this is the new record of the business. What used to be in your on-premises databases, that all lives in cloud and SaaS applications now. So that's a really big area of investment for us. The second one, just to echo what Anjan said is, one of the great things of being a SaaS provider is I have metadata that spans across thousands of customers and tens of billions of backups a year. I'm tracking all sorts of interesting information that is going to enable us to do things like make backups more autonomous so that customers, again, I want to do the job for them. We'll do all the tuning, we'll do all the management for them to be able to better detect ransomware attacks, better respond to ransomware attacks, because we're seeing across the globe. And then, of course, being able to give them more insight into what's happening in their data environment so they can get a better security posture before any attack happens. Because, let's face it, if you can set your data up more cleanly, you're going to be a lot less worried and a lot less exposed when that attack happens. So we want to be able to, again, cover those SaaS applications in addition to the public cloud, and then we want to be able to use our metadata and use our analytics and use this massive pipeline we've got to deliver value to our customers. Not just charts and graphs, but actual services that enable them to focus their attention on other parts of the business. >> That's great stuff. >> And remember, John, I think all this while keeping things really easy to consume, consumer grade UI, APIs, and then really the power of SaaS as a service, simplicity to kind of continue on, amongst kind of keeping these complex technologies together. >> Anjan, that's a great callout. I was going to mention ease of use and self-service. Big part of the developer and IT experience. Expected. It's the table stakes. Love the analytic angle, I think that brings the scale to the table, and faster time to value to get to learn best practices. But at the end of the day, automation, cross-cloud protection and security to protect and recover. This is huge, and this is a big part of not only just protecting against ransomware and other things, but really being fast and being agile. So really appreciate the insights. Thanks for sharing on this segment, really under the hood and really kind of the value of the product. Thanks for coming on, appreciate it. >> Thank you very much. >> Okay, there it is. You have the experts talk about under the hood, the product, the value, the future of what's going on with Druva, and the future of cloud native protecting and recovering. This is what it's all about. It's not just ransomware they have to worry about. In a moment, Dave Vellante will give you some closing thoughts on the subject here. You're watching theCUBE, the leader in high tech enterprise coverage. >> As organizations migrate their business processes to multi-cloud environments, they still face numerous threats and risks of data loss. With a growing number of cloud platforms and fragmented applications, it leads to an increase in data silos, sprawl, and management complexity. As workloads become more diverse, it's challenging to effectively manage data growth, infrastructure, and resource costs across multiple cloud deployments. Using numerous backup vendor solutions for multiple cloud platforms can lead to management complexity. More importantly, the lack of centralized visibility and control can leave you exposed to security vulnerabilities, including ransomware that can cripple your business. The Druva Data Resiliency Cloud is the only 100% SaaS data resiliency platform that provides centralized, secure, air gapped, and immutable backup and recovery. With Druva, your data is safe with multiple layers of protection and is ready for fast recovery from cyberattacks, data corruption, or accidental data loss. Through a simple, easy to manage platform, you can seamlessly protect fragmented, diverse data at scale, across public clouds, and your business critical SaaS applications. Druva is the only 100% SaaS vendor that can manage, govern, and protect data across multiple clouds and business critical SaaS applications. It supports not just backup and recovery, but also data resiliency across high value use cases, such as e-discovery, sensitive data governance, ransomware, and security. No other vendor can match Druva for customer experience, infinite scale, storage optimization, data immutability, and ransomware protection. The Druva Data Resiliency Cloud, your data, always safe, always ready. Visit druva.com today to schedule a free demo. (upbeat music) >> One of the big takeaways from today's program is that in the scramble to keep business flowing over the past 2+ years, a lot of good technology practices have been put into place, but there's much more work to be done, specifically, because the frequency of attacks is on the rise and the severity of lost, stolen, or inaccessible data is so much higher today, business resilience must be designed into architectures and solutions from the start. It cannot be an afterthought. Well, actually it can be, but you won't be happy with the results. Now, part of the answer is finding the right partners, of course, but it also means taking a system's view of your business, understanding the vulnerabilities and deploying solutions that can balance cost efficiency with appropriately high levels of protection, flexibility, and speed slash accuracy of recovery. Here we hope you found today's program useful and informative. Remember, this session is available on demand in both its full format and the individual guest segments. All you got to do is go to thecube.net, and you'll see all the content, or you can go to druva.com. There are tons of resources available, including analyst reports, customer stories. There's this cool TCO calculator. You can find out what pricing looks like and lots more. Thanks for watching "Why Ransomware isn't Your Only Problem," made possible by Druva, in collaboration with IDC and presented by theCUBE, your leader in enterprise and emerging tech coverage. (upbeat music)

(bright inspirational music) >> Welcome back everyone to theCUBE and the Druva special presentation of, "Why Ransomware Isn't Your Only Problem." I'm John Furrier, host of theCUBE. We're here with W. Curtis Preston. Curtis Preston, as you know in the industry, Chief Technical Evangelist at Druva. Curtis, great to see you. We're here at, "Why Ransomware Isn't Your Only Problem." Great to see you. Thanks for coming on. >> Happy to be here. >> So we always see each other events, now events are back. So it's great to have you here for this special presentation. The White Paper from IDC really talks about this in detail. Like to get your thoughts, and I'd like you to reflect on the analysis that we've been covering here and the survey data, how it lines up with the real world that you're seeing out there. >> Yeah, I think it's... The survey results really I'd like to say that they surprised me, but unfortunately they didn't. The data protection world has been this way for a while where there's this difference in belief, or difference between the belief and the reality. And what we see is that there are a number of organizations that have been hit- successfully hit by ransomware, paid the ransom and/or lost data. And yet the same people that were surveyed they had high degrees of confidence in their backup system. And, you know, I could probably go on for an hour as to the various reasons why that would be the case, but I think that this long running problem that as long as I've been associated with backups, which, you know, has been a while, it's that problem of, you know, nobody wants to be the backup person. And people often just they don't want to have anything to do with the backup system. And so it sort of exists in this vacuum. And so then management is like, "Oh, the backup system's great," because the backup person often, you know, might say that it's great because maybe it's their job to say so. But the reality has always been very, very different. >> It's funny, you know, "We're good boss, we got this covered." >> Good. All good. It's all good. >> Fingers crossed, right? So again, this is the reality, and as it becomes backup and recovery, which we've talked about many times on theCUBE, certainly we have with you before, but now with ransomware, also, the other thing is people get ransomware hit multiple times. So it's not only like they get hit once. So, you know, this is a constant chasing the tail on some ends, but there are some tools out there. You guys have a solution. And so let's get into that. You know, you have had hands-on backup experience. What are the points that surprise you the most about what's going on in this world and the realities of how people should be going forward? What's your take? >> Well, I would say that the one part in the survey that surprised me the most was people that had a huge, you know, that there was a huge percentage of people that said that they had a, you know, a ransomware response, you know, and readiness program. And you look at that and how could you be, you know, that high a percentage of people be comfortable with their ransomware readiness program and a, you know, which includes a number of things, right? There's the cyber attack aspect of responding to a ransomware attack, and then there's the recovery aspect. And so you believe that your company was ready for that, and then you go, and I think it was 67% of the people in the survey paid the ransom, which as a person who, you know, has spent my entire career trying to help people successfully recover their data, that number I think just hurt me the most is that because you talked about re-infections the surest way to guarantee that you get re-attacked and reinfected is to pay the ransom. This goes back all the way to ransom since the beginning of time, right? Everyone knows if you pay the blackmail all you're telling people is that you pay blackmail. >> You're in business, you're a good customer. ALR for ransomware. >> Yeah. So, the fact that, you know, 60, what, two-thirds of the people that were attacked by ransomware paid the ransom. That one statistic just, just hurt my heart. >> Yeah. And I think this is the reality. I mean, we go back and even the psychology of the practitioners was, you know, super important to get back in recovery. And that's been around for a long time. But now that's an attack vector, okay? And there's dollars involved, like I said, ALR, I'm joking but there's recurring revenue for the for the bad guys if they know you're paying up and if you're stupid enough not to change you're tooling. Right? So again, it works both ways. So, I got to ask you, why do you think so many organizations are unable to successfully respond after an attack? Is it because- they know it's coming. I mean, they're not that dumb. I mean, they have to know it's coming. Why aren't they responding successfully to this? >> I think it's a litany of things starting with that aspect that I mentioned before that nobody wants to have anything to do with the backup system, right? So, nobody wants to be the one to raise their hand because if you're the one that raises their hand "You know what, that's a good idea, Curtis, why don't you look into that?" Right? Nobody wants to be responsible- >> Where's that guy now? He doesn't work here anymore. Yeah, but I hear where you coming from. Psychology (indistinct). >> Yeah. So there's that. But then the second is that because of that no one's looking at the fact that backups are the attack vector. They become the attack vector. And so because they're the attack vector they have to be protected as much, if not more, than the rest of the environment. The rest of the environment can live off of active directory and, you know, and things like Okta so that you can have SSO and things like that. The backup environment has to be segregated in a very special way. Backups have to be stored completely separate from your environment. The login and authentication and authorization system needs to be completely separate from your typical environment. Why? Because if you, if that production environment is compromised now knowing that the attacks or that the backup systems are a significant portion of the attack vector, if the production system is compromised then the backup system is compromised. So you've got to segregate all of that. And I just don't think that people are thinking about that. You know, and they're using the same backup techniques that they've used for many, many years. >> So what you're saying is that the attack vectors and the attackers are getting smarter. They're saying, "Hey, we'll just take out the backup first so they can't back-up. So we got the ransomware." >> Yeah, exactly. The largest ransomware group out there, the Conti ransomware group, they are specifically targeting specific backup vendors. They know how to recognize the backup servers. They know how to recognize where the backups are stored and they are exfiltrating the backups first and then deleting them and then letting you know you have ransom. Right? >> Okay, so you guys have a lot of customers They all kind of have the same- this problem. What's the patterns that you're seeing? How are they evolving? What are some of the things that they're implementing? What is the best practice? >> Well, again, you've got to fully segregate that data, There are, and everything about how that data is stored and everything about how that data is created and accessed. There are ways to do that with other, you know, with other commercial products. You can take a standard product and put a number of layers of defense on top of it or you can switch to the way Druva does things which is a SaaS offering that stores your data completely in the cloud in our account, right? So your account could be completely compromised. That has nothing to do with our account. And the- it's a completely different authentication and authorization system. You've got multiple layers of defense between your computing environment and where we store your backups. So basically what you get by default with the way Druva stores your backups is the best you can get after doing many, many layers of defense on the other side and having to do all that work with us. You just login and you get all of that. >> I guess how do you break the laws of physics? I guess that's the question here. >> Well, when, because that's the other thing is that by storing the data in the cloud, we do it, and I've said this a few times, that you get to break the laws of physics. And the only way to do that is to, is time travel. And that's what, so yeah. So Druva has time travel. What, and this is a courtisism by the way, I don't think this is our official position, but the idea is that the only way to restore data as fast as possible is to restore it before you actually need it. And that's what kind of what I mean by time travel. In that you, basically, you configure your DR, your disaster recovery environment in Druva one time. And then we are pre-restoring your data as often as you tell us to do, to bring your DR environment up to the, you know, the current environment as quickly as we can so that in a disaster recovery scenario which is part of your ransomware response, right? Again, there are many different parts but when you get to actually restoring the data you should be able to just push a button and go. The data should already be restored. And that's the, that's the way that you of physics is you break the laws of time. >> Well, I and everyone wants to know the next question, and this is the real big question is, are you from the future? (light chuckling) >> Yeah. Very much the future. >> What's it like in the future, back-up recovery, how's it restored? Is it air gapping everything? >> Yeah, it, well, it's a world where people don't have to worry about their backups. I like to use the phrase, "get out of the backup business. Just get into the restore business." I, you know, I'm a grandfather now and I love having a granddaughter and I often make the joke that if I'd have known how great grandkids were I would've skipped straight to them. Right? Not possible. Just like this. Recoveries are great. Backups are really hard. So, in the future, if you use a SaaS data protection system and data resiliency system, you can just do recoveries and not have to worry about backups. >> Yeah. And what's great about your background is you've got a lot of historical perspective. I've seen that in the ways of innovation now it's really is about the recovery and real time. So a lot of good stuff going on and got to think automated. Things got to be rocking and rolling. >> Absolutely. Yeah. I do remember, again, having worked so hard with many clients over the years, back then we worked so hard just to get the backup done. There was very little time to work on the recovery. And I really, I kid you not that our customers don't have to do all of those things that all of our competitors have to do to, you know, to try to break the laws of physics. I've been fighting the laws of physics my entire career to get the backup done in the first place. Then to secure all the data, right? To air gap it and make sure that a ransomware attack isn't going to attack it. Our customers get to get straight to a fully automated disaster recovery environment that they get to test as often as possible and they get to do a full test by simply pressing a single button. And you know, I wish that, I wish everybody had that ability. >> Yeah, I mean, security's a big part of it. Data's in the middle of it. All this is now mainstream front lines. Great stuff. Curtis, great to have you on, bring that perspective and thanks for the insight. Really appreciate it. >> Always happy to talk about my favorite subject. >> Alright. We'll be back in a moment. We'll have Stephen Manley, the CTO, and Anjan Srinivas, the GM and VP of Product Management will join me. You're watching theCUBE, the leader in high tech enterprise coverage. (gentle scientific music)

(upbeat music) >> Welcome back everyone to theCUBE special presentation with Druva on why ransomware isn't your only problem. I'm John Furrier, your host of theCUBE. Our next guest are Stephen Manly, Chief Technology Officer of Druva. And Anjan Srinivas, who is the general manager and vice president of product management in Druva. Gentleman, you got the keys to the kingdom, the technology, ransomware, data resilience. This is the topic, the IDC White Paper that you guys put together with IDC. Really nails it out. I want to get into it right away. Welcome to this segment. I really appreciate it. Thanks for coming on. >> Anjan: Great to be here John. >> So what's your thoughts on the survey's conclusion? Obviously the resilience is huge. Ransomware continues to thunder away at businesses and causes a lot of problems, disruption. I mean, it's endless ransomware problems. What's your thoughts on the conclusion? >> So I'll say the thing that pops out to me is on the one hand, everybody who sees the survey, who reads, it's going to say, well that's obvious. Of course ransomware continues to be a problem. Cyber resilience is an issue that's plaguing everybody. But I think when you dig deeper and there's a lot of subtleties to look into, but one of the things that I hear on a daily basis from the customers is it's because the problem keeps evolving. It's not as if the threat was a static thing to just be solved and you're done. Because the threat keeps evolving, it remains top of mind for everybody because it's so hard to keep up with what's happening in terms of the attacks. >> And I think the other important thing to note, John, is that people are grappling with this ransomware attack all of a sudden where they were still grappling with a lot of legacy in their own environment. So they were not prepared for the advanced techniques that these ransomware attackers were bringing to market. It's almost like these ransomware attackers had a huge leg up in terms of technology that they had in their favor while keeping the lights on was keeping IT away from all the tooling that needed to do. A lot of people are even still wondering when that happens next time, what do I even do? So clearly not very surprising. Clearly I think it's here to stay and I think as long as people don't retool for a modern era of data management, this is going to stay this way. >> Yeah, I mean I hear this all the time in our CUBE conversations with practitioners It's like the security product. Give me more tools. I'll buy anything that comes in the market. I'm desperate. There's definitely attention, but it doesn't seem like people are satisfied with the tooling that they have. Can you guys share your insights into what's going on in the product side? Because people claim that they have tools at fine points of recovery opportunities, but they can't get there. So it seems to be that there's a confidence problem here in the market. How do you guys see that? 'Cause I think this is where the rubber meets the road with ransomware 'cause it is a moving train. It's always changing, but it doesn't seem this confidence. Can you guys talk about that? What's your reaction? >> Yeah, let me jump in first and Stephen can add to it. What happens is I think this is a panic buying and they have accumulated this tooling now just because somebody said could solve your problem but they haven't had a chance to take a relook from a ground up perspective to see where are the bottlenecks, where are the vulnerabilities, and which tooling set needs to lie where, where does the logic need to reside? And what a Druva, we are watching people do and people do it successfully is that as they have adopted Druva technology, which is ground up built for the cloud and really built in a way which is driven at a data insight level where we have people even monitoring our service for anomalies and activities that are suspicious. We know where we need to play a role in really mitigating this ransomware. And then there is a whole plethora of ecosystem players that combine really, really finish the story so to say. So I think this has been a panic buying situation. This is like, get me any help you can give me. And I think as this settles down and people really understand that longer term as they really build out a true defense mechanism, they need to think really ground up. They will start to really see the value of technologies like Druva and try to identify the right set of ecosystem to really bring together to solve it meaningfully. >> John: Yes, Stephen. >> I was going to say, one of the really interesting things in the survey for me and for a moment, little more than a moment, it made me think was that the large number of respondents who said I've got a really efficient well-run backup environment who then on basically the next question said, and I have no confidence that I can recover from a ransomware attack. And you scratch your head and you think, well if your backup environment is so good, why do you have such low confidence? And I think that's the moment when we dug deeper and we realized, if you've got a traditional architecture and let's face it, the disk-based architecture's been around for almost two decades now in terms of disk-based backup, you can have that tune to the health. That can be running as efficiently as you want it, but it was built before the ransomware attacks, before all these cyber issues really start hitting companies. And so I have this really well-run traditional backup environment that is not at all built for these modern threat vectors. And so that's really why customers are saying, I'm doing the best I can, but as Anjan pointed out, the architecture, the tooling isn't there to support what problems I need to solve today. >> Yeah, great point. >> And so yeah. >> Well, that's a great point. Before we get into the customer side, I want to get to in second, I interviewed Jaspreet, the founder and CEO, many years ago even before the pandemic. You mentioned modern. You guys have always had the cloud with Druva. This is huge. Now that you're past the pandemic, what is that modern cloud edge that you guys have? 'Cause that's a great point. A lot of stuff was built, backup and recovery bolted on, not really designed into the current state of the infrastructure and the cloud native application modern environment we're seeing right now is a huge issue. >> I think, to me, there's three things that come up over and over and over again as we talk to people in terms of being built in cloud, being cloud native, why is it an advantage? The first one is, is security and ransomware. And we can go deeper, but the most obvious one that always comes up is every single backup you do with Druva is air gap, offsite, managed under a separate administrative domain so that you're not retrofitting any air gap network and buying another appliance or setting up your own cloud environment to manage this. Every backup is ransomware protected, guaranteed. I think the second advantage is the scalability. And this certainly plays into account as your business grows or in some cases as you shrink or repurpose workloads. You're only paying for what you use. But it also plays a big role, again, when you start thinking of ransomware recoveries because we can scale your recovery in cloud, on-premises as much or as little as you want. And then I think the third one is, we're seeing basically things evolving, new workloads, data sprawl, new threat vectors. And one of the nice parts of being a SaaS service in the cloud is you're able to roll out new functionality every two weeks and there's no upgrade cycle, there's no waiting. The customer doesn't have to say, wow, I need it six months in the lab before I upgrade it and it's an 18-month, 24-month cycle before the functionality releases. You're getting it every two weeks and it's backed by Druva to make sure it works. >> Anjan, you got the product side. It's challenging job 'cause you have so many customers asking for things probably on the roadmap. You probably go hour for that one. But I want to get your thoughts on what you're hearing and seeing from customers. We just reviewed the IDC with Phil. How are you guys responding to your customer's needs? Because it seems that it's highly accelerated probably on the feature request, but also structurally as as ransomware continues to evolve. What are you hearing? What's the key customer need? How are you guys responding? >> Yeah, actually, I have two things that I hear very clearly when I talk to customers. One, I think after listening to their security problems and their vulnerability challenges, because we see customers and help customers who are getting challenge by ransomware on a weekly basis, and what I find that this problem is not just a technology problem, it's an operating model problem. So in order to really secure themselves, they need a security operating model and a lot of them haven't figured out that security operating model in totality. Now where we come in as Druva is that we are providing them the cloud operating model and a data protection operating model combined with a data insights operating model, which all fit into that overall security operating model that they are really owning and they need to manage and operate because this is just not about a piece of technology. On top of that, I think our customers are getting challenged by all the same challenges of not just spending time on keeping the lights on, but innovating faster with less. And that has been this age old problem, do more with less. But in this whole, they're like trying to innovate when the middle of the war so to say. The war is happening, they're getting attacked, but there's also net new shadow IT challenges that's forcing them to make sure that they can manage all the new applications that are getting developed in the cloud. There is thousands of SaaS applications that they're consuming, not knowing which data is critical to their success and which ones to protect and govern and secure. So all of these things are coming at them at a hundred miles per hour while they're just trying to live one day at a time. And unless they really develop this overall security operating model helped by cloud native technologies like Druva that really providing them a true cloud native model of really giving like a touchless and an invisible protection infrastructure. Not just beyond backups, beyond just the data protection that we all know of into this mindset of being able to look at where each of those functionalities need to lie. That's where I think they're grappling with. Now Druva is clearly helping them with keep up to pace with the public cloud innovations that they need to do and how to protect data. We just launched our EC2 offering to protect EC2 virtual machines back in AWS and we are going to be continuing to evolve that to further many services that public cloud software 'cause our customers are really consuming them at breakneck speed. >> So the new workloads, the new security capabilities, love that. Good call out there. Stephen, there's still the issue of the disruption side of it. You guys have a guarantee. There's a cost of ownership as you get more tools. Can you talk about that angle of it? Because this is, you got new workloads, you got the new security needs, what's the disruption impact? 'Cause we won't avoid that. How much it going to cost you? And you guys have this guarantee, can you explain that? >> Yeah, absolutely. So Druva launched our $10 million data resiliency guarantee. And for us, there were really two key parts to this. The first obviously is $10 million means that, again, we're willing to put our money where our mouth is and that's a big deal. That we're willing to back this with the guarantee. But then the second part, and this is the part that I think reflects that model that Anjan was talking about. We look at this and we say, the goal of Druva is to do the job of protecting and securing your data for you so that you as a customer don't have to do it anymore. And so the guarantee actually protects you against multiple types of risks all with SLAs. So everything from, your data's going to be recoverable in the case of a ransomware attack. Okay, that's good. Of course for it to be recoverable, we're also guaranteeing your backup success rate. We're also guaranteeing the availability of the service. We're guaranteeing that the data that we're storing for you can't be compromised or leaked externally. And we're guaranteeing the long term durability of the data so that if you back up with us today and you need to recover 30 years from now, that data's going to be recovered. So we wanted to really attack the end-to-end risks that affect our customers. Cybersecurity is a big deal, but it is not the only problem out there and the only way for this to work is to have a service that can provide you SLAs across all of the risks because that means, again, as a SaaS vendor, we're doing the job for you so you're buying results as opposed to technology. >> That's great. Great point. Ransomware isn't the only problem. That's the title of this presentation, but it's a big one. People concerned about it. So great stuff. In the last five minutes guys, if you don't mind, I'd love to have you share what's on the horizon for Druva. You mentioned the new workloads Anjan. You mentioned this new security hearing shift left. DevOps is now the developer model. They're running IT, yet data and security teams now stepping in and trying to be as high velocity as possible for the developers and enterprises. What's on the horizon for Druva? What trends is the company watching, and how are you guys putting that together to stay ahead in the marketplace in the competition? >> Yeah, I think listening to our customers, what we realize is they need help with the public cloud, number one. I think that's a big wave of consumption. People are consolidating their data centers moving to the public cloud. They need help in expanding data protection, which becomes the basis of a lot of the security operating model that I talked about. They need that first from Druva before they can start to get into much more advanced level of insights and analytics on that data to protect themselves and secure themselves and do interesting things with that data. So we are expanding our coverage on multiple fronts there. The second key thing is to really bring together a very insightful presentation layer, which I think is very unique to Druva because only we can look at multiple tenants, multiple customers because we are a SaaS vendor and look at insights and give them best practices and guidances and analytics that nobody else can give. There's no silo anymore because we are able to take a good big vision view and now help our customers with insights that otherwise that information map is completely missing. So we are able to guide them down a path where they can optimize which workloads need, what kind of protection, and then how to secure them. So that is the second level of insights and analytics that we are building. And there's a whole plethora of security offerings that we are going to build all the way from a feature level where we have things like recycled bin that's already available to our customers today to prevent any anomalous behavior and attacks that would delete their backups and then they still have a way to recover from it, but also things to curate and get back to that point in time where it is safe to recover and help them with a sandbox, which they can recover confidently knowing it's not going to jeopardize them again and reinfect the whole environment again. So there's a whole bunch of things coming, but the key themes are public cloud, data insights, and security and that's where my focus is to go and get those features delivered. And Stephen can add a few more things around services that Stephen is looking to build and launch. >> Sure. So John, I think one of the other areas that we see just an enormous groundswell of interest. So public cloud is important, but there are more and more organizations that are running hundreds, if not thousands of SaaS applications and a lot of those SaaS applications have data. So there's the obvious things like Microsoft 365, Google Workspace, but we're also seeing a lot of interest in protecting Salesforce because if you think about it, if someone deletes some really important records in Salesforce, that's actually the record of your business. And so we're looking at more and more SaaS application protection and really getting deep in that application awareness. It's not just about backup and recovery when you look at something like a Salesforce or something like a Microsoft 365, you do want to look into sandboxing, you want to look into long-term archival because, and this is the new record of the business. What used to be in your on-premises databases, that all lives in cloud and SaaS applications now. So that's a really big area of investment for us. The second one, just to echo what Anjan said is, one of the great things of being a SaaS provider is I have metadata that spans across thousands of customers and tens of billions of backups a year. And I'm tracking all sorts of interesting information that is going to enable us to do things like make backups more autonomous so that customers, again, I want to do the job for them. We'll do all the tuning. We'll do all the management for them to be able to better detect ransomware attacks, better respond to ransomware attacks because we're seeing across the globe. And then of course being able to give them more insight into what's happening in their data environment so they can get a better security posture before any attack happens. Because let's face it, if you can set your data up more cleanly, you're going to be a lot less worried and a lot less exposed from when attack happens. So we want to be able to, again, cover those SaaS applications in addition to the public cloud. And then we want to be able to use our metadata and use our analytics and use this massive pipeline we've got to deliver value to our customers, not just charts and graphs, but actual services that enable them to focus their attention on other parts of the business. >> That's great stuff. >> And remember John, I think all this while keeping things really easy to consume, consumer grade UI, APIs, and really, the power of SaaS as a service, simplicity to continue on amongst keeping these complex technologies together. >> Anjan that's a great call out. I was going to mention ease of use and self-service. Big part of the developer and IT experience, expected, it's the table stakes. Love the analytic angle. I think that brings the scale to the table and faster time to value to get to learn best practices. But at the end of the day, automation, cross cloud protection, and security to protect and recover. This is huge and this is a big part of not only just protecting against ransomware and other things, but really being fast and being agile. So really appreciate the insights. Thanks for sharing on this segment. Really under the hood and really the value of the product. Thanks for coming on. Appreciate it. >> Thank you very much. >> Okay, there it is. You got the experts talking about under the hood, the product, the value, the future of what's going on with Druva and the future of cloud native protecting and recovering. This is what it's all about. It's not just ransomware they have to worry about. In a moment, Dave Vellante will give you some closing thoughts on the subject here. You're watching theCUBE, the leader in high tech enterprise coverage. (gentle music)

[Music] we're here with steve melanie the president and ceo of aviatrix steve john and i started this whole super cloud narrative as a way to describe that something different is happening specifically within the aws ecosystem but more broadly across the cloud landscape at re invent last year you and i spoke on the cube and you said one of your investors guy named nick sterile said to you at the show it's happening steve welcome to the cube what's happening what did nick mean by that yeah we were we were just getting ready to go on and i leaned over and he looked at me and he whispered in my ear and said it's happening he said it just like that and and you're right it was it was kind of funny and we talked about that and what he means is enterprises you know this is why i went to aviatrix three and a half years ago is the the the flip switch for enterprises and they said now we mean it we've been talking about cloud for 12 years or 15 years now we mean it we are digitally transforming we are the movement to cloud is going to make that happen and oh by the way of course it's multi-cloud because enterprises put workloads where they run best where they have the best security the best performance the best cost and the business is driving this transformation and they decide that i'm going to use that azure and another business unit decides i'm using google and another one says i'm using aws and so of course it's going to be multi-cloud and i think we're going to start seeing actual multi-cloud applications once that infrastructure and you know you call it the super cloud once that starts getting built developers are going to go wait a minute so i can pick this feature from google and and that service from azure and that service from aws easily without any hesitation once that happens they're going to start really developing today there aren't multi-cloud applications but but but the what's happening is the enterprise embracing public cloud they're using multiple clouds many of them call it four plus one right they're four different public clouds plus what they have on prem that to me is what's happening i am now re-architecting my enterprise infrastructure from applications all the way down to the network and i am embracing uh uh public clouds in that in that process so i mean you nailed us so many things in there i mean digitally transforming to me this is the digital transformation it's leveraging embracing the capex from the hyperscalers now you know people in the industry we're not trying to do what gartner does and create a new category per se but we do use super cloud as a metaphor so i don't expect necessarily vendors to use it or not but but i and i get that but when you talk about multi-cloud what specifically is new in other words what you touched on some of this stuff what constitutes a modern multi-cloud or what we would call a super cloud you know network architecture what are the salient attributes yeah i would say today so two years ago there was no such thing even as multiple clouds it was aws let's be clear everything was aws and for people to even back then two three years ago to even envision that there would be anything else other than aws people couldn't even envision now people kind of go yeah that was done we now see that we're going to use multiple clouds we're going to use azure we're going to use gcp and we're going to use this and we'll guess we're going to use oracle and even ollie cloud we're going to use five or four or five different public clouds what's but that would be i think of as multiple clouds but from an i.t perspective they need to be able to support all those clouds in these shared services and what they're going to do i actually think we're starting and you may have hit on something in the super cloud or i know you've talked about metacloud that that's got bad connotations for facebook i know everybody's like no please not another meta thing but there is that concept of this abstracted layer above you know writing we call it you know altitude you know aviatrix everything's you know riding above the clouds right that that that common abstracted layer this application infrastructure that runs the application that rides above all the different public clouds and i think once we do that you know dave what's going to happen is i think really what's going to happen is you're going to start seeing these these multi-cloud applications which to my knowledge really doesn't exist today i i think that might be the next phase and in order for that to happen you have to have all of the infrastructure be multi-cloud meaning not just networking and network security from from from aviation but you need snowflake you need hashtag you need datadog you need all the new horsemen of the new multi-cloud which isn't the old guys right this is all new people aviatrix dashie snowflake datadonk you name it that are going to be able to deliver all this multi-cloud cross-cloud wherever you want to talk about it such that application development and deployment can happen seamlessly and frictionlessly across multi-cloud once that happens the entire stack then you're going to start seeing and that to me starts enabling this what you guys call you know the super cloud the meta cloud the whatever cloud but that then rides above all the individual clouds that that's going to start getting a whole new realm of application development in my mind so we've got some work to do to basic do some basic blocking and tackling then the application developers can really build on top of that so so some of the skeptics on on this topic would ask how do you envision this changing networking versus it just being a bolt-on to existing fossilized network infrastructure in other words yeah how do we get from point a where we are today to point b you know so-called networking so we can actually build those uh super cloud applications yeah so you know what it is it's interesting because it goes back to my background at nasira and what we used to talk about then it isn't about managing complexity it's about creating simplicity it's very different and when you put the intelligence into the software right this is what computer science is all about we're turning networking into computer science when you create an abstraction layer we are not just an overlay day we dave we actually integrate in with the native services of the cloud we are not managing the complexity of these multi-clouds we are using it you know controlling the native constructs adding our own intelligence to this and then creating what is basically simplification for the people above it so we're simplifying things not just managing the complexity that's how you get the agility for cloud that's how you get to be able to do this because if all you are is a veneer on top of complexity you're just hiding complexity you're not creating simplicity and what happens is it actually probably gets more complex because if all you're doing is hiding the bad stuff you're not getting rid of it i love that i love that we're doing that at the networking and network security layer you're going to see snowflake and datadog and other people do it at their layers you know i reminds of a conversation i had with cause the one of the founders of pure storage who they're all about simplicity this idea of of creating simplicity versus like you said just creating you know a way to handle the complexity compare you know pure storage with the sort of old legacy emc storage devices and that's what you had you had you you had emc managing the complexity at pure storage disrupting by creating simplicity so what are the challenges of creating that simplicity and delivering that seamless experience that continuous experience across cloud is it engineering is it mindset is it culture is it technology what is it well i mean look at look you see the recession that we're we're hitting you see there is a significant problem that we have in the general it industry right now and it's called skills gap skills shortage it's two problems we don't have enough people and we don't have enough people that know cloud and the reason is everybody on the same tuesday three and a half years ago all said now i mean i'm moving the cloud we're a technology company we don't make sneakers anymore we don't make beer we're a technology company and we're going to digitally transform and we're going to move the cloud guess what three years ago there were probably seven people that understood cloud now everyone on the same tuesday morning all decides to try to hire those same seven people there's just not enough people around so you're going to need software and you're going to have to put the intelligence into the software because you're not going to be able to a hire those people and b even if you hire them you can't keep them as soon as they learn cloud guess what happens dave they're off they're on to the next job at the next highest bidder so how are you going to handle that you have to have software that intelligent software that is going to simplify things for you we have people managing massive multi-cloud network and network security people with two people on-prem they got hundreds right you it's not about taking that complex model that it had on-prem and jam it into the cloud you don't have the people to do it and you're not going to get the people to do it you know i want to ask you yeah so i want to ask you about the go to market challenges because we our industry gets a bad rap for for selling we're really good at selling and then but but actually delivering what we sell sometimes we fall down there so so i love tom sweet as cfo of of dell he talks about the the say do ratio uh how that's actually got to be low but you know but you know what i mean uh the math the fraction guy right so but do do what you say you're going to do are there specific go to market challenges related to this type of cross cloud selling where you can set you have to set the customer's expectations because what you're describing is not going to happen overnight it's a journey but how do you handle that go to market challenge in terms of setting those customer expectations and actually delivering what you say you can sell and selling enough to actually have a successful business um so i think everything's outside in so so i think the the what really is exciting to me about this cloud computing model that with the transformation that we're going through is it is business-led and it is led by the ceo and it is led by the business units they run the business it is all about agility is about enabling my developers and it's all about driving the business market share revenue all these kind of things you know the last transformation of mainframe to on to pc client server was led by technologists it wasn't led by the business and it was it was really hard to tie that to the business so then so this is great because we can look at the initiatives you can look at the the the initiatives of the ceo in your company and now as an i.t person you can tie to that and they're going to have two or three or four initiatives and you can actually map it to that so that's where we start is let's look at what the c your ceo cares about he cares about this he cares about that he cares about driving revenue he cares about agility of getting new applications out to the market sooner to get more revenue there's this and oh by the way transfer made transforming your infrastructure to the cloud is the number one thing so it's all about agility so guess what you need to be able to respond to that immediately because tomorrow the business is going to go to you and say great news dave we're moving to gcp wait what no one told me about that well we're telling you now and uh you need to be ready tomorrow and if you're sitting there and you're tied to the low-level constructs and all you know is aws well i don't have those people and even if i have even if i could hire them i'm not allowed to because i can't hire anybody how am i going to respond to the business and the needs of the business now all of a sudden i'm in the way as the infrastructure team of the ceo's goals because we decided we need to we need to get the ai capabilities of gcp and we're moving to gcp or i just did a big deal with gcp and uh miraculously they said i need to run on gcp right i did a big deal with google right guess what comes along with that oh you're moving to gcp great the business says we're moving to gcp and the i.t guys are sitting there going well no one told me well sorry so it's all about agility it's all about that and the and and complexity is the killer to agility this is all about business they're going to come to you and say we just acquired a company we need to integrate them oh but they got they use the same ip address range as we do there's overlapping ips and oh by the way they're in a different cloud how do i do that no one cares the business doesn't care they're like me they're very impatient get it done or we'll find someone who will yeah so you've got to get ahead of that and so when we in terms of when we talk to customers that's what we do this isn't just about defenses this is about making you get promoted making you do good for your company such that you can respond to that and maybe even enable the company to go do that like we're going to enable people to do true multi-cloud applications because the infrastructure has to come first right you you put the foundation in your big skyscraper like the crew behind me and the plumbing before you start building the floors right so infrastructure comes first then comes then comes the applications yeah so you know again some people call it super cloud like us multi-cloud 2.0 but the the real mega trend that i see steve and i'd love you to bottom line this and bring us home is you know andreessen's all companies are software companies it's like version 2.0 of that and the applications that are going to be built on that top this tie into the digital transformations it was goldman it's jpmc it's walmart it's capital one b of a oracle's acquisition of cerner is going to be really interesting to see these super clouds form within industries bringing their data their tooling and their specific software expertise built on top of that hyperscale infrastructure and infrastructure for companies like yours so bottom line is stephen steve what's the future of cloud how do you see it the future is n plus one so two years ago people had one plus one i had what i had on prem and then what i had in aws they today if you talk to an enterprise they'll have what they call four plus one right which is four public clouds plus what i have on prem it's going to n plus one right and what's going to happen is exactly what you said you're going to have industry clouds you're going to the the multi-cloud aspect of it is going to end it's not going to go from four to one some people think oh it's not going to be four it's going down to one or two bs it's going to end it's going to a lot as they start extending to the edge and they start integrating out to the to the branch offices it's not going to be about that branch offer so that edge iot or edge computing or data centers or campus connecting into the cloud it's going to be the other way around the cloud is going to extend to those areas and you're going to have ai clouds you know whether it's you know ultra beauty who's a customer of ours who's starting to roll out ar and vr out to their retail stores to show you know makeup and this and the other thing these are new applications transformations are always driven by new applications that don't exist this isn't about lift and shift of the existing applications the 10x tam in this market is going to becomes all the new things that's where the explosion is going to happen and you're going to see end level those those branch offices are going to look like clouds and they're going to need to be stitched together and treated like one infrastructure so it's going to go from four plus one to n plus one and that's what you're gonna want as an enterprise i'm gonna want n clouds so we're gonna see an explosion it's not going to be four it's going to be end now at the end underneath all of that will be leveraging and effectively commoditizing the existing csps yeah and but you're going to have an explosion of people commoditizing them and just like the goldmans and the industry clubs are going to do they're going to build their own eye as well right no way no way it's that's what's going to happen it's going to be a 10x on what we saw last decade with sas it's all going to happen around clouds and supercloud steve malini thanks so much for coming back in the cube and helping us sort of formulate this thinking i mean it really started with with with you and myself and john and nick and really trying to think this through and watching this unfold before our eyes so great to have you back thank you yeah it's fun thanks for having me are you welcome but keep it right there for more action from super cloud 22 be right back [Music] you

(bright music) >> Welcome back everyone to the live Cube coverage here in Boston, Massachusetts for AWS re:Inforce 22, with a great guest here, Denise Hayman, CRO, Chief Revenue of Sonrai Security. Sonrai's a featured partner of Season Two, Episode Four of the upcoming AWS Startup Showcase, coming in late August, early September. Security themed startup focused event, check it out. awsstartups.com is the site. We're on Season Two. A lot of great startups, go check them out. Sonrai's in there, now for the second time. Denise, it's great to see you. Thanks for coming on. >> Ah, thanks for having me. >> So you've been around the industry for a while. You've seen the waves of innovation. We heard encrypt everything today on the keynote. We heard a lot of cloud native. They didn't say shift left but they said don't bolt on security after the fact, be in the CI/CD pipeline or the DevStream. All that's kind of top of line, Amazon's talking cloud native all the time. This is kind of what you guys are in the middle of. I've covered your company, you've been on theCUBE before. Your, not you, but your teammates have. You guys have a unique value proposition. Take a minute to explain for the folks that don't know, we'll dig into it, but what you guys are doing. Why you're winning. What's the value proposition. >> Yeah, absolutely. So, Sonrai is, I mean what we do is it's, we're a total cloud solution, right. Obviously, right, this is what everybody says. But what we're dealing with is really, our superpower has to do with the data and identity pieces within that framework. And we're tying together all the relationships across the cloud, right. And this is a unique thing because customers are really talking to us about being able to protect their sensitive data, protect their identities. And not just people identities but the non-people identity piece is the hardest thing for them to reign in. >> Yeah. >> So, that's really what we specialize in. >> And you guys doing good, and some good reports on good sales, and good meetings happening here. Here at the show, the big theme to me, and again, listening to the keynotes, you hear, you can see what's, wasn't talk about. >> Mm-hmm. >> Ransomware wasn't talked about much. They didn't talk about air-gapped. They mentioned ransomware I think once. You know normal stuff, teamwork, encryption everywhere. But identity was sprinkled in everywhere. >> Mm-hmm. >> And I think one of the, my favorite quotes was, I wrote it down, We've security in the development cycle CSD, they didn't say shift left. Don't bolt on any of that. Now, that's not new information. We know that don't bolt, >> Right. >> has been around for a while. He said, lessons learned, this is Stephen Schmidt, who's the CSO, top dog on security, who has access to what and why over permissive environments creates chaos. >> Absolutely. >> This is what you guys reign in. >> It is. >> Explain, explain that. >> Yeah, I mean, we just did a survey actually with AWS and Forrester around what are all the issues in this area that, that customers are concerned about and, and clouds in particular. One of the things that came out of it is like 95% of clouds are, what's called over privileged. Which means that there's access running amok, right. I mean, it, it is, is a crazy thing. And if you think about the, the whole value proposition of security it's to protect sensitive data, right. So if, if it's permissive out there and then sensitive data isn't being protected, I mean that, that's where we really reign it in. >> You know, it's interesting. I zoom out, I just put my historian hat on going back to the early days of my career in late eighties, early nineties. There's always, when you have these inflection points, there's always these problems that are actually opportunities. And DevOps, infrastructure as code was all about APS, all about the developer. And now open source is booming, open source is the software industry. Open source is it in the world. >> Right. >> That's now the software industry. Cloud scale has hit and now you have the Devs completely in charge. Now, what suffers now is the Ops and the Sec, Second Ops. Now Ops, DevOps. Now, DevSecOps is where all the action is. >> Yep. >> So the, the, the next thing to do is build an abstraction layer. That's what everyone's trying to do, build tools and platforms. And so that's where the action is here. This is kind of where the innovation's happening because the networks aren't the, aren't in charge anymore either. So, you now have this new migration up to higher level services and opportunities to take the complexity away. >> Mm-hmm. >> Because what's happened is customers are getting complexity. >> That's right. >> They're getting it shoved in their face, 'cause they want to do good with DevOps, scale up. But by default their success is also their challenge. >> Right. >> 'Cause of complexity. >> That's exactly right. >> This is, you agree with that. >> I do totally agree with that. >> If you, you believe that, then what's next. What happens next? >> You know, what I hear from customers has to do with two specific areas is they're really trying to understand control frameworks, right. And be able to take these scenarios and build them into something that they, where they can understand where the gaps are, right. And then on top of that building in automation. So, the automation is a, is a theme that we're hearing from everybody. Like how, how do they take and do things like, you know it's what we've been hearing for years, right. How do we automatically remediate? How do we automatically prioritize? How do we, how do we build that in so that they're not having to hire people alongside that, but can use software for that. >> The automation has become key. You got to find it first. >> Yes. >> You guys are also part of the DevCycle too. >> Yep. >> Explain that piece. So, I'm a developer, I'm an organization. You guys are on the front end. You're not bolt-on, right? >> We can do either. We prefer it when customers are willing to use us, right. At the very front end, right. Because anything that's built in the beginning doesn't have the extra cycles that you have to go through after the fact, right. So, if you can build security right in from the beginning and have the ownership where it needs to be, then you're not having to, to deal with it afterwards. >> Okay, so how do you guys, I'm putting my customer hat on for a second. A little hard, hard question, hard problem. I got active directory on Azure. I got, IM over here with AWS. I wanted them to look the same. Now, my on-premises, >> Ah. >> Is been booming, now I got cloud operations, >> Right. >> So, DevOps has moved to my premise and edge. So, what do I do? Do I throw everything out, do a redo. How do you, how do you guys talk about, talk to customers that have that chance, 'cause a lot of them are old school. >> Right. >> ID. >> And, and I think there's a, I mean there's an important distinction here which is there's the active directory identities right, that customers are used to. But then there's this whole other area of non-people identities, which is compute power and privileges and everything that gets going when you get you know, machines working together. And we're finding that it's about five-to-one in terms of how many identities are non-human identities versus human identity. >> Wow. >> So, so you actually have to look at, >> So, programmable access, basically. >> Yeah. Yes, absolutely. Right. >> Wow. >> And privileges and roles that are, you know accessed via different ways, right. Because that's how it's assigned, right. And people aren't really paying that close attention to it. So, from that scenario, like the AD thing of, of course that's important, right. To be able to, to take that and lift it into your cloud but it's actually even bigger to look at the bigger picture with the non-human identities, right. >> What about the CISOs out there that you talk to. You're in the front lines, >> Yep. >> talking to customers and you see what's coming on the roadmap. >> Yep. >> So, you kind of get the best of both worlds. See what they, what's coming out of engineering. What's the biggest problem CISOs are facing now? Is it the sprawl of the problems, the hacker space? Is it not enough talent? What, I mean, I see the fear, what are, what are they facing? How do you, how do you see that, and then what's your conversations like? >> Yeah. I mean the, the answer to that is unfortunately yes, right. They're dealing with all of those things. And, and here we are at the intersection of, you know, this huge complex thing around cloud that's happening. There's already a gap in terms of resources nevermind skills that are different skills than they used to have. So, I hear that a lot. The, the bigger thing I think I hear is they're trying to take the most advantage out of their current team. So, they're again, worried about how to operationalize things. So, if we bring this on, is it going to mean more headcount. Is it going to be, you know things that we have to invest in differently. And I was actually just with a CISO this morning, and the whole team was, was talking about the fact that bringing us on means they have, they can do it with less resource. >> Mm-hmm. >> Like this is a a resource help for them in this particular area. So, that that was their value proposition for us, which I loved. >> Let's talk about Adrian Cockcroft who retired from AWS. He was at Netflix before. He was a big DevOps guy. He talks about how agility's been great because from a sales perspective the old model was, he called it the, the big Indian wedding. You had to get everyone together, do a POC, you know, long sales cycles for big tech investments, proprietary. Now, open sources like speed dating. You can know what's good quickly and and try things quicker. How is that, how is that impacting your sales motions. Your customer engagements. Are they fast? Are they, are they test-tried before they buy? What's the engagement model that you, you see happening that the customers like the best. >> Yeah, hey, you know, because of the fact that we're kind of dealing with this serious part of the problem, right. With the identities and, and dealing with data aspects of it it's not as fast as I would like it to be, right. >> Yeah, it's pretty important, actually. >> They still need to get in and understand it. And then it's different if you're AWS environment versus other environments, right. We have to normalize all of that and bring it together. And it's such a new space, >> Yeah. >> that they all want to see it first. >> Yeah. >> Right, so. >> And, and the consequences are pretty big. >> They're huge. >> Yeah. >> Right, so the, I mean, the scenario here is we're still doing, in some cases we'll do workshops instead of a POV or a POC. 90% of the time though we're still doing a POV. >> Yeah, you got to. >> Right. So, they can see what it is. >> They got to get their hands on it. >> Yep. >> This is one of those things they got to see in action. What is the best-of-breed? If you had to say best-of-breed in identity looks like blank. How would you describe that from a customer's perspective? What do they need the most? Is it robustness? What's some of the things that you guys see as differentiators for having a best-of-breed solution like you guys have. >> A best-of-breed solution. I mean, for, for us, >> Or a relevant solution for that matter, for the solution. >> Yeah. I mean, for us, this, again, this identity issue it, for us, it's depth and it's continuous monitoring, right. Because the issue in the cloud is that there are new privileges that come out every single day, like to the tune of like 35,000 a year. So, even if at this exact moment, it's fine. It's not going to be in another moment, right. So, having that continuous monitoring in there, and, and it solves this issue that we hear from a lot of customers also around lateral movement, right. Because like a piece of compute can be on and off, >> Yeah, yeah, yeah. >> within a few seconds, right. So, you can't use any of the old traditional things anymore. So to me, it's the continuous monitoring I think that's important. >> I think that, and the lateral movement piece, >> Yep. >> that you guys have is what I hear the most of the biggest fears. >> Mm-hmm. >> Someone gets in here and can move around, >> That's right. >> and that's dangerous. >> Mm-hmm. And, and no traditional tools will see it. >> Yeah. Yeah. >> Right. There's nothing in there unless you're instrumented down to that level, >> Yeah. >> which is what we do. You're not going to see it. >> I mean, when someone has a firewall, a perimeter based system, yeah, I'm in the castle, I'm moving around, but that's not the case here. This is built for full observability, >> That's right. >> Yet there's so many vulnerabilities. >> It's all open. Mm-hmm, yeah. And, and our view too, is, I mean you bring up vulnerabilities, right. It, it is, you know, a little bit of the darling, right. People start there. >> Yep. >> And, and our belief in our view is that, okay, that's nice. But, and you do have to do that. You have to be able to see everything right, >> Yep. >> to be able to operationalize it. But if you're not dealing with the sensitive data pieces right, and the identities and stuff that's at the core of what you're trying to do >> Yeah. >> then you're not going to solve the problem. >> Yeah. Denise, I want to ask you. Because you make what was it, five-to-one was the machine to humans. I think that's actually might be low, on the low end. If you could imagine. If you believe that's true. >> Yep. >> I believe that's true by the way If microservices continues to be the, be the wave. >> Oh, it'll just get bigger. >> Which it will. It's going to much bigger. >> Yeah. >> Turning on and off, so, the lateral movement opportunities are going to be greater. >> Yep. >> That's going to be a bigger factor. Okay, so how do I protect myself. Now, 'cause developer productivity is also important. >> Mm-hmm. >> 'Cause, I've heard horror stories like, >> Yep. >> Yeah, my Devs are cranking away. Uh-oh, something's out there. We don't know about it. Everyone has to stop, have a meeting. They get pulled off their task. It's kind of not agile. >> Right. Right. >> I mean, >> Yeah. And, and, in that vein, right. We have built the product around what we call swim lanes. So, the whole idea is we're prioritizing based on actual impact and context. So, if it's a sandbox, it probably doesn't matter as much as if it's like operational code that's out there where customers are accessing it, right. Or it's accessing sensitive data. So, we look at it from a swim lane perspective. When we try to get whoever needs to solve it back to the person that is responsible for it. So we can, we can set it up that way. >> Yeah. I think that, that's key insight into operationalizing this. >> Yep. >> And remediation is key. >> Yes. >> How, how much, how important is the timing of that. When you talk to your customer, I mean, timing is obviously going to be longer, but like seeing it's one thing, knowing what to do is another. >> Yep. >> Do you guys provide that? Is that some of the insights you guys provide? >> We do, it's almost like, you know, us. The, and again, there's context that's involved there, right? >> Yeah. >> So, some remediation from a priority perspective doesn't have to be immediate. And some of it is hair on fire, right. So, we provide actually, >> Yeah. >> a recommendation per each of those situations. And, and in some cases we can auto remediate, right. >> Yeah. >> If, it depends on what the customer's comfortable with, right. But, when I talk to customers about what is their favorite part of what we do it is the auto remediation. >> You know, one of the things on the keynotes, not to, not to go off tangent, one second here but, Kurt who runs platforms at AWS, >> Mm-hmm. >> went on his little baby project that he loves was this automated, automatic reasoning feature. >> Mm-hmm. >> Which essentially is advanced machine learning. >> Right. >> That can connect the dots. >> Yep. >> Not just predict stuff but like actually say this doesn't belong here. >> Right. >> That's advanced computer science. That's heavy duty coolness. >> Mm-hmm. >> So, operationalizing that way, the way you're saying it I'm imagining there's some future stuff coming around the corner. Can you share how you guys are working with AWS specifically? Is it with Amazon? You guys have your own secret sauce for the folks watching. 'Cause this remediation should, it only gets harder. You got to, you have to be smarter on your end, >> Yep. >> with your engineers. What's coming next. >> Oh gosh, I don't know how much of what's coming next I can share with you, except for tighter and tighter integrations with AWS, right. I've been at three meetings already today where we're talking about different AWS services and how we can be more tightly integrated and what's things we want out of their APIs to be able to further enhance what we can offer to our customers. So, there's a lot of those discussions happening right now. >> What, what are some of those conversations like? Without revealing. >> I mean, they have to do with, >> Maybe confidential privilege. >> privileged information. I don't mean like privileged information. >> Yep. I mean like privileges, right, >> Right. >> that are out there. >> Like what you can access, and what you can't. >> What you can, yes. And who and what can access it and what can't. And passing that information on to us, right. To be able to further remediate it for an AWS customer. That's, that's one. You know, things like other AWS services like CloudTrail and you know some of the other scenarios that they're talking about. Like we're, you know, we're getting deeper and deeper and deeper with the AWS services. >> Yeah, it's almost as if Amazon over the past two years in particular has been really tightly integrating as a strategy to enable their partners like you guys >> Mm-hmm. >> to be successful. Not trying to land grab. Is that true? Do you get that vibe? >> I definitely get that vibe, right. Yesterday, we spent all day in a partnership meeting where they were, you know talking about rolling out new services. I mean, they, they are in it to win it with their ecosystem. Not on, not just themselves. >> All right, Denise it's great to have you on theCUBE here as part of re:Inforce. I'll give you the last minute or so to give a plug for the company. You guys hiring? What are you guys looking for? Potential customers that are watching? Why should they buy you? Why are you winning? Give a, give the pitch. >> Yeah, absolutely. So, so yes we are hiring. We're always hiring. I think, right, in this startup world. We're growing and we're looking for talent, probably in every area right now. I know I'm looking for talent on the sales side. And, and again, the, I think the important thing about us is the, the fullness of our solution but the superpower that we have, like I said before around the identity and the data pieces and this is becoming more and more the reality for customers that they're understanding that that is the most important thing to do. And I mean, if they're that, Gartner says it, Forrester says it, like we are one of the, one of the best choices for that. >> Yeah. And you guys have been doing good. We've been following you. Thanks for coming on. >> Thank you. >> And congratulations on your success. And we'll see you at the AWS Startup Showcase in late August. Check out Sonrai Systems at AWS Startup Showcase late August. Here at theCUBE live in Boston getting all the coverage. From the keynotes, to the experts, to the ecosystem, here on theCUBE, I'm John Furrier your host. Thanks for watching. (bright music)

(gentle music) >> Hey, everyone. Welcome back to New York City. Lisa Martin and John Furrier here with theCUBE, covering AWS Summit NYC. This is a series of summits this year. There's about 15 of them globally. We are excited to be here with a couple of guests. We have an alumni back with us. Couple of guests from Caylent, Stephen Garden joins us, the Executive Chairman, and Valerie Henderson, Chief Revenue Officer. Guys, welcome to the program. >> Thank you. >> Thank you. Thank you for having us. >> Great to have you, welcome back. >> Appreciate it, from 2016. >> 2016, it's been a minute. >> Yep. >> But that was before Caylent. Talk to us about Caylent, what do you guys do? What do you deliver? How are you affiliated with AWS? >> Sure, so we were founded in 2015, initially as a container management product. So our roots are very deeply centered around Cloud native. We've since evolved and become a Cloud native consultancy. We're all in with AWS. We were actually just awarded AWS Premier Partner a couple of weeks ago, so we're pretty pumped about that, but we're about 250 people now, across North and South America. And our goal is really to work with customers that are looking to innovate and evolve and use AWS as a catalyst to build new products for their business. >> As a catalyst, I like that. Valerie, talk about the customer. Obviously so much tumbled in the last couple of years. Still going through it. >> Yeah, of course. >> How have customer conversations evolved and changed in the last couple of years, from your perspective? >> Yeah, I think from my perspective it is such a unique time and it's a time that is constantly changing. And I think change breeds opportunity, and I feel like customers see that, and they're leaning in. They want the opportunity to create new revenue streams, do more, more efficiently, and I think that's the key. And the questions are really asking, how can we take our data, and turn it into something that we can monetize? How can we be smarter with what we have? And I think it's an incredible time to be in the space that we're in. Every conversation I have is really forward thinking, and about the business. And I've been in this space for a while, and that was not always that case. And I think now people are shifting that IT shop to IP shop, and that's so key, from my perspective. >> Interesting, interesting shift there. Every company has to be a data company these days, to be competitive, the last couple of years it was, how did we survive? Pivot, pivot, pivot. But to be a data company, means you have to be able to extract the value and insights from that data and act on it, to your point, develop new products, new revenue streams, new opportunities. How do you enable companies, and maybe this is a question that you can both answer, to truly become data companies? >> The whole model from a service's perspective is not a do-for model, it is a do-with model. And any time we go into a customer, it's like, where are they on the curve? From monolith application, to microservices, where do they sit today? And I think when you dig in, you assess, you deeply understand where they are, you can get them to where they want to be, and build a plan. And the way our model works is, we're doing it with them, and what that means is we're enabling them, documentation, we're supporting them, that if we're not there, they're going to be able to carry it forward and continue to do more. So, that's so so important. I'd love Stephen's take on it. >> Yeah, I think the other trend that we're seeing in data more recently is that customers need to share their information with other partners, collaborate. And AWS is just the perfect platform to be able to do that, enable that sharing. And you're seeing even businesses like Snowflake build a data Cloud on top of AWS. So, I think that's a new angle that we're seeing which is really bringing together way more innovation- >> What about that data clean-room trend that's going on, Snowflake's doing a lot of that. But some of them have a little lock in spec there, versus being open, security, privacy, governance, what's the balance between open sharing and the requirements you need to be secure and compliant? >> Yeah, I think very simplistically, the information that you are using to deliver your product and service to customers generally safer, more public and available, the information that's confidential to your business behind the scenes, obviously, you use the right protocols to lock it out. But it is a very hot topic in today's world, especially with Web3 and people seeking to get their information back, so... >> So you mentioned you guys around since 2015, if you go back in time, it seems like yesterday, but Cloud time, it's like two generations ago. Why is data now more relevant? Is it because the technology's gotten better and easier, or more maturization of the client's understanding, or being full with data, having a data problem and hence an opportunity? Or is it open source has evolved? Or all three, what's your reaction to that? Why is it exploding now when it's been around for a while? >> It keeps exponentially growing, right? The more and more data. There was a stat four or five years ago about, hey, we're taking more photographs in a single year now than all of mankind, leading up to that date, but I think just the sheer quantities and the way people are managing it now, and being able to actually capture information points of everything across their entire business, just presents a much bigger opportunity to be able to take and form decisions of the back of that. >> So do you see the customers having more data full problems, that they're having more data? So that's... And in that one >> 100%. >> Of the consequences of not leveraging it? >> Yeah, it's what to do. Yeah, absolutely, and if you think about when you wake up in the morning if you ask Alexa what the weather is, and like, you're creating data, in every engagement with the world. So I think it's this explosion of it, but then it exists, and what do you do, and having a strategy. I still think one of the biggest gaps is people, and talent, and expertise to do the work, frankly. Which is, the hypothesis of Caylent existing. >> Yeah, I think a data concept and application, because what's the weather to Alexa, is an application of what's the weather, it's a request, but it's actually the data's built into the app. >> It's built in. >> So data as code is a new trend. >> Yes, yeah, yeah, and I think it's funny to answer the question. There's more data points surrounding how to leverage your data, and I'm like, it's crazy, I think you're really seeing that working- >> We have an old data warehouse, we can't get the weather data, although it's there somewhere. But that's the problem. Getting the data, in the applications, this is not... Wasn't around 10 years ago. No one was talking like that. Now it's more standard. That sounds like DevOps to me, a DevOps problem. >> Yeah, moving from the monolithic to the microservice is wild, and just the way that people are building applications today. The users, their customers are demanding more from the service, and AWS is able to deliver that. >> What are some of your customers doing with you guys, can you give some examples and scope the scale of your relationship with the customers, vis-a-vis AWS and the Cloud, how they're using you guys and the Cloud. >> Yeah, yeah, for sure, a customer of ours, Allergen, which is an incredible organization, really had a large effort to modernize. And they actually have a data lab within their company called Allergen Data Labs, and they leveraged us to truly just modernize this containerization effort. How they can do more with less, and that serverless experience. So, I think from my perspective what we're seeing is also a need to be thoughtful about DevOps retooling and tooling because talent wants to work with the best toolset, the hottest stuff on the street, and again, to keep talent is key, in any organization's success. >> Valerie, how does Caylent help with that from a talent perspective? Obviously there's talent shortage, we're also still in the great resignation. >> Oh my gosh. >> How do you help organizations bridge the gap so that they can glean insights from data and be competitive and win? >> Yeah, we actually just published a case study with Novus which was bought by SEI, which is a huge financial firm. Where they said, "Listen, it's human nature to say I have a gap, and I need to fill it, I'm going to hire somebody." That's human nature to say, okay, this is what we're going to do. But the reality is, I think companies are starting to see the advantage of using a partner and say, okay, I could hire one person or I could bring in a partner who's going to have a team of five, works incrementally for a period of time, does with, helps coach my team up, document all of that, and I think that they're seeing value from that. And ultimately, it's not that we don't want them to eventually hire. When they do hire, we want that person to come in and have the best experience. >> And sometimes the people aren't even available, right? >> Correct, yeah. >> So you have a combination of managed services, a plethora of managed services that are also involved with the customers. So, it's that integration, scale, and partnering and sharing. You mentioned sharing data earlier, how do you guys view that integration piece, 'cause if you have a modern architecture, you got to have that decomposed, decoupled but integrated approach. >> Yeah, we really believe that the whole world of project services and managed services is coming together as one. So we have a single delivery model which we're really passionate about. And we look at it as an embedded team within our customers, embedded DevOps to support them, basically on anything that could be from a modernizing a new application through to addressing a more traditional Cloud architecture framework that's in place. But yeah, the trick to it is, as Val said earlier is the do with approach, not just do for, right? I think customers need to learn about the Cloud. They need to understand the technology that they're using. They want to have that understanding. And we found a way of fitting in our services to help them accelerate that part. >> So Valerie, I got to ask you the question. So, in sports you talk about the modern era of baseball or whatever, we're in the modern era of Cloud, going next generation. We call it Super Cloud, a concept that Dave and I put out at re:Invent. If someone asks you, what does the modern era look like? As you look at your customer base and the data you guys have, how would you describe this modern era? What is it made up of? Is it outcomes versus solutions? Is it technology that's decentralized? How do you talk about it? What is the modern era, if you were- >> Not to oversimplify it, but I'm going to, the idea that somebody could come into work and all they have to think about is business outcomes and the data points that they need to achieve said business outcomes. I'm the biggest fan of measure what matters, I think it is an incredibly powerful methodology. And I think anybody who thinks about running business, they know that it's a scale. The amount of companies that are in that place is very small right now. So I think modern era is really that running an IT company to an IP company. >> So Stephen, if you unpack that, what's under the covers to make that happen? Automation, machines, what's your assessment of that outcome, which by the way was well said. Beautiful, beautiful comment. What makes that happen? >> I think it is around automation. It is around do once and then apply many times. That is key. Obviously it's a fundamental principle of the Cloud, is that consistency in that repeatability. So when you can simplify services down to a point, click, deploy, I think you're in a much better position to be able to move quickly and then not have to worry about anything under the hood and just focus, like Val said, on the business outcomes. >> That's more creative. They're focusing on the problems, to not do the rock fetches and the heavy lifting that's not differentiated. >> I find that what gives people energy generates opportunity. And I think when people hit those roadblocks of, these things don't work together. There's all these interdependencies. It's really challenging. So I love what's happening. I think there's never been a better time to be in this business. >> Not a dull moment, That's for darn sure. >> Not a dull moment. >> Valerie, talk about outcomes. You mentioned a couple of customers that you're working with, some case studies. It is all about outcomes these days. That's the conversations that we have with the entire ecosystem is all about business outcomes. What are some of those key transformative business outcomes that Caylent is helping customers to achieve? >> Yeah, to me one thing that is key is, anytime I'm meeting with a customer, I want to understand who their customers are. I'm like, who is your customer? And how can we create a better experience for that customer. Whether it's their end users or their external customers. And I think that is a huge element. What we're seeing is that sassification of, how do I make it easier for my customers to procure and engage with my platform? And a lot of what we're doing right now is helping clients with that. And it's not a flip of a switch, it's not a click of a button, it's complicated. But that is what we are here to help, help simplify, help create that understanding of what's possible. >> How do you guys talk to your customers, take a minute to give a plug for the company. What are you looking for? What's the stats? How many employees you guys hiring, and what's the pitch to customers? >> Yeah, so I think every organization is on their journey to the Cloud now. It's gotten to that point where if you're not working with a public Cloud provider, you're part of a very, very small group. We like to say that we'll meet customers where they are, and help evolve them as a business, help evolve their teams. And that's what we mean when we say do with, so it's a pretty broad spectrum. We're big in healthcare. We're big in FinTech. We've worked with a lot of startup customers. We have about 250 customers today, 250 employees. And we're scaling rapidly. We've grown that from about 50 employees a year ago. >> Oh, wow. >> Yes, when I started, we were just around 60 people and we're at 260 today. >> And why are people working with you? What are you guys, solving a problem? Are you enabling them? What's the pitch? >> Without a doubt, I love that. Being in sales my whole career, somebody asking me for a pitch is my favorite. >> Okay, let's go. >> Yeah, yeah, the true value prop of what we do is all of the above. We enable, we help customers do more faster, but again, we do not want customers to walk away from an engagement with us saying, oh no, we don't know what to do. We want them to feel empowered. I still think the biggest gap from everything being in that IP business outcome is people. And for us, we're so passionate about that, and building a company that really truly believes that. And that's part of who we are as a company and our value system. >> And the digital transformation, ultimately what they're going through, you get them there faster. They get the outcomes and they're operational. >> Absolutely, and also to be clear, when a customer has a great experience working with you, they want to tell other people about the experience. And for us, like the referrals that we get, the partnership with Amazon is so key. >> What are some reactions after you go through an engagement? We've been riffing on this concept of Super Cloud where you're starting to see people build on top of, not the AWSs, but their partners that work with them. And so the customers are getting their own Cloud experience at scale. What are some of the comments you hear from your successful customers? What are some anecdotal feedback? >> Yeah, yeah. >> I'm so glad we did this because now I'm selling more, I'm doing this, what are some of the things that they're thinking? >> Yeah, yeah, I think ultimately the consistent theme that we get is, "I'm so glad that I didn't let fear hold me back from engaging a partner," because a lack of control scares a lot of customers. It does. And I think customers that are willing to say, "Okay, I'm going to have a little faith, trust in the process." They thank us. They do, and we've seen that across the board. I think that crossing that chasm is not to be underestimated without a doubt. >> Great story, congratulations. >> Oh, thank you. >> Well, there's nothing more powerful and potent than the voice of the customer. >> Without a doubt. And really you have to listen. >> Yes, yes, definitely. Stephen, Valerie, thank you so much for joining Dave and me on the program today, talking about Caylent, what you guys are doing for customers with AWS, empowering, enabling, collaboration. I love it, thank you. >> Yeah, thank you both. >> All right, our pleasure. For John Furrier, I'm Lisa Martin. You're watching theCUBE live in New York City, we are at AWSO in NYC, John and I will be right back with our next guest. (gentle music)

(digital pulsing music) >> We're back at VeeamON 2022. My name is Dave Vellante. I'm here with my co-host David Nicholson. I've got another mass boy coming on. Patrick Osborne is the vice president of the storage business unit at HPE. Good to see you again, my friend. It's been a long time. >> It's been way too long, thank you very much for having me. >> I can't even remember the last time we saw each other. It might have been in our studios in the East Coast. Well, it's good to be here with you. Lots have been going on, of course, we've been following from afar, but give us the update, what's new with HPE? We've done some stuff on GreenLake, we've covered that pretty extensively and looks like you got some momentum there. >> Quite a bit of momentum, both on the technology front and certainly the customer acquisition front. The message is certainly resonating with our customers. GreenLake is, that's the transformation that's fueling the future of Hewlett Packard Enterprise. So the momentum is great on the technology side. We're at well over 50 services that we're providing on the GreenLake platform. Everything from solutions and workloads to compute, networking and storage. So it's been really fantastic to see the platform and being able to really delight the customers and then the momentum on the sales and the customer acquisition side, the customers are voting with their dollars, so they're very happy with the platform, certainly from an operational perspective and a financial consumption perspective and so our target goal, which we've said a bunch of times is we want to be the hyperscaler on on-prem. We want to provide that customer experience to the folks that are investing in the platform. It's going really well. >> I'll ask you a question, as a former analyst, it could be obnoxious and so forth, so I'll be obnoxious for a minute. I wrote a piece in 2010 called At Your Storage Service, saying the future of storage and infrastructure as a service, blah, blah, blah. Now, of course, you don't want to over-rotate when there's no market, there was no market for GreenLake in 2010. Do you feel like your timing was right on, a little bit late, little bit early? Looking back now, how do you feel about that? >> Well, it's funny you say that. On the timing side, we've seen iterations of this stops and start forever. >> That's true. Financial gimmicks. >> I started my career at Sun Microsystems. We talked about the big freaking Web-tone switch and a lot of the network is the computer. You saw storage networks, you've seen a lot, a ton of iterations in this category, and so, I think the timing's right right now. Obviously, the folks in the hyperscaler class have proved out that this is something that's working. I think for us, the big thing that's really resonating with the customers is they want the operational model and they want the consumption model that they're getting from that as a service experience, but they still are going to run a number of their workloads on-prem and that's the best place to do it for them economically and we've proved that out. So I think the time is here to have that bifurcated experience from operational and financial perspective and in the past, the technology wasn't there and the ability to deliver that for the customers in a manner that was useful wasn't there. So I think the timing's perfect right now to provide them. >> As you know, theCUBE has had a presence at HPE Discover. Previous, even HP Discover and same with Veeam. But we got a long history with HP/HPE. When Hewlett Packard split into two companies, we made the observation, Wow, this opens up a whole new ecosystem opportunity for HPE generally, in storage business specifically, especially in data protection and backup, and the Veeam relationship, the ink wasn't dry and all of a sudden you guys were partnering, throwing joint activities, and so talk about how that relationship has evolved. >> From my perspective, we've always been a big partnering company, both on the route to market side, so our distributors and partners, and we work with them in big channel business. And then on the software partnership side, that's always evolving and growing. We're a very open ecosystem and we like to provide choice for our customers and I think, at the end of the day, we've got a lot of things that we work on jointly, so we have a great value prop. First phase of that relationship was partnering, we've got a full boat of product integrations that we do for customers. The second was a lot of special sauce that we do for our customers for co-integration and co-development. We had a huge session today with Rick Vanover and Frederico on our team here to talk about ransomware. We have big customers suffering from this plague right now and we've done a lot together on the engineering side to provide a very, very well-engineered, well thought out process to help avoid some of these things. And so that wave, too, of how do we do a ton of co-innovation together to really delight our customers and help them run their businesses, and I think the evolution of where we're going now, we have a lot of things that are very similar, strategically, in terms of, we all talk about data services and outcomes for our customers. So at the end of the day, when we think about GreenLake, like our virtual machine backup as a service or disaster recovery, it's all about what workloads are you running, what are the most important ones, where do you need help protecting that data? And essentially, how can we provide that outcome to you and you pay it as an outcome. And so we have a lot of things that we're working on together in that space. >> Let's take a little bit of a closer look at that. First of all, I'm from California, so I'm having a really hard time understanding what either of you were saying. Your accents are so thick. >> We could talk in Boston. >> Your accents are so thick. (Dave laughing) I could barely, but I know I heard you say something about Veaam at one point. Take a closer look at that. What does that look like from a ransomware perspective in terms of this concept of air gaping or immutable, immutable volumes and just as an aside, it seems like Veeam is a perfect partnership for you since customers obviously are going to be in hybrid mode for a long time and Veeam overlays that nicely. But what does it look like specifically? Immutable, air gap, some of the things we've been hearing a lot about. >> I'm exec sponsor for a number of big HPE customers and I'll give you an example. One of our customers, they have their own cloud service for time management and essentially they're exploited and they're not able to provide their service. It has huge ripple effect, if you think about, on inability to do their service and then how that affects their customers and their customers' employees and all that. It's a disaster, no pun intended. And the thing is, we learn from that and we can put together a really good architectures and best practices. So we're talking today about 3-2-1-1, so having three copies of your data, two different types of media, having an offline copy, an offsite copy and an offline copy. And now we're thinking about all the things you need to do to mitigate against all the different ways that people are going to exploit you. We've seen it all. You have keys that are erased, primary storage that is compromised and encrypted, people that come in and delete your backup catalog, they delete your backups, they delete your snapshots. So they get it down to essentially, "I'm either going to have one set of data, it's encrypted, I'm going to make you pay for it," and 40 percent of the time they pay and they get the data back, 60 percent of the time they pay and they get maybe some of the data back. But for the most part, you're not getting your data back. The best thing that we can do for our customers that come with a very prescriptive set of T-shirt configuration sizes, standardization, best practices on how they can take this entire ecosystem together and make it really easy for the customers to implement. But I wouldn't say, it's never bulletproof, but essentially, do as much as you can to avoid having to pay that ransomware. >> So 3-2-1-1, three copies, meaning local. >> Patrick: Yeah. >> So you can do fast recovery if you need to. Two different types of media, so tape fits in here? Not necessarily flashing and spinning disks. Could it be tape? >> A lot of times we have customers that have almost four different types. So they are running their production on flash. We have Alletras with HPE networking and servers running specific workloads, high performance. We have secondary storage on-prem for fast recovery and then we have some form of offsite and offline. Offsite could be object storage in the cloud and then offline would be an actual tape backup. The tape is out of the tape library in a vault so no one can actually access it through the network and so it's a physical copy that's offline. So you always have something to restore. >> Patrick, where's the momentum today, specifically, we're at VeeamON, but with regard to the Veeam partnership, is it security and ransomware, which is a new thing for this world. The last two years, it's really come to the top. Is it cloud migration? Is it data services and data management? Where's the momentum, all of the above, but maybe you could help us parse that. >> What we're seeing here at Hewlett Packard Enterprise, especially through GreenLake, is just an overall focus on data services. So what we're doing is we've got great platforms, we always had. HPE is known as an engineering company. We have fantastic products and solutions that customers love. What we're doing right now is taking, essentially, a lot of the beauty of those products and elevating them into an operational experience in the cloud, so you have a set of platforms that you want to run, you have machine critical platform, business critical, secondary storage, archival, data analytics and I want to be able to manage those from the cloud. So fleet management, HCI management, protocol management, block service, what have you, and then I want a set of abstracted data services that are on top of it and that's essentially things like disaster recovery, backup, data immutability, data vision, understanding what kind of data you have, and so we'll be able to provide those services that are essentially abstracted from the platforms themselves that run across multiple types of platforms. We can charge them on outcome based. They're based on consumption, so you think about something like DR, you have a small set of VMs that you want to protect with a very tight RPO, you can pay for those 100 VMs that are the most important that you have. So for us driving that operational experience and then the cloud data service experience into GreenLake gives customers a really, gives them a cloud experience. >> So have you heard the term super cloud? >> Patrick: Yeah. (chuckles) >> Have you? >> Patrick: Absolutely. >> It's term that we kind of coined, but I want to ask you about it specifically, in terms of how it fits into your strategy. So the idea is, and you kind of just described it, I think, whether your data is on-prem, it's in the cloud, multiple clouds, we'll talk about the edge later, but you're hiding the underlying complexities of the cloud's APIs and primitives, you're taking care of that for your customers, irrespective of physical location. It's the common experience across all those platforms. Is that a reasonable vision, maybe, even from a technical standpoint, is it part of HPE strategy and what does it take to actually do that, 'cause it sounds nice, but it's probably pretty intense? >> So the proof's in the pudding for us. We have a number of platforms that are providing, whether it's compute or networking or storage, running those workloads that they plum up into the cloud, they have an operational experience in the cloud and now they have data services that are running in the cloud for us in GreenLake. So it's a reality. We have a number of platforms that support that. We're going to have a set of big announcements coming up at HPE Discover. So we led with Alletra and we have a block service, we have VM backup as a service and DR On top of that. That's something that we're providing today. GreenLake has over, I think, it's actually over 60 services right now that we're providing in the GreenLake platform itself. Everything from security, single sign on, customer IDs, everything, so it's real. We have the proof point for it. >> So, GreenLake is essentially, I've said it, it's the HPE cloud. Is that a fair statement? >> A hundred percent. >> You're redefining cloud. And one of the hallmarks of cloud is ecosystem. Roughly, and I want to talk more about you got to grow that ecosystem to be successful in cloud, no question about it. And HPE's got the chops to do that. What percent of those services are HPE versus ecosystem partners and how do you see that evolving over time? >> We have a good number of services that are based on HPE, our tried and true intellectual property. >> You got good tech. >> Absolutely, so a number of that. And then we have partners in GreenLake today. We have a pretty big ecosystem and it's evolving, too. So we have customers and partners that are focused, our customers want our focus on data services. We have a number of opportunities and partnerships around data analytics. As you know, that's a really dynamic space. A lot of folks providing support on open source, analytics and that's a fast moving ecosystem, so we want to support that. We've seen a lot of interest in security. Being able to bring in security companies that are focused on data security. Data analytics to understand what's in your data from a customer perspective, how to secure that. So we have a pretty big ecosystem there. Just like our path at HPE, we've always had a really strong partnership with tons of software companies and we're going to continue to do that with GreenLake. >> You guys have been partner-friendly, I'll give you that. I'm going to ask Antonio this at Discover in a couple of weeks, but I want to ask you, when you think about, again, to go back to AWS as the prototypical cloud, you look at a Snowflake and a Redshift. The Redshift guys probably hate Snowflake, but the EC2 guys love them, sell a lot of compute. Now you as a business unit manager, do you ever see the day where you're side by side with one of your competitors? I'm guessing Antonio would say absolutely. Culturally, how does that play inside of HPE? I'm testing your partner-friendliness. How would you- >> Who will you- >> How do you think about that? >> At the end of the day, for us, the opportunity for us is to delight our customers. So we've always talked about customer choice and how to provide that best outcome. I think the big thing for us is that, from a cost perspective, we've seen a lot of customers coming back to HPE repatriation, from a repatriation perspective for a certain class of workloads. From my perspective, we're providing the best infrastructure and the best operational services at the best price at scale for these costumers. >> Really? It definitely, culturally, HPE has to, I think you would agree, it has to open up. You might not, you're going to go compete, based on the merit- >> Absolutely. >> of your product and technology. The repatriation thing is interesting. 'Cause I've always been a repatriation skeptic. Are you actually starting to see that in a meaningful way? Do you think you'll see it in the macro numbers? I mean, cloud doesn't seem to be slowing down, the public cloud growth, I mean, the 35, 40 percent a year. >> We're seeing it in our numbers. We're seeing it in the new logo and existing customer acquisition within GreenLake. So it's real for us. >> And they're telling you? Pure cost? >> Cost. >> So it's that's simple. >> Cost. >> So, they get the cloud bill, you do, too. I'd get the email from my CFO, "Why the cloud bill so high this month?" Part of that is it's consumption-based and it's not predictable. >> And also, too, one of the things that you said around unlocking a lot of the customer's ability from a resourcing perspective, so if we can take care of all the stuff underneath, the under cloud for the customer, the platform, so the stores, the serving, the networking, the automation, the provisioning, the health. As you guys know, we have hundreds of thousands of customers on the Aruba platform. We've got hundreds of thousands of customers calling home through InfoSight. So we can provide a very rich set of analytics, automated environment, automated health checking, and a very good experience that's going to help them move away from managing boxes to doing operational services with GreenLake. >> We talk about repatriation often. There was a time when I think a lot of us would've agreed that no one who was born in the cloud will ever do anything other than grow in the cloud. Are you seeing organizations that were born in the cloud realizing, "Hey, we know what our 80 percent steady state is and we've modeled this. Why rent it when we can own it? Or why rent it here when we can have it as operational cost there?" Are you seeing those? >> We're seeing some of that. We're certainly seeing folks that have a big part of their native or their digital business. It's a cost factor and so I think, one of the other areas, too, that we're seeing is there's a big transformation going on for our partners as well, too, on the sell-through side. So you're starting to see more niche SaaS offerings. You're starting to see more vertically focused offerings from our service provider partners or MSPs. So it's not just in either-or type of situation. You're starting to see now some really, really specific things going on in either verticals, customer segmentation, specific SaaS or data services and for us, it's a really good ecosystem, because we work with our SP partners, our MSP partners, they use our tech, they use our services, they provide services to our joint customers. For example, I know you guys have talked to iland here in the past. It's a great example for us for customers that are looking for DR as a service, backup as a service hosting, so it's a nice triangle for us to be able to please those customers. >> They're coming on to tomorrow. They're on 11/11. I think you're right on. The one, I think, obvious place where this repatriation could happen, it's the Sarah Wong and Martin Casano scenario where a SaaS companies cost a good sold become dominated by cloud costs. And they say, "Okay, well, maybe, I'm not going to build my own data centers. That's probably not going to happen, but I can go to Equinix and do a colo and I'm going to save a ton of dough, managing my own infrastructure with automation or outsourcing it." So Patrick, got to go. I could talk with you forever. Thank you so much for coming back in theCUBE. >> Always a pleasure. >> Go, Celts. How you feeling about the, we always talk sports here in VeeamON. How are you feeling about the Celts today? >> My original call today was Celtics in six, but we'll see what happens. >> Stephen, you like Celtics? Celtics six. >> Stephen: Celtics six. >> Even though tonight, they got a little- >> Stephen: Still believe, you got to believe. >> All right, I believe. >> It'd be better than the Miami's Mickey Mouse run there, in the bubble, a lot of astronauts attached to that. (Dave laughing) >> I love it. You got to believe here on theCUBE. All right, keep it right- >> I don't care. >> Keep it right there. You don't care, 'cause you're not from a sports town. Where are you in California? >> We have no sports. >> All right, keep it right there. This is theCUBE's coverage of VeeamON 2022. Dave Vellante for Dave Nicholson. We'll be right back. (digital music)

(upbeat music) >> Good evening, guys. Welcome back to Las Vegas, theCUBE is here live at AWS re:Invent 2021. I'm Lisa Martin. We have two live sets, two remote sets, over 100 guests on theCUBE talking with AWS, and its massive ecosystem of partners bringing you this hybrid tech event, probably the biggest of the year, and I'm pleased to welcome Stephen Kovac next, the Chief Compliance Officer at Zscaler. Stephen, how's it going? >> Well, it's going well, Lisa. Thank you for asking, enjoying Vegas, loving the conference, unbelievable. >> Isn't it great to be back in person? >> Oh, it's so great, I've seen people. >> Conversations you can't replicate on video conferencing, you just can't. >> Can't, and you see people you haven't seen in two years, and it's like all of a sudden you're best buddies again. It's just wonderful, it's so great to back. >> It is, and AWS in typical fashion has done a great job of getting everybody in here safely. I'm not at all surprised, that's what I expected, but it's been great. And I hope that this can demonstrate to other companies, you can do this safely. >> You can, I think so. I mean, there's a lot of effort going into this, but as usual AWS does it right. So, you expect that. >> They do. Talk to me about the Zscaler-AWS partnership. What's going on? >> Well, it's a great partnership. So AWS and Zscaler have been partners since the beginning of Zscaler. We are the largest security cloud in the world. We're born and bred in the cloud security company. So literally we wrote one application that does global security, everything from firewall to proxy, secure web gateway, to DLP, to all this in one piece of software. So, in the past where people would buy appliances for all these devices and put them in their own data center, we wrote a software that allows us to put that in the cloud, run it on the cloud globally around the world. And our partnership with AWS is, we originally built that on AWS, and today still AWS is our prime partner, especially in the zero trust side of our business. So, great relationship, long-term and great I think for both of us, it's been a very, very... >> Fruitful partnership, synergistic? >> Synergistic, love that, so yes. >> You mentioned zero trust, and we have seen such massive changes to the security and the threat landscape the last 20, 22 months. Talk to me about the recent executive order calling for zero trust, how does Zscaler's partnership with AWS help you enable organizations, fed, SLED, DoD, to be able to actually bring in and apply zero trust? >> Yeah, great question. Five years ago I was tasked to bring Zscaler into the government side of the business. So I was employee one to do that. It was a great honor to do it. And the first thing we did is we partnered with AWS because we needed to get FedRAMP compliant. We knew we were going to go into DoD. So we needed to go to the Impact Level five. And eventually we'll be able to go up level six with AWS. And so it was our partnership started there. And as you've seen in five years with all the change that's happened, that obviously the breaches like SolarWinds, and the people up here talking about them all week with you I'm sure. The executive order came down from the Biden Administration, who I completely salute for being just tremendous leaders in the cybersecurity space. And the executive order, one of the big pieces of the executive order was every agency must produce a plan for zero trust. So our cloud platform that is on AWS is a zero trust platform. It is the first and only zero trust platform to get authorized by the federal government at the FedRAMP level, and now the IL five level. So, together we are literally capturing and taking over the, being the leader in the zero trust space for the federal government. And I'm going to get a sip of water, so forgive me, I've been here all week talking to a lot of people, so forgive me for that. >> That's one thing that we don't have to deal with when we're on Zoom, right, is you don't really have the risk of losing your voice. >> Stephen: There you go. >> But in terms of the executive order, something that you mentioned, SolarWinds, Colonial Pipeline, we only hear about some of the big ones. The fact that ransomware happens one attack every 10, 11 seconds, it's a matter of when we get hit, not if. >> As you know, the story coming up from me, coming up on stage with you today, I just got myself breached just this morning, just individually. So yes, it's going to get all of us. And especially, I think when you look at zero trust and ransomware and how they worked out how zero trust can prevent it, you look at the SLED market, you know, state, local governments, they don't have the dollars to go spend like DHS does, or say, some of the DoD does. So, our partnership with AWS allows us to produce a product that is very cost-effective on a per user basis, consumption model, which is what AWS has been famous for since day one, right, the consumption model, use it when you need it, don't use it when you don't. We built our software the same way. So, at some point in a year, in a school year, we'll ramp up with some schools up to a hundred thousand users in the district, and over the summer we'll ramp down to a thousand, and we just bill them for that. So it's a beautiful relationship that we partner in not just the executive order, but being a partner in SLED, fed in the sense that matches making our business together, match the government's business. And that makes us a true leader and makes us a cost-effective solution. And if you think about it just for a moment, yesterday, I told you I was testifying in front of the Senate. And one of the questions I got asked was, oh, how many security updates do you guys see a year? I said, a year, well, we do over 200,000 a day. 200,000 security updates from potential hackers every single day. And we're doing that over 200 billion transactions a day run on AWS. So it's tremendous partnership, and to be able to work like that, and at that kind of volume, and be able to go up and down with the, and you got AWS able to scope up and down, and us to be able to ride that wave with them. It's been great. >> One of the things that we always talk about when we talk AWS is they're customer focused or customer obsession that, hey, we start backwards, we work backwards from the customer. Same thing, synergistic from a cultural perspective? >> Absolutely, I mean, one of the things I always love about AWS and I've been a customer of AWS for many years, even prior to my Zscaler days, I love the way they approach things, right? If they're not trying to go out and sell it, they're trying to meet with the customer and find out what the customer needs, and then build a solution. We're the same way. I always tell, you know, when you think of our solutions, Zscaler, I always tell my sales teams, I say it takes four sales calls for people to really understand what we do. And AWS, in the beginning of AWS, it was kind of the same thing. In the old days, you know, we all just built data centers and we had all these racks, and all this expense and mesh is what you did. It was unusual back in the day, 10 years ago, and I've been to every single re:Invent. I mean, the first one there was like, you're actually going to put all your stuff in this unknown cloud thing, and it will be available when you need it? So yes, you know, the way that they did it is the same way we do it together today. And we do it together today. We partner on many deals today where we're both, our teams are in there together, selling together, whether it's the DoD, federal agencies, SLED agencies, and commercial, you know, selling it hand-in-hand because it's that same philosophy is we're going to build what a customer needs. We're not going to tell the customer what they need. We're going to hear what they need, and that's the same relationship. So I'm going to get another sip real quick. >> Go for it. One of the things that has been a theme that we've heard the last couple of days is every company needs to be a data company or private sector, public sector, and if they're not, they're probably not going to be around much longer. How do you help customers get their handle around that? Because the security threats are only increasing. I mean, it's ransomware as a service. The fact that these criminals are getting much more brazen, you just had this happen to yourself, but enabling them to become data-driven organizations and use the data, extract the value from it securely, that's hard. >> It is, I mean, if you think back in the day, I mean, companies didn't have chief compliance officers that worked in the space that we do. Their chief compliance officer back in the day was the guy that was writing your HR issues and what OSHA issues, and of course, I still deal with some of that stuff, but my true job is really around the data, right? You know, how do we build our platforms, what decisions we make on our platforms, how we're going to certify them to support that, and I mean, chief data officers, chief security officers, I mean, you go into companies today, even car dealerships today. I mean, I'm picking one, you never thought of them having a security officer, but they do, they have to, they have to. And I mean, basic school districts, I mean, I don't about you, when I was a kid and went to school, they didn't have computers, but when my kid went to school, they did, but they didn't have a security officer. Now today, every single school district has security officers. I mean, I love how you said it, that data-driven, that data thought is there. It has to be, it's a real threat. And the sad thing is of these ransomware attacks, how many don't get reported. >> Oh, right, we're only hearing about a select few. >> The numbers are something like 88% don't get reported. It's that big. So that just tells you, we hear the big ones, right, Colonial Pipeline, things like that. We don't hear about West Texas or Middle Illinois school district that paid five grand because somebody had something on the school. That's how, as you said, this ransomware as a service security, we call it a security as a service, there's SaaS, which is software as a service, we're security software as a service, and AWS is the infrastructure as a service that we run on. And that's how it works well together. >> Do you guys go into accounts together from a go-to-market perspective? >> We, do, we can always do a better job. And my good friend here at AWS, who's probably listening, we can always do better. But yeah, so it is become something that, especially in the government space we do, in federal, DoD, because the certifications are really important, certifications are important everywhere, and we have many, we talked about all the certifications we have in federal, FedRAMP and IL five, and we have a plethora of those certifications in the commercial space. But they mean in a federal space, they're really the ticket. They call them the ENERGY STAR of approval, good housekeeping piece. So, you know, having that, teaming up with AWS who we partner together and because AWS has the same certs, we can sell at the same levels. And we do a really great job of co-selling in that space together. And I think when they look at us and they say, well, you're AWS, they've got their FedRAMP high, IL five, and you're Zscaler, you got your FedRAMP high, IL five. Yes, we can do business with these guys, and that's important. >> So you guys both open doors for each other. >> We do, we do in many cases, yeah. As a matter of fact, re:Invent five years ago, a buddy of mine here opened a big, big account for us, which is today our largest account in federal came from re:Invent, where came up to me and said, hey, my customer wants to, he's looking to do something, they're an agency that has global footprint, and they're like, we want to do something as a security as a service. They don't want to ship boxes all over the place. And we just met the customer for a coffee, and next thing you know, became our, still today, our probably largest customer in federal. >> Wow, well, this is the 10th re:Invent, you said you've been to all of them. >> Stephen: I have been to all of them. I can't lie, but I can't say I did all the virtual ones. I mean, I was logged in. (laughs) >> That's okay, we'll wink on that one. But, one of the things then, we've just got about a minute left here, is in new leadership, Andy Jassy being promoted to the CEO of Amazon, we've got Adam Selipsky, heard lot of announcements and news from Adam yesterday, but some of the things that we've been talking about on theCUBE is the first 15 years of innovation at AWS, that's going to accelerate. Do you see that also, like if you look forward to the next decade, do you see things moving much faster than they did the past decade? >> I don't think they can't. I mean, I shouldn't say they have to. And the change of the guard as you might call it here, is it's always good to have a change of the guard I think. You know, the question is when's Andy going to go to space? I mean, that's the next. (Lisa laughs) I think you have the guys who got AWS to the dance, and now the dance, who's going to become the belle of the ball. And this next generation of leadership coming in is fabulous. I think they've made great decisions, and I think they're going to do really well. And we're behind them, we support it. I got a chance to meet with most of them, love a chance to meet with Andy, I haven't met with him yet. So Andy, I'd love to meet you sometime soon. But I'm very impressed with what they've done. And yes, I think it's going to be, the last 10 years of growth is going to be a year next year. I think literally, you take 10 years be compressed to a year, and then next year it will be compressed to a day. So it's moving that fast. >> Yep, get your neck brace on, prepare for that whiplash. >> Yeah, right? That's what I said to Jeff when Jeff went to space, that's how fast we're about to travel, right? But it's really relative. >> It is, there is no limit. Well, Stephen, thank you for joining me, talking about Zscaler, AWS, what you guys are doing, how you're helping to revolutionize the public sector, fed, SLED, a lot of great stuff there. Security is an ever-evolving topic, and we appreciate all of your insights. >> Well, it was wonderful to be here. Great to see you again. And great to be back with all our friends at re:Invent. >> All of our friends, exactly. >> Stephen: Thank you so much for the time today. >> My pleasure. For Stephen Kovac, I'm Lisa Martin. You're watching theCUBE, the global leader in live tech coverage. (pleasant music)

(upbeat music) >> Welcome back to theCUBE's coverage of AWS re:Invent 2021. I'm John Furrier, host of theCUBE. You're watching CUBE's worldwide leader in tech coverage. We're in person on the show floor. It's also a hybrid event, online as well. CUBE coverage online with Amazon re:Invent site. Great content all around, amazing announcements, transformation in all areas are exploding and in innovation, of course, we have innovation here with Sandy Carter, the worldwide public sector vice-president of partners and programs for Amazon Web Services. Sandy, welcome back, CUBE alumni. Great to see you. Thanks for coming on theCUBE. >> Great to see you and great to see you in person again. It's so exciting. The energy level, oh my God. >> Oh my God. It's so much. Thanks, great keynote. Good to see you again in person. A lot of action, give us the top announcements. What's going on? What are the top 10 AWS announcements? >> Yeah, so we, this year for 2022, as we frame it out, we decided on a 3D strategy, a three-dimensional strategy. So we started with destination then data and then delivery. So if I could do them in that order, does that sound good? >> Yeah. Destination. >> So let's start with destination. So I got this from one of the customers and he said to me, "look, Sandy, I thought it was all going to be about getting to the cloud. But when I got to the cloud, I realized it wasn't about just in the cloud, it was about what you do in the cloud." And so we made some announcements this morning, especially around migration, modernization, and optimization. So for migration, we have the mainframe announcement that Adam made, and then we also echoed it. Cause most of the mainframes today sit in public sector. So this is a managed service, it's working with Micro Focus, one of our partners. And Lockheed Martin one of our partners is one of the first into the mainframe migration, which is a service and services to help customers transform their business with the mainframe. And then as we compliment them, we look at that we also have modernization occurring. So for example, IoT. IDC tells us that IoT and that data has increased four times since COVID because now devices and sensors are tracking a lot of data. So we made an announcement around smart cities and we now have badging for our partners. We have 18 partners solutions now in smart cities. So working backwards from the partners they were talking about given now COVID is kind of in the midst of where it is smart cities and making those cities work better in public transportation and utility, it's just all where it's at. And then the final announcement in that category is containers. So 60% of our customers said that they're going to be using containers. So we announced a Rapid Adoption Assistance program for our partners to be able to help our customers move to containers overall. >> So mainframe migration, I saw that on stage, but Micro Focus, that was a good job. Get that legacy out of the way, move to the cloud. You've got smart cities, which is basically IoT, which brings cloud to the edge. And then containerization for the cloud native, either development or compatibility, interoperability kind of sets that table. That's the destination. >> That's right. That's right. Because all of those things, you know, you've got to get the mainframe to the cloud, but then it's about modernizing, right? Getting rid of all that COBOL code and then, you know, IoT and then making sure that you are ready to go with containers. It's the newest- >> So you've got the 3D, destination, data and delivery. >> That's right. >> Okay. Destination, check. Cloud. Cloud destination. >> Yeah. >> I'm putting dots together in real time. >> Destination cloud. There you go. You've got it. >> I'm still with it after all these interviews. >> Yeah, there you go. >> Data, I'll say killer Swami's onstage today, whole new data, multiple databases. What's the data focus in this area? >> So for our partners, first it's about getting the data to the cloud, which means that we need a way to really migrate it. So we announced an initiative to help get that data to the cloud. We had a set of partners that came on with us early on in this initiative to move that data to the cloud, it's called a Rapid Adoption Assistance, which helps you envision where you want to go with your data. Do you want to put it in a data lake? Do you want data stored as it is? What do you want to visualize? What do you want to do with analytics? So envision that and then get enablement. So all the new announcements, all the new services get enablement and then to pilot it. And then the second announcement in this area is a set of private offers in the marketplace. Our customers told us that they love to go after data, but that there's too many pieces and moving parts. So they need the assessment bundled with the managed service and everything bundled together so it's a solution for them. So those were our two announcements in the data area. >> So take me through the private marketplace thing, because this came up when I was talking with Stephen Orban who's now running the marketplace. What does that mean? So you're saying that this private offer is being enabling the suppliers and in government? >> Yeah. So available in the marketplace, a lot of our government agencies can buy from the marketplace. So if they have a contract, they can come and buy. But instead of having to go and say, okay, here's an assessment to tell me what I should do, now here's the offering, and now here's the managed service, they want it bundled together. So we have a set of offerings that have that bundled together today with the set of our great public sector partners. >> So tons of data action, where's the delivery fit in? >> So delivery. This one is very interesting because our customers are telling us that they no longer want just technology skills, they also need industry skills too. So they're looking for that total package. For example, you know, the state of New Jersey when hurricane Ida hit, category four storm, they wanted someone who obviously could leverage all the data, but they wanted someone who understood disaster response. And so Maxar fits that bill. They have that industry specialty along with the technology specialty. And so for our announcements here, we announced a new competency, which is an industry competency for energy. So think about renewables and sustainability and low carbon. These are the partners that do that. We have 32 different partners who met the needs of that energy competency. So we were able to GA that here today. The other really exciting announcement that we made was for small businesses to get extra training, it's called Think Big for Small Business communities. So we announced last year virtually, Think Big for Small Business. We now have about 200 companies who are part of that program, really getting extra help as diverse companies. Women owned, black owned, brown owned, veteran owned businesses, right? But now what they told us was in addition to the AWS help, what they loved is how we connected them together and we almost just stumbled upon it. I was hosting some meetings and I had Tia from Bellflower, I had Lisa from DLZP together and they got a lot of value just being connected. And we kept hearing that over and over and over again. So now we've programmatized that so it's more scalable than me introducing people to each other. We now have a program to introduce those small business leaders to each other. And then the last one that we announced is our AWS government competency is now the largest competency at AWS. So the government competency, which is pretty powerful. So now we're going to do a focus enhancement for federal. So all of our federal partners with all that opportunity can now take advantage of some private advisory council, some additional training that will go on there, additional go-to market support that they can use to help them. >> Okay. I feel like my brain is going to explode. Those are just the announcements here. There's a lot going. >> Yeah. There's a lot going on. >> I mean it's so much you've got to put them into buckets. Okay. What's the rationale around 3D? Delivery, data... I mean, destination, delivery, data. Destination, meaning cloud. Data, meeting data. And delivery meaning just new ways to get up and running- >> Skills. >> To get this delivery for the services. >> Yep. >> Okay. So is there a pattern emerging? What can you say? Cause remember we talked about this before a year ago, as well as in person at your public sector summit with your partners. Is there a pattern emerging that you're seeing here? Cause lots of the announcements are coming, done with the mainframes. Connect on your watch has been a big explosion. Adam Slansky told me personally, it's on fire. And public sector, we saw a lot of that. >> Well, in fact, you know, if you look at public sector, three factoids that we shared this morning in the keynote. Our public sector partners grew 54% this year, this is after last year we grew 45%. They grew the number of certifications that they had by 40% and the number of new customers by 32%. I mean, those are unreal numbers. Last year we did 28% new customers and we thought that was the cat's meow, now we're at 32%. So our partners are just exploding in this public sector space right now. >> It's almost as if they have an advantage because they dragged their feet for so long. >> It's true. It's true. COVID accelerated their movement to the cloud. >> A lot of slow moving verticals because of the legacy and whether it's regulation or government funding or skills- >> Or mainframes. >> All had to basically move fast, they had no excuses. And then the cloud kind of changes everyone's mindset. How about the culture? I want to ask you about the culture in the public sector, because this is coming up a lot. Again, a lot of your customers that I'm interviewing all talk... and I try to get them to talk about horizontally scalable and machine learning, and they're always, no, it's culture. >> Yeah. It's true. >> Culture is the number one thing. >> It is true. You know, culture eats strategy for lunch. So even if you have a great strategy around the cloud, if you don't have that right culture, you won't win in the marketplace. So we are seeing this a lot. In fact, one of our most popular programs is PTP, Partner Transformation Program. And it lays out a hundred day program on cloud best practices. And guess what's the number one topic? Culture. Culture, governance, technology, all of those things are so important right now. And I think because, you know, a lot of the agencies and governments and countries, they had moved to the cloud now that they're in the cloud, they went through that pain during COVID, now they're seeing all the impact of artificial intelligence and containers and blockchain and all of that, right? It's just crazy. >> That's a great insight. And I'll add to that because I think one of the things I've observed, especially with your partners is the fear of getting eliminated by technology or the fear of having a job change or fear of change in general went away once they started using it because they saw the criticality of the cloud and how it impacted their job, but then what it offered them as new opportunities. In fact, it actually increases more areas to innovate on and do more, whether it's job advancement or cross training or lateral moves, promotion, that's a huge retention piece. >> It really is. And I will tell you that the movement to the cloud enabled people to see it wasn't as scary as they thought it was going to be, and that they could still leverage a lot of the skills that they had and learn new ones. So I think it is. And this is one of the reasons why, I was just talking with Maureen launching that 29 million training program for the cloud, that really touches public sector because there is so many agencies, countries, governments that need to have that training. >> You're talking about Maureen Lonergan, she does the training. She's been working on that for years. >> Yeah. >> That's the only getting better and better. >> Yeah. >> Well Sandy, I've got to ask you, since you have a few minutes left, I want to ask you about your journey. >> Yeah. >> We've interviewed you going back a long time look where we are now. >> I know. It's incredible. >> Look at these two sets going on at CUBE. >> You've been an incredible voice on theCUBE. We really appreciate having you on because you're innovative. You're always moving like a shark. You can't sit still. You're always innovating. Still going on, you had the great women's luncheon from 20 to 200. >> Yeah, we grew. So we started out with 20 people back five years ago and now we had about 200 women and it was incredible because we do different topics. Our topic was around empathy and empathetic leadership. And you know how you can really leverage that today, back with the skills and your people. You know, given that Amazon just announced our new leadership principle about wanting to be the Earth's most employee centric company. It fits right in, empathetic leadership. And we had amazing women at that luncheon that told some great stories about empathy that I think will live in our hearts forever. >> And the other thing I want to point out, we had some of the guests on sitting on theCUBE. We had Linda Jojo from United airlines. >> Oh yeah. >> And a little factoid, yesterday in the keynote, 50% of the speakers were women. >> I know. The first time I did a blog post on it, like we had two amazing women in STEM and we had, you know, the black pilot that was highlighted. So it's showing more diversity. So I was just so excited. Thank you Adam, for doing that because I think that was an amazing, amazing focus here at the conference. >> I wanted to bring up a point. I had a note here to bring up to you. Public sector, you guys doubled the number of partners, large migrations this year. That's a big statoid. You've had 575,000 individuals hold active certifications. Okay. That grew 40% from August 2021, clearly a pandemic impact. A lot of people jumping back in getting their certs, migrating so if they're not... They're in between transitions where they have a tailwind or a headwind, whether you're United Airlines or whether you're Zoom, you got some companies were benefiting from the pandemic and some were retooling. That's something that we talked about actually at the beginning. >> That's right. Absolutely. And I do think that those certifications also demonstrate that customers have raised the bar on what they expect from a partner. It's no longer just like that technology input, it's also that industry side. And so you see the number of certifications going up because customers are demanding higher skill level. And by the way, for the partners we conducted a study with ESG and ESG said that more skilled partners, you drive more margin, profit margin, 42% more profit margin for a higher skilled partner. And we're seeing that really come to fruition with some of these really intense focus on getting more certifications and more training. >> I want to get your thoughts on the healthcare and life science. I just got a note here that tells me that the vertical is one of the fastest growing verticals with 105% year on year growth. Healthcare and life sciences, another important... Again, a lot of legacy, a lot of old silos, forced to expand and innovate with the pandemic growing. >> Yes. You know, government is our largest segment today, our largest competency. Healthcare is our fastest growing segment. So we have a big focus there. And like you said, it's not just around, you know, seeing things stay the same. It's about digital transformation. It's one of the reasons we're also seeing such an increase in our authority to operate program both on the government side and the healthcare side. So we do, you know, FedRAMP and IL5. We had six companies that got IL5, five of them in 2021, which is an amazing achievement. And then, you know, if you think about the healthcare side, our fastest growing compliance is HIPAA and HITRUST. And that ATO program really brings best practices and templates and stronger go to market for those partners too. >> Yeah. I mean, I think it's opportunity recognition and then capture during the pandemic with the cloud. More agility, more speed. >> That's right. >> Sandy, always great to have you on. In the last couple of seconds we have left, summarize the top 10 announcements in a bumper sticker. If you had to kind of put that bumper sticker on the car as it drives away from re:Invent this year, what's on that bumper sticker? What's it say? >> Partners that focus on destination, data and delivery will grow faster and add more value to their customers. >> There it is. The three dimension, DDD. Delivery... Destination, data and delivery. >> There you go. >> Here on theCUBE, bringing you all the data live on the ground here, CUBE studios, two sets wall-to-wall coverage. You're watching theCUBE, the leader in global tech coverage. I'm John Furrier your host. Thanks for watching. (soft techno music)