>>Welcome back to the Cube, as a continued coverage here from AWS Reinvent 22. It's day three of our coverage here at the Venetian in Las Vegas, and we're part of the AWS Global Startup Showcase. With me to talk about what Kong's to in that regard is Marco Palladino, who's the, the CTO and the co-founder of Con Marco. Good >>To see you. Well, thanks for having me >>Here. Yeah, I was gonna say, by the way, I, I, you've got a beautiful exhibit down on the show floor. How's the week been for you so far as an exhibitor here? >>It's been very busy. You know, to this year we made a big investment at the WS reinvent. You know, I think this is one of the best conferences in the industry. There is technology developers, but it's also business oriented. So you can learn about all the business outcomes that our, you know, customers or, you know, people are trying to make when, when adopting these new technologies. So it's very good so far. >>Good, good, good to hear. Alright, so in your world, the API world, you know, it used to be we had this, you know, giant elephant. Now we're cutting down the little pieces, right? That's right. We're all going micro now these days. That's right. Talk about that trend a little bit, what you're seeing, and we'll jump in a little deeper as to how you're addressing that. >>Well, I think the industry learned a long time ago that running large code bases is actually quite problematic when it comes to scaling the organization and capturing new opportunities. And so, you know, we're transitioning to microservices because we want to get more opportunities in our business. We want to be able to create new products, fasters, we want to be able to leverage existing services or data that we have built, like an assembly line of software, you know, picking up APIs that other developers are building, and then assemble them together to create new experiences or new products, enter new markets. And so microservices are fantastic for that, except microservices. They also introduce significant concerns on the networking layer, on the API layer. And so this is where Kong specializes by providing API infrastructure to our customers. >>Right. So more about the problems, more about the challenges there, because you're right, it, opportunities always create, you know, big upside and, and I, I don't wanna say downside, but they do introduce new complexities. >>That's right. And introducing new complexity. It's a little bit the biggest enemy of any large organization, right? We want to reduce complexity, we want to move faster, we want to be more agile, and, and we need an API vision to be able to do that. Our teams, you know, I'm speaking with customers here at Reinvent, they're telling me that in the next five years, the organization is going to be creating more APIs than all the APIs they've created up until now. Right? So how do you >>Support, that's a mind boggling number, right? >>It's mind boggling. Yeah, exactly. How do you support that type of growth? And things have been moving so fast. I feel like there is a big dilemma in, you know, with certain organizations where, you know, we have not taught a long term strategy for APIs, whereas we do have a long term strategy for our business, but APIs are running the business. We must have a long term strategy for our APIs, otherwise we're not gonna be able to execute. And that's a big dilemma right now. Yeah. >>So, so how do we get the horse back in front of the cart then? Because it's like you said, it's almost as if we've, we're, we're reprioritizing, you know, incorrectly or inaccurately, right? You're, you're getting a little bit ahead of ourselves. >>Well, so, you know, whenever we have a long-term strategy for pretty much anything in the organization, right? We know what we want to do. We know the outcome that we want to achieve. We work backwards to, you know, determine what are the steps that are gonna bring us there. And, and the responsibility for thinking long term in, in every organization, including for APIs at the end of the day, always falls on the leaders and the should on the shoulders of the leadership and, and to see executives of the organization, right? And so we're seeing, you know, look at aws by the way. Look at Amazon. This conference would not have been possible without a very strong API vision from Amazon. And the CEO himself, Jeff Bezos, everybody talks about wanting to become an API first organization. And Amazon did that with the famous Jeff Bezos mandate today, aws, it's a hundred billion revenue for Amazon. You see, Amazon was not the first organization with, with an e-commerce, but if it was the first one that married a very strong e-commerce business execution with a very strong API vision, and here we are. >>So yeah, here we are putting you squarely in, in, in a pretty good position, right? In terms of what you're offering to the marketplace who has this high demand, you see this trend starting to explode. The hockey sticks headed up a little bit, right? You know, how are you answering that call specifically at how, how are you looking at your client's needs and, and trying to address what they need and when they need it, and how they need it. Because everybody's in a kind of a different place right now. >>Right? That's exactly right. And so you have multiple teams at different stages of their journey, right? With technology, some of them are still working on legacy, some of them are moving to the cloud. Yep. Some of them are working in containers and in microservices and Kubernetes. And so how do you, how do we provide an API vision that can fulfill the needs of the entire organization in such a way that we reduce that type of fragmentation and we don't introduce too much complexity? Well, so at con, we do it by essentially splitting the API platform in three different components. Okay. One is API management. When, whenever we want to expose APIs internally or to an ecosystem of partners, right? Or to mobile, DRA is a service mesh. You know, as we're splitting these microservices into smaller parts, we have a lot of connectivity, all, you know, across all the services that the teams are building that we need to, to manage. >>You know, the network is unreliable. It's by default, not secure, not observable. There is nothing that that works in there. And so how do we make that network reliable without asking our teams to go and build these cross-cut concerns whenever they create a new service. And so we need a service match for that, right? And then finally, we could have the best AP infrastructure in the world, millions of APIs and millions of microservices. Everything is working great. And with no API consumption, all of that would be useless. The value of our APIs and the value of our infrastructure is being driven by the consumption that we're able to drive to all of these APIs. And so there is a whole area of API productivity and discovery and design and testing and mocking that enables the application teams to be successful with APIs, even when they do have a, the proper API infrastructure in place that's made of meshes and management products and so on and so forth. Right. >>Can you gimme some examples? I mean, at least with people that you've been working with in terms of addressing maybe unique needs. Cuz again, as you've addressed, journeys are in different stages now. Some people are on level one, some people are on level five. So maybe just a couple of examples Yeah. Of clients with whom you've been working. Yeah, >>So listen, I I was talking with many organizations here at AWS Reinvent that are of course trying to migrate to the cloud. That's a very common common transformation that pretty much everybody's doing in the world. And, and how do you transition to the cloud by de-risking the migration while at the same time being able to get all the benefits of, of running in the cloud? Well, we think that, you know, we can do that in two, two ways. One, by containerizing our workloads so that we can make them portable. But then we also need to lift and shift the API connectivity in such a way that we can determine how much traffic goes to the legacy and how much traffic goes to the new cloud infrastructure. And by doing that, we're able to deal with some of these transformations that can be quite complex. And then finally, API infrastructure must support every team in the organization. >>And so being able to run on a single cloud, multi-cloud, single cluster, multi cluster VMs containers, that's important and essential because we want the entire organization to be on board. Because whenever we do not do that, then the developers will make short term decisions that are not going to be fitting into the organizational outcomes that we want to achieve. And we look at any outcome that your organization wants to achieve the cloud transformation, improving customer retention, creating new products, being more agile. At the end of the day, there is an API that's powering that outcome. >>Right? Right. Well, and, and there's always a security component, right? That you have to be concerned about. So how are you raising that specter with your clients to make them aware? Because sometimes it, I wouldn't say it's an afterthought, but sometimes it's not the first thought. And, and obviously with APIs and with their integral place, you know, in, in the system now security's gotta be included in that, right? >>API security is perhaps the biggest, biggest request that we're hearing from customers. You know, 83% of the world's internet traffic at the end of the day runs on APIs, right? That's a lot of traffic. As a matter of fact, APIs are the first attack vector for any, you know, malicious store party. Whenever there is a breach, APIs must be secured. And we can secure APIs on different layers of our infrastructure. We can secure APIs at the L four mesh layer by implementing zero trust security, for example, encrypting all the traffic, assigning an identity to every service, removing the concept of trust from our systems because trust is exploitable, right? And so we need to remove the cut zero trust, remove the concept of trust, and then once we have that underlying networking that's being secure and encrypted, we want to secure access to our APIs. >>And so this is the typical authentication, authorization concerns. You know, we can use patterns like op, op or opa open policy agent to create a security layer that does not rely on the team's writing code every time they're creating a new service. But the infrastructure is enforcing the type of layer. So for example, last week I was in Sweden, as a matter of fact speaking with the largest bank in Sweden while our customers, and they were telling us that they are implementing GDPR validation in the service mesh on the OPPA layer across every service that anybody's building. Why? Well, because you can embed the GDPR settings of the consumer into a claim in a gel token, and then you can use OPPA to validate in a blanket way that Jo Token across every service in the mesh, developers don't have to do that. It just comes out of the box like that. And then finally, so networking, security, API security for access and, and management of those APIs. And then finally we have deep inspection of our API traffic. And here you will see more exotic solutions for API security, where we essentially take a subset of our API traffic and we try to inspect it to see if there is anybody doing anything that they shouldn't be doing and, and perhaps block them or, you know, raise, raise, raise the flag, so to speak. >>Well, the answer is probably yes, they are. Somebody's trying to, somebody's trying to, yeah, you're trying to block 'em out. Before I let you go, you've had some announcements leading up here to the show that's just to hit a few of those highlights, if you would. >>Well, you know, Kong is an organization that you know, is very proud of the technology that we create. Of course, we started with a, with the API gateway Con Gateway, which was our first product, the most adopted gateway in the world. But then we've expanded our platform with service mesh. We just announced D B P F support in the service mesh. For example, we made our con gateway, which was already one of the fastest gateway, if not the fastest gateway out there, 30% faster with Con Gateway 3.0. We have shipped an official con operator for Kubernetes, both community and enterprise. And then finally we're doubling down on insomnia, insomnia's, our API productivity application that essentially connects the developers with the APIs that are creating and allows them to create a discovery mechanism for testing, mocking the bagging, those APIs, all of this, we of course ship it OnPrem, but then also on the cloud. And you know, in a cloud conference right now, of course, cloud, right? Right. Is a very important part of our corporate strategy. And our customers are asking us that. Why? Because they don't wanna manage the software, they want the API platform, they don't, don't wanna manage it. >>Well, no, nobody does. And there are a few stragglers, >>A few, a few. And for them there is the on-prem >>Platform. Fine, let 'em go. Right? Exactly. But if you wanna make it a little quick and dirty, hand it off, right? Oh, >>That's exactly right. Yes. >>Let Con do the heavy lifting for you. Hey Marco, thanks for the time. Yeah, thank you so much. We appreciate, and again, congratulations on what appears to be a pretty good show for you guys. Yeah, thank you. Well done. All right, we continue our discussions here at aws. Reinvent 22. You're watching the Cube, the leader in high tech coverage. >>Okay.

(soft music) >> Welcome back to Sin City, guys and girls we're glad you're with us. You've been watching theCUBE all week, we know that. This is theCUBE's live coverage of AWS re:Invent 22, from the Venetian Expo Center where there are tens of thousands of people, and this event if you know it, covers the entire strip. There are over 55,000 people here, hundreds of thousands online. Dave, this has been a fantastic show. It is clear everyone's back. We're hearing phenomenal stories from AWS and it's ecosystem. We got a great customer story coming up next, featured on the main stage. >> Yeah, I mean, you know, post pandemic, you start to think about, okay, how are things changing? And one of the things that we heard from Adam Selipsky, was, we're going beyond digital transformation into business transformation. Okay. That can mean a lot of things to a lot of people. I have a sense of what it means. And I think this next interview really talks to business transformation beyond digital transformation, beyond the IT. >> Excellent. We've got two guests. One of them is an alumni, Scott Mullins joins us, GM, AWS Worldwide Financial Services, and Brad Peterson is here, the EVP, CIO and CTO of NASDAQ. Welcome guys. Great to have you. >> Hey guys. >> Hey guys. Thanks for having us. >> Yeah >> Brad, talk a little bit, there was an announcement with NASDAQ and AWS last year, a year ago, about how they're partnering to transform capital markets. It was a highlight of last year. Remind us what you talked about and what's gone on since then. >> Yeah, so, we are very excited. I work with Adena Friedman, she's my boss, CEO of NASDAQ, and she was on stage with Adam for his first Keynote as CEO of AWS. And we made the commitment that we were going to move our markets to the Cloud. And we've been a long time customer of AWS and everyone said, you know the last piece, the last frontier to be moved was the actual matching where all the messages, the quotes get matched together to become confirmed orders. So that was what we committed to less than a year ago. And we said we were going to move one of our options markets. In the US, we have six of them. And options markets are the most challenging, they're the most high volume and high performance. So we said, let's start with something really challenging and prove we can do it together with AWS. So we committed to that. >> And? Results so far? >> So, I can sit here and say that November 7th so we are live, we're in production and the MRX Exchange is called Mercury, so we shorten it for MRX, we like acronyms in technology. And so, we started with a phased launch of symbols, so you kind of allow yourself to make sure you have all the functionality working then you add some volume on it, and we are going to complete the conversion on Monday. So we are all good so far. And I have some results I can share, but maybe Scott, if you want to talk about why we did that together. >> Yeah. >> And what we've done together over many years. >> Right. You know, Brian, I think it's a natural extension of our relationship, right? You know, you look at the 12 year relationship that AWS and NASDAQ have had together, it's just the next step, in the way that we're going to help the industry transform itself. And so not just NASDAQ's business transformation for itself, but really a blueprint and a template for the entire capital markets industry. And so many times people will ask me, who's using Cloud well? Who's doing well in the Cloud? And NASDAQ is an easy example to point to, of somebody who's truly taking advantage of these capabilities because the Cloud isn't a place, it's a set of capabilities. And so, this is a shining example of how to use these capabilities to actually deliver real business benefit, not just to to your organization, but I think the really exciting part is the market technology piece of how you're serving other exchanges. >> So last year before re:Invent, we said, and it's obvious within the tech ecosystem, that technology companies are building on top of the Cloud. We said, the big trend that we see in the 2020s is that, you know, consumers of IT, historically, your customers are going to start taking their stacks, their software, their data, their services and sassifying, putting it on the Cloud and delivering new services to customers. So when we saw Adena on stage last year, we called it by the way, we called it Super Cloud. >> Yeah. >> Okay. Some people liked the term but I love it. And so yeah, Super Cloud. So when we saw Adena on stage, we said that's a great example. We've seen Capital One doing some similar things, we've had some conversations with US West, it's happening, right? So talk about how you actually do that. I mean, because you've got a lot, you've got a big on-premises stay, are you connecting to that? Is it all in the Cloud? Paint a picture of what the architecture looks like? >> Yeah. And there's, so you started with the business transformation, so I like that. >> Yeah. >> And the Super Cloud designation, what we are is, we own and operate exchanges in the United States and in Europe and in Canada. So we have our own markets that we're looking at modernizing. So we look at this, as a modernization of the capital market infrastructure, but we happen to be the leading technology provider for other markets around the world. So you either build your own or you source from us. And we're by far the leading provider. So a lot of our customers said, how about if you go first? It's kind of like Mikey, you know, give it to Mikey, let him try it. >> See if Mikey likes it. >> Yeah. >> Penguin off the iceberg thing. >> Yeah. And so what we did is we said, to make this easy for our customers, so you want to ask your customers, you want to figure out how you can do it so that you don't disrupt their business. So we took the Edge Compute that was announced a few years ago, Amazon Outposts, and we were one of their early customers. So we started immediately to innovate with, jointly innovate with Amazon. And we said, this looks interesting for us. So we extended the region into our Carteret data center in Northern New Jersey, which gave us all the services that we know and love from Amazon. So our technical operations team has the same tools and services but then, we're able to connect because in the markets what we're doing is we need to connect fairly. So we need to ensure that you still have that fairness element. So by bringing it into our building and extending the Edge Compute platform, the AWS Outpost into Carteret, that allowed us to also talk very succinctly with our regulators. It's a familiar territory, it's all buttoned up. And that simplified the conversion conversation with the regulators. It simplified it with our customers. And then it was up to us to then deliver time and performance >> Because you had alternatives. You could have taken a more mature kind of on-prem legacy stack, figured out how to bolt that in, you know, less cloudy. So why did you choose Outposts? I am curious. >> Well, Outposts looked like when it was announced, that it was really about extending territory, so we had our customers in mind, our global customers, and they don't always have an AWS region in country. So a lot of you think about a regulator, they're going to say, well where is this region located? So finally we saw this ability to grow the Cloud geographically. And of course we're in Sweden, so we we work with the AWS region in Stockholm, but not every country has a region yet. >> And we're working as fast as we can. - Yes, you are. >> Building in every single location around the planet. >> You're doing a good job. >> So, we saw it as an investment that Amazon had to grow the geographic footprint and we have customers in many smaller countries that don't have a region today. So maybe talk a little bit about what you guys had in mind and it's a multi-industry trend that the Edge Compute has four or five industries that you can say, this really makes a lot of sense to extend the Cloud. >> And David, you said it earlier, there's a trend of ecosystems that are coming onto the Cloud. This is our opportunity to bring the Cloud to an ecosystem, to an existing ecosystem. And if you think about NASDAQ's data center in Carteret, there's an ecosystem of NASDAQ's clients there that are there to be with NASDAQ. And so, it was actually much easier for us as we worked together over a really a four year period, thinking about this and how to make this technological transition, to actually bring the capabilities to that ecosystem, rather than trying to bring the ecosystem to AWS in one of our public regions. And so, that's been our philosophy with Outpost all along. It's actually extending our capabilities that our customers know and love into any environment that they need to be able to use that in. And so to Brad's point about servicing other markets in different countries around the world, it actually gives us that ability to do that very quickly, very nimbly and very succinctly and successfully. >> Did you guys write a working backwards document for this initiative? >> We did. >> Yeah, we actually did. So to be, this is one of the fully exercised. We have a couple of... So by the way, Scott used to work at NASDAQ and we have a number of people who have gone from NASDAQ data to AWS, and from AWS to NASDAQ. So we have adopted, that's one of the things that we think is an effective way to really clarify what you're trying to accomplish with a project. So I know you're a little bit kidding on that, but we did. >> No, I was close. Because I want to go to the like, where are we in the milestone? And take us through kind of what we can expect going forward now that we've worked backwards. >> Yep, we did. >> We did. And look, I think from a milestone perspective, as you heard Brad say, we're very excited that we've stood up MRX in production. Having worked at NASDAQ myself, when you make a change and when you stand up a market that's always a moment where you're working with your community, with your clients and you've got a market-wide call that you're working and you're wanting to make sure that everything goes smoothly. And so, when that call went smoothly and that transition went smoothly I know you were very happy, and in AWS, we were also very happy as well that we hit that milestone within the timeframe that Adena set. And that was very important I know to you. >> Yeah. >> And for us as well. >> Yeah. And our commitment, so the time base of this one was by the end of 2022. So November 7th, checked. We got that one done. >> That's awesome. >> The other one is we said, we wanted the performance to be as good or better than our current platform that we have. And we were putting a new version of our derivative or options software onto this platform. We had confidence because we already rolled it to one market in the US then we rolled it earlier this year and that was last year. And we rolled it to our nordic derivatives market. And we saw really good customer feedback. So we had confidence in our software was going to run. Now we had to marry that up with the Outpost platform and we said we really want to achieve as good or better performance and we achieved better performance, so that's noticeable by our customers. And that one was the biggest question. I think our customers understand when we set a date, we test them with them. We have our national test facility that they can test in. But really the big question was how is it going to perform? And that was, I think one of the biggest proof points that we're really proud about, jointly together. And it took both, it took both of us to really innovate and get the platform right, and we did a number of iterations. We're never done. >> Right. >> But we have a final result that says it is better. >> Well, congratulations. - Thank you. >> It sounds like you guys have done a tremendous job. What can we expect in 2023? From NASDAQ and AWS? Any little nuggets you can share? >> Well, we just came from the partner, the partner Keynote with Adam and Ruba and we had another colleague on stage, so Nick Ciubotariu, so he is actually someone who brought digital assets and cryptocurrencies onto the Venmo, PayPal platform. He joined NASDAQ about a year ago and we announced that in our marketplace, the Amazon marketplace, we are going to offer digital custody, digital assets custody solution. So that is certainly going to be something we're excited about in 2023. >> I know we got to go, but I love this story because it fits so great at the Super cloud but we've learned so much from Amazon over the years. Two pieces of teams, we talked about working backwards, customer obsession, but this is a story of NASDAQ pointing its internal capabilities externally. We're already on that journey and then, bringing that to the Cloud. Very powerful story. I wonder what's next in this, because we learn a lot and we, it's like the NFL, we copy it. I think about product market fit. You think about scientific, you know, go to market and seeing that applied to the financial services industry and obviously other industries, it's really exciting to see. So congratulations. >> No, thank you. And look, I think it's an example of Invent and Simplify, that's another Amazon principle. And this is, I think a great example of inventing on behalf of an industry and then continually working to simplify the way that the industry works with all of us. >> Last question and we've got only 30 seconds left. Brad, I'm going to direct it to you. If you had the opportunity to take over the NASDAQ sign in Times Square and say a phrase that summarizes what NASDAQ and AWS are doing together, what would it say? >> Oh, and I think I'm going to put that up on Monday. So we're going to close the market together and it's going to say, "Modernizing the capital market's infrastructure together." >> Very cool. >> Excellent. Drop the mic. Guys, this was fantastic. Thank you so much for joining us. We appreciate you joining us on the show, sharing your insights and what NASDAQ and AWS are doing. We're going to have to keep watching this. You're going to have to come back next year. >> All right. >> For our guests and for Dave Vellante, I'm Lisa Martin. You're watching theCUBE, the leader in live enterprise and emerging tech coverage. (soft music)

hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

(light music) >> Hello, and welcome to theCUBE's special presentation with Horizon3.ai with Rainer Richter, Vice President of EMEA, Europe, Middle East and Africa, and Asia Pacific, APAC Horizon3.ai. Welcome to this special CUBE presentation. Thanks for joining us. >> Thank you for the invitation. >> So Horizon3.ai, driving global expansion, big international news with a partner-first approach. You guys are expanding internationally. Let's get into it. You guys are driving this new expanse partner program to new heights. Tell us about it. What are you seeing in the momentum? Why the expansion? What's all the news about? >> Well, I would say in international, we have, I would say a similar situation like in the US. There is a global shortage of well-educated penetration testers on the one hand side. On the other side, we have a raising demand of network and infrastructure security. And with our approach of an autonomous penetration testing, I believe we are totally on top of the game, especially as we have also now starting with an international instance. That means for example, if a customer in Europe is using our service, NodeZero, he will be connected to a NodeZero instance, which is located inside the European Union. And therefore, he doesn't have to worry about the conflict between the European GDPR regulations versus the US CLOUD Act. And I would say there, we have a total good package for our partners that they can provide differentiators to their customers. >> You know, we've had great conversations here on theCUBE with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company. And obviously, I can just connect the dots here, but I'd like you to weigh in more on how that translates into the go-to-market here because you got great cloud scale with the security product you guys are having success with. Great leverage there, I'm seeing a lot of success there. What's the momentum on the channel partner program internationally? Why is it so important to you? Is it just the regional segmentation? Is it the economics? Why the momentum? >> Well, there are multiple issues. First of all, there is a raising demand in penetration testing. And don't forget that in international, we have a much higher level number or percentage in SMB and mid-market customers. So these customers, typically, most of them even didn't have a pen test done once a year. So for them, pen testing was just too expensive. Now with our offering together with our partners, we can provide different ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with a traditional manual pen test, and that is because we have our Consulting PLUS package, which is for typically pen testers. They can go out and can do a much faster, much quicker pen test at many customers after each other. So they can do more pen test on a lower, more attractive price. On the other side, there are others or even the same one who are providing NodeZero as an MSSP service. So they can go after SMP customers saying, "Okay, you only have a couple of hundred IP addresses. No worries, we have the perfect package for you." And then you have, let's say the mid-market. Let's say the thousand and more employees, then they might even have an annual subscription. Very traditional, but for all of them, it's all the same. The customer or the service provider doesn't need a piece of hardware. They only need to install a small piece of a Docker container and that's it. And that makes it so smooth to go in and say, "Okay, Mr. Customer, we just put in this virtual attacker into your network, and that's it and all the rest is done." And within three clicks, they can act like a pen tester with 20 years of experience. >> And that's going to be very channel-friendly and partner-friendly, I can almost imagine. So I have to ask you, and thank you for calling out that breakdown and segmentation. That was good, that was very helpful for me to understand, but I want to follow up, if you don't mind. What type of partners are you seeing the most traction with and why? >> Well, I would say at the beginning, typically, you have the innovators, the early adapters, typically boutique-size of partners. They start because they are always looking for innovation. Those are the ones, they start in the beginning. So we have a wide range of partners having mostly even managed by the owner of the company. So they immediately understand, okay, there is the value, and they can change their offering. They're changing their offering in terms of penetration testing because they can do more pen tests and they can then add others ones. Or we have those ones who offered pen test services, but they did not have their own pen testers. So they had to go out on the open market and source pen testing experts to get the pen test at a particular customer done. And now with NodeZero, they're totally independent. They can go out and say, "Okay, Mr. Customer, here's the service. That's it, we turn it on. And within an hour, you are up and running totally." >> Yeah, and those pen tests are usually expensive and hard to do. Now it's right in line with the sales delivery. Pretty interesting for a partner. >> Absolutely, but on the other hand side, we are not killing the pen tester's business. We are providing with NodeZero, I would call something like the foundational work. The foundational work of having an ongoing penetration testing of the infrastructure, the operating system. And the pen testers by themselves, they can concentrate in the future on things like application pen testing, for example. So those services, which we are not touching. So we are not killing the pen tester market. We are just taking away the ongoing, let's say foundation work, call it that way. >> Yeah, yeah. That was one of my questions. I was going to ask is there's a lot of interest in this autonomous pen testing. One because it's expensive to do because those skills are required are in need and they're expensive. (chuckles) So you kind of cover the entry-level and the blockers that are in there. I've seen people say to me, "This pen test becomes a blocker for getting things done." So there's been a lot of interest in the autonomous pen testing and for organizations to have that posture. And it's an overseas issue too because now you have that ongoing thing. So can you explain that particular benefit for an organization to have that continuously verifying an organization's posture? >> Certainly. So I would say typically, you have to do your patches. You have to bring in new versions of operating systems, of different services, of operating systems of some components, and they are always bringing new vulnerabilities. The difference here is that with NodeZero, we are telling the customer or the partner the package. We're telling them which are the executable vulnerabilities because previously, they might have had a vulnerability scanner. So this vulnerability scanner brought up hundreds or even thousands of CVEs, but didn't say anything about which of them are vulnerable, really executable. And then you need an expert digging in one CVE after the other, finding out is it really executable, yes or no? And that is where you need highly-paid experts, which where we have a shortage. So with NodeZero now, we can say, "Okay, we tell you exactly which ones are the ones you should work on because those are the ones which are executable. We rank them accordingly to risk level, how easily they can be used." And then the good thing is converted or in difference to the traditional penetration test, they don't have to wait for a year for the next pen test to find out if the fixing was effective. They run just the next scan and say, "Yes, closed. Vulnerability is gone." >> The time is really valuable. And if you're doing any DevOps, cloud-native, you're always pushing new things. So pen test, ongoing pen testing is actually a benefit just in general as a kind of hygiene. So really, really interesting solution. Really bringing that global scale is going to be a new coverage area for us, for sure. I have to ask you, if you don't mind answering, what particular region are you focused on or plan to target for this next phase of growth? >> Well, at this moment, we are concentrating on the countries inside the European Union plus United Kingdom. And of course, logically, I'm based in the Frankfurt area. That means we cover more or less the countries just around. So it's like the so-called DACH region, Germany, Switzerland, Austria, plus the Netherlands. But we also already have partners in the Nordic, like in Finland and Sweden. So we have partners already in the UK and it's rapidly growing. So for example, we are now starting with some activities in Singapore and also in the Middle East area. Very important, depending on let's say, the way how to do business. Currently, we try to concentrate on those countries where we can have, let's say at least English as an accepted business language. >> Great, is there any particular region you're having the most success with right now? Sounds like European Union's kind of first wave. What's the most- >> Yes, that's the first. Definitely, that's the first wave. And now with also getting the European INSTANCE up and running, it's clearly our commitment also to the market saying, "Okay, we know there are certain dedicated requirements and we take care of this." And we are just launching, we are building up this one, the instance in the AWS service center here in Frankfurt. Also, with some dedicated hardware, internet, and a data center in Frankfurt, where we have with the DE-CIX, by the way, the highest internet interconnection bandwidth on the planet. So we have very short latency to wherever you are on the globe. >> That's a great call out benefit too. I was going to ask that. What are some of the benefits your partners are seeing in EMEA and Asia Pacific? >> Well, I would say, the benefits for them, it's clearly they can talk with customers and can offer customers penetration testing, which they before even didn't think about because penetration testing in a traditional way was simply too expensive for them, too complex, the preparation time was too long, they didn't have even have the capacity to support an external pen tester. Now with this service, you can go in and even say, "Mr. Customer, we can do a test with you in a couple of minutes. We have installed a Docker container. Within 10 minutes, we have the pen test started. That's it and then we just wait." And I would say we are seeing so many aha moments then. On the partner side, when they see NodeZero the first time working, it's like they say, "Wow, that is great." And then they walk out to customers and show it to their typically at the beginning, mostly the friendly customers like, "Wow, that's great, I need that." And I would say the feedback from the partners is that is a service where I do not have to evangelize the customer. Everybody understands penetration testing, I don't have to describe what it is. The customer understanding immediately, "Yes. Penetration testing, heard about that. I know I should do it, but too complex, too expensive." Now for example, as an MSSP service provided from one of our partners, it's getting easy. >> Yeah, and it's great benefit there. I mean, I got to say I'm a huge fan of what you guys are doing. I like this continuous automation. That's a major benefit to anyone doing DevOps or any kind of modern application development. This is just a godsend for them, this is really good. And like you said, the pen testers that are doing it, they were kind of coming down from their expertise to kind of do things that should have been automated. They get to focus on the bigger ticket items. That's a really big point. >> Exactly. So we free them, we free the pen testers for the higher level elements of the penetration testing segment, and that is typically the application testing, which is currently far away from being automated. >> Yeah, and that's where the most critical workloads are, and I think this is the nice balance. Congratulations on the international expansion of the program, and thanks for coming on this special presentation. I really appreciate it. Thank you very much. >> You're welcome. >> Okay, this is theCUBE special presentation, you know, checking on pen test automation, international expansion, Horizon3.ai. A really innovative solution. In our next segment, Chris Hill, Sector Head for Strategic Accounts, will discuss the power of Horizon3.ai and Splunk in action. You're watching theCUBE, the leader in high tech enterprise coverage. (steady music)

>>Okay, welcome back everyone to the Cube's live coverage here in Las Vegas for Amazon re Mars two days of coverage, we're getting down to wrapping up day one. I'm John furrier host of the cube space is a big topic here. You got machine learning, you got automation, robotics, all spells Mars. The two great guests here to really get into the whole geo scene. What's going on with the data. We've got Marcus Norren business development and geo data. Sogeti part of cap Gemini group, and Yoki well kissed portfolio lead data and AI with Sogeti part of cap, Gemini gentlemen, thanks for coming on the queue. Appreciate it. Thanks >>For having us. >>Let me so coming all the way from Sweden to check out the scene here and get into the weeds and the show. A lot of great technology being space is the top line here, but software drives it. Um, you got robotics. Lot of satellite, you got the aerospace industry colliding with hardcore industrial. I say IOT, robotics, one, whatever you want, but space kind of highlights the IOT opportunity. There is no edge in space, right? So the edge, the intelligent edge, a lot going on in space. And satellite's one of 'em you guys are in the middle of that. What are you guys working on? What's the, the focus here for cap gem and I Sogeti part of cap >>Gemini. I would say we focus a lot of creating business value, real business value for our clients, with the satellites available, actually a free available satellite images, working five years now with this, uh, solutioning and, uh, mostly invitation management and forestry. That's our main focus. >>So what's the product value you guys are offering. >>We basically, for now the, the most value we created is working with a forest client to find park Beal infests, uh, in spruce forest. It's a big problem in European union and, uh, Northern region Sweden, where we live now with the climate change, it's getting warmer, the bark beetle bases warm more times during the summer, which makes it spread exponentially. Uh, so we help with the satellite images to get with data science and AI to find these infestations in time when they are small, before it's spread. >>So satellite imagery combined with data, this is the intersection of the data piece, the geo data, right? >>Yeah. You can say that you have, uh, a lot of open satellite data, uh, and uh, you want to analyze that, that you also need to know what you're looking for and you need data to understand in our case, a certain type of damage. So we have large data sets that we have to sort of clean and train ML models from to try to run that on that open data, to detect these models. And, and when we're saying satellite data and open data, it's basically one pixel is 10 by 10 meters. So it's not that you will see the trees, but we're looking at the spectral information in the image and finding patterns. So we can actually detect attacks that are like four or five trees, big, uh, using that type. And we can do that throughout the season so we can see how you start seeing one, two attacks and it's just growing. And then you have this big area of just damage. So >>How, how long does that take? Give me some scope to scale because it sounds easy. Oh, the satellites are looking down on us. It's not, it's a lot of data there. What's the complexity. What are the challenges that you guys are overcoming scope to scale? >>It's so much complexity in this first, you have clouds, so it's, uh, open data set, you download it and you figure out here, we have a satellite scene, which is cloudy. We need to have some analytics doing that, taking that image away basically, or the section of the image with it cloudy. Then we have a cloud free image. We can't see anything because it's blurry. It's too low resolution. So we need to stack them on top of each other. And then we have the next problem to correlate them. So they are pixel perfect overlapping. Yeah. So we can compare them in time. And then they have the histogram adjustment to make them like, uh, the sensitivity is the same on all the images, because you have solar storms, you have shady clouds, which, uh, could be used still that image. So we need to compare that. Then we have the ground proof data coming from, uh, a harvester. For instance, we got 200,000 data points from the harvester real data points where they had found bark Beal trees, and they pulled them down. The GPS is drifting 50 meters. So you have an uncertainty where the actually harvest it was. And then we had the crane on 20 meters. So, you know, the GPS is on the home actually of the home actual machine and the crane were somewhere. So you don't really know you have this uncertainty, >>It's a data integration problem. Yeah. Massive, >>A lot of, of, uh, interesting, uh, things to adjust for. And then you could combine this into one deep learning model and build. >>But on top of that, I don't know if you said that, but you also get the data in the winter and you have the problem during the summer. So we actually have to move back in time to find the problem, label the data, and then we can start identifying. >>So once you get all that heavy lifting done or, or write the code, or I don't know if something's going on there, you get the layering, the pixel X see all the, how complex that is when the deep learning takes over. What happens next? Is it scale? Is it is all the heavy lifting up front? Is the work done front or yeah. Is its scale on the back end? >>So first the coding is heavy work, right? To gets hands on and try different things. Figure out in math, how to work with this uncertainty and get everything sold. Then you put it into a deep learning model to train that it actually run for 10 days before it was accurate, or first, first ation, it wasn't accurate enough. So we scrap that, did some changes. Then we run it again for 10 days. Then we have a model which we could use and interfere new images. Like every day, pretty quickly, every day it comes a new image. We run it. We have a new outcome and we could deliver that to clients. >>Yeah. I can almost imagine. I mean, the, the cloud computing comes in handy here. Oh yeah. So take me through the benefits because it sounds like the old, the old expression, the juice is not worth the squeeze here. It is. It's worth the squeeze. If you can get it right. Because the alternative is what more expensive gear, different windows, just more expensive monolithic solutions. Right? >>Think about the data here. So it's satellite scene. Every satellite scene is hundred by a hundred kilometers. That pretty much right. And then you need a lot of these satellite scene over multiple years to combine it. So if you should do this over the whole Northern Europe, over the whole globe, it's a lot of data just to store that it's a problem. You, you cannot do it on prem and then you should compute it with deep learning models. It's a hard problem >>If you don't have, so you guys got a lot going on. So, so talk about spaghetti, part of cap, Gemini, explain that relationship, cuz you're here at a show that, you know, you got, I can see the CAPI angle. This is like a little division. Is it a group? Are you guys like lone wolves? Like, what's it like, is this dedicated purpose built focus around aerospace? >>No, it's actually SOI was the, the name of the CAPI company from the beginning. And they relaunched the brand, uh, 2001, I think roughly 10, 20 years ago. So we actually celebrate some anniversary now. Uh, and it's a brand which is more local close to clients out in different cities. And we also tech companies, we are very close to the new technology, trying things out. And this is a perfect example of this. It was a crazy ID five years ago, 2017. And we started to bring in some clients explore, really? Open-minded see, can we do something on these satellite data? And then we took it step by step together of our clients. Yeah. And it's a small team where like 12 >>People. Yeah. And you guys are doing business development. So you have to go out there and identify the kinds of problems that match the scope of the scale. >>So what we're doing is we interact with our clients, do some simple workshops or something and try to identify like the really valuable problems like this Bruce Park people that that's one of those. Yep. And then we have to sort of look at, do we think we can do something? Is it realistic? And we will not be able to answer that to 100% because then there's no innovation in this at all. But we say, well, we think we can do it. This will be a hard problem, but we do think we can do it. And then we basically just go for it. And this one we did in 11 to 12 weeks, a tightly focused team, uh, and just went at it, uh, super slim process and got the job done and uh, the >>Results. Well, it's interesting. You have a lot of use cases. We gotta go down, do that face to face belly to belly, you know, body to body sales, BI dev scoping out, have workshops. Now this market here, Remar, they're all basically saying a call to arms more money's coming in. The problems are putting on the table. The workshop could be a lunch meeting, right. I mean, because Artis and there's a big set of problems to tackle. Yes. So I mean, I'm just oversimplifying, but that being said, there's a lot going on opportunity wise here. Yeah. That's not as slow maybe as the, the biz dev at, you know, coming in, this is a huge demand. It will be >>Explode. >>What's your take on the demand here, the problems that need to be solved and what you guys are gonna bring to bear for the problem. >>So now we have been focus mainly in vegetation management and forestry, but vegetation management can be applicable in utility as well. And we actually went there first had some struggle because it's quite detailed information that's needed. So we backed out a bit into vegetation in forestry again, but still it's a lot of application in, in, uh, utility and vegetation management in utility. Then we have a whole sustainability angle think about auditing of, uh, rogue harvesting or carbon offsetting in the future, even biodiversity, offsetting that could be used. >>And, and just to point out and give it a little extra context, all the keynotes, talk about space as a global climate solution, potentially the discoveries and or also the imagery they're gonna get. So you kind of got, you know, top down, bottoms up. If you wanna look at the world's bottom and space, kind of coming together, this is gonna open up new kinds of opportunities for you guys. What's the conversation like when you, when this is going on, you're like, oh yeah, let's go in. Like, what are you guys gonna do? What's the plan, uh, gonna hang around and ride that wave. >>I think it's all boils down to finding that use case that need to be sold because now we understand the satellite scene, they are there. We could, there is so many new satellites coming up already available. They can come up the cloud platform, AWS, it's great. We have all the capabilities needed. We have AI and ML models needed data science skills. Now it's finding the use cases together with clients and actually deliver on them one by >>One. It's interesting. I'd like to get your reaction to this Marcus two as well. What you guys are kind of, you have a lot bigger and, and, and bigger than some of the startups out there, but a startup world, they find their niches and they, the workflows become the intellectual property. So this, your techniques of layering almost see is an advantage out there. What's your guys view of that on intellectual property of the future, uh, open source is gonna run all the software. We know that. So software's no going open source scale and integration. And then new kinds of ways are new methods. I won't say for just patents, but like just for intellectual property, defen differentiation. How do you guys see this? As you look at this new frontier of intellectual property? >>That's, it's a difficult question. I think it's, uh, there's a lot of potential. If you look at open innovation and how you can build some IP, which you can out license, and some you utilize yourself, then you can build like a layer business model on top. So you can find different channels. Some markets we will not go for. Maybe some of our models actually could be used by others where we won't go. Uh, so we want to build some IP, but I think we also want to be able to release some of the things we do >>Open >>Works. Yeah. Because it's also builds presence. It it's >>Community. >>Yeah, exactly. Because this, this problem is really hard because it's a global thing. And, and it's imagine if, if you have a couple of million acres of forest and you just don't go out walking and trying to check what's going on because it's, you know, >>That's manuals hard. Yeah. It's impossible. >>So you need this to scale. Uh, and, and it's a hard problem. So I think you need to build a community. Yeah. Because this is, it's a living organism that we're trying to monitor. If you talk about visitation of forest, it's, it's changing throughout the year. So if you look at spring and then you look at summer and you look at winter, it's completely different. What you see. Yeah. Yeah. So >>It's, it's interesting. And so, you know, I wonder if, you know, you see some of these crowdsourcing models around participation, you know, small little help, but that doesn't solve the big puzzle. Um, but you have open source concepts. Uh, we had Anna on earlier, she's from the Amazon sustainability data project. Yeah, exactly. And then just like open up the data. So the data party for her. So in a way there's more innovation coming, potentially. If you can get that thing going, right. Get the projects going. Exactly. >>And all this, actually our work is started because of that. Yes, exactly. So European space agency, they decided to hand out this compar program and the, the Sentinel satellites central one and two, which we have been working with, they are freely available. It started back in 2016, I think. Yeah. Uh, and because of that, that's why we have this work done during several years, without that data freely available, it wouldn't have happened. Yeah. I'm, I'm >>Pretty sure. Well, what's next for you guys? Tell, tell me what's happening. Here's the update put a plug in for the, for the group. What are you working on now? What's uh, what are you guys looking to accomplish? Take a minute to put a plug in for the opportunity. >>I would say scaling this scaling, moving outside. Sweden. Of course we see our model that they work in in us. We have tried them in Canada. We see that we work, we need to scale and do field validation in different regions. And then I would say go to the sustainability area. This goes there, there is a lot of great >>Potential international too is huge. >>Yeah. One area. I think that is really interesting is the combination of understanding the, like the carbon sink and the sequestration and trying to measure that. Uh, but also on top of that, trying to classify certain Keystone species habitats to understand if they have any space to live and how can we help that to sort of grow back again, uh, understanding the history of the, sort of the force. You have some date online, but trying to map out how much of, of this has been turned into agricultural fields, for example, how much, how much of the real old forest we have left that is really biodiverse? How much is just eight years young to understand that picture? How can we sort of move back towards that blueprint? We probably need to, yeah. And how can we digitize and change forestry and the more business models around that because you, you can do it in a different way, or you can do both some harvesting, but also, yeah, not sort of ruining the >>Whole process. They can be more efficient. You make it more productive, save some capital, reinvest it in better ways >>And you have robotics and that's not maybe something that we are not so active in, but I mean, starting to look at how can autonomy help forestry, uh, inventory damages flying over using drones and satellites. Uh, you have people looking into autonomous harvesting of trees, which is kind of insane as well, because they're pretty big <laugh> but this is also happening. Yeah. So I mean, what we're seeing here is basically, >>I mean, we, I made a story multiple times called on sale drone. One of my favorite stories, the drones that are just like getting Bob around in the ocean and they're getting great telemetry data, cuz they're indestructible, you know, they can just bounce around and then they just transmit data. Exactly. You guys are creating a opportunity. Some will say problem, but by opening up data, you're actually exposing opportunities that never have been seen before because you're like, it's that scene where that movie, Jody frost, a contact where open up one little piece of information. And now you're seeing a bunch of new information. You know, you look at this large scale data, that's gonna open up new opportunities to solve problems that were never seen before. Exactly. You don't, you can't automate what you can't see. No. Right. That's the thing. So no, we >>Haven't even thought that these problems can be solved. It's basically, this is how the world works now. Because before, when you did remote sensing, you need to be out there. You need to fly with a helicopter or you put your boots on out and go out. Now you don't need that anymore. Yeah. Which opened up that you could be, >>You can move your creativity in another problem. Now you open up another problem space. So again, I like the problem solving vibe of the, it's not like, oh, catastrophic. Well, well, well the earth is on a catastrophic trajectory. It's like, oh, we'll agree to that. But it's not done deal yet. <laugh> I got plenty of time. Right. So like the let's get these problems on the table. Yeah. Yeah. And I think this is, this is the new method. Well, thanks so much for coming on the queue. Really appreciate the conversation. Thanks a lot. Love it. Opening up new world opportunities, challenges. There's always opportunities. When you have challenges, you guys are in the middle of it. Thanks for coming on. I appreciate it. Thank you. Thanks guys. Okay. Cap Gemini in the cube part of cap Gemini. Um, so Getty part of cap Gemini here in the cube. I'm John furrier, the host we're right back with more after this short break.

>>Yeah. >>Okay. Now we're going to look deeper into the intersection of technology and money and actually a force for good mobile. And the infrastructure around it has made sending money as easy as sending a text. But the capabilities that enable this to happen are quite amazing, especially because as users, we don't see the underlying complexity of the transactions. We just enjoy the benefits. And there's many parts of the world that historically have not been able to enjoy the benefits. And the ecosystems that are developing around these new platforms are truly transformative. And with me to explain, the business impacts of these innovations is all a person who is the head of mobile financial services at Ericsson Ola. Welcome to the program. Thanks for coming on. >>Thank you. Dave, Thank you for having me here in the program and really excited to tell me. Tell us about the product that we have within Ericsson. >>Okay, well, let's get right into it. I mean, your firm has developed the Ericsson wallet platform. What is that? Yes, >>so? So the wallet platform is one of the product, but, I mean, you can say offer here by Ericsson and the platform is built on enabled financial services not for only the bank segment, but also for the unbanked. And we have, you know, the function that we are providing as such Here is, uh, both transfer the service provided payment. You have the cash in the cash out. You have a lot of other feature that we kind of a neighbor through the ecosystem as such. And, uh, I would really like you say, to emphasize on on the use, and they really I'll say, uh, connectivity that we have in this platform here because, uh, looking at you can say the pandemic as such here. Now, we really have made you can say tremendous Shane here through all the functions etcetera feature that we have here. >>Yeah, so, I mean, I'm surrounded by banks in Massachusetts, right? No problem. I'm Boston, right? So But there's a lot of places in the world that that aren't I take for granted some of the capabilities that are there, but so part of this is to enable people who don't have access to those types of services. So maybe you could talk about that and talk about some of the things that you're enabling with the platform, >>right? So So you just think of their You can say unbanked people here, But we have across the emerging market. I think we have one point, you know, seven billion unbanked people here, but we actually can, through wallet platform enabled through getting a bank account, etcetera, and so on here and what we're actually providing you can say in this, uh, this feature is here is that you can pay your electricity bill, for example, Here, you can pay your your bill and you you can go through merchants. You can do the cashed out. You can do multiple thing here, just like I mean to to enable the the question that financial inclusion as well. So I mean I mean from from my point of view, where we're sitting, as I said, we also sitting in Sweden, we have bank account. We have something called swish where we send you can say money back, back and forward between the family, etcetera. So, on this type of transaction, we can and have enabled for all you can say, the user that I come across the the platform here and the kind of growth that we have within this usage here and and we're seeing also. I mean, we leverage here to get with a speed today on a fantastic scale that we actually have here with our our both you can say feature performers going, I will say, Really in in in in a in the direction that we couldn't imagine here you can say a few years back here. So it is fantastic transformation that we undergo here through through the platform of the technology that we have. >>You know, it reminds me of sort of the early days of mobile people talked about being able to connect, you know, remote users in places like Africa or other parts of the world that that haven't been able to enjoy things like a landline. Uh, and so I presume you're seeing a lot of interest in in those types of regions. Maybe you could talk about that a little bit. >>Yeah. Yeah, correct. I mean, I mean, we we see all of this region here, but for for example, Uh uh. Now, we we, uh we were not only entering, you can say the the, uh, specifically the African region, but also you can say the Middle East and the the the A C a specific and also actually Latin America. I mean, a lot of this country here are looking into you can say the expansion, how they can evolve. You can say the financial inclusion from what they have today, when they are, and you can say firm telecom provider, they would like to have an asset of different use case here, and we're seeing that transformation. But we have right now from just voice, you can say SMS and five year etcetera so on. This is the platform that we have to sort of enable the transaction for for a mobile financial system. But we would like also to see that the kind of operator or evolving the business with much more feature here. And this is another. You can say I was attraction to attract the user with the mobile transfer system. So we we we see this kind of expanding very heavily in this this kind of market. >>I think this is really transformative. I mean, in terms of people's lives. I mean, first of all, you're talking about the convenience of being able to move money as bits as opposed to paper, but as well I would think supporting entrepreneurship and business is getting started. I mean, there's a whole set of cultural and societal impacts that that you're having. How do you see that >>we we also providing you say I mean the world to such is also supporting, say microloans and need as an entrepreneur is to sort of start you can say any kind of company, but you need to kind of business around here. So we have seen that we have sort of enterprise services across function and the whole asset that we are that we are into today >>talking a little bit >>about >>partnerships and the ecosystems. I know you've got big partnerships with HPD. We're going to get to that. They're kind of a technology operator, but But what about, you know, other partnerships, like, I'm imagining that if I'm gonna pay my my my bill with this, you've got other providers that got to connect into your platform. So So how are those ecosystem partnerships evolving? >>Well, we are kind of the enabler, but we are providing to the operator the partnerships is then going through the operator. It could be any kind of you can say external instrument that we have today and the kind of you can go directly to the bank. You can go directly to any court provider. You have these amongst the court, etcetera and so on. But these are all partners of the and you can stay connected through there. You can say operator assault today. So what we're doing actually, with our platform is to kind of make the enable them to kind of provide the food ecosystem as partnership to to operate as us today. Here, So that that's kind of the baseline that we see how you can say we are sort of supporting of building the full ecosystem around the platform in order to connect here has come to both the like, the card. As I said here, the merchant, the bank, any kind of type of you can say I will say service provider here, but that we can see could enable the ecosystem >>okay. And so I mean, I don't want to geek out here, but it sounds like it's an open system that my developers can plug into through a p i s They're not gonna throw cold water on that. They're going to embrace it. So yeah, this is actually easy for me to integrate with, Is that correct? >>Correct. Correct. And they open API that we're actually providing today. I think that you can say there are five thousands of you can say developer, just you can say connecting to our system. And actually, we're also providing both sandbox and and other application in order to support this developers in order to to kind of create this ecosystem here. So it's a multiple things that we we see through you can say, hear, hear the both the partners partnership the open API or you can say the development that is doing through through the channels. So I mean, it's a fascinating, amazing development that we see up front here right now. >>Now, what's H. P s role in all this? What are they providing? How are you partnering with them? >>So it's very good question, I would say. And we we look back, you can say and we we have evaluated a lot of you say that the provider fruit year here, And, uh, you can just imagine the the kind of, uh, stability that we need to provide when it comes to the financial inclusion system here because what we need to have a very strong uptake of, uh, making sure that we don't both go with the performance and the stability and what we have seen in our lab is that hypocrisy today is we have domestically evolved how you can say our stability assessed on the system. And right now we are leveraging the the dog is with the microservices here, together with HV on the platform that you're providing. So I will say that the transformation we have done in the stability that we have get through the food. You can say HP system is really fantastic at the moment. >>Well, and you know, I'm no security expert, but I talked to a lot of security experts and what I what I do know is they tell me that that you can't just bolt security on. It's got to be designed in from the start. I would imagine that that's part of the HPD partnership. But what about security? Can I fully trust this platform >>now? It's It's very, very valid question. I would say we we have one of the most you can say secure system here were also running multiple external. You can say, uh, system validation there is called The PNDs s certification is a certification, But we we have external auditor, you can say trying to breach the system. Look at the process that we are developing making sure that we have You can say all of you can say the documentation really in shape and seeing that we follow the procedure when we are both developing the code and and also when we're looking into all the a p I s that were actually exposed to to to our end users. So I would say that we haven't had any bridge on our system and we we really working tightly. I'll say both together with I'll say, H b and and of course, the the customer, such and? And every time we do a Lawrence, we also make you can say final security validation on the system here in order to sort of see that we have and and two and because the application that is completely secure, So so that that that that's a very, very important topic. For from our point of view, >>Yeah, because it's the usual. I don't even want to think about that. Like I set up front. It's It's got to be hidden from me, all that complexity. But there's sort of the same question around compliance and privacy. I mean, often security, privacy. There's sort of two sides of the same coin, but compliance privacy You've got to worry about K. Y. C Know your customer? Uh, there's a lot of complexity around that, and and so that's another key piece. >>Mhm Now. Like you said, the K Y C is an important part that we have fully support in our system and we validate. You can say all the uses We we also are running, You can say with our credit scoring companies that the you can say our operator or are partnering with. So this combined, you can say, with both the K Y C and then and the credit scoring. But there were performing that. Let's make us a very you can say unique, stable platform as such. >>Okay, last question is, is what about going forward? What's the road map look like? What can you share? What should we expect going forward in terms of the impact that this will have on society and how the technology will evolve. >>Well, what is he going forward? And that's a very interesting question, because what we what we see right now is how we we we kind of have changed the life for for so many. You can say unbanked people here and we would like to have You can say, uh, any kind of assets that going forward here, any kind of you can see that the digital currency is a bouldering through both government. You can see over top players like Google. You can say, What's up all of these things. Here we want to be the one, but also connecting. You can say this type of platform together and see that we could be the heart of the ecosystem going forward here, independent in what kind of you can say customer we're aiming for. So I would say this This is kind of the role that we will play in the future here, depending on what kind of currency it would be. So it's very interesting future we see. With this, you can say abroad digital currency in the market and the trends that we are now right now, evolving on >>very exciting when we're talking about elevating, you know, potentially billions of people all, uh, thanks very much for sharing this innovation with the audience. And best of luck with this incredible platform. Congratulations. >>Thank you so much, Dave. And once again, thank you for having me here, and I'll talk to you soon again. Thank you. >>Thank you. It's been our pleasure. And thank you for watching. This is Dave Valenti. >>Yeah. Mhm. Yeah. Mhm. Okay.

(upbeat music playing) >> Okay, now we're going to look deeper into the intersection of technology and money and actually a force for good mobile and the infrastructure around it has made sending money as easy as sending a text. But the capabilities that enable this to happen are quite amazing, especially because as users we don't see the underlying complexity of the transactions. We just enjoy the benefits and there's many parts of the world that historically have not been able to enjoy these benefits. And the ecosystems that are developing around these new platforms are truly transformative. And with me to explain the business impacts of these innovations is all a person who was the head of mobile financial services at Ericsson Allah. Welcome to the program. Thanks for coming on. >> Thank you, Dave. Thank you for having me here in the program. And they're really excited to tell me tell us about the product that we have within Ericsson. >> Well, let's get right into it. I mean your firm has developed the Ericsson wallet platform. What is that plan? >> Yes. The wallet platform is one of the product but being, you can say offer here by Erickson and the platform is built on enabled financial services not for only the bank segment, but also for the unbanked. And we have, the function that we are providing a such here is both transfer the service provider payment. You have the cash in the cash out you have a lots of other features that we kind of enable through the ecosystem as such. And I would really like you say to emphasize on the use. And they're the really, I would say connectivity that we have in these platform here, because looking at you can say the pandemic assaults here. Now we really have made, you can say tremendous Shane here through all the function, et cetera feature that we have here. >> Yeah. And I mean, I I'm surrounded by banks in Massachusetts. No problem. I'm in Boston, right? So, but there's a lot of places in the world that aren't I take for granted some of the capabilities that are there, but part of this is to enable people who don't have access to those types of services. Maybe you could talk about that and talk about some of the things that you're enabling with the platform >> Right? You just think of there you can say unbanked people here but we have across the emerging market. I think we have 1.7 billion unbanked people here but we actually can through one of the path from enable proof getting a bank account, et cetera, and so on here. And what we actually providing, you can say in, in this in this feature rates here is that you you can pay your electricity bill. For example, here, you can pay your bill and you can go through merchant, you can do the cash out. You can do multiple thing here, just like, I mean, to enable the, the departure that financial inclusion that we have. So, I mean, from my point of view, where we see things, as I said we also sit in Sweden, we have bank account we have something called swish where we send you can say money back and back and forth between the family, et cetera. On these type of transaction, we can have enable for all. You can say the user better come across the platform here and the, the kind of growth that we have within this usage here. And we seeing also, I mean we leverage here to get with a speed today on a fantastic scale that we actually have here with I would say are both, you can say feature performance going I will say re really in the direction. But we couldn't imagine here. You can say a few years back here. It is fantastic transformation but we undergo here through the platform of the technology that we have. >> No, it reminds me of sort of the early days of mobile people talked about being able to connect remote users in places like Africa or other parts of the world that haven't been able to enjoy things like a land line. And I presume you're seeing a lot of interest in those types of regions. Maybe you could talk about that a little bit. >> Yeah. Correct. I mean we see all of these region here about, for example, now we not only entering, you can say the specifically the Africa region but also you can say the middle East and the Asia Pacific and also actually Latin America. I mean, a lot of these country here, all looking into you can say the expansion, how they can evolve you can say the financial inclusion from what they have today, when they are, and you can say from telco provider, they would like to have an asset of different use cases here. And we're seeing that transformation, but we have right now from just voice, you can say SMS and 5G, et cetera. This is the platform that we have to sort of enable the transaction for a mobile financial system. But we would like also to see about the kind of operator or bond being the business with much more features here. And this is another, you can say, I was attraction to attract the user where the the mobile transfer system. We see these kind of expanding very heavily in these, these kind of market. >> I think this is really transformative, not, I mean in terms of people's lives. I mean, your first of all, you're talking about the convenience of being able to move money as bits as opposed to paper, but as well I would think supporting entrepreneurship and businesses getting started, I mean, there's a whole set of cultural and societal impacts that you're having. How do you see that? >> Yeah. We also provide the, you say, I mean is also supporting, say micro loans and need as an entrepreneurial sort of stock. You can say any kind of company. You need to get off these, this around here. We have seen that we have a of enterprise. Those is a cross functional, the whole asset that we are, that we are oriented today. >> Talk a little bit about partnerships and ecosystems. I know you've got big partnerships with, with HPE. We're going to get to that. They're kind of as a technology provider, but what about, other partnerships like I'm imagining that if I'm going to pay my bill with this you've got other providers that got to connect into your platform. How are those ecosystem partnerships evolving? >> Well, are kind of enabler about we are providing to the operator. The partnerships is then going through the operator. It could be any kind of you can say external instrument that we have today and they can know if you can go directly to that to the bank, you can go directly to any core provider. You have these most et cetera, so on but these are all partners would be in. You could say connected through there. You can say, operate through a subsidy. What we doing actually with our platform is to kind of make the navel and to kind of provide the food ecosystem as partnership to operate a SAS today here. That's kind of the baseline that we see how you can say. We are sort of supporting of building the full ecosystem around the platform in order to connect here. Wells come to both the light, the cord as I said, here, the merchant, the bank, any kind of, type of, you can say I would say service provider here but that we can see could enable the ecosystem. >> Okay. And I don't want to geek out here but it sounds like it's an open system that my developers can plug into through APIs. They're not going to throw cold water on it. They're going to embrace it and say, Oh yeah this is actually easy for me to integrate with. Is that correct? >> Correct. Correct. And the open API that we actually are providing today I think that you can say there are thousands of you can say developer, just you can say connecting to our system. And actually we also providing both sandbox and Ann Arbor. You can see the application in order to support this to developers in order to kind of create this ecosystem here. It's a multiple things that we see through what you can say here, they're both the partners partnership, the open API, or you can say that the development that is doing for prudent channels. So, I mean, it's an fascinating amazing development that we'll see our frontier right now. >> Now what's HP's role in all this, what are they providing? How are you partnering with them? >> It's very good question. I will say. And we look back, you can say, and we have evaluate a lot of you say that the provide the fruit year here and you can just imagine the kind of stability that we need to provide when come to the financial inclusion system here because what we need to have a very strong uptake of making sure that we don't both go with the performance and the stability. And what we have seen in our lab is that the partnership with HP have domestically evolve. Our, you can say our stability assessed on the system. And right now we are leveraging the Dockers with the microservices here to get with HB on the platform that you're providing. I would say that the transformation we have done in disability, but we have get through the food. You can say HP system is, is really fantastic at the moment. >> I'm no security expert, but I talked to a lot of security experts in what I do know is they tell me that, that you can't just bolt security on. It's going to be designed in from the start. I would imagine that that's part of the HPP partnership but what about security? Can I fully trust this platform? >> No, it's very valid question. I will say we have one of the most you can say secure system here we also running multiple external. You can say a system validation data it's called the PRD assess certification is a certification but we have external auditor. You can say trying to breach the system look at the process that we are developing making sure that we have, you can say, or off you can say the documentation really in shape. And seeing that we follow the procedure when we are both developing the code. And also when we look into all the API that we actually exposed to our end users. I would say that we haven't had any breach on our system. And we really work in tightly. I would say both to get with, I would say HP and the of course the customers out and every time we do a low once, we also make you can say final security validation on the system here in order to sort of see that we have an end to end because the application, but it's completely secure. That's a very important topic from our point of view. >> There's a usual, I don't even want to think about that. Like I said, up front it's going to be hidden from me all that complexity, but it's sort of same question around compliance and privacy. I an often, security, privacy there's sort of two sides of the same coin, but compliance privacy you've got to worry about KYC, know your customer. There's a lot of complexity around that. And that's another key piece. >> Now, like you said, the KYC is an important part that we have food support in our system. And then we validate you can say all the users, we also are running you can say without credit scoring companies, the you can say operator or partnering with, his combined you can say with both the KYC and the credit scoring that we are performing, that's make us a very you can say unique, stable platform and such. >> Last question is, what about going forward? What's the roadmap look like? What can you share? What should we expect going forward in terms of the impact that this will have on society and how the technology will evolve? >> Well, what is he going forward? That's very interesting question because what we see right now is how we kind of have changed the life for so many. You can say unbanked people here, and we would like to have you can say any kind of assets that going forward here, any kind of you can see that the digital currency is evolving through both government. You can see over the top players like Google you can say WhatsApp, all of these things here. We want to be the one that also connecting. You can say these type of platform together and see that we could be the heart of the ecosystem going forward here, independent in what kind of, you can say customer we aiming for. I will say this is kind of the role that we will play in the future here, depending on what kind of currency it would be. It's a very interesting future. We see with this you can say overall digital currency, the market and the trends that we are now right now evolving on. >> Very exciting. And we were talking about elevating, potentially billions of people, all... Thanks very much for sharing this innovation with the audience and best of luck with this incredible platform. Congratulations. >> Thank you so much, Dave. And once again, thank you for having me here. And I'll talk to you soon again. Thank you. >> Thank you. It's been our pleasure and thank you for watching. This is Dave Vellante. (upbeat music playing)

>> Announcer: From around the globe, it's theCUBE. With digital coverage of VMworld 2020, brought to you by VMware and its ecosystem partners. >> Welcome back, I'm Stu Miniman. This is theCUBE's coverage of VMworld 2020 of course, happening virtually. And there are certain people that we talk to every year at theCUBE, and this guest, I believe, has been on theCUBE at VMworld more than any others. It's actually not Pat Gelsinger, Eric Herzog. He is the chief marketing officer and vice president of global storage channels at IBM. Eric, Mr. Zoginstor, welcome back to theCUBE, nice to see you. >> Thank you very much, Stu. IBM always enjoys hanging with you, John, and Dave. And again, glad to be here, although not in person this time at VMworld 2020 virtual. Thanks again for having IBM. >> Alright, so, you know, some things are the same, others, very different. Of course, Eric, IBM, a long, long partner of VMware's. Why don't you set up for us a little bit, you know, 2020, the major engagements, what's new with IBM and VMware? >> So, a couple of things, first of all, we have made our Spectrum Virtualize software, software defined block storage work in virtual machines, both in AWS and IBM Cloud. So we started with IBM Cloud and then earlier this year with AWS. So now we have two different cloud platforms where our Spectrum Virtualize software sits in a VM at the cloud provider. The other thing we've done, of course, is V7 support. In fact, I've done several VMUGs. And in fact, my session at VMworld is going to talk about both our support for V7 but also what we're doing with containers, CSI, Kubernetes overall, and how we can support that in a virtual VMware environment, and also we're doing with traditional ESX and VMware configurations as well. And of course, out to the cloud, as I just talked about. >> Yeah, that discussion of hybrid cloud, Eric, is one that we've been hearing from IBM for a long time. And VMware has had that message, but their cloud solutions have really matured. They've got a whole group going deep on cloud native. The Amazon solutions have been something that they've been partnering, making sure that, you know, data protection, it can span between, you know, the traditional data center environment where VMware is so dominant, and the public clouds. You're giving a session on some of those hybrid cloud solutions, so share with us a little bit, you know, where do the visions completely agree? What's some of the differences between what IBM is doing and maybe what people are hearing from VMware? >> Well, first of all, our solutions don't always require VMware to be installed. So for example, if you're doing it in a container environment, for example, with Red Hat OpenShift, that works slightly different. Not that you can't run Red Hat products inside of a virtual machine, which you can, but in this case, I'm talking Red Hat native. We also of course do VMware native and support what VMware has announced with their Kubernetes based solutions that they've been talking about since VMworld last year, obviously when Pat made some big announcements onstage about what they were doing in the container space. So we've been following that along as well. So from that perspective, we have agreement on a virtual machine perspective and of course, what VMware is doing with the container space. But then also a slightly different one when we're doing Red Hat OpenShift as a native configuration, without having a virtual machine involved in that configuration. So those are both the commonalities and the differences that we're doing with VMware in a hybrid cloud configuration. >> Yeah. Eric, you and I both have some of those scars from making sure that storage works in a virtual environment. It took us about a decade to get things to really work at the VM level. Containers, it's been about five years, it feels like we've made faster progress to make sure that we can have stateful environments, we can tie up with storage, but give us a little bit of a look back as to what we've learned and how we've made sure that containerized, Kubernetes environments, you know, work well with storage for customers today. >> Well, I think there's a couple of things. First of all, I think all the storage vendors learn from VMware. And then the expansion of virtual environments beyond VMware to other virtual environments as well. So I think all the storage vendors, including IBM learned through that process, okay, when the next thing comes, which of course in this case happens to be containers, both in a VMware environment, but in an open environment with the Kubernetes management framework, that you need to be able to support it. So for example, we have done several different things. We support persistent volumes in file block and object store. And we started with that almost three years ago on the block side, then we added the file side and now the object storage side. We also can back up data that's in those containers, which is an important feature, right? I am sitting there and I've got data now and persistent volume, but I got to back it up as well. So we've announced support for container based backup either with Red Hat OpenShift or in a generic Kubernetes environment, because we're realistic at IBM. We know that you have to exist in the software infrastructure milieu, and that includes VMware and competitors of VMware. It includes Red Hat OpenShift, but also competitors to Red Hat. And we've made sure that we support whatever the end user needs. So if they're going with Red Hat, great. If they're going with a generic container environment, great. If they're going to use VMware's container solutions, great. And on the virtualization engines, the same thing. We started with VMware, but also have added other virtualization engines. So you think the storage community as a whole and IBM in particular has learned, we need to be ready day one. And like I said, three years ago, we already had persistent volume support for block store. It's still the dominant storage and we had that three years ago. So for us, that would be really, I guess, two years from what you've talked about when containers started to take off. And within two years we had something going that was working at the end user level. Our sales team could sell our business partners. As you know, many of the business partners are really rallying around containers, whether it be Red Hat or in what I'll call a more generic environment as well. They're seeing the forest through the trees. I do think when you look at it from an end user perspective, though, you're going to see all three. So, particularly in the Global Fortune 1000, you're going to see Red Hat environments, generic Kubernetes environments, VMware environments, just like you often see in some instances, heterogeneous virtualization environments, and you're still going to see bare metal. So I think it's going to vary by application workload and use case. And I think all, I'd say midsize enterprise up, let's say, $5 billion company and up, probably will have at least two, if not all three of those environments, container, virtual machine, and bare metal. So we need to make sure that at IBM we support all those environments to keep those customers happy. >> Yeah, well, Eric, I think anybody, everybody in the industry knows, IBM can span those environments, you know, support through generations. And very much knows that everything in IT tends to be additive. You mentioned customers, Eric, you talk to a lot of customers. So bring us inside, give us a couple examples if you would, how are they dealing with this transition? For years we've been talking about, you know, enabling developers, having them be tied more tightly with what the enterprise is doing. So what are you seeing from some of your customers today? >> Well, I think the key thing is they'd like to use data reuse. So, in this case, think of a backup, a snap or replica dataset, which is real world data, and being able to use that and reuse that. And now the storage guys want to make sure they know who's, if you will, checked it out. We do that with our Spectrum Copy Data Management. You also have, of course, integration with the Ansible framework, which IBM supports, in fact, we'll be announcing some additional support for more features in Ansible coming at the end of October. We'll be doing a large launch, very heavily on containers. Containers and primary storage, containers in hybrid cloud environments, containers in big data and AI environments, and containers in the modern data protection and cyber resiliency space as well. So we'll be talking about some additional support in this case about Ansible as well. So you want to make sure, one of the key things, I think, if you're a storage guy, if I'm the VP of infrastructure, or I'm the CIO, even if I'm not a storage person, in fact, if you think about it, I'm almost 70 now. I have never, ever, ever, ever met a CIO who used to be a storage guy, ever. Whether I, I've been with big companies, I was at EMC, I was at Seagate Maxtor, I've been at IBM actually twice. I've also done seven startups, as you guys know at theCUBE. I have never, ever met a CIO who used to be a storage person. Ever, in all those years. So, what appeals to them is, how do I let the dev guys and the test guys use that storage? At the same time, they're smart enough to know that the software guys and the test guys could actually screw up the storage, lose the data, or if they don't lose the data, cost them hundreds of thousands to millions of dollars because they did something wrong and they have to reconfigure all the storage solutions. So you want to make sure that the CIO is comfortable, that the dev and the test teams can use that storage properly. It's a part of what Ansible's about. You want to make sure that you've got tight integration. So for example, we announced a container native version of our Spectrum Discover software, which gives you comprehensive metadata, cataloging and indexing. Not only for IBM's scale-out file, Spectrum Scale, not only for IBM object storage, IBM cloud object storage, but also for Amazon S3 and also for NetApp filers and also for EMC Isilon. And it's a container native. So you want to make sure in that case, we have an API. So the AI software guys, or the big data software guys could interface with that API to Spectrum Discover, let them do all the work. And we're talking about a piece of software that can traverse billions of objects in two seconds, billions of them. And is ideal to use in solutions that are hundreds of petabytes, up into multiple exabytes. So it's a great way that by having that API where the CIO is confident that the software guys can use the API, not mess up the storage because you know, the storage guys and the data scientists can configure Spectrum Discover and then save it as templates and run an AI workload every Monday, and then run a big data workload every Tuesday, and then Wednesday run a different AI workload and Thursday run a different big data. And so once they've set that up, everything is automated. And CIOs love automation, and they really are sensitive. Although they're all software guys, they are sensitive to software guys messing up the storage 'cause it could cost them money, right? So that's their concern. We make it easy. >> Absolutely, Eric, you know, it'd be lovely to say that storage is just invisible, I don't need to think about it, but when something goes wrong, you need those experts to be able to dig in. You spent some time talking about automation, so critically important. How about the management layer? You know, you think back, for years it was, vCenter would be the place that everything can plug in. You could have more generalists using it. The HCI waves were people kind of getting away from being storage specialists. Today VMware has, of course vCenter's their main estate, but they have Tanzu. On the IBM and Red Hat side, you know, this year you announced the Advanced Cluster Management. What's that management landscape look like? How does the storage get away from managing some of the bits and bytes and, you know, just embrace more of that automation that you talked about? >> So in the case of IBM, we make sure we can support both. We need to appeal to the storage nerd, the storage geek if you will. The same time to a more generalist environment, whether it be an infrastructure manager, whether it be some of the software guys. So for example, we support, obviously vCenter. We're going to be supporting all of the elements that are going to happen in a container environment that VMware is doing. We have hot integration and big time integration with Red Hat's management framework, both with Ansible, but also in the container space as well. We're announcing some things that are coming again at the end of October in the container space about how we interface with the Red Hat management schema. And so you don't always have to have the storage expert manage the storage. You can have the Red Hat administrator, or in some cases, the DevOps guys do it. So we're making sure that we can cover both sides of the fence. Some companies, this just my personal belief, that as containers become commonplace while the software guys are going to want to still control it, there eventually will be a Red Hat/container admin, just like all the big companies today have VMware admins. They all do. Or virtualization admins that cover VMware and VMware's competitors such as Hyper-V. They have specialized admins to run that. And you would argue, VMware is very easy to use, why aren't the software guys playing with it? 'Cause guess what? Those VMs are sitting on servers containing both apps and data. And if the software guy comes in to do something, messes it up, so what have of the big entities done? They've created basically a virtualization admin layer. I think that over time, either the virtualization admins become virtualization/container admins, or if it's a big enough for both estates, there'll be container admins at the Global Fortune 500, and they'll also be virtualization admins. And then the software guys, the devOps guys will interface with that. There will always be a level of management framework. Which is why we integrate, for example, with vCenter, what we're doing with Red Hat, what we do with generic Kubernetes, to make sure that we can integrate there. So we'll make sure that we cover all areas because a number of our customers are very large, but some of our customers are very small. In fact, we have a company that's in the software development space for autonomous driving. They have over a hundred petabytes of IBM Spectrum Scale in a container environment. So that's a small company that's gone all containers, at the same time, we have a bunch of course, Global Fortune 1000s where IBM plays exceedingly well that have our products. And they've got some stuff sitting in VMware, some such sitting in generic Kubernetes, some stuff sitting in Red Hat OpenShift and some stuff still in bare metal. And in some cases they don't want their software people to touch it, in other cases, these big accounts, they want their software people empowered. So we're going to make sure we could support both and both management frameworks. Traditional storage management framework with each one of our products and also management frameworks for virtualization, which we've already been doing. And now management frame first with container. We'll make sure we can cover all three of those bases 'cause that's what the big entities will want. And then in the smaller names, you'll have to see who wins out. I mean, they may still use three in a small company, you really don't know, so you want to make sure you've got everything covered. And it's very easy for us to do this integration because of things we've already historically done, particularly with the virtualization environment. So yes, the interstices of the integration are different, but we know here's kind of the process to do the interconnectivity between a storage management framework and a generic management framework, in, originally of course, vCenter, and now doing it for the container world as well. So at least we've learned best practices and now we're just tweaking those best practices in the difference between a container world and a virtualization world. >> Eric, VMworld is one of the biggest times of the year, where we all get together. I know how busy you are going to the show, meeting with customers, meeting with partners, you know, walking the hallways. You're one of the people that traveled more than I did pre-COVID. You know, you're always at the partner shows and meeting with people. Give us a little insight as to how you're making sure that, partners and customers, those conversations are still happening. We understand everything over video can be a little bit challenging, but, what are you seeing here in 2020? How's everybody doing? >> Well, so, a couple of things. First of all, I already did two partner meetings today. (laughs) And I have an end user meeting, two end user meetings tomorrow. So what we've done at IBM is make sure we do a couple things. One, short and to the point, okay? We have automated tools to actually show, drawing, just like the infamous walk up to the whiteboard in a face to face meeting, we've got that. We've also now tried to make sure everybody is being overly inundated with WebEx. And by the way, there's already a lot of WebEx anyway. I can think of meeting I had with a telco, one of the Fortune 300, and this was actually right before Thanksgiving. I was in their office in San Jose, but they had guys in Texas and guys in the East Coast all on. So we're still over WebEx, but it also was a two and a half hour meeting, actually almost a three hour meeting. And both myself and our Flash CTO went up to the whiteboard, which you could then see over WebEx 'cause they had a camera showing up onto the whiteboard. So now you have to take that and use integrated tools. One, but since people are now, I would argue, over WebEx. There is a different feel to doing the WebEx than when you're doing it face to face. We have to fly somewhere, or they have to fly somewhere. We have to even drive somewhere, so in between meetings, if you're going to do four customer calls, Stu, as you know, I travel all over the world. So I was in Sweden actually right before COVID. And in one day, the day after we had a launch, we launched our new Flash System products in February on the 11th, on February 12th, I was still in Stockholm and I had two partner meetings and two end user meetings. But the sales guy was driving me around. So in between the meetings, you'd be in the car for 20 minutes or half an hour. So it connects different when you can do WebEx after WebEx after WebEx with basically no break. So you have to be sensitive to that when you're talking to your partners, sensitive of that when you're talking to the customers sensitive when you're talking to the analysts, such as you guys, sensitive when you're talking to the press and all your various constituents. So we've been doing that at IBM, really, since the COVID thing got started, is coming up with some best practices so we don't overtax the end users and overtax our channel partners. >> Yeah, Eric, the joke I had on that is we're all following the Bill Belichick model now, no days off, just meeting, meeting, meeting every day, you can stack them up, right? You used to enjoy those downtimes in between where you could catch up on a call, do some things. I had to carve out some time to make sure that stack of books that normally I would read in the airports or on flights, everything, you know. I do enjoy reading a book every now and again, so. Final thing, I guess, Eric. Here at VMworld 2020, you know, give us final takeaways that you want your customers to have when it comes to IBM and VMware. >> So a couple of things, A, we were tightly integrated and have been tightly integrated for what they've been doing in their traditional virtualization environment. As they move to containers we'll be tightly integrated with them as well, as well as other container platforms, not just from IBM with Red Hat, but again, generic Kubernetes environments with open source container configurations that don't use IBM Red Hat and don't use VMware. So we want to make sure that we span that. In traditional VMware environments, like with Version 7 that came out, we make sure we support it. In fact, VMware just announced support for NVMe over Fibre Channel. Well, we've been shipping NVMe over Fibre Channel for just under two years now. It'll be almost two years, well, it will be two years in October. So we're sitting here in September, it's almost been two years since we've been shipping that. But they haven't supported it, so now of course we actually, as part of our launch, I pre say something, as part of our launch, the last week of October at IBM's TechU it'll be on October 27th, you can join for free. You don't need to attend TechU, we'll have a free registration page. So just follow Zoginstor or look at my LinkedIns 'cause I'll be posting shortly when we have the link, but we'll be talking about things that we're doing around V7, with support for VMware's announcement of NVMe over Fibre Channel, even though we've had it for two years coming next month. But they're announcing support, so we're doing that as well. So all of those sort of checkbox items, we'll continue to do as they push forward into the container world. IBM will be there right with them as well because we know it's a very large world and we need to support everybody. We support VMware. We supported their competitors in the virtualization space 'cause some customers have, in fact, some customers have both. They've got VMware and maybe one other of the virtualization elements. Usually VMware is the dominant of course, but if they've got even a little bit of it, we need to make sure our storage works with it. We're going to do the same thing in the container world. So we will continue to push forward with VMware. It's a tight relationship, not just with IBM Storage, but with the server group, clearly with the cloud team. So we need to make sure that IBM as a company stays very close to VMware, as well as, obviously, what we're doing with Red Hat. And IBM Storage makes sure we will do both. I like to say that IBM Storage is a Switzerland of the storage industry. We work with everyone. We work with all these infrastructure players from the software world. And even with our competitors, our Spectrum Virtualized software that comes on our Flash Systems Array supports over 550 different storage arrays that are not IBM's. Delivering enterprise-class data services, such as snapshot, replication data, at rest encryption, migration, all those features, but you can buy the software and use it with our competitors' storage array. So at IBM we've made a practice of making sure that we're very inclusive with our software business across the whole company and in storage in particular with things like Spectrum Virtualize, with what we've done with our backup products, of course we backup everybody's stuff, not just ours. We're making sure we do the same thing in the virtualization environment. Particularly with VMware and where they're going into the container world and what we're doing with our own, obviously sister division, Red Hat, but even in a generic Kubernetes environment. Everyone's not going to buy Red Hat or VMware. There are people going to do Kubernetes industry standard, they're going to use that, if you will, open source container environment with Kubernetes on top and not use VMware and not use Red Hat. We're going to make sure if they do it, what I'll call generically, if they use Red Hat, if they use VMware or some combo, we will support all of it and that's very important for us at VMworld to make sure everyone is aware that while we may own Red Hat, we have a very strong, powerful connection to VMware and going to continue to do that in the future as well. >> Eric Herzog, thanks so much for joining us. Always a pleasure catching up with you. >> Thank you very much. We love being with theCUBE, you guys do great work at every show and one of these days I'll see you again and we'll have a beer. In person. >> Absolutely. So, definitely, Dave Vellante and John Furrier send their best, I'm Stu Miniman, and thank you as always for watching theCUBE. (relaxed electronic music)

>> So, hi, my name is Daniel Terry, I work as Lead Designer at SEB. So, today we will go through why we are why we are Mirantis' customer, why we choose Docker Enterprise, and mainly what challenges we were facing before we chose to work with Docker, and where we are today, and our keys to success. >> Hi, my name is Johan, I'm a senior developer and a Tech Lead at SEB. I was in the beginning with Docker for like, four years ago. And as Daniel was saying here, we are going to present to you our journey with Docker and the answers. >> Yeah, who are we? We are SEB group. So we are a classic, financial large institutions. So, classic and traditional banking services. In Sweden, we are quite a big bank, one of the largest. And we are on a journey of transforming the bank so it has to be online 24-seven. People can do their banking business every day, whenever they want, nothing should stop them to be online. So this is putting a lot of pressure on us on infrastructure to be able to give them that service. (drum fill) >> So our timeline here. Is look, we started out with how to facilitate the container technology it has to be. 2016. And, in 2018, we had the first Docker running in SEB in a standalone mode. You need that. We didn't have any swarm, or given up this cluster since a while. For 2019, we have our first Docker-prise enterprise cluster at SEB. And today, 2020, we have the latest and greatest version of Docker installed. We are running around approximately two and a fifth at 450 specs. Around a thousand services and around 1500 containers. So, developer challenges. As for me as a developer, previous to Docker was really, really hard to get things in production. Times. It took big things and ordering services and infrastructures was a pain in the... yeah, you know what I mean? So for me, it was all about processes. We use natural processes and meaning that I wasn't able to, to see maintaining my system in production. I was handing that over to our operations teams and operation teams in that time, they didn't know how the application works. They didn't know how to troubleshoot it and see, well, what's going wrong. They were experts on the infrastructure and the platforms, but not on our applications. We were working in silos, meaning that I as a developer, only did developing things. The operations side did their things, and the security side did their things. But we didn't work as a team. I mean, today we have a completely different way of working. We will not see shapes. I mean, we have persons that were really good in maybe MQ technologies, or in some programming language and so on, but we didn't have the knowledge in the team techs to solve things, as we should have. Long lead times. I mean, everything we were trying to do had to follow the processes as we had. I mean that we should fill in some forms, send it away, hopefully someone was getting, getting back to us and saying, yeah guys, we can help you out with these services or this infrastructure, but it takes a really long time to do that. I mean, ordering infrastructure is when you're not an expert on that really hard to do. And often the orders we made or placed were wrong. When we have forms to fill in, it wasn't possible for us to do things automatically. Meaning that we didn't have the code, or the infrastructure as code. Meaning that if we didn't get the right persons into the meetings the first time, we didn't have the possibility to do it the right way, meaning that we had to redo and redo, and hopefully sometimes we got the right. We didn't have consistent set ups between the environments. When we order, as for example, a test environment, we could maybe order it with some minor resources, less CPU, so less memory, less disc or whatever. Or actually less performance on the hardware, but then we moved up to production. We realized that we have different hardware, different discs, different memories, and that could actually cause some serious problems in applications, access-wise. I mean, everyone likes to have exercise, especially if you are the maintainer of the system. That was really, really hard to get. I mean, every system has their own services, their own service, and therefore they need to apply for access to those other services. But today there's a complete difference since we only have one class to produce. Since we don't have infrastructure as a code back then, there were really lots of human errors. I mean, everyone was doing things manually. When you're coming from the Windows perspective, everything is a UI. You tend to prefer that way of working, meaning that if you used to click something in between the environments, the environments will not look the same. Life cycles. I mean, just imagine. When we have the server installed, it's like a pet. You have everything configured all from certificates to port openings, cartels, install patches, you name it. And then imagine that Windows are terminating a version and you need to reinstall that. Everything needs to be redone from the beginning. So there was a really long time taking to, to do the LCM activities, General lack of support of Microservice architecture was really also, a thing that are driving us forward with the containers technology, since we can't scale our applications in the same way as for containers. We, for example, couldn't have two applications or two processes using the same TCP port. For example, if you'd like to scale a web server, you can't do that on the same hardware. You need to have two different servers. And just imagine replacing all the excesses, replacing all the orders again for more hardware, and then manually a setting up there. The low balancer in front is a really huge task to do. And necessarily if you don't have the knowledge how the infrastructure is where you're working, then it's also really hard for you as a developer to do things right. Traditionalist. I mean, the services for us are like pets. They were really, really hard to set up. It'd take maybe a week or so. And if something was wrong with them, we will try to fix them as a pet. I mean, we couldn't just kill them and throw them away. It will actually destroy the application as this, our, like a unit box where all our things are installed. >> So, coming in from the infrastructure part of this, we've also seen challenges. For my team, we're coming from a Windows environment. So doing like a DevOps journey, which we want to do, makes it harder due to our nature in our environments. We are not used to, maybe use API, so we are not used to giving open APIs to our developers to do changes on the servers. Since we are a bank, we don't allow users to log into the servers, which means we have to do things for them all the time. This was very time consuming. And a lot of the challenges we actually still are seeing is the existing infrastructure. You can't just put that container platform on it, and thinking you're sold and everything. One of the biggest issues for us is, has been to getting servers. Windows servers usually takes like 15 minutes, Linux servers can takes up to two week in a bad day. So we really lack like, infrastructure as code. If we want a low balancer, that is also an order form. If we want the firewall opening, that's an order form. Hopefully they will not deny it. So it will go faster. So it's a lot of old processes that we need to go through. So what we wanted to do is that we want to move all of these things to the developers, so they can do it. They can own up their problems, but with our old infrastructure, that wasn't possible. We are a heavily ITIL-based organization, meaning that everything went from a cab. Still does in some way, we have one major service window every month where we take everything down. There is a lot of people involved in everything. So it's quite hard to know what will be done during the maintenance window. We lack supporting tools, or we lacked supporting tools, like log-in, good log-in tools. We have a bunch of CI/CD tools, but the maturity level of the infrastructure team wasn't that good. Again, order form and processes. If we want to, like, procure, do our procurement on a new like, storage system, or a backup system, we talk about here. So to do it is, for us, with containers, it would solve a lot of problems, because we cause we would then move the problems, not maybe move the problems to the developer, but we would make it able for them to own their own problems. So everything that we have talked about up till now boils down to business drivers. So the management's gave- gave us some policies to, or what they, how they want to change the company, so we can be this agile and fast moving bank. So one of the biggest drivers are cloud readiness, where Containers comes in perfectly. So we can build it on premises, and then we can move it to the cloud when we are ready but we can't, but we also need an exit strategy to move it back on premises if we need, due to hard regulations. Maybe you can throw it in the air. >> Absolutely. I definitely can. You're absolutely right. We need to develop things in a certain way. So we can move from infrastructure to infrastructure depending, or regardless of the vendor. Meaning that if we are able to run it on-prem, we should be able to run it in cloud or vice versa. We should also be able to move between clouds, and not be forced into one cloud provider. So that's really important for us at SEB. Short time to market is also a thing here. I mean, we are working with the huge customers. I can't name them, but they're really huge. And they need to have us being moving forward. I mean, able to really fast switch from one technology, maybe to another, we are here for them. And it's really important to us to be really fast for us to get new things out in production. All right, maybe. Nothing else? >> I don't, don't really. From the upside, we are in a huge staff DevOps transition. So, or a forced DevOps transition, which means we need to start looking at new infrastructure solutions, maybe deploy our infrastructure parts inside of containers to be able to use it the same way in the cloud. That's what we do prior, do here on premises, we have private clouds which are built on techno- technology, container technology today. So this fits quite good to have the Docker platform being one part of that one. >> Yeah. And this is solid, we are also working really, really actively on open source platforms and open source drivers. We can see that we have a huge amount of vendors in SEB, really huge ones, but we can also see that we can, facilitate open source platforms, and open source technology as well. So container technology will bring that for us. I mean, instead of having a SaaS platform and SaaS services, we can actually instantiate our own with containers and stuff. >> Also we are, since we are quite heavily regulated, the process of going through to you as like a SaaS service can take up to two years for us to go through, and then maybe the SaaS service, is it, is it what we want to use anymore? So, also we want to develop the things in our own premises and maybe, and scale it to the cloud if we need. And also we want to be an attractive employer, where maybe it's not that, the coolest thing for a young student to work in mainframe, we have a mainframe it's, it's not going anywhere, but it's hard to get people, and we want to be an attractive employer, and everyone is talking Kubernetics and containers or, and clouds. So we need to transition into those technologies. >> Yeah, we need to be open minded and necessarily facilitate the new technologies. So we can actually attract new employees. So it's really important to us to have an open mind. Our experience with Docker Containers. I mean, as I said before, scalability is a really important thing for us today. When we are using a more microservice architecture, we need to be able to Skype. We need to be scaling horizontally instead of vertically. So for that, containers are perfect storage. As we said before, we have a huge problem with environments being differently set up, since it was often manually done. Today, as we have a infrastructure as a code, it's really, really nice to have the same things exactly configured, the same in all environments. And we also have the same tooling, meaning that if I can run it on my machine, it's the same tooling I will be using to run it for test purposes or in production. That's a huge benefit for us as a developer. Time to market. I mean, today, we don't have to order service, we are using the service approach here. So we have a container cluster that are actually just sitting there waiting for our services to be hosted. So no more forms, no more calls, no more meetings before we can set up anything. We also own our problems. I mean, before, as I said, we have the processes, meaning that we ship our applications to any server. And then the operation sites take over. That's not the case now. We are actually using this as we should in DevOps. Meaning the other teams are actually responsible for all their errors as well. Even if it's on the infrastructure part, it's completely different if it's a platform's problem, because then it's the platform's team, and we can use different windows. We can try stuff out, we have an open mind. And that says that I can download and try any container image I would like on my developer machine. It's not maybe, okay to run it in production without having the security people look at it. But normally it's really, really much faster instead of waiting maybe six months, we can maybe wait one week or so. And of course less to none LCM activities. I mean, as I said before, it will take months, maybe, to do an LCM activity on multiple servers. Today, our LCM activities more or less are just switching to a new version of the image from Docker hub. That's all we have to do. So that's actually maintained during the processes we have in CI/CD pipelines. >> And the last one. So our keys to success: you should get demanded from the managers and management that everything should be a container. All the new development has to go through a container before you start ordering servers. Everything shall go through a CI/CD pipeline. We don't actually, here at SEB. Our developers build their own CI/CD pipeline. We just provide a platform for them to use it against, and the CI/CD to systems, but they build everything for themselves. Cause they know how their application works, how it should be deployed, with what tools. We just provide them with a tool set. Build a Cross Team. So you should incorporate all the processes that you need, but you should focus on the developer part, because you are building a platform for the developers, not for operations or security. >> And then maybe >> A lot of... >> you'll be able to take flight >> Yeah. Luck has nothing to do with it? Yes, it has. Of course, luck has something to do with it, even if you're really passionate, even if you're really good at some things. I mean, we got some really nice help from Dr. Inc. We were really... Came in with the technology in the right time for us to be, and we had really engaged people with these projects and that's a really luck for us to have. >> Yeah. And also we... I want to thank our colleagues, because we have another container team who started before us. And they have actually run into a lot of organizational problems, which they have sold, so we could piggyback on that, on those solutions. Also, start small and scale it. This is where Docker swarm comes, fits perfectly. So we have actually, we started with swarm. We are moving into Kubernetics in this platform. We will not force-move anything. The developers just should show us, what their- fits their needs. Thank you! >> Thank you very much.

from around the globe it's the cube with digital coverage of Red Hat summit 2020 brought to you by Red Hat hi I'm Stu min a man and this is the cubes coverage of Red Hat summit 2020 of course this year the event is happening all online and that gives us an opportunity to meet with red hat executives customers partners and practitioners where they are around the globe in this segment one of our favorites ever years we're talking to the women in open source and joining me for this segment first of all we have Elissa and Alexander who is the executive vice president and chief people officer of Red Hat this award fit thunder her domain dallisa it is great to see you again thanks so much for joining us thank you so much for having us all right and we have two of the Award winners so first if you see right next bit Elissa we have an epic Sain who's a doctor and PhD candidate in clinical neuroscience at the University of Gothenburg coming to us from Sweden method great to see you thank you very much all right we also have Megan Burge Sinicki who is a manager of research and operations at the open source program office at Google Megan thank you so much for joining us off though thanks for having me all right so dallisa let me hand it off to you is give our audience a little bit if they're not familiar with whipping an open source what the initiative is the community and you know what might have changed from previous years when we've talked about this sure so we realized that the tech industry is a great industry for diverse populations but a lot of diverse populations don't realize that and so as the open source leader we wanted to shine a light on the contributions that some of our underrepresented populations are making an open source that trying to inspire more people to join communities to participate to contribute we know that more diverse populations help us to innovate more rapidly they help us to solve more problems and so it's really important especially today with what's happening in the world lots of important problems to solve that we really invite more of our other upper sort of populations to join in the communities awesome so absolutely there there are lots of people that volunteer there are lots of people that do it as their day job Megan why don't we fuck you have a roll open source first Google as a strong legacy and open source in general so tell us a little bit about you know what you were working on and what you're being recognized for here yeah well a lot of the recognition comes from my work with the Drupal Association I had been with Drupal for 8 years hoping to build that foundation in supporting that community and lots of different ways from fundraising to community events running sprints and helping with their developer tools and so that was a lot what the award was based on and now I'm at Google and I've been here for about a year and a half and I run their research and operations and so Google is an expression of open source and we have thousands of people using thousands of projects and we want to make sure they do it well they feel supported that we are good citizens in the projects that we participate in and so my group provides the operational support to make sure that happens you know you know what one of the things that's always fascinating when I go to Red Hat there's so many projects there's so many participants from various walks of life last year at the show there was a lot of discussion of you know it was a survey really and said that you know the majority of people that tribute now it's actually part of their job as opposed to when I think back you know you go back a couple of decades ago and it was like oh well in my spare time or down in my basement I'm contributing here so maybe talk a little bit about the communities and you know what what Megan is embodying CSUN she worked on project now she's working for obviously a good partner of Red Hat's that does a lot of open source yeah I love the way she described what her role is at Google and that it's fascinating and Google has been really a huge contributor in the community for in communities for years and years so I think that what we're seeing with the communities and people saying yeah now it's part of my day job is that you know 20 years ago the idea that open-source development would be kind of on par with proprietary development and on par in terms of being used in the enterprise and the data center was something that I think many people questioned proprietary software was the way that most people felt comfortable making sure that their intellectual property is protected and that users could feel comfortable using it within the parameters required so that was the way it was 20 years ago and then now you think about you know most companies there is some form of open source that is part of their infrastructure so now open source is no longer you know that disrupter but it's really a viable alternative and organizations really want to use both they want to have some propriety or they want to have some open sources so that means like every company is going to need to have some need to understand how to participate in communities how to influence communities and Red Hat's a great partner in helping enterprise customers to be able to understand what those red Nets might look like and then helping to kind of harden it make sure things that they need to have application city to have certified or certified and make it really usable in a way they're comfortable with in the enterprise that's kind of special Red Hat place but it's just a tribute to where we come in a world in terms of open source being really accepted and thriving and it helps us to innovate much more rapidly yeah and there's there's no better way to look at not only where we are but where we're going then talk about what's happening in the academic world so that gives it brings us Aneta so you are the academic award winner you're a PhD candidate so tell us a little bit about your participation and open source what it means to be part of this community my PhD project involves using virtual reality to measure the arm movements of people with stroke so we have participants coming in into our lab so they we're these 3d glasses and then they start seeing virtual objects in the 3d space and they use their hands to touch at these targets and make them disappear and we have all these movements data specially interpreters and then we write code and analyze the data and find out how much they have recovered within one year after stroke this is my PhD project but my involvement with open source happens they before like in starting from 2010 I have been editing Wikipedia and I have been writing several articles related to medicine and healthcare so that is where I started with open open knowledge and then I moved on words and after my medical studies I moved to research and worked on this awesome project and so there are multiple ways by which I have engaged with open source that's far that's awesome my understanding is also some of the roots that you had and some of the medical things that you're doing have an impact on what's happening today so obviously we're all dealing with the global pandemic in Koba 19 so I'd like to hear you know what your involvement there you know your data obviously is politically important that we have the right data getting to the right people as fast as possible definitely yes right now I'm working on writing creating content for Wikipedia writing on articles related to Kobe 19 so I mostly work on writing about its socio-economic impact writing about Kobe 19 testing and also about the disease in general mental health issues surrounding that social stigma associated began with it and so forth so I use all these high-quality references from the World Health Organization the United Nations and also from several journals and synthesize them and write articles on Wikipedia so we have a very cool project called wiki project code 19 on Wikipedia where people who are interested in writing articles creating data uploading images related to poet 19 come together and create some good content out of it so I am a very active participant there alright and making my understanding is you you also have some initiatives related to kovat 19 maybe you can tell us a little bit about those yeah well one I'm loosely affiliated with this kovat act now and that is a combination of developers data scientists epidemiologists and US state government officials and it's looking at how was the curve look like and how does that curve get flattened if governor's made decisions faster or differently than what they're making today and how does it impact the availability of ICU beds and ventilators and so that is a tool that's being used today by many decision-makers here in the US and my contribution to that was they needed some resources I reached into Google and found some smart generous volunteers that are contributing to the dataset and actually I just connected with Neda do this award program and now she's connected and is gonna start working on this as well yes oh that's fantastic yeah I mean dallisa you know we've known for a long time you want to move fast if you want to connect you know lots of diverse groups you know open sources is an important driver there what what else are you seeing in your group you know with your hat is the the people officer you know obviously this is a big impact not only on all of your customers partners but on fun Red Hatters themselves well it is a huge impact we're so fortunate that we have some experience working remotely we have about 25 percent of our population that historically works remotely so we have that as a foundation but certainly the quick move the rapid move to really thinking about our people first and having them work from home across the globe that is unprecedented and at this point we have some individuals who have been working from home for many many many week and others that are really in entering their fourth week so we're starting to have this huge appreciation for what it's like to work remotely and what we can learn about more effective inclusion so I think you know back to the idea of women and open source and diversity inclusion one of the things you may always prided ourself in is we focus on inclusion and we think about things like okay if the person is not in the room with their remote let's make sure for including them let's make sure they get to speak first etcetera well now we're learning what it's really like to be remote and for everyone to be remote and so we're creating this muscle as an organization I think most organizations are doing this right getting a muscle you didn't have before we really really having to think about inclusion in a different way and you're building a capability as an organization that you didn't have to appreciate those that are not in the room and to make sure they are included because no one's in the room you know we're really important pieces and dallisa you know one of the things that that's always great about Red Hat summit is you you bring together all these people as we just heard you know that your two Award winners here you know got connected through the awards so maybe give us a little bit of a peek as to what sort of things the community can still look forward to how they can continue to connect even though we're all going to be remote for this event yeah this event is is it going to be great event and I hope everyone joins us along our journey we are fortunate that Red Hat you know as the open source leader really wants to take a leadership position in thinking about how we can shine a light on opportunities for us to highlight the value of diversity and inclusion and so we've got a number of events not throughout the summit that we'd love people to join in and we're going to be celebrating our women and open-source again at our women's leadership community lunch is now not a lunch it is now a discussion unless you're having your lunch that you can check your desk but we're having a great conversation at that event I mean by people to join in and have a deeper conversation and also another look at our women in open source Award winners but these Award winners are just so amazing every year that applications that are submitted are just more and more inspiring and all the finalists were people that are so impressive so I love the fact that our community continues to grow and that they're more and more impressive people that are joining the community and that they're making those connections so that together we can you know really shine a light on the value that women bring to the communities and continue to inspire other underrepresented groups to join in and participate then a you know research obviously is an area where open-source is pretty well used but just give us a little bit of viewpoint from your standpoint yourself and your peers you know I would think from the outside that you know open sourced is just kind of part of the fabric of the tools that you're using is it something that people think specifically about a course or does it just come naturally that people are you know leveraging using and even contributing what what's available the tool I'm using is called cuteness it's an open source tool written in Python and so that gives me the possibility to have a look in deeper into the code and see what's actually inside for example I would like to know how what is the size of the target that is shown in the virtual space and I can fit know that correctly to the millimeters because it's available to me in open source so I think these are the advantages which researchers see when they have tools open-source tools and at the same time there's also a movement in Sweden and in most of Europe where they want the researchers are asking for publishing their articles in open access journals so they want most of their research be published as transparent as possible and there is also this movement where people want researchers want to have their data put in some open data city so that everybody can have a look at it and do analysis on the data and build up on that data if other people want to so there's a lot going from the open access side and knowledge side and also the open source side in the research community and I'm looking forward to what probably 19 will do to this movement in future and I am sure people will start using more more and more open-source tools because after the Manderly yeah making I'm curious from your standpoint when I think about a lot of these communities you know meetups are just kind of some of the regular fabric of how I get things done as well as you know just lots of events tie into things so when you're talking to your colleagues when you're talking to your peers out there how much is kind of the state of reality today having an impact in any any learnings that you can share with gaudí yeah that is definitely a challenge that we're going to figure out together and I am part of a group called Foss responders we are reaching out to projects and listening to their needs and amplifying their needs and helping to get them connected with resources and one of the top three areas of need include how do I run an online community event how do I replace these meetups and what is wonderful is that groups have been moving in this direction already and so who would release a guide of how they run online events and they provide some tooling as well but so has WordPress put out a guide and other projects that have gone down this path and so in the spirit of open source everyone is sharing their knowledge and Foss responders is trying to aggregate that so that you can go to their site find it and take advantage of it yeah definitely something I've seen one of the silver linings is you know these communities typically have been a lot of sharing but even more so everybody's responding everybody's kind of rallying to the cause don't want to give you the final word obviously you know this is a nice segment piece that we usually expect to see at Red Hat summit so what else do you want to help share where the community is final closing thoughts well I think that you know we're not done yet we have been so fortunate to be able to highlight you know the contributions that women make to open source and that is a honor that we get to take that role but we need to continue to go down this path we are not we're not done we have not made the improvement in terms of the the representative in our communities that will actually foster all of the improvements and all the solutions that need to happen in the world though we're going to keep down this pathway and really encourage everyone to think through how you can have a more inclusive team how you can make someone feel included if you're participating in a community or in an organization so that we really continue to bring in more diversity and have more innovation well excellent thank you so much Alisa for sharing it thank you too - both of you Award winners and really look forward to reading more online definitely checking out some of the initiatives that you've shared valuable pieces that hopefully everybody can leverage all right lots more coverage from Red Hat summit 2020 I'm Stu minimun and as always thank you for watching the cube [Music]

(slow music) >> From around the globe. It's the cube with digital coverage of Red Hat Summit 2020 brought to you by Red Hat. >> Welcome back. This is the cubes coverage of a Red Hat Summit 2020. The event happening digitally this year. We are bringing in Red Hat executives, customers and partners from where they are around the globe. And happy to welcome back to the program. One of our cube alumni. Robin Bergeron is the senior principal community architect with Ansible part of Red Hat. Robin, great to see you. Thanks so much for joining us. So we've got the community coming together even while we're apart. >> Indeed. That's what we're good at. So, I'm glad to be back here again with you all. So, hello. >> All right. So, Robin, we caught up with you last at AnsibleFest of course Red Hat Summit. So much community activity that goes on. The Ansible, community is a big piece of summit even though they also have, the separate AnsibleFest. So just give us a little bit update what's happening in your world and in the community. >> Well. I hate to say it's a, "it's a big wide world" because it sounds very cliche, but the Ansible world is fairly big. I don't know if, let's see, we talked, lasted, AnsibleFest and that was in September in Atlanta, is that correct? >> Sounds right. Yep. >> I believe so. So right around that time was when GitHub released their annual list of, they have a report called the Octoverse they publish every year, in conjunction with their annual event. And one of their metrics they have on that list is, most active projects. So, we clocked in at the number ninth most active project on Github this past year. And that's out of, I've lost count of github, like number of projects. It's not quite the, United States national debt status, but it's a, like a hundred million repositories or something like that. So we're the number nine most active repository this year. And I believe we are one of two projects who's been on that list every year since 2016 I want to say. So, yeah, we're at 5900 contributors right now. So it's, all over the globe. A lot of people keeping us very busy. I guess that and fact it's so busy and we talked about collections a bit when we were at AnsibleFest this past year and it's been a thing that we've been talking about continuously in Ansible community and also, as part of Red Hats product line for a while and we've actually now gotten to the point of sort of splitting out the Ansible repository. Ansible is going to continue to be the, you a car and you look under the engine and there's like the things that make the car run. >> Ansible base, separate from the windshield wipers and all the ad-ons and all the cool stuff that you actually, want to get when you get a car. And that stuff is actually getting split out into Ansible collections that we'll have or repository that's actually more managed by the community, which will empower them to be able to make more decisions for us to be able to get things done, more rapidly. Cause in the past it's always been a really a tug of war between, work and github have always been very respectful about, how the balances between community and product because obviously without a community you don't have a product. And this is a obviously a method that Red Hat has sort of nailed down. I guess IBM really liked the idea. So here we are. But we're really looking forward to, right now we've got a handful of contributors who are adding new modules into this new repo. But, they're also helping us work out all the kinks in the contributor process and how it works that way. Once we opened for business, since we've got several thousand contributors, we don't say, open for business and then have everybody comes running into a glass wall like it and then all on the floor, right? We want the doors to be open. We want the, registers so to speak to be processing things. We want, all the box to be working, all of the, all of the magic to be happening just as it is, as it has in past. But, this time with a little bit more empowerment to the community, that's on a work progress for it was like forever, but, nine months, and here in the next few weeks that will be open for business and we're hoping that, by the time the AnsibleFest rolls around, that will be part of the two, part and parcel to the 2.10 release. And, we're hoping that, even though under the hood for contributors, that's changed. We believe we'll be very transparent brand eaters, which has been one of the most important things for us because, we don't like to break people. That's, >> yeah, >> {Robin] Glad yeah >> Absolutely Robin. So it was one of the key things a announced at a AnsibleFest last year. Anybody that knows the software world is the traditional release train. Get on that train. Got to make sure you get your feature in there. But for a solution like Ansible, which as you said, has a lot of partners and it's a very big ecosystem. If you have to worry about how much stuff do I get shoved into one release, it's a little bit limiting. So you break those pieces up more like the, containers, that go on the train and you can make sure that you're adding and, doing the various pieces as they go. So maybe >> Yeah >> not the perfect analogy. >> Yeah. >> But very important so, Robin, as you've been going through this, I'm wondering, what feedback are you getting from the contributors there? and how about as you said, very active community. We know if anybody you know, says something, you got, the crowd and the wisdom coming in and giving you ideas. But, how do you balance that? You're not going to have everybody be happy about every decision, but making sure that the ultimate release train, does the job and delivers the overall solution. >> Yes. What color are we going to paint? Paint our bike shed. Right? Like the yak for circling. So it's, I don't want to to say it's been mixed, it's, you know, we, I can, I compare and contrast this, one of my, previous roles was being the newer project leader, right. And, which is, as we know the upstream, for Red Hat enterprise Linux, and its some of the, Linux and, a lot of the Linux distributions have been around for forever. Back when there were like, I don't know. 10, 15 opensource projects that anybody at all, could contribute to. Now as we can see looking on, github and many other places get lab, open dev. There's a, you name it, there's a gazillion opensource projects out there. People aren't always as attached to, I don't want to say attached, coz that sounds, terrible, but open source has become such a norm people are just very used to, there's something wrong. I'm going to submit it, I'm going to hope it gets accepted, but I'm going to move on with my life because I also have all these other places that I can also contribute, right. That said, we do have, a significant number of compute of contributors who have been with us back since Ansible started. Some of those folks go back with us to Fidor days, on Linux days on and on and on. Some of them, some folks I have concerns, they do like that this is the opportunity to give them more empowerment to figure out better ways to run the, contributor process. I think the number one thing that everybody's been concerned about is what diseases your experience going to be. And I think that's a testament to, just the power of our community is that, people aren't just concerned about how am I going to get my stuff in and your stuff in and like the tug of war of like, is one person can get something else in before someone else. Everybody's very concerned about is this going to still work for the end users? Is this going to disrupt them? Because it's a change under hood. Are they going to have to change all their playbooks and all of their, rules and everything that they have. And right now the goal is, it should be transparent. Anything that you have written right now, you should continue work, you shouldn't notice. Once we get your 3.O our goal is to ramp people up into harnessing the power of collections. But first we need to get the collections, infrastructure in place, before we get in. Start giving them to artists the power of collections. You can't just flip the switch and be like, hi . So it used to be this way, now we have collections and now you've got to redo everything, right. Because that's-- you still have the opportunity because it's open source. We'll have this window where we can still find all the bugs and get that re rapid feedback, which means, once we roll out, Red Hat Ansible automation platform, the next version. I'm not going to say an AnsibleFest. That would be shocking, right? We never do announcements at events. But, whenever that product comes out, we want to make sure, that power of open source and, having that rapid feedback loop, ensures that, what we end up, we'll bring to customers, winds up being solid, but I believe it will be very, very solid for contributors because or, and, a community. There's, because, a significant number of our contributors are community users and they have that in their own interest in mind. And we've seen that not just from, I'm a community user at a university, but all of our partners are actually participating in the community as well. And there, just painting and chatting and we had a, we had planned to have a European as well contributor summit, which is a thing we normally run in combination or the day before AnsibleFest. and we had planned that for Sweden. I was so excited. I was going to go to Gothenburg. I hear it's a charming little town, except, when we are all stuck in, the a world that we are in currently. so we ran that virtually and a lot of our longterm contributors are actually from Europe. So that was really exciting except for me, cause I had to get up 8 Am but it was still nice to see them all. So we had, 50 some odd folks pop in over the course of, that day. And we talked through elections and debated and, got some demos from folks. Had some folks talk through some specific collections, folks talking about AWS and some of the networking things. So, yeah it was nice to see everyone. I was sad that it wasn't in Gothenburg. But it is what it is. I'm going to roll. >> So Robin, I think back to 2019 an automation, was right at the top of a hot topics. When I talk to practitioners out there, many conferences I went to, not just of course Ansible test, which focus on it, but many other shows and events. Well when you talk to people about key initiatives, its in a really leveraging automation, something that I've heard talked about my entire career, but really it feels like the last painful of years and people are much more serious about it. You know, you referenced the times that we live in right now, we're unprecedented global pandemics. So I'm not saying that, somebody, everybody all of a sudden woke up and say, Oh my gosh, I have to work from home and I need to be smarter. Let me finally use this automation that I've been hearing about all these years. But why don't you bring us into, what is happening today, what you are hearing customers, because automation obviously is a critical piece of what everybody is doing and probably just, shines a light on it even more. Now that we need to make sure that people are being efficient and still being able to deal with their lives while everything else is going on. >> Yeah. It's interesting because some of is, as well as used. Yeah, there's actually a, there's the dependency graph that you can look at on github and it will tell you how many other things in github are actually depending on the Ansible. It's, I can't even remember the number. It's a very large number, like tens of thousands of things as I recall. Disclaimer, my memory is terrible sometimes. I believe it was in the tens of thousands of things. Lots of people use Ansible and it's almost like probably not quite as popular as, the uses Docker container to get started, but, venture to guess it might be a number to that. Type this Ansible thing and this thing will magically come up. Right. For folks that are, in a traditional IT department, just trying to get along, day to day right now who are, they're like me. They're at home, they're with their spouse, they're sharing an office. They're also homeschooling their kids if they got out of bed. Hopefully we all have enough bandwidth. For those folks it's, I'm just glad that I continue to have this Ansible thing, they're using Ansible tower, they're glad that they can still manage to figure out how to collaborate their coworkers in that type of environment. For all the folks out there who are doing, research or trying to set up any type of infrastructure anywhere to related to this, I don't care if it's a, grocery store or you're a research laboratory, whatever it is. Last thing you want to do is spend five hours, be like, oh God okay, let me get out my manual. Where did I, it's hey, there's an Ansible. Excellent, I can type this Ansible thing in. And if for some reason it gets hung up. We have folks on IRC, we have, there's folks on stack overflow . There folks literally everywhere. You can ask a question on Twitter and It's a Pretty large, friendly, global community of people who have plenty of answers. And that's, I can't say we're like, hey, we solved everything, but we got all the >> stuff out of the way so that people can actually solve all of their, they can get down to what's actually important for them. And so that, that's always been one of the most redeeming things about Ansible that it's, for me, it's, the thing that I work on is, it's easy and it helps people solve their problems and gets all there, stuff out of the way so that they can concentrate on what's actually important to them. So I like to think, it's most important to them. And I know it is, but it's interesting seeing how things change, as people are like, are you going to teach a bunch of people Ansible now? And it's like, well, if they're in need of a job, there are a lot of online resources for that. But if they're just trying to get through their job, like everybody's sort of in a don't rock the boat position. Like if I can get a little bit ahead, that's cool. If I've already got a bunch of stuff automated Yes. That's one less thing that I have to worry about right now and that's all we can really hope for at this moment. >> Yeah, great stuff Robin. One of the high point always is seeing, the value and support of the community and as you said, it's something that we definitely see highlighted up out there. All right, Robyn Bergeron, greatest as always to catch up with you. Thank you so much. I'm sure you know so many community activities that people will be able to participate in. This week at Red Hat Summit, even though we're, all doing it remotely, >> and the >> yeah >> challenges there. >> Glad I, great uni central area city. You can come on, come on by and see all of the, various Red Hat open source communities doing their thing. >> All right, watch lots more coverage from Red Hat Summit coming at you. I'm Stu Miniman and always, thank you for watching, the cube (slow music)

(gentle electronic music) >> Hello, everybody, welcome back to the Virtual Vertica Big Data Conference. My name is Dave Vellante and you're watching theCUBE, the leader in digital coverage. This is the Virtual BDC, as I said, theCUBE has covered every Big Data Conference from the inception, and we're pleased to be a part of this, even though it's challenging times. I'm here with Dan Woicke, the senior director of CernerWorks Engineering. Dan, good to see ya, how are things where you are in the middle of the country? >> Good morning, challenging times, as usual. We're trying to adapt to having the kids at home, out of school, trying to figure out how they're supposed to get on their laptop and do virtual learning. We all have to adapt to it and figure out how to get by. >> Well, it sure would've been my pleasure to meet you face to face in Boston at the Encore Casino, hopefully next year we'll be able to make that happen. But let's talk about Cerner and CernerWorks Engineering, what is that all about? >> So, CernerWorks Engineering, we used to be part of what's called IP, or Intellectual Property, which is basically the organization at Cerner that does all of our software development. But what we did was we made a decision about five years ago to organize my team with CernerWorks which is the hosting side of Cerner. So, about 80% of our clients choose to have their domains hosted within one of the two Kansas City data centers. We have one in Lee's Summit, in south Kansas City, and then we have one on our main campus that's a brand new one in downtown, north Kansas City. About 80, so we have about 27,000 environments that we manage in the Kansas City data centers. So, what my team does is we develop software in order to make it easier for us to monitor, manage, and keep those clients healthy within our data centers. >> Got it. I mean, I think of Cerner as a real advanced health tech company. It's the combination of healthcare and technology, the collision of those two. But maybe describe a little bit more about Cerner's business. >> So we have, like I said, 27,000 facilities across the world. Growing each day, thank goodness. And, our goal is to ensure that we reduce errors and we digitize the entire medical records for all of our clients. And we do that by having a consulting practice, we do that by having engineering, and then we do that with my team, which manages those particular clients. And that's how we got introduced to the Vertica side as well, when we introduced them about seven years ago. We were actually able to take a tremendous leap forward in how we manage our clients. And I'd be more than happy to talk deeper about how we do that. >> Yeah, and as we get into it, I want to understand, healthcare is all about outcomes, about patient outcomes and you work back from there. IT, for years, has obviously been a contributor but removed, and somewhat indirect from those outcomes. But, in this day and age, especially in an organization like yours, it really starts with the outcomes. I wonder if you could ratify that and talk about what that means for Cerner. >> Sorry, are you talking about medical outcomes? >> Yeah, outcomes of your business. >> So, there's two different sides to Cerner, right? There's the medical side, the clinical side, which is obviously our main practice, and then there's the side that I manage, which is more of the operational side. Both are very important, but they go hand in hand together. On the operational side, the goal is to ensure that our clinicians are on the system, and they don't know they're on the system, right? Things are progressing, doctors don't want to be on the system, trust me. My job is to ensure they're having the most seamless experience possible while they're on the EMR and have it just be one of their side jobs as opposed to taking their attention away from the patients. That make sense? >> Yeah it does, I mean, EMR and meaningful use, around the Affordable Care Act, really dramatically changed the unit. I mean, people had to demonstrate in order to get paid, and so that became sort of an unfunded mandate for folks and you really had to respond to that, didn't you? >> We did, we did that about three to four years ago. And we had to help our clients get through what's called meaningful use, there was different stages of meaningful use. And what we did, is we have the website called the Lights On Network which is free to all of our clients. Once you get onto the website the Lights On Network, you can actually show how you're measured and whether or not you're actually completing the different necessary tasks in order to get those payments for meaningful use. And it also allows you to see what your performance is on your domain, how the clinicians are doing on the system, how many hours they're spending on the system, how many orders they're executing. All of that is completely free and visible to our clients on the Lights On Network. And that's actually backed by some of the Vertica software that we've invested in. >> Yeah, so before we get into that, it sounds like your mission, really, is just great user experiences for the people that are on the network. Full stop. >> We do. So, one of the things that we invented about 10 years ago is called RTMS Timers. They're called Response Time Measurement System. And it started off as a way of us proving that clients are actually using the system, and now it's turned into more of a user outcomes. What we do is we collect 2.5 billion timers per day across all of our clients across the world. And every single one of those records goes to the Vertica platform. And then we've also developed a system on that which allows us in real time to go and see whether or not they're deviating from their normal. So we do baselines every hour of the week and then if they're deviating from those baselines, we can immediately call a service center and have them engage the client before they call in. >> So, Dan, I wonder if you could paint a picture. By the way, that's awesome. I wonder if you could paint a picture of your analytics environment. What does it look like? Maybe give us a sense of the scale. >> Okay. So, I've been describing how we operate, our remote hosted clients in the two Kansas City data centers, but all the software that we write, we also help our client hosted agents as well. Not only do we take care of what's going on at the Kansas City data center, but we do write software to ensure that all of clients are treated the same and we provide the same level of care and performance management across all those clients. So what we do is we have 90,000 agents that we have split across all these clients across the world. And every single hour, we're committing a billion rows to Vertica of operational data. So I talked a little bit about the RTMS timers, but we do things just like everyone else does for CPU, memory, Java Heap Stack. We can tell you how many concurrent users are on the system, I can tell you if there's an application that goes down unexpected, like a crash. I can tell you the response time from the network as most of us use Citrix at Cerner. And so what we do is we measure the amount of time it takes from the client side to PCs, it's sitting in the virtual data centers, sorry, in the hospitals, and then round trip to the Citrix servers that are sitting in the Kansas City data center. That's called the RTT, our round trip transactions. And what we've done is, over the last couple of years, what we've done is we've switched from just summarizing CPU and memory and all that high-level stuff, in order to go down to a user level. So, what are you doing, Dr. Smith, today? How many hours are you using the EMR? Have you experienced any slowness? Have you experienced any hourglass holding within your application? Have you experienced, unfortunately, maybe a crash? Have you experienced any slowness compared to your normal use case? And that's the step we've taken over the last few years, to go from summarization of high-level CPU memory, over to outcome metrics, which are what is really happening with a particular user. >> So, really granular views of how the system is being used and deep analytics on that. I wonder, go ahead, please. >> And, we weren't able to do that by summarizing things in traditional databases. You have to actually have the individual rows and you can't summarize information, you have to have individual metrics that point to exactly what's going on with a particular clinician. >> So, okay, the MPP architecture, the columnar store, the scalability of Vertica, that's what's key. That was my next question, let me take us back to the days of traditional RDBMS and then you brought in Vertica. Maybe you could give us a sense as to why, what that did for you, the before and after. >> Right. So, I'd been painting a picture going forward here about how traditionally, eight years ago, all we could do was summarize information. If CPU was going to go and jump up 8%, I could alarm the data center and say, hey, listen, CPU looks like it's higher, maybe an application's hanging more than it has been in the past. Things are a little slower, but I wouldn't be able to tell you who's affected. And that's where the whole thing has changed, when we brought Vertica in six years ago is that, we're able to take those 90,000 agents and commit a billion rows per hour operational data, and I can tell you exactly what's going on with each of our clinicians. Because you know, it's important for an entire domain to be healthy. But what about the 10 doctors that are experiencing frustration right now? If you're going to summarize that information and roll it up, you'll never know what those 10 doctors are experiencing and then guess what happens? They call the data center and complain, right? The squeaky wheels? We don't want that, we want to be able to show exactly who's experiencing a bad performance right now and be able to reach out to them before they call the help desk. >> So you're able to be proactive there, so you've gone from, Houston, we have a problem, we really can't tell you what it is, go figure it out, to, we see that there's an issue with these docs, or these users, and go figure that out and focus narrowly on where the problem is as opposed to trying to whack-a-mole. >> Exactly. And the other big thing that we've been able to do is corelation. So, we operate two gigantic data centers. And there's things that are shared, switches, network, shared storage, those things are shared. So if there is an issue that goes on with one of those pieces of equipment, it could affect multiple clients. Now that we have every row in Vertica, we have a new program in place called performance abnormality flags. And what we're able to do is provide a website in real time that goes through the entire stack from Citrix to network to database to back-end tier, all the way to the end-user desktop. And so if something was going to be related because we have a network switch going out of the data center or something's backing up slow, you can actually see which clients are on that switch, and, what we did five years ago before this, is we would deploy out five different teams to troubleshoot, right? Because five clients would call in, and they would all have the same problem. So, here you are having to spare teams trying to investigate why the same problem is happening. And now that we have all of the data within Vertica, we're able to show that in a real time fashion, through a very transparent dashboard. >> And so operational metrics throughout the stack, right? A game changer. >> It's very compact, right? I just label five different things, the stack from your end-user device all the way through the back-end to your database and all the way back. All that has to work properly, right? Including the network. >> How big is this, what are we talking about? However you measure it, terabytes, clusters. What can you share there? >> Sorry, you mean, the amount of data that we process within our data centers? >> Give us a fun fact. >> Absolute petabytes, yeah, for sure. And in Vertica right now we have two petabytes of data, and I purge it out every year, one year's worth of data within two different clusters. So we have to two different data centers I've been describing, what we've done is we've set Vertica up to be in both data centers, to be highly redundant, and then one of those is configured to do real-time analysis and corelation research, and then the other one is to provide service towards what I described earlier as our Lights On Network, so it's a very dedicated hardened cluster in one of our data centers to allow the Lights On Network to provide the transparency directly to our clients. So we want that one to be pristine, fast, and nobody touch it. As opposed to the other one, where, people are doing real-time, ad hoc queries, which sometimes aren't the best thing in the world. No matter what kind of database or how fast it is, people do bad things in databases and we just don't want that to affect what we show our clients in a transparent fashion. >> Yeah, I mean, for our audience, Vertica has always been aimed at these big, hairy, analytic problems, it's not for a tiny little data mart in a department, it's really the big scale problems. I wonder if I could ask you, so you guys, obviously, healthcare, with HIPAA and privacy, are you doing anything in the cloud, or is it all on-prem today? >> So, in the operational space that I manage, it's all on-premises, and that is changing. As I was describing earlier, we have an initiative to go to AWS and provide levels of service to countries like Sweden which does not want any operational data to leave that country's walls, whether it be operational data or whether it be PHI. And so, we have to be able to adapt into Vertia Eon Mode in order to provide the same services within Sweden. So obviously, Cerner's not going to go up and build a data center in every single country that requires us, so we're going to leverage our partnership with AWS to make this happen. >> Okay, so, I was going to ask you, so you're not running Eon Mode today, it's something that you're obviously interested in. AWS will allow you to keep the data locally in that region. In talking to a lot of practitioners, they're intrigued by this notion of being able to scale independently, storage from compute. They've said they wished that's a much more efficient way, I don't have to buy in chunks, if I'm out of storage, I don't have to buy compute, and vice-versa. So, maybe you could share with us what you're thinking, I know it's early days, but what's the logic behind the business case there? >> I think you're 100% correct in your assessment of taking compute away from storage. And, we do exactly what you say, we buy a server. And it has so much compute on it, and so much storage. And obviously, it's not scaled properly, right? Either storage runs out first or compute runs out first, but you're still paying big bucks for the entire server itself. So that's exactly why we're doing the POC right now for Eon Mode. And I sit on Vertica's TAB, the advisory board, and they've been doing a really good job of taking our requirements and listening to us, as to what we need. And that was probably number one or two on everybody's lists, was to separate storage from compute. And that's exactly what we're trying to do right now. >> Yeah, it's interesting, I've talked to some other customers that are on the customer advisory board. And Vertica is one of these companies that're pretty transparent about what goes on there. And I think that for the early adopters of Eon Mode there were some challenges with getting data into the new system, I know Vertica has been working on that very hard but you guys push Vertica pretty hard and from what I can tell, they listen. Your thoughts. >> They do listen, they do a great job. And even though the Big Data Conference is canceled, they're committed to having us go virtually to the CAD meeting on Monday, so I'm looking forward to that. They do listen to our requirements and they've been very very responsive. >> Nice. So, I wonder if you could give us some final thoughts as to where you want to take this thing. If you look down the road a year or two, what does success look like, Dan? >> That's a good question. Success means that we're a little bit more nimble as far as the different regions across the world that we can provide our services to. I want to do more corelation. I want to gather more information about what users are actually experiencing. I want to be able to have our phone never ring in our data center, I know that's a grand thought there. But I want to be able to look forward to measuring the data internally and reaching out to our clients when they have issues and then doing the proper corelation so that I can understand how things are intertwining if multiple clients are having an issue. That's the goal going forward. >> Well, in these trying times, during this crisis, it's critical that your operations are running smoothly. The last thing that organizations need right now, especially in healthcare, is disruption. So thank you for all the hard work that you and your teams are doing. I wish you and your family all the best. Stay safe, stay healthy, and thanks so much for coming on theCUBE. >> I really appreciate it, thanks for the opportunity. >> You're very welcome, and thank you, everybody, for watching, keep it right there, we'll be back with our next guest. This is Dave Vellante for theCUBE. Covering Virtual Vertica Big Data Conference. We'll be right back. (upbeat electronic music)

(upbeat music) >> Narrator: From our studios in the heart of Silicon Valley, Hallowell to California, this is a CUBE conversation. >> Hi and welcome to theCUBE. I'm your host Sonia Tagare and we're here at the Palo Alto Cube studios for an amazing conversation about women in tech and bringing men to the conversation. With us today is our guest, Eva Helen, who is the CEO and founder of EQ Inspiration and the Board Director of PrinterLogic. Welcome to theCUBE. >> Thank you so much for having me. >> So let's get started, so give us a brief overview of your background. >> So, I was actually in tech for close to two decades. I came from Sweden in the mid-90's and joined a hardware company here in Silicon Valley and started selling hardware. One thing led to the next and then I was part of starting two software companies, both with good exits. The last one we exited in 2015 when it was acquired by Citrix. And the name of that company was Sanbolic. So I was deep in the trenches of tech for many, many years. >> That's very inspiring. And from tech, you went to being an advocate for women in tech, so tell us a little about that. >> Well, it was interesting, I mean, I was a woman the whole time myself but I didn't take the time to reflect over a lot of what the other women were experiencing. When you run a business, your head is down and you work really, really hard all the time so, I didn't come up for air very often. But as we had been transitioned, we were on the East Coast and we were transitioned back to Silicon Valley, I started to really network as much as I could and met a lot of women, enjoyed a lot of organizations and went to tons of events. And I thought they were fantastic, and it was great energy and women sharing things and stories with each other and supporting each other, but I couldn't figure out where the guys were. And I'd been working in this industry for so long, I knew that all the decisions were made by men and I didn't understand why they weren't part of the discussion. So I went to a couple of guys and I said, well, if I start something called Women in Tech events for guys, will you come? And they're like, absolutely, we would love that. So, said and done, a couple of years ago, I did my first EQ Inspiration. Which is an event where 50% of the audience is men, 50% are women and in a typical format, I will have experts, or in the beginning, I wasn't en expert myself at all. So I would have experts come in and speak and then eventually I could take over some of those pieces, talking about equality, good things to do for women and so on. And then, I would always have a panel of men that I would ask, what are you actively and actually doing for women in the workplace? Your peers or your colleagues, your staff, how are you helping them? And all these amazing stories were coming out. So I thought how can I get more of those stories and make them available to a broader audience? So that's kind of where I was in the beginning of last winter. >> And what spurred you to become a part of this movement? Was it an experience you had in your workplace or just something you saw in the larger women in tech community? >> Well, I think I'd had my own experiences, obviously, since I'd been in the industry for so long. And every woman has a way to tackle being the only women in the room, the only one in the meeting, the only one at dinner and so on. We all have ways to tackle and deal with that but, like I said, I hadn't really reflected much over what other women were experiencing. So, just by hearing what all these other women were dealing with, I thought I kind of need to help here. Because, I'm not saying that my ways of dealing with it were the best or the way that I would recommend for others to be. I can be super pushy, very assertive and a lot of women are not like that. So, my model didn't necessarily work for them. So I had to try to figure out how can I actually help them. And because there are so many ways that women are supporting each other already, that are functioning really, really well, forums for talking about delicate things and, you know, more open things, I wanted to bring the men into the conversation because they're ultimately 50% of the population and a lot more than that in the workplace. So I just we needed to engage them to make them feel more safe in how they are supporting us. >> And do you find that the men who do come to these events, are they more at the leadership level or are they varied? Who generally shows up? >> So it varies a lot but if I could take a step back just to what I did when I said, okay let me find out more of these stories. Because that will answer your question. I did 60-hour long interviews with men in tech. At all levels of the organization. From CEO to individual contributors. And then I took all of that scripted material and I broke these people down into seven characters of men. And I say generously because we, as women, have been categorized into two categories by most men, for thousands of years. Seven characters, with different names. And at the top of what I call my matrix, we have Mark, James, Sameer, that are advocates for women. Then we have Memo, Al and Chris, that are allies of women. And at the bottom of the matrix, we have Richard, who is opposed to change and concerned that women will take over men's positions in the workplace. But by doing that categorization, I can see that it doesn't matter if it's a leader or if it's an individual contributor, it's a range of men that come to my events but typically, they're sitting at the higher end of the matrix. Not the lower part. Because they're still a little hesitant to thinking, well, what can I do? How can I help? >> Right, so it doesn't matter exactly what their exact position is, but how far up the matrix they are or how far low the matrix they are. >> Yes, exactly. Exactly. >> So can you tell us a little bit more about the different categories in the matrix and why you found those seven categories? >> Yeah sure. So, if we start from the top, the top character is called Mark and Mark is, he's really an expert. He has been working in HR or he's a diversity consultant or he can be a man who has lots of friends and he's very comfortable speaking up on behalf of women in front of these men. But he doesn't just address women or mixed groups, he actually talks directly to groups of men. The next category is James. James is a change agent. He's a leader. He has a very visible presence in the organization and he will take on things like culture change. If he notices in his organization that the culture is not exactly what it should be to promote equality, he will actually get to the bottom of it and dig deep to figure things out and solve them. Maybe by hiring an external consultant like a Mark. The next level is Sameer, he's the sponsor. And there are lots of women out there that have had great sponsors and often at the EQ Inspiration event, I'll bring up a women who talks about a sponsorship story. The sponsors make women visible and they also put their own name on the line. They're very comfortable promoting women. And often, they have experienced being an outsider themselves at some point, so they're very empathetic. The next level, now we get into the allies, and the allies are Memo, Al and Chris. Memo is the mentor. Mentorship is a very interesting thing because it's a big step up from the level below. It really is not necessarily promoting, but really asking a woman what can I do to help? How can I help you? And there's a lot of informal mentorships that are going on and there are lots of formal mentorship programs out there. It's really important to formalize mentorship programs in organizations where there's a greater fear among men to do something that's not right. And I think that a lot of the informal mentorships are suffering because of the Me Too movement and all the negative press that we have out there. The next to allies are Al and Chris. And these two categories have the greatest potential to actually grow into something bigger, because the objective, of course, is to climb from one step to the next on the matrix. And Al is a happy-go-lucky guy. He says I love working with women, I think it's fantastic, just tell me what to do, I would love to help. But he's not necessarily sure what to do. And Chris, the guy below him, he gets uncomfortable more easily. So, if a situation gets a little sticky in the office, when they start talking about equality or something like that, he might actually withdraw and close his door and say, no I don't want to be part of this discussion. But if you talk to Chris, he's already helping somebody who's close to him. Maybe his sister, maybe his partner, his wife or his daughter. And it's really interesting when you get to the point where they understand and they realize, they go oh, I am actually doing something. Maybe it's not helping somebody in the workplace but maybe it's somebody who's close to me. And then Richard at the bottom of the matrix, he's the chauvinist and he's there and there's lots of them and they're opposed to the change. And in the beginning, I was thinking maybe I just leave him out of the discussion. But he's a really important reference point for the rest of the characters. >> And so, as I liked that how you said that we want to have men go up the levels, to essentially become a Mark or James or Sameer, but suppose you have a Richard in your workplace, is there any hope for him ever becoming a Mark or is it even likely? >> Well, so the important thing is here, you know, I'm not a big fan of the kinds of workshops where you throw all men into the same room and you give them the same message. Because you'll lose 70% of the audience right away. So the key thing here is to make them understand that you can climb one step on the ladder and that may be enough. And if you choose to stay where you are, but as long as you're getting a little bit more awareness of what you're doing, that's okay too. But we're not trying to get Al or Chris, the people who are towards the bottom, to become Marks. We just want them to climb one step. And Richard, he's absolutely not a hopeless case. The thing with him is you can't tell him what to do, but you need to find his motivator. What is it that motivates him to start thinking outside of the little comfort zone that he is in right now? And so, maybe that motivator is maybe he does have a sister who's experienced a difficult situation. And so, how does that relate to what's going on? Maybe his team is not coming up with any new ideas. So having the discussion of diversifying the team, he might be ready for that one. But just finding his motivator is how we get him to, at least, get up to the level of Chris. >> And you mentioned that by the year 2030, you want 50-50 gender equality. Now, for people who are at leadership positions, who are Richards, who maybe do have some hope that they might change into even a Chris, but they still aren't on board with 50-50 gender equality, what do you say to those men and how can women deal with those men in their workplace? >> Well, it's that, you know, is the pie this big or is there two pies or is the pie growing? 50-50 is sort of something that a lot of people that ae working towards equality are saying. Now, I'm really trying to support women in the workplace to get to higher levels. And we are, more than 50%, at the very bottom level of most industries and most working positions. And we know that, I think it's 53% of all graduates today are women. So, it's not so much a we need to be 50-50, it's just that we need to change the parameters a little bit and change the format and change the expectations of how we lead our organizations so that it's not always done in a man's way. But rather, something that's more accepting towards not just women, but all minorities that haven't had a place there before. And would you say to somebody who's a Richard? Well if he's open to having the discussion and conversation, try to meet him where he is and say, we're not taking your job away from you, but we will give a woman the opportunity to apply for the job at the next level, alongside with you. And it's the most qualified that will win. But the way that the criteria are set right now and the qualifications and expectations are set right now, are really created very much so for men. So they end up winning that battle every single time. And Chris can't or Richard can't change that. That needs to be changed from a higher level. >> And also, alongside with them worrying that we're going to take their jobs, also because of the Me Too movement, they might be worried, oh I don't even want to work with women because I'm worried they're going to say I harass them or do something to them so I'd rather just not even bother with it. So with those kind of people, how would you try to convince them that they're safe with women or that that it's okay for them to be a part of this discussion? >> So, Chris, who is just above Richard on the matrix, he supports women who are very close to him. So, like I said, family members or maybe it's somebody, a woman on his team, that he's worked with for a long time. And by making him aware that he's already supporting people that are very close to him and he's super comfortable in those relationships and that kind of support that he's providing, I'm saying, what if you were to take that support to somebody you don't know as well? Maybe there's a woman in the extended team or next to you and you say to her, what can I do to help you? Is there anything I can do to help? And then treat that relationship the same way that you're treating the relationship that you have with that family member or whatnot. You know, make sure that it's completely transparent. Let the door be open. Make sure that you're inviting other people to the meetings. Sit in an open area. Do things that are completely transparent. That way nobody will ever question what your motives are, why you're doing this or if you're suggesting or saying something that's inappropriate. >> Right, right. And do you feel that more men are coming to these events or do you think that there's still a lot of progress to be made? >> So, when I started this a couple years ago, I said, okay, within a year, most of the women's organizations here in the Bay Area will have a track for men. And it's starting to happen so I'm so excited about that. I'm really, really happy that EQ Inspiration is not the only place to go, but that there's other organizations that are doing the same thing. And I will continue to, beyond the EQ Inspiration format, my objective is to go and speak at as many tech events as possible. Where I know that the majority of the audience will continue to be mostly men, for, at least, the near future. Hopefully that will change quickly. But now that I have material and I have a method and I know that there is a way to move men and make them individual contributors and make them excited about this. I want to bring that message directly to the core audience while all of the women's organizations that are sitting here in Silicon Valley will continue to build their tracks for men. >> That's amazing and you also mentioned that your material's coming out in Spring, so what's next for you? >> Well, I mean, so writing a book is a difficult thing and for all the men who are listening to this, it will be a very accessible, easy book. Not a lot of words, some pictures, images. Hopefully it's going to be, you know, a nice feel to it so people will be happy to have it lying around. And, really, for me, it's trying to create a language that both men and women are comfortable with. Having names on these characters. Jokingly being able to talk about it. De-dramatizing the whole conversation around this. There is a big seriousness to it, don't get me wrong. But for what I'm trying to do, I really want to lighten it up a little bit and make sure that people don't feel intimidated, threatened, judged or anything like that by it. And so, once the book becomes available in the Spring, I'm hoping that tech organizations will pick it up and use it as conversational material. Both for women's work groups, for mixed groups. One woman called me and said, I found a great use case. She specializes in going into organizations that already have programs and processes set up to move the needle, but not enough is happening. And then she can use this material to actually plug in and engage the men more deeply. So, I think, the book will have its life and with the book, I will make sure that it gets in front of as many people in tech as possible, both men and women. And then I'm hoping to be able to speak about it in as many difficult places as possible, because that's how I grow. >> Well, that's very heroic. It's such a great support for the women in tech community to have someone who's willing to kind of go out of their comfort zone and talk to men about women in tech issues and that's really not happening. So, we really appreciate all the work you're doing and thank you so much for coming in today. >> Thank you so much for having me. >> She's Eva, I'm Sonia, thanks so much for watching theCUBE, til next time. (upbeat music)

>>live from Washington, D. C. >>It's the Cube >>covering Bumi World 19. Do you buy movie? >>Hey, welcome back to the Cube. We've got candy. That's right. I am Lisa Martin in Washington, D. C. At booming World 19 with John Ferrier and John and I are excited to be talking next with a chief technology officer of candy dot com. Gary, welcome to the Cube. >>Thank you for having me great to be here. >>So tell our audience about candy dot com Guinea all that you want dot com cool stuff. >>It is cool stuff. It is the endless. I'll just like going to the supermarket and never runs. Oh, it's absolutely perfect. That's actually how we started knowing that there was so much candy out there that people wanted in the lines just weren't long enough to put him in, no matter where you checked out, and we started off being the online candy store, which was a foot in the door, but it was a very small opening at that time. >>One of the things you said when I met you today whilst eating candy that you guys brought thank you very much for that was very appropriate. Um, was that candy? Is recession proof? >>It is. It's it's ah, you know, good times, bad times. You know, people are gonna have birthday parties. People get married holidays. They're going to come. You know, you've had a really great day. It's a candy bar. You know, you've had a really bad day. It's the candy bar. That's just it's an impulse buy, but it's an impulse buy with your favorite. I mean, it's something to comfort more than anything else, actually. And the technology side talk about how you guys were organized. What? Some of the challenges and how does Bumi fit in? Take us through the journey. Sure, when we started out, we thought, How hard could it be doing? Data entry will get the orders. They'll come across, we'll have some people. Instrument to the system will start filling up, you know, and then everything else will take care of itself. And within about a few minutes, we realized that that was probably not going to work. It was not scalable because first of all, data entry is air pro. You know, if you have someone actually trying to do with their, it's not gonna work for us. So we realized that there was a mechanism out there with Edie I and we went to 1/3 party provider to help us with the FBI. And that's how we started with the first couple of integrations and it was good. It got us off the ground and got us further into that door. >>So you started with, um, how many different partners trading partners take us back to kind of the last 10 years of candy dot com and how that Trading Partner Network has grown. >>Oh, it's like the journey. It's still we starts with the first step. We had one that was interested, one that wanted to work with Austin, and we started to do the work with them and figure out how to handle it. But they had multiple divisions, so, you know, there was only one that was 32 actual integrations that had to be done on being a traditional brick and mortar. It's very competitive. So once the word got out that they were work with us, there was a couple other. So we had six pretty big ones lined up early on that we needed to have integrated in up and running very quickly. >>And from a digital perspective, what were some of the initial system's applications that you implemented just start being able to manage and track those trading partner interactions to ensure that you're able to deliver? You know what? The candy, the candy demand that you need to fill? >>It was, sadly, a lot of C S V. A lot of email, a lot of phone calls back and forth. There was a lot of hours, and it was one those ones where we would really just bring in temps and try to keep up with it did not really have a repeatable process or a good technical footprint of what we needed to d'oh way didn't know what we didn't know when we started, and we very rapidly came to become aware of what we needed to do. >>So starting with air P Net sweet brought net Sweden two years ago. Tell us about that and what you thought was gonna solve all of our problems. Well, that's why it's >>a great package because it brought us both order management and it brought us here. Pee in. There were so many models and so much technology behind it and they have a warehouse module. There's, like all we could grow forever With this, it will never be bounded. This is gonna be fantastic. But what we forgot is that it was only as good as the data in there. And if we're using as a manual data entry, it's not going to meet our needs. We needed to come up with a better way in a more efficient way to get the data in. And this was still back in the day when we're trying to fulfill something within a week, much less where we're at today. >>Okay, so where does Bumi fit into play? >>We realized, unfortunately that even when you have an integration up and running and as good as the integration is, some of your trading partners will have changes. They're going to give you a different reference number. They're gonna give you a different requirement. They're gonna make something that was optional now mandatory. So we had problems because it wasn't just also that was impacting everyone that was doing an integration with that trading partner had it. So if I had outsourced it and there was 100 people that had that map. We were one of 100. Sometimes we were one, and sometimes we were as far away from one is possible and you understand that, and you appreciate it because there's only a finite number of hours to get things done. So we understood that to be really profitable and get to the level of service we needed to control the data. And that's when we decided that we needed to bring the E. D I and house. >>So when you were looking for the right integration partner, what was it about Bhumi from a technology perspective and a business perspective that really differentiated it. >>First and foremost, the number one requirement had to talk to nets. We had a have a native nets. We'd integration if it did not talk to net sweet. It wasn't gonna make it onto our plate because we weren't gonna spend the time to reinvent the wheel when obviously the wheel was out there. We had actually done that once before, and it was successful but painful. And there's people out there who build a connection and work to silver partners like blooming in the platinum partners that can go out and they can actually keep up with the release before it comes out. And you're being proactive by the reactive from a business need. It was We can't drop data. We need to be efficient. We need to be timely. We need visibility. And looking at Bumi, it met all those needs. We had a connection into nets. We had a reporting tool. We had error messages coming back. We had everything that we needed to manage our own world and take control of it. Or so we thought >>that look. Okay, so get this implemented. What sort of opportunities is the start opening up? You talked about control there, or so we thought. What have you been able to unlock where control is concerned? In the last few years, >>what we didn't realize with what we were doing is that way. We're just basically turning on everything and trying to run this efficiently and fast as possible. And that was really the wrong approach to take what we needed to do it as some governance to it as some logic to it, too, you know, not compete with jobs. There's there's a finite number of avenues into the back end system, you need to utilize it. But there was also tools that we found out inside this system that handled things like error trapping and retrial, logic and time outs and stuff like that. And as we worked with the subject matter experts at Boom, as we worked with the people at Nets, we in our account managers who would show us things and help us long. We learned a lot more about him. When we went live back in February of 2016 we were very excited. We did 1000 orders into our system and one day and we thought, How phenomenal is this? I mean, 1000 orders. How many more orders could you actually look for? And we very soon realized that there was a lot more orders willing to come into our system if we could handle it. >>So what? So when you first started with Bhumi went from some number 2 1000 orders today. What was that original number that you guys were able to handle when it was more of a manual process? >>It depend on how many attempts we could hire that sometimes it was 100 orders we got in. Sometimes it was 100% dependent on people. Also depend on someone, Remember, understands the spreadsheet. >>The Sun's painful, >>painful and not really easy to plan for. >>But you discovered pretty quickly you went from I won't say 0 to 1000. But somewhere in between that realized tha the capabilities, though of this system was gonna allow you to get 20,000 orders per day. Where was the demand coming from? Was it coming from trading partners was coming from their customers? Was it coming from your internal team seeing Hey, guys, I think there's a lot more power here than we originally thought. >>Well, success begets success because we were able to get an order in now in a timely fashion and ship it out there. All of a sudden, I realized we were shipping orders within 48 to 72 hours. It wasn't taking 10 days anymore, so we had repeat customers, which obviously makes your numbers go up. And then, as you know, your experience is good and you share it because social media is the weight of the world All the sudden, you know if if you tell two friends and they tell two friends we start getting more volume. Damn white starts happening is someone realizes they're losing market share of their brick and mortar website. And who was fulfilling the orders for them if they're doing so well and we're losing business and they start knocking on the door saying what? We'd like to work with you as well. And the other thing, too, is just timing. In the United States, it's pretty warm between April and October, and the bulk of perishable and heat sensitive product will ship through one of our warehouses because we have the thermal controls in the programs in place to give a good experience to make sure the product arrives the way it's supposed to be treated. >>Yeah, you were mentioning that when you were on stage this morning with Mandy Dolly Well, Mami CMO and Jason Maynard from Net Sweet that there are obviously, if you order some chocolate. I wanted to get there in the exact state in which I saw it online, right? But there's you've gotta have a lot of access, invisibility and systems to be able to help you facilitate that temperature control, depending on the type of product. >>Absolutely. So we're very proud of the fact that, you know, we're temperature controlled where humidity controlled were suf certified. We've done everything the right way to make sure that what we do is gonna be the best experience that your food is safe. Because, Paramount, the last thing we ever want to do is to keep a product of someone's gonna make your child sex because, you know, you don't want anyone to get sick. But the worst feeling is apparent is when your kid doesn't feel well. So we understand that Andi have a phenomenal staff. Are Q A team will go through and we have ways to test the product to get to the melting point. And we know different products melted different temperatures, and we determine what those temperatures are. We build those thresholds we do calls out to get the weather. No, I'm shipping it from my location to you. What's the temperature of my It doesn't matter if it's cold at your place. It is 90 where I'm shipping it from. So we look at what is it now? Where is it going? What's it gonna be the next few days? How big is it? You know how much product is in there with that? That isn't heat sensitive. And we have a pretty complex algorithm that we put in place That has really enabled us to handle the summer months and give a good product because, I mean a lot of people like s'mores, but they don't want the pre melted chocolate showing up at their house. >>Would agree. That takes the fun out of the bonfire part, right? Exactly. So let's talk about the people transformation because you were saying your 100% dependent on manual Somebody even sending the spreadsheet little into star inputting data to process X number of orders per day went from almost 0 to 1000 overnight with Bhumi, then saw this capacity for 20,000. How have has your team has other business units within candy like finance? How are they benefiting from all of this? What a presume is massive workforce productivity gains that you're giving everybody? >>Absolutely. It was a great problem tohave because as we got bigger and we started getting more and more orders than we got more and more invoices and you know, we got more and more checks in which we always think it's a good thing, but those checks need to be reconciled. They have to be reconciled against the transaction Inside the Nets week. It's no exaggeration that we would have pages printed out with a ruler going down and highlighting one by one on the invoice to make sure nothing was omitted. And we were spending an individual spent an eight hour day, three days a week, just going through direct missile. One invoice that was coming in and we would get two or three a week from them. So it was painful and again also error prone. And these people are very creative, very smart, and they offer so much more to the business that it was a waste of their time in a waste of their intellect. S o del. Booming, we found out, is not just any eyes phenomenal, Aditi, I but it has all these other tools and won. The tools we had was to be able to take the remittance file from the financial institution, reconcile it against the invoice is in the system and create a C S V import that would run that we have a script for that created a cash payment in our system that would actually close out the invoices and be paid so that we don't take care of it. It was done, and finance would basically get the file and e mail to us. We would file it back and they'd run an import. So instead of 250 hours a week, it was five minutes of file. >>That's a dramatics saving hundreds of hours a month, but also faster time to revenue recognition. >>That's a big one, you know, because when you try to get people discounts or give them brakes or if your terms are out there, it's nice to get it in there and keep your system's clean, because you also have to answer to the end of the month. You know you want to close the books and everything in manual processes. Air one the few things that you can't just throw more horsepower at. >>I'm glad you brought up, though from a resource kind of reallocation. Perspective is, these folks, in particular areas of the business, have value that they're not able before weren't able to really unlock and deliver. Now, with the technology in place, they're able to probably focus on more strategic areas of the business or more strategic projects. I also imagine your sales. We said faster time to revenue in revenue recognition, but big boost to candy dot comes sales. Since you've implemented the technology >>direct, I mean the sales numbers have just grown. I mean, as much as we do. No do are forecasting and think where it's going to go. Wee wee drastically underestimated this year. The summer was very, very good to us. Our first year under booming, we ran for 11 months. We did a little over 600,000 orders for that first year. In comparison, in June, July and August this year, we did over a 1,000,000 orders. That's a lot of chocolate. So a >>lot of candy, >>most certainly >>busier time, period. I mean Halloweens in a few weeks, Christmas is coming. How does that compare in terms of like the Flux >>way? Have a peek? Obviously, Halloween Halloween is obviously the time, of course. November 1st, our orders are zero because everyone walks in with a pillowcase of candy from their kids to the office, so it literally goes from a 1,000,000 miles an hour or two nothing, and it's it's kind of eerie. But throughout the summer we stay very, very busy because a lot of the market places don't have the facility and listen, they're great, you know, it's one stop shopping. They have everything, but everything is in a warehouse in that entire warehouse is not properly controlled to handle food products. So they decided it was an advantageous for them to ship, you know, during the summer, and it's poorly monitored as a summer Shipp program. But it's really more of a heat sensitive program because we'll add the thermal product to protect the thermal packaging to protect the product, even in February. I mean, there's some spots in Florida in Texas at a pretty one that you want to protect the item. So it's a heat sensitive program that we're very proud of, and we keep advancing and we keep growing. And, you know, I have. I'm very fortunate. I have a great team. I mean, we're not gonna call out, you know, like Jim and Scott, because that would be wrong to deal with. These guys have been with me from the start, and they put the E. T. I in place. They put the scripting in place that the guys were just, you know, rock stars on. Do I look good because of their effort? And I'm very, very proud of the team we've assembled that does this to make sure that you're and satisfaction is always met. >>Awesome story. So I imagine you know, when we hear like, four out of five dentists recommend this kind of bet. Is the fifth dentist recommending candy dot com? Is that where that guy's been? >>Yeah, he's got four kids >>going through college and >>everything, so he figures candy dot com to go. Way to make the money to make sure those tuition skip. >>All right. Well, Gary, it's been a pleasure to have you on the keys. Thank you for sharing what you're doing with bhumi at candy dot com. We appreciate and thanks for all the candy. >>Oh, our pleasure. Thank you very much for having been a great couple of days. I'm glad to be part of it. >>All right. Our pleasure for John Ferrier. I'm Lisa Martin. You're watching the Cube from Bhumi World 19. Thanks for watching

>>live from Atlanta, Georgia. It's the Q covering Answerable Fest 2019. Brought to you by Red Hat. >>Okay, welcome back. Everyone is the live Cube coverage for two days here in Atlanta, Georgia for instable fest. I'm John Furrier, My Coast stupid in with the Cube. Ted Julian, vice president, product management, formerly CEO. Resilient now part of an IBM company. Back to doing V P of product management. Again, you don't really ask. Welcome to welcome back to the Cube. Good to see you. It's a >>pleasure to be here. Thanks. >>So I see product management. Holistic thinking is the big discussion here. The thing that's coming out of this event is configuration management, a siloed point activity now, more of a platform. You're seeing more of a systems architecture thinking going into some of these platform discussion. Security certainly has been there. They're here now. A lot of pressure, the out of things built in with security but maintaining the onslaught of threats and landscape changes going on. That's what you do. >>It's rough out there. >>What what's going on? What are the key trends that customers should be aware of when thinking about configurations? Because automation can help. Yeah, maybe all use cases, but >>way need to do something and because customers definitely need help. The alerts that they're dealing with them both in the volume and the severity is like nothing we've ever seen before. At the same time we're talking about earlier, right, the regulatory impact also really big difference just in the last two or three years. Huge skills, gap shortage also a critical problem. People can't find enough people to do this work. That's very difficult to keep so clearly we need to do something different. And there's no doubt that orchestration and automation and configuration management, as a component of that is we've barely scratched the surface of the potential there. To help solve some of >>the open source is, is helping a lot of people now. Seeing the light first was cloud, the skeptics said. There's no security and cloud now. There is open source securities there, but still, proprietary systems have security. But the mayor may not be talented. Your point, so automation is an opportunity. How are companies dealing with the mishmash or the multi platform solutions that are out there >>at your right to ask the question it is driving, um, the problem in a big way. Years ago we tried this security automation within security, like in the early days of firewalls and the Web and stuff like that, and it didn't go well. Unintended consequences. But think two things have changed. The environments changed, which has raised the stakes for the need to be able to do this stuff to a whole different level. But at the same time, the technology matured enormously. There's been multiple platforms shifts since then, and so security teams. They're both kind of desperate for a better solution, but also better options now than they had before. And so it's for this reason that we're starting to see people adopt orchestration and automation now in a way that we didn't see in the last time around. >>But the thing is that we were hearing here is that people are trying to automate the same things and some of these holes in the infrastructure, whether it's an S three bucket, this is basic stuff. This is not rocket science. Yeah, so on these known use cases, this makes total sense that a playbook or automation could help kind of feel those holes. >>We talk about it as a journey, you know? And I don't think any two organizations journey is the same, nor does it really even need to be the same. So we've seen some customers, for example, take the approach of what's a high volume type of incident that we deal with. And if we could apply orchestration and automation, they were gonna get great our eye right? We see 4000 phishing attacks every month or what have you. And that's certainly one way to do it. Yeah, but those other times with one, >>though, I have to go >>into that point. There's other people that are like, you know, gathering forensics on an end point right now. Incredibly manual process. We need to be able to do that globally. Do we do it every day? No, we don't. But if we could automate that and get those results back in more like a couple hours, as opposed to two days, because the guy we need in Sweden is out of the office or whatever, that could mean the difference between ah, low level incident were able to contain and something that goes global. And so that's the use case we wanna chase, so I don't think there's a right or wrong answer. >>Depends on the environment. Ah, whole host of the whole thing about security is no general purpose software anymore. You have to really make it custom because every environments different. >>I mean, gosh, you guys Aaron Arcee, right? It's nuts. There's thousands of vendors. I mean, there's hundreds of vendors that are really products. They're not the features masquerading as products that are masquerading as companies. But there's a reason why that's been the case, and it's because the risk is so high. >>The desperation to >>yes, exactly good word choice. Yeah. >>So what? One of the things that reminded me of security is this morning hearing about, you know, J P. Morgan going through the transformation from the ticketing system. Tau wait to make a great case study two. I need to be able to automate things. So, you know, we know that response time is so critically important in the security area. So tell us how that meshes together from security and automation toe be able to response, and you know, whether it be patching or, you know, responding to an attack, >>there's huge opportunity gains there on. We've seen customers do some really remarkable things that start with what you're discussing, which is if we could automate that fishing process to a degree and we have 4000 of those a month and we're able to maybe shrink a response time by 80 some or more percent, which is what we've seen. That's a lot of savings right there. And you know, the meat and potatoes there is. You already have a fishing Neil Alias. Probably that that employees report those phishing attacks, too. But what if we just monitored that? We stripped those emails, stripped out the attachments, and we could automate all the manual grunt work that an analyst would otherwise do right? Is that and is there in execute a ble? Is that execute herbal? Unknown bad? What command and control servers is it talk to? Are those known bads those air 10 tabs That analyst could have opening their browser if we could automate all of that. So when they go into the case, it's all just sitting there for them. Huge time saver. >>It's the great proof point of the people plus machines. How do you make make sure that the people that when they get the information, they're not having to do too much grunt work. They get really focused on the things where their expertise in skill sets are needed, as opposed to just buried. You >>nailed it. I mean, automation is a great role to play, but it really is a subset of orchestration. It's when you can bring those two things together and really fuse the people process and technology via orchestration. That's when you get really game changing improvements. >>Talk about the relationship between you guys or silly, unanswerable. Where's the fit? What you guys doing together? Why year give a quick plug for what you working on? >>Yeah, absolutely. So just by working with customers, we kind of discovered that there was this growing groundswell of answerable use within our customer base. It was largely an I T, whereas that IBM resilient. We're selling mainly in a security. Um, and once we uncovered that were like, Oh my gosh, there's all these integrations that already exists. They're already using them for I t use cases on that side of the house, but a lot of the same work needs to be done as part of a security workflow. And so we built our integration where, literally you install that integration into resilient. And we have a visual workflow editor where you can define a sophisticated workflow. And what's that? Integration is in place. All of your instable integrations air there for you. You drag and drop them on near workflow. You can string them all together. I mean, it's really, really powerful. >>It's interesting. Stew and I and David Lattin Ovary Brother Q. Post. We got hundreds of events we see every conference. Everyone's going for the control plane layer. Don't control the data. I mean, it's aspiration, but it's You can't just say it. You gotta earn it. What's happening here is interesting in this country. Configuration management. Little sector is growing up because they control the plumbing, the control of the hardware, the piece parts right to the operating system. So the abstraction lee. It provides great value as it moves up the stack, no doubt, and this is where the impact is, and you guys are seeing it. So this dependency between or the interdependence between software glue that ties the core underpinnings together, whether it's observe ability data. It's not a silo, just context, which they're integrating together. This the collision course? Yeah. What's the impact gonna be here? What's your thesis on this? >>That's why there is such great synergy is because they are really were sort of the domain expertise Doreen experts on the security point of view and our ability to leverage that automation set of functions that answerable provides into this framework where you can define that workflow and all the rest that specific to some security use cases eyes just very, very complimentary to one another. >>This is a new kind of a 2.0 Kana infrastructure dynamic, where this enables program ability. Because if these are the control switch is on the gear and the equipment and the network routes, >>yeah, and where things get really interesting is when you do that in the context of ah, workflow and a case management system, which is part of what we provide, then you get a lot of really valuable metrics that are otherwise lost. If you're purely just at a point to point tool to to automation realm, and that allows you to look at organizational improvements because you're able to marry. Well, first of all, you can do things like better understand what kind of value those I t controls. Air providing you and the automation that you're able to deliver. But you can relate that to your people in your process as well. And so you can see, for example, that while we have two teams, they're doing that the ones in the day shift ones in the night shift. They have access to the same tool sets, but ones more effective than the other. First of all, you know that. But then, having known that you can now drill into that and figure out OK, why is the day shift better than the night shift? And you can say, Oh, well, they're doing things a little bit differently, maybe with how they're orchestrating this other team is, Or maybe they're not orchestrating it. All right? And you're having that. And then now you are able to knowledge share and, um improve that process to drive that continuous improvement. >>So this operational efficiency comes from breaking down these siloed exactly mentality data sets or staff? >>Yeah, and pairing. That was not just as I said, the IittIe automation aspect of weaken now do that 80% faster. But what about the people in the process aspect? We even bring that into the mix as well. You get that next limit layer of insight which kind of allows you to tap into another layer of productivity. >>So this is an alignment issue. This brings that back. The core cultural shift of Dev ups. This is the beginning of what operationalize ng Dev ops looks like. >>Yes. Yeah, >>people are working together. >>It's really, really well put. I mean, it gets back to how this question got started, which is what is this energy? And to me, this energy really is that you have these siloed all too often siloed functions of I t operations and security operations. And this integration between resilient and answerable is the glue that starts to pull those two things together to unlock everything we just talked about. >>Awesome. That's great. >>Yeah, well, you know, research has shown that you know, Dev Ops embracing, delivering and shipping code more frequently actually can improve security. Not You know what? We have to go through this separate process and slow everything down. So are you seeing what? What is that kind of end state organization look like? Oh, >>I mean, that's a huge transformation. And it's something that on the security field we've been struggling with for the longest time, because when we were in kind of a waterfall mode of sort of doing things I mean your timeframe of uncovering a security issue, addressing it in code code, getting deployed to a meaningful enough fashion and over a long enough time to get a benefit that could be years, right? But now that we're in this model, I mean, that could be so much, much more quickly obtained and obviously not only other great just General Roo I improvements that come from that, but your ability to shrink the threat window as a result of this as well as huge and that is crucial because all the same things that us, the good guys they're doing to be able to automate our defenses, the bad guys, they're doing the same thing in terms of how they're automating their attacks. And so we really have to. We have no choice. >>So, Ted, you were acquired by IBM. IBM made quite sizeable acquisition with Red Hat. Tell us what your IBM with danceable. How that should play out >>there is just enormous potential. And answerable is a big, big piece of it, without a doubt. And I think we're just scratching the tip of the iceberg for the benefits. They're just in the from resilience point of view. And, you know, we're not to stay in touch because we have some really interesting things coming down the pike in terms of next gen platforms and the role that that answer will complain those two and how those stretch across the security portfolio with an IBM more broadly and then even beyond that. >>Well, we want to keep in touch. We certainly have initiated Cube coverage this year on security. Cyber little bit going for a broader than the enterprise. Looking at the edge edges. You know about the perimeter. Being just disabled by this new service area takes one penetration lightbulb I p address. So again, organizing and configuring these policy based systems sounds like a configuration problem. Yeah, it is. This is where the software's gonna do it. Ted, Thanks for coming on. Sharing the insights. Any other updates on your front. What do you are most interested in what? Give us a quick update on what you're working on. >>Um, well, we're just getting started with the answerable stuff, so that's particularly notable here, but also kind of modern, modernizing our portfolio, and that really gets to the whole open shift side of the equation and the Red Hat acquisition as well, So not ready to announce anything yet. But some interesting things going on there that that kind of pull this all together and that serve as just one part of the foundation for the marriage between red at 9 p.m. and wanna sneak a value can bring the >>customers any sneak peek at all on the new direct. Sorry time. At least lips sink ships Don't do it. Love to no. >>Blame me for asking. >>Hey, I got a feeling hasn't automation. And somewhere in there Ted, thanks for sharing your insights. It was great to see Cuba coverage here. Danceable fest. I'm jumpers to minimum, breaking out all the action as this new automation feeds A I's gonna change the stack game as data is moving up to stack. This isn't Cube. Bring all the data will be back up to the short break. >>Um