>>Good afternoon, brilliant humans, and welcome back to the Cube. We're live in Detroit, Michigan at Cub Con, and I'm joined by John Furrier. John three exciting days buzzing. How you doing? >>That's great. I mean, we're coming down to the third day. We're keeping the energy going, but this segment's gonna be awesome. The CD foundation's doing amazing work. Developers are gonna be running businesses and workflows are changing. Productivity's the top conversation, and you're gonna start to see a coalescing of the communities who are continuous delivery, and it's gonna be awesome. >>And, and our next guess is an outstanding person to talk about this. We are joined by Stephen Chin, the chair of the CD Foundation. Steven, thanks so much for being here. >>No, no, my pleasure. I mean, this has been an amazing week quote that CubeCon with all of the announcements, all of the people who came out here to Detroit and, you know, fantastic. Like just walking around, you bump into all the right people here. Plus we held a CD summit zero day events, and had a lot of really exciting announcements this week. >>Gotta love the shirt. I gotta say, it's one of my favorites. Love the logos. Love the love the branding. That project got traction. What's the news in the CD foundation? I tried to sneak in the back. I got a little laid into your co-located event. It was packed. Everyone's engaged. It was really looked, look really cool. Give us the update. >>What's the news? Yeah, I know. So we, we had a really, really powerful event. All the key practitioners, the open source leads and folks were there. And one of, one of the things which I think we've done a really good job in the past six months with the CD foundation is getting back to the roots and focusing on technical innovation, right? This is what drives foundations, having strong projects, having people who are building innovation, and also bringing in a new innovation. So one of the projects which we added to the CD foundation this week is called Persia. So it's a, it's a decentralized package repository for getting open source libraries. And it solves a lot of the problems which you get when you have centralized infrastructure. You don't have the right security certificates, you don't have the right verification libraries. And these, these are all things which large companies provision and build out inside of their infrastructure. But the open source communities don't have the benefit of the same sort of really, really strong architecture. A lot of, a lot of the systems we depend upon. It's >>A good point, yeah. >>Yeah. I mean, if you think about the systems that developers depend upon, we depend upon, you know, npm, ruby Gems, Mayn Central, and these systems been around for a while. Like they serve the community well, right? They're, they're well supported by the companies and it's, it's, it's really a great contribution that they give us. But every time there's an outage or there's a security issue, guess, guess how many security issues that our, our research team found at npm? Just ballpark. >>74. >>So there're >>It's gotta be thousands. I mean, it's gotta be a lot of tons >>Of Yeah, >>They, they're currently up to 60,000 >>Whoa. >>Vulnerable, malicious packages in NPM and >>Oh my gosh. So that's a super, that's a jar number even. I know it was gonna be huge, but Holy mo. >>Yeah. So that's a software supply chain in actually right there. So that's, that's open source. Everything's out there. What's, how do, how does, how do you guys fix that? >>Yeah, so per peria kind of shifts the whole model. So when, when you think about a system that can be sustained, it has to be something which, which is not just one company. It has to be a, a, a set of companies, be vendor neutral and be decentralized. So that's why we donated it to the Continuous Delivery Foundation. So that can be that governance body, which, which makes sure it's not a single company, it is to use modern technologies. So you, you, you just need something which is immutable, so it can't be changed. So you can rely on it. It has to have a strong transaction ledger so you can see all of the history of it. You can build up your software, build materials off of it, and it, it has to have a strong peer-to-peer architecture, so it can be sustained long term. >>Steven, you mentioned something I want to just get back to. You mentioned outages and disruption. I, you didn't, you didn't say just the outages, but this whole disruption angle is interesting if something happens. Talk about the impact of the developer. They stalled, inefficiencies create basically disruption. >>No, I mean, if, if, so, so if you think about most DevOps teams in big companies, they support hundreds or thousands of teams and an hour of outage. All those developers, they, they can't program, they can't work. And that's, that's a huge loss of productivity for the company. Now, if you, if you take that up a level when MPM goes down for an hour, how many millions of man hours are wasted by not being able to get your builds working by not being able to get your codes to compile. Like it's, it's >>Like, yeah, I mean, it's almost hard to fathom. I mean, everyone's, It's stopped. Exactly. It's literally like having the plug pulled >>Exactly on whenever you're working on, That's, that's the fundamental problem we're trying to solve. Is it, it needs to be on a, like a well supported, well architected peer to peer network with some strong backing from big companies. So the company is working on Persia, include J Frog, which who I work for, Docker, Oracle. We have Deploy hub, Huawei, a whole bunch of other folks who are also helping out. And when you look at all of those folks, they all have different interests, but it's designed in a way where no single party has control over the network. So really it's, it's a system system. You, you're not relying upon one company or one logo. You're relying upon a well-architected open source implementation that everyone can rely >>On. That's shared software, but it's kind of a fault tolerant feature too. It's like, okay, if something happens here, you have a distributed piece of it, decentralized, you're not gonna go down. You can remediate. All right, so where's this go next? I mean, cuz we've been talking about the role of developer. This needs to be a modern, I won't say modern upgrade, but like a modern workflow or value chain. What's your vision? How do you see that? Cuz you're the center of the CD foundation coming together. People are gonna be coalescing multiple groups. Yeah. >>What's the, No, I think this is a good point. So there, there's a, a lot of different continuous delivery, continuous integration technologies. We're actually, from a Linux Foundation standpoint, we're coalescing all the continued delivery events into one big conference >>Next. You just made an announcement about this earlier this week. Tell us about CD events. What's going on, what's in, what's in the cooker? >>Yeah, and I think one of the big announcements we had was the 0.1 release of CD events. And CD events allows you to take all these systems and connect them in an event scalable, event oriented architecture. The first integration is between Tecton and Capin. So now you can get CD events flowing cleanly between your, your continuous delivery and your observability. And this extends through your entire DevOps pipeline. We all, we all need a standards based framework Yep. For how we get all the disparate continuous integration, continuous delivery, observability systems to, to work together. That's also high performance. It scales with our needs and it, it kind of gives you a future architecture to build on top of. So a lot of the companies I was talking with at the CD summit Yeah. They were very excited about not only using this with the projects we announced, but using this internally as an architecture to build their own DevOps pipelines on. >>I bet that feels good to hear. >>Yeah, absolutely. Yeah. >>Yeah. You mentioned Teton, they just graduated. I saw how many projects have graduated? >>So we have two graduated projects right now. We have Jenkins, which is the first graduated project. Now Tecton is also graduated. And I think this shows that for Tecton it was, it was time, the very mature project, great support, getting a lot of users and having them join the set of graduated projects. And the continuous delivery foundation is a really strong portfolio. And we have a bunch of other projects which also are on their way towards graduation. >>Feels like a moment of social proof I bet. >>For you all. Yeah, yeah. Yeah. No, it's really good. Yeah. >>How long has the CD Foundation been around? >>The CD foundation has been around for, i, I won't wanna say the exact number of years, a few years now. >>Okay. >>But I, I think that it, it was formed because what we wanted is we wanted a foundation which was purpose built. So CNCF is a great foundation. It has a very large umbrella of projects and it takes kind of that big umbrella approach where a lot of different efforts are joining it, a lot of things are happening and you can get good traction, but it produces its own bottlenecks in process. Having a foundation which is just about continuous delivery caters to more of a DevOps, professional DevOps audience. I think this, this gives a good platform for best practices. We're working on a new CDF best practices Yeah. Guide. We're working when use cases with all the member companies. And it, it gives that thought leadership platform for continuous delivery, which you need to be an expert in that area >>And the best practices too. And to identify the issues. Because at the end of the day, with the big thing that's coming out of this is velocity and more developers coming on board. I mean, this is the big thing. More people doing more. Yeah. Well yeah, I mean you take this open source continuous thunder away, you have more developers coming in, they be more productive and then people are gonna even either on the DevOps side or on the straight AP upside. And this is gonna be a huge issue. And the other thing that comes out that I wanna get your thoughts on is the supply chain issue you talked about is hot verifications and certifications of code is such big issue. Can you share your thoughts on that? Because Yeah, this is become, I won't say a business model for some companies, but it's also becoming critical for security that codes verified. >>Yeah. Okay. So I, I think one of, one of the things which we're specifically doing with the Peria project, which is unique, is rather than distributing, for example, libraries that you developed on your laptop and compiled there, or maybe they were built on, you know, a runner somewhere like Travis CI or GitHub actions, all the libraries being distributed on Persia are built by the authorized nodes in the network. And then they're, they're verified across all of the authorized nodes. So you nice, you have a, a gar, the basic guarantee we're giving you is when you download something from the Peria network, you'll get exactly the same binary as if you built it yourself from source. >>So there's a lot of trust >>And, and transparency. Yeah, exactly. And if you remember back to like kind of the seminal project, which kicked off this whole supply chain security like, like whirlwind it was SolarWinds. Yeah. Yeah. And the exact problem they hit was the build ran, it produced a result, they modified the code of the bill of the resulting binary and then they signed it. So if you built with the same source and then you went through that same process a second time, you would've gotten a different result, which was a malicious pre right. Yeah. And it's very hard to risk take, to take a binary file Yep. And determine if there's malicious code in it. Cuz it's not like source code. You can't inspect it, you can't do a code audit. It's totally different. So I think we're solving a key part of this with Persia, where you're freeing open source projects from the possibility of having their binaries, their packages, their end reduces, tampered with. And also upstream from this, you do want to have verification of prs, people doing code reviews, making sure that they're looking at the source code. And I think there's a lot of good efforts going on in the open source security foundation. So I'm also on the governing board of Open ssf >>To Do you sleep? You have three jobs you've said on camera? No, I can't even imagine. Yeah. Didn't >>You just spin that out from this open source security? Is that the new one they >>Spun out? Yeah, So the Open Source Security foundation is one of the new Linux Foundation projects. They, they have been around for a couple years, but they did a big reboot last year around this time. And I think what they really did a good job of now is bringing all the industry players to the table, having dialogue with government agencies, figuring out like, what do we need to do to support open source projects? Is it more investment in memory, safe languages? Do we need to have more investment in, in code audits or like security reviews of opensource projects. Lot of things. And all of those things require money investments. And that's what all the companies, including Jay Frogger doing to advance open source supply chain security. I >>Mean, it's, it's really kind of interesting to watch some different demographics of the developers and the vendors and the customers. On one hand, if you're a hardware person company, you have, you talk zero trust your software, your top trust, so your trusted code, and you got zero trust. It's interesting, depending on where you're coming from, they're all trying to achieve the same thing. It means zero trust. Makes sense. But then also I got code, I I want trust. Trust and verified. So security is in everything now. So code. So how do you see that traversing over? Is it just semantics or what's your view on that? >>The, the right way of looking at security is from the standpoint of the hacker, because they're always looking for >>Well said, very well said, New >>Loop, hope, new loopholes, new exploits. And they're, they're very, very smart people. And I think when you, when you look some >>Of the smartest >>Yeah, yeah, yeah. I, I, I work with, well former hackers now, security researchers, >>They converted, they're >>Recruited. But when you look at them, there's like two main classes of like, like types of exploits. So some, some attacker groups. What they're looking for is they're looking for pulse zero days, CVEs, like existing vulnerabilities that they can exploit to break into systems. But there's an increasing number of attackers who are now on the opposite end of the spectrum. And what they're doing is they're creating their own exploits. So, oh, they're for example, putting malicious code into open source projects. Little >>Trojan horse status. Yeah. >>They're they're getting their little Trojan horses in. Yeah. Or they're finding supply chain attacks by maybe uploading a malicious library to NPM or to pii. And by creating these attacks, especially ones that start at the top of the supply chain, you have such a large reach. >>I was just gonna say, it could be a whole, almost gives me chills as we're talking about it, the systemic, So this is this >>Gnarly nation state attackers, like people who wanted serious >>Damages. Engineered hack just said they're high, highly funded. Highly skilled. Exactly. Highly agile, highly focused. >>Yes. >>Teams, team. Not in the teams. >>Yeah. And so, so one, one example of this, which actually netted quite a lot of money for the, for the hacker who exposed it was, you guys probably heard about this, but it was a, an attack where they uploaded a malicious library to npm with the same exact namespace as a corporate library and clever, >>Creepy. >>It's called a dependency injection attack. And what happens is if you, if you don't have the right sort of security package management guidelines inside your company, and it's just looking for the latest version of merging multiple repositories as like a, like a single view. A lot of companies were accidentally picking up the latest version, which was out in npm uploaded by Alex Spearson was the one who did the, the attack. And he simultaneously reported bug bounties on like a dozen different companies and netted 130 k. Wow. So like these sort of attacks that they're real Yep. They're exploitable. And the, the hackers >>Complex >>Are finding these sort of attacks now in our supply chain are the ones who really are the most dangerous. That's the biggest threat to us. >>Yeah. And we have stacker ones out there. You got a bunch of other services, the white hat hackers get the bounties. That's really important. All right. What's next? What's your vision of this show as we end Coan? What's the most important story coming outta Coan in your opinion? And what are you guys doing next? >>Well, I, I actually think this is, this is probably not what most hooks would say is the most exciting story to con, but I find this personally the best is >>I can't wait for this now. >>So, on, on Sunday, the CNCF ran the first kids' day. >>Oh. >>And so they had a, a free kids workshop for, you know, underprivileged kids for >>About, That's >>Detroit area. It was, it was taught by some of the folks from the CNCF community. So Arro, Eric hen my, my older daughter, Cassandra's also an instructor. So she also was teaching a raspberry pie workshop. >>Amazing. And she's >>Here and Yeah, Yeah. She's also here at the show. And when you think about it, you know, there's always, there's, there's, you know, hundreds of announcements this week, A lot of exciting technologies, some of which we've talked about. Yeah. But it's, it's really what matters is the community. >>It this is a community first event >>And the people, and like, if we're giving back to the community and helping Detroit's kids to get better at technology, to get educated, I think that it's a worthwhile for all of us to be here. >>What a beautiful way to close it. That is such, I'm so glad you brought that up and brought that to our attention. I wasn't aware of that. Did you know that was >>Happening, John? No, I know about that. Yeah. No, that was, And that's next generation too. And what we need, we need to get down into the elementary schools. We gotta get to the kids. They're all doing robotics club anyway in high school. Computer science is now, now a >>Sport, in my opinion. Well, I think that if you're in a privileged community, though, I don't think that every school's doing robotics. And >>That's why Well, Cal Poly, Cal Poly and the universities are stepping up and I think CNCF leadership is amazing here. And we need more of it. I mean, I'm, I'm bullish on this. I love it. And I think that's a really great story. No, >>I, I am. Absolutely. And, and it just goes to show how committed CNF is to community, Putting community first and Detroit. There has been such a celebration of Detroit this whole week. Stephen, thank you so much for joining us on the show. Best Wishes with the CD Foundation. John, thanks for the banter as always. And thank you for tuning in to us here live on the cube in Detroit, Michigan. I'm Savannah Peterson and we are having the best day. I hope you are too.

>>Welcome to the cubes dock, our main stage coverage here at DockerCon 2022. I'm John furrier, host of the cube. We're here with cube alumni, a partner scene, the senior director of product and the developer platform at Google cloud, a partner. Great to see you. It's been a while how's things >>Great to see you, John. Thanks for having me. >>So obviously we've covered a lot about the Google's history and open source. If you go back, I mean go back generation 2000, it all started, it continues to continue to thrive the SDO, all the different projects you guys are around the future of containers and serverless all there. Give us the update. Why are customers choosing Google cloud? We're here at Docker con what's the big update from Google cloud's perspective from a, from a developer perspective? >>Well, John, uh, Google cloud has been, uh, the early cloud on containers, um, and by all measures from, we can, from what we can see, you know, it is the preferred cloud for container native workloads. Um, I think why our customers choosing cloud there's a, there's a few different reasons. Um, definitely one of the reasons is because it is a flexible and open platform. And I think that that is, uh, distinctive about Google cloud, as you mentioned, uh, many, many open source projects coming from Google and Google cloud in particular over the last 20 years, um, spanning, um, languages, um, you know, obviously, uh, the go programming language all the way to of course, Kubernetes. Um, and then, uh, more recently Isto and, uh, K native and many more, uh Tecton is one of the leading projects as well. Um, in the C I C D space. >>So I think that, uh, history is something that really attracts the developer population. It's also very, very important for enterprises that are, uh, modernizing and looking to accelerate their, uh, developer productivity. So that's been one major reason. I think the second major reason is really the security aspect, um, of the developer tool chain and in particular related to open source secure well, and I think the third, uh, reason that comes out, um, quite frequently when we, when we talk to our enterprise customers is Google cloud is unique in the multi-cloud space. Um, you know, one of the first, I think probably the first and, uh, only cloud provider to have a very strong multi-cloud strategy, uh, and that stems from the open source roots, but also, you know, uh, bringing more than just, uh, compute, bringing many of our data services also, uh, to the multi-cloud space. I think that's, those are the three reasons why, uh, developers often choose Google cloud. >>Yeah. And you see the multi-cloud also in a distributed computing environment. It's, I mean, multi-cloud is basically distributed computing where you've got hyperscalers and then edges emerging very quickly. Of course, we've talked about that in the past, on previous interviews, how security at the edge software opensource all coming together. Again, Kubernetes launched by Google contributed to the open source world that everyone knows that, or may not know that. Um, but, but that's key. Where do you see the container position come in? Because at the end of the day, containers is standard and now you've got Kubernetes and other parts wrapped around it. Where's container technology going in the coming, coming in the future years. Is it gonna be invisible? Is it gonna be programmable? What's your vision on that? >>This is an excellent question. And you're exactly right. You're seeing containers become mainstream. And some of the latest, uh, state of the, the state of the cloud business report, you're seeing, you know, 80% of enterprises, um, having some form of a container program and I've been involved in this industry since the very early days. So this is something we've been predicting, um, and it is happening even faster than expected. So that's becoming very mainstream, which is extremely exciting for us. Now you ask, you know, what is the future and what is the evolution of it? Um, so, and, and I think, uh, this is the right question because, um, you're seeing a lot of the future actually on Google cloud. Um, we're, we've won the, uh, Gartner and Forester quadrants as far as leader quadrants in, uh, you know, container offerings. And that's not just Kubernetes, of course, uh, Google Kubernetes engine has been, has been the leading area, but there's a whole host of offerings around that. >>Um, in particular I'd like to point out serverless containers with cloud run, as well as the entire DevOps pipeline around containers. And that's a big topic in the industry right now. It brings in, uh, security as related to, uh, developers. And then of course, uh, you know, providing an automated, secure pipeline for DevOps, um, as it relates to containers, we've had several announcements and, and, and a lot of success in this space. Uh, I, I can go through some of these things with cloud run, which is our serverless container offering. We've seen, uh, four X growth in adoption and, uh, consumption of that service last year in 2021. And that is continuing, uh, so it's very, very healthy and it is very much the reason customers are adopting. It is because they don't need to learn a lot of the underlying infrastructure. They don't need to manage any of the underlying infrastructure. >>There isn't necessarily a cluster to manage all of that is taken care of, uh, for them. And they can focus on their application. They can actually use, uh, make use of the benefits of containers, such as, uh, you know, scalability, um, such as, um, application awareness, uh, and such as a lot of the integrated tool chain for, uh, delivery for application delivery, right from your source repository into production, and then being able to bring out new versions of your application, test them, and then roll over. So this is kind of the new, uh, uh, generation I think is very much tied to the pandemic and what's happening in the world post pandemic, where developers are extremely important, developer productivity and, and fact developer work, life balance is extremely >>Important. Yeah. And I, and I think also one of the things that we're seeing to piggyback on that last comment, as well as your other points is developers have always been pulled to the front lines even 10 years ago. You saw the trend towards getting more closer to the customer now with cloud and edge and with open source being the innovation equation where entrepreneurs are starting projects, companies are starting projects, then they gotta get commercialized. So supply chain is a big discussion. We're hearing at Docker con we're hearing about shifting left of security data as code. You start to see the developer on the front lines in all aspects of this, and they want, they want security, they want efficiency, they want things in the pipeline. They don't wanna have to shift left, then come back again. So again, they starting to see this kind of productivity drive the business behavior of the companies cuz that's their, the value partners. That's the application side of cloud native. What's your thoughts for the developers who are doing that? What's in it for them with Google cloud? Why, why are you important to them? >>Yeah, and I think, uh, John, this is where, uh, developers, uh, tend to prefer Google cloud. And there's a couple of reasons for that. One is, you know, we are very much, uh, centered around developers. Um, you know, my job is, uh, you know, Google cloud developer platform. And, uh, our goal is to provide ease of use the easiest cloud for developers. Something that is, um, you know, really allows them to get their work done quickly. Developers want to be exposed to the best technology. They want to be able to be exposed to it in a way that that integrates into their workflow that integrates into the tools that they're used to, um, and allows them to get their job done quickly. And so a lot of what we're doing in, in the developer space is providing an integrated stack. Um, you know, whether you're building a web application or you're building a mobile application, or you're trying to do data analytics, uh, Google cloud should be a place that you come to. >>That's easy for you to use, to get the job done. Um, and, and, and the security aspect is not something that developers like to deal with. They want that to be taken care of for them, um, troubleshooting as well, you know, troubleshooting and, and upgrading. And all of that is something that they wanna be taken care of. And so that is something that we're baking into the platform. And you'll see that in a lot of our tooling, um, you know, the build process, uh, we're providing salsa compliance, um, and, and build Providence for the security teams to be able to audit. But it's not something that the, that the developer needs to take care of. It's something that is just part of the, the build process built into, uh, say, uh, cloud run or GK built into our compute options for making >>It for them, making it easy, simple, and reduce the steps it takes to get the job done. So great stuff par, great to see you in the last 30 seconds, we have left. Just give a quick commercial for what the key projects are in open source. You're proud of that people should pay attention to, we got CubeCon coming up, uh, in, uh, Europe and north America. What are some of the successes that you like to point out? >>Well, I really encourage, uh, developers to go and take a look, a new look at, go go 1.8, add support for generics. It should open up a brand new set of applications. So I definitely encourage folks to, to take a look at that, um, of, of course ISEO and service mesh. As, as your container footprint grows, you have many microservices looking at service mesh, uh, extremely important, and it also allows you to get to that SRE type of, um, uh, DevOps model where, you know, you're securing your services. You're also, uh, being able to monitor and control, uh, service usage. And then the last one is of course Tecton and this is where secure software supply chain comes up. Part I'll >>Mention that. I wish I had 20 minutes. Love chatting with you. We'll catch up with you later on the cube we're here at DockerCon. Thanks for your time. Back to the DockerCon main stages of the cube. I'm John farrier, back to the main stage for more coverage.

>> From theCUBE Studios in Palo Alto in Boston, connecting with thought leaders all around the world. This is a CUBE conversation. >> Hi, I'm Stuart Miniman. and welcome to this special CUBE conversation. Always love when we get to talk to founders of companies, when they're drilling into some interesting technologies. I want to welcome a new guest to theCUBE as well as one of our CUBE alumni, sitting right next to me on the screen. First of all, we have Martin Casado, who is a general partner within Andreessen Horowitz. Martin great to see you. >> Its great to be here. >> And you've brought along Mike Del Balso also who is the co founder and CEO of Tecton recently out of stealth going to dig into a lot of the ML discussion. Mike, thanks for joining us. >> Thanks for having me on. Alright, so Martin look, you're no stranger to being a founder yourself, we've loved having you on theCUBE over the years. I have to get since we're getting you on here in 2020, we of course need to start with the fact that there's a global pandemic going on. and I'm curious from our standpoint, from an investment standpoint and looking at technology How does this make it a little bit different in 2020, say than you would've thought coming into the year? >> Yeah, so I think there's kind of a near term answer and a long term answer. I think the near term answer is people don't really understand what the broad impact is going to be. And so companies in the portfolio and the guidance that we do is to be conservative with cash. let's see how Q2 plays out and then let's figure out the right way to kind of operate the company in light of the macro changes. Long term however, it's very clear that every digital transformation project right now is being fast tracked. And as a result we think it's a huge boom to infrastructure. And as who been for the software. Right? like where in the past you could deal with kind of legacy setups that were on print. This is just not the case anymore. So take for a company like Tecton, Mike's company, like there's a lot of conversations that happen now. where the company is like, wow, we really need to have our infrastructure digitized and it all needs to be in the cloud, and all need to be remote and so forth. So we're actually seeing a ton of tailwinds even though there's uncertainty on the macro environment in the near term. >> Yeah. You make some great points, Martin absolutely. The companies that have actually gone through some digital transformation, the goals of that is number one I should be data-driven, number two I should be able to be much more agile. And that's what we need in uncertain times is to be able to react fast and answer it. Mike unfortunately I've talked to plenty of companies, you can't necessarily choose when's the right time to launch a company. When's the right time to do an IPO, trying to time the market. But sorry to say interesting times are upon us. So let's talk a bit about Tecton, give us a little bit of your background the team, the core team I believe coming out of Uber with the Michelangelo project that led to Tecton? >> Yeah. Great. So at Tecton we really focus on what we call operational machine learning, which is really about helping organizations really use machine learning and applied context, really powering customer experiences, powering business processes, things that really make it to production. And so we help these machine learning, AI efforts get past the finish line. And a little bit about the background of me, I used to work at Google as a product manager for the machine learning teams that power the ads auction. So the models that choose which ads to show. and run in real time and are highly productionized. and are really core to the business. And then I was at Uber after that and Uber helped start their first centralized machine learning team. And it was really the whole journey for Uber going from just starting to getting to tens of thousands of models in production. And a big component of that was a lot of the technology that we built there, the platforms and infrastructure that we built to support the different business teams. To be able to embed machine learning and AI products. And so what we're talking about, all these very applied use cases real time, fraud detection, ETA estimation, search pricing. All these things, when you think about with Uber. so through that journey of supporting and helping them get to 100 with machine learning. We built out this platform called Michelangelo, which is really a machine learning platform. It's really an end to end machine learning platform. Learned a lot of lessons as we helped out, dozens of teams. go through the full life cycle, start with starting a project. What is this, what does this mean? What does my business problem, how does it translate to a machine learning problem all the way to having a model in production monitored, and really fully productionized and kind of a growing core to that business. So we learned a lot of lessons from building that at Tecton. My co-founders are the other leaders of that project and we learned a lot of really important lessons that lead to the success of these machine learning projects and we're now focused on helping a lot of other organizations really start up their machine learning efforts and get these things into production. >> Yeah Martin, maybe you could give us a little bit of context here. When I think about repeatability of solutions, how much they scale, there's only so many Google's and Uber's out there. when I look back at the big data world, there wasn't a lot of repeatability, it seemed like everything was custom. What did you see with Tecton? What are you looking at in the ML space that made them such an attractive investment? >> Sure. So maybe let's just pull back and talk about what's going on in systems and infrastructure in general. And I actually think this is probably the biggest shift. Certainly I've seen in my career which is, it used to be, if you looked at a system, let's say a super but whatever system, the correctness of that system. and the performance of that system and the compliance of that system, and the security was dictated by the code that you wrote, right? You wrote bad code you made bugs, you had vulnerabilities in your code that would dictate the system. But more and more that's actually not the case. I mean these days kind of performance, accuracy, security compliance is actually dictated by the data that you feed into. Right? You create these models, you feed the data models, the data gives you output and the data that you feed in and like your work flows around those models who are really dictating things like pricing or things like fraud, these really important things. And unlike code, we don't have the tools to manage data in the same way. And so if you think of it we're moving kind of from this code economy, to this data economy more and more techniques to correct dictates the correctness of all of these systems. and we're talking about trillions of dollars of market cap But if you actually look at the tooling around it, it still feels like the seventies around code, which is like you've got fiefdoms and you've got a lot of tribal knowledge. And so we've been tracking this trend for a long time. We're investors in Databricks We've got a large data portfolio. I mean, it's very obvious if you look at what's happening with the cloud data warehouses, if you think like Redshift, BigQuery and Snowflake. The world is going data extracting information out of data. And so on the backdrop of that, we're like okay, you need to be able to think of data like you think of code. and have the tooling around it that helped makes the lives of people working with this stuff simpler, especially for the core use cases which is ML and AI. And to that end I think that this is broadly known in the industry but like looking in the leading companies is like a crystal ball into the future, right? Because they tackle a lot of the problems before the rest of the industry did. And Michelangelo was very well know as the leading project in this. It had a broad set of respect from the community and kind of created this notion of a feature store which has now been replicated. And so really this is like the preeminent project in one of the biggest macro transformations. Beyond that, we met the team that are fantastic. We've got great chemistry, we've got a lot of similar backgrounds. And so the investment was pretty straight forward from that. But I do think it's important to frame it in the context of this macro shift that's going on. >> Yeah. it can't be overstated how important data is. I do think we need a new analogy probably with what happened with the global pandemic. Everybody was talking about data being the new oil and oil is pretty deep right now. And data is definitely not losing its value. Mike, when I read some of the discussion about Tecton enables data scientists turn raw data into production ready features and predictive singles as signals it sounds really impressive. So help us understand kind of the core thing that you do and where we are in the product life cycle. >> Great. Well so a machine learning application there's fundamentally two components. Right? There's a model that you have to build that's going to make the decisions, given a certain set of inputs. And then there's the features which ended up being those inputs. that the model uses making decision. common machine learning infrastructure stats, really are split into two layers. There's a model management layer and a feature management layer. And that's an emerging pattern in some of the more sophisticated machine learning. stacks that are out there. And what we build at Michelangelo we really had this model management layer, this feature management layer, and we recognize that that feature management layer was the thing that really allowed us to go from not just zero to one, but one to end and scale out machine learning across a number of different used cases and allow individual data scientists to own more than just one model in production. And so really what's at the core of that is a few components. The first is just feature pipelines. So these are data pipelines that plug into the businesses raw data via batch streaming, real time data and turn those into features that are these predictive signals and models consume. The second part of that is a feature store, which catalogs these feature transformations, catalog these pipelines and draws, the output raw data or the output feature data. And then the third component is feature service. Making those features accessible to a data scientist when they're building their models. And to the models in the production environment so they can make these decisions sometimes needed in milliseconds for real time decisioning that is quite common. and a lot of high value machine learning applications. what Tecton really is, it's a data platform for machine learning that manages all the feature data and feature transformations that allow an organization to share the predictive signals. These features across use cases in reading catalog needs and understand what they are. And secondly get these into production so they don't get hung up in that final stage right before they're trying to cross the finish line with the machine learning project. >> Stuart: All right. And Mike the product today, my understanding of private beta. You do have some customers at that point, tell us a little bit about that. >> Yeah, we're at private beta with a number of customers. We just went into full production with it last month. A couple of other customers that I maybe shouldn't name on the air, but we are spending time engaging in kind of like deep hands-on engagements. with different teams who are really trying to set up their machine learning on the cloud. Figuring out how to get their machine learning in production. And it tends to be teams that are trying to really use machine learning for operational use cases. Really trying to drive real business decisions and power their product customer experiences. And not as much as a lot of the kind of like research algorithm research stuff, but we're really just trying to solve these core data problems that are preventing machine learning projects from being successful. >> Yeah. And it was interesting Martin. I was listening to some of what Mike was saying I'm like, okay. It's not quite the analogy of micro-segmentation. or separating the control plane or the network plane and networking, but there were some analogies there. What I want to ask you though is the role of data? I talked to Andy Jassy a couple of years ago. I asked him the flywheel for AWS for years was customers. How many customers they could get and I was wondering does data become that new flywheel? And there's the center of gravity's and the customers that can happen and monetize with going there. So I'm just curious your thoughts on that. >> So I think people don't appreciate how different data is than code. And so I just want to start there because I think it's really germane to this topic. So listen code is like a finite state. Right? It's like, it's lines of code. You can build it, you can modularize it, It's like building a house. And so the tools that you put around code kind of reign in, what's already a fairly low entropy system, like a fairly orderly system. Data On the other hand, data is like the natural world. It's all of the complexity of the universe. Right? It's the behavior of humans. It's temperature readings and there's so much more complexity. and there's so much more entropy in data that the way that you deal with it is so fundamentally different than you have to deal with code. And so we've all of these and so I wanted to start that with we've heard all of these analogies about data, data is the new oil data is for the value, et cetera, et cetera, et cetera. But a lot of it's tautological, meaning yes, of course there's value in data. Yeah. Yes. If you have proprietary access to data, you've got proprietary access to data. But what we don't really know is how do you take data and reign it in? So you can use it in the same way that you use software system. We actually don't even know how to do that and so talking about things like data network effects and extracting data is a little bit preliminary because we still actually don't even understand, like how much work it takes to mine insights from data. What I do know you need, I do know you need the tools to do it and I do know that those tools are quite different. and so I think that we're now in this era building the tooling that is required to extract the insights of that data. And I think that's a very necessary step and this is where a Tecton comes in, to provide that tooling. And I think once we have a better handle on that then we can start asking these deeper questions, which I think are great questions. But the things like how defensible is data? Do you have network effects of the data? can you put in a finite amount of effort and extract signal at all times? Like how messy is data, et cetera. So I think that's kind of where we are in this journey, which is exactly why you need companies like Tecton to help answer. >> Alright. So Mike there's been the promise of really unlocking data now. There has been a really interesting discussion point for the last five or 10 years. The company is named Tecton, I've read some of the blog posts and talk about the Cambrian explosion and changes there. So give us if we're looking forward, you've just come out of stealth. What is success for Tecton two to three years out from now? >> Yeah, I think the biggest thing is we're trying to help organizations. Recognize that their data really is an asset and treat their features like assets. And when we can get to a point where organizations that teams that want to use machine learning and production don't need to throw a million data engineers at a problem. And we get added to a point where machine learning is not, a special team of experts that are super expensive that you kind of leave in the corner of your building and hope they come back 18 months later with some project that is showing some value, that would be success for us. we really are dead focused on the problems that are preventing these projects just from getting into production. And when we see the industry as a whole have seen success with these machine learning projects, I think we will have our mission accomplished. >> All right, Martin, I'll give you the final word to the opportunity you see in front of Tecton. >> I honestly think the data industry is going to be 10 X the computer industry. I just think like with compute you're building houses from the ground up and there's a ton of value there. I think with data is you're extracting insight and value from the universe, right? It's like the natural system. And every company has data and lots of data and all of it has some information. And so I think that this is a chance to be a very, very pivotal company. in democratizing access to data. So I think that the opportunity is enormous. >> Well, Martin, thank you for joining us again on the update, Mike, thank you Welcome to being a CUBE alum. Definitely hope to have you back soon to track the journey, congrats on step one out the door and best of luck going forward. >> Thank you. >> That's great. Thanks too >> All right. Be sure to check out the cube.net. for the upcoming events that we have today they're all virtual, but the interviews are all there as well as all the archive. I'm Stuart Miniman and thank you for watching theCUBE. (soft upbeat music)

>>Live from Orlando, Florida. It's the cube covering Microsoft ignite brought to you by Cohesity. >>Welcome back everyone to the cubes live coverage of Microsoft ignite. We are in day three of three days of wall-to-wall coverage, all things Microsoft. I'm your host, Rebecca Knight. Along with my cohost Stu, a minimum. We are joined by Martina grom. She is the CEO at work of at work in Vienna and a Microsoft MVP. >>Thank you so much for coming on the show. My tags for the invitation. I'm glad to be here. So tell us a little bit about at work, what do you do? So, so what we are doing, we are an ISV located in Australia and in Germany we are around 25 people and we do software development on the one side. And on the other side we support customers in going into the cloud to develop a deployment strategy to use Microsoft technology and yeah, governance, deployment, migration. And recently we also started with adoption and change management because it's a huge topic for many customers. So who >>are your customers? What, what kinds of industries are they in? >>Yeah. So, um, we actually do not focus on a specific industry. We are more focusing on enterprise customers. So every, every customer was a large customer. So one friend once told me, you like the complicated cases. So I like to work with enterprises and learn what they are doing from a security perspective and how they do that. And we have customers in the financial sector as well as in retail business. So all over that and mainly in Europe we have some customers in the U S as well. >>So, so Martina, I know from a Microsoft MVP standpoint, you focus on Oh three 65 is, is that the primary engagement that you have with customers or is it a span of product? >>Yes. Yeah. The interesting part is I started with Microsoft three 65 in 2008 when Microsoft started going into the cloud business. So that time back, my first product I looked at was exchange hosted services, which was the antivirus, anti-spam solution. Microsoft provided. And then, um, every single partner first told us, Matina you will never earn money with cloud technologies because no customer will do that. Everyone was still on premises. And in 2011 I got the MVP award because I was one of the first to focus so heavily on office three 65. And the benefit I have out of that is that I know all products services quite well. And currently I'm more focusing on the security and compliance side. >>Yeah, it's interesting because today when I talked to Microsoft customers in on premises to the exception and it's usually, Oh, I'm a government agency and I need to be completely cut off from certain environments, so therefore I can't do it. Um, you know, I, I've said for the last few years, Microsoft actually gave customers not only the green light, but the push to go sass with what they're doing. So tell, tell, give us a little bit of, you know, the landscape today is, is that, is that the exception rather than the rule and are most people kind of okay with O three 65 in the cloud? >>Yeah, I, I think cloud services, it's a matter of trust. So as I am located in Europe, we um, and especially in the German speaking countries like Austria, Germany, Switzerland, many people just didn't trust it from the beginning because they said it's a American company. We don't know where all our data is. Antawn at Microsoft is very open and um, and what the did, they are very transparent what they are doing. So you get tons of material around how to trust the cloud, how it works and so on. And the current state is more for an on premises customer. He is safer to go into a cloud service then stay on premises. And this is one of the things I really like about that because it's, it doesn't depend on the customer side. Even a small customer can have the same security features a large enterprise customer has. >>Okay. If you could just expand on that a little bit because you know, for the longest time security was the blocker to do there. And for many now looking at the cloud, it at least it lets me restart and rethink what I'm doing as opposed to, you know, often security was something that got pushed to the back burner in my data center. So is it that Microsoft has, you know, all of the security taking care of, is it a combination of getting to restart and rethink of it? How do you look at that? >>Um, I think the main point is traditionally when you are on premises, you think your data center is secure because you own it, you hosted, you organize it, you operate it and everything is there. And we are very an and those customers are very focused on endpoint security. So everything comes from the outside. Uh, might be dangerous. But with cloud technologies, it's not only your, your own network you need to just to have a safe place for, you also need to secure the cloud services. And that means if you broaden that experience and going into a SAS service, you have much more security there. In terms of the talking at the very beginning where you said, I liked the complicated cases, so we know you like a challenge. And then you also said you're getting into more adoption and change management. Talk about some of the challenges that you're seeing in terms of your clients embracing this, this, this technology. >>Yeah, so from my perspective, one of the biggest challenges customers currently have is Microsoft is moving very fast and people need to change and get comfortable with an evergreen service, which might change today and might change next week again. And this is something people need to adopt and, and use put a lot of pressure on that because they say, Oh, there are the nice, fancy tools, the new tools, it's teams, it's everything else. And we need that to do, to work properly and to be in a modern workplace. And this is quite the challenge for every it operations team because they need to build a secure environment. It needs governance and it also needs change and adoption. Okay. >>Martina, you mentioned the modern workplace. So another area you work on is enterprise social. So, you know, I worked for a large enterprise, you know, a vendor in this ecosystem back when that, you know, social wave was hitting, you know, use jive, uses Yammer when it first launched long before Microsoft had uh, brought it, um, you know, we don't talk about the wave anymore. Bring us, you know, what's happening in that space these days. >>Yeah. So enterprise, social and I love being there as well because I, I try to get people, so what, what I saw what, what I saw when Microsoft acquired Yama, it brought a lot of change into Microsoft itself because um, there was currently a graph technology in a, in, in Yammer as a product which brings up more relevant content to the users and people really liked that. And then you saw all the collaboration, which is mainly document based on SharePoint, SharePoint, online and so on. And currently those, um, services come together and then after a couple of years you got Microsoft teams and people that again got confused and that, so this is the next tool helped me what tools I use when, and that's one of the biggest question many customers have currently because they probably don't understand it from the beginning, but if they start adopting that, the use cases become pretty clear for them. >>That to say we work in teams in our project environment, but we, if we want to reach the whole organization, we go into Yammer or in an enterprise social tool. >> So talk about, there's been a lot of new changes to teams that have been announced this week here at ignite. What as an acre slapped MPP? What is most sparking your interest? Um, I'm not a Microsoft employee, but a VP, sorry. Yeah. Um, so what I like about that is that teams brings kind of a good user experience to use as they have one client. They have the outlook client, they have the teams client and they can work within the team. In Microsoft teams, they can use it for video calls, for conferences, anything. So it's, it's a one stop shop defined in teams and with the extension which is brought now in, in with the new Yammer experience, they also have the broad experience of the enterprise social network integrated into their teams client. And this will bring a fundamental change because then a project team which is working together can also look out of one client. What is going on in my organization. Are there any questions? Can I share that? And Tom, >>Martina, I want to go back to a word that you brought up. When you talk about the cloud, it's trust. It's something that we heard over and over. And again, the keynote is Sacha positioning Microsoft as a trusted partner. A, they've got, what? What's it 47, sorry, 54 different Azure regions worldwide. So, uh, you know, are they local enough? Are they engaged enough? Is Microsoft earning the trust of you as a partner and as your customers, do they, they seem Microsoft as a trusted partner? >>Yeah. So from my experience, Microsoft is a trust verse it company. Because what, what I learned from them during their whole cloud journey, they got a lot of push backs. In the beginning they said it's, it's just in the European union, we don't like that. We want our data centers, which are closer to us because it feels more secure if I have a data center region in South Africa, in France, in Switzerland or wherever I am. And Microsoft invests a lot in building that trust and it's completely transparent what they are doing. So you can go to the websites and can say, okay, I'm located in Switzerland. Um, I want my data in there, so what services to get there. So it's really, um, a good opportunities for customers. And also what I learned from customers is if you see a service running and you do not use it, you can't build up on trust because you just don't know. >>It's like swimming in the air without any water. So, and this is many customers just saw and they, um, they discovered, okay, it works, it doesn't fail. We can trust on the solution. And this is really important. You said that you mainly work with European customers, a few in the U S what do you think are the biggest differences between the two groups? Our European customers naturally a little more skeptical, particularly when it comes to data. It's um, in Europe we are very specific in data privacy and the thing that might be a difference between the U S and and Europe, especially in German, that people really look at privacy issues and could that happen on, and then we have GDPR, which was brought up by the European union, which would bring additional trust and security into our customers and on every single website we are surfing on. So I think that's one of the biggest differences from an enterprise side. The, the fears are quite the same. It's, it's like we are going to the cloud and we need to use a service and how can we work through that? I do not see that many differences. So >>Martina, you were proven right? You bet early on a technology adoption has been there. As you're looking forward, what are the things that, that we are early on today that are exciting you or that you think we're going to be talking about 2020 and beyond? >>Yeah. What I think what will come to us is more intelligence and more AI stuff because this is something which will really help us. And you see the, the little small things in PowerPoint that you get your beautiful designed PowerPoint slides automatically that your auto client says, Hey, you have an appointment, you have a really recording in five minutes, you need 10 minutes to go. Should I send an email that you are running late? So we will see much more intelligence in there. And also the new projects which, which are brought, they are, so knowledge sharing will be fundamental in the future that we find the resources we need and they're relevant what we need in, in, in the, in the time we need it. So what does this mean for the future? I mean you're just describing a, a world in which we all can be more productive. >>We are communicating more seamlessly. What does this mean for how teams communicate and collaborate? Yeah. Um, so what does think every positive side also might have a negative side? We go into an always on scenario, so we will be connected everywhere at home during cooking, doing, bringing kids to school and so on. So what I think what we as humans need to learn is how we can separate us from that and how we can just quiet down and get some space left out of the full amount of information which is around us because we can't get every single information and to see that very often when I talk with customers, have around Yammer, they said it's just too much. I have to read so much information because you feel you are losing control and you are losing information and this is what we need to learn as humans. >>Any, you know, what, what guidance do you give to people? The, the world of streams, right? I remember social media, they were like, Oh my gosh, I didn't look at it for the weekend. How do I, you know, look at all of that stuff that I missed. And usually I just frame, I'm like, you ignore everything that you missed and you start where it is today. But it's different in a work environment. >>Yeah. In a work environment. So my advice for customers is everything that I tell you at Tecton is interesting for you. If you're not tech, it's probably not for you. So this is the main curse. It's like unread emails or it's like the little notification bar. You got a message, a personal message to one-to-one message, then you should react on that. That's it. And not read everything because it's probably not relevant for you at. That's great advice. Words to live by. Thank you so much for Martina. Yeah. Pleasure having again, I'm Rebecca Knight for two minimums. Stay tuned for more of the cubes live coverage from Microsoft ignite..