>> theCUBE's live coverage is made possible by funding from Dell Technologies. Creating technologies that drive human progress. (ambient music) >> Lisa: Hey everyone, welcome back to Barcelona, Spain. It's theCUBE Live at MWC 23. Lisa Martin with Dave Vellante. This is day two of four days of cube coverage but you know that, because you've already been watching yesterday and today. We're going to have a great conversation next with EnterpriseWeb and Red Hat. We've had great conversations the last day and a half about the Telco industry, the challenges, the opportunities. We're going to unpack that from this lens. Please welcome Dave Duggal, founder and CEO of EnterpriseWeb and Azhar Sayeed is here, Senior Director Solution Architecture at Red Hat. >> Guys, it's great to have you on the program. >> Yes. >> Thank you Lisa, >> Great being here with you. >> Dave let's go ahead and start with you. Give the audience an overview of EnterpriseWeb. What kind of business is it? What's the business model? What do you guys do? >> Okay so, EnterpriseWeb is reinventing middleware, right? So the historic middleware was to build vertically integrated stacks, right? And those stacks are now such becoming the rate limiters for interoperability for so the end-to-end solutions that everybody's looking for, right? Red Hat's talking about the unified platform. You guys are talking about Supercloud, EnterpriseWeb addresses that we've built middleware based on serverless architecture, so lightweight, low latency, high performance middleware. And we're working with the world's biggest, we sell through channels and we work through partners like Red Hat Intel, Fortnet, Keysight, Tech Mahindra. So working with some of the biggest players that have recognized the value of our innovation, to deliver transformation to the Telecom industry. >> So what are you guys doing together? Is this, is this an OpenShift play? >> Is it? >> Yeah. >> Yeah, so we've got two projects right her on the floor at MWC throughout the various partners, where EnterpriseWeb is actually providing an application layer, sorry application middleware over Red Hat's, OpenShift and we're essentially generating operators so Red Hat operators, so that all our vendors, and, sorry vendors that we onboard into our catalog can be deployed easily through the OpenShift platform. And we allow those, those vendors to be flexibly composed into network services. So the real challenge for operators historically is that they, they have challenges onboarding the vendors. It takes a long time. Each one of them is a snowflake. They, you know, even though there's standards they don't all observe or follow the same standards. So we make it easier using models, right? For, in a model driven process to on boards or streamline that onboarding process, compose functions into services deploy those services seamlessly through Red Hat's OpenShift, and then manage the, the lifecycle, like the quality of service and the SLAs for those services. >> So Red Hat obviously has pretty prominent Telco business has for a while. Red Hat OpenStack actually is is pretty popular within the Telco business. People thought, "Oh, OpenStack, that's dead." Actually, no, it's actually doing quite well. We see it all over the place where for whatever reason people want to build their own cloud. And, and so, so what's happening in the industry because you have the traditional Telcos we heard in the keynotes that kind of typical narrative about, you know, we can't let the over the top vendors do this again. We're, we're going to be Apifi everything, we're going to monetize this time around, not just with connectivity but the, but the fact is they really don't have a developer community. >> Yes. >> Yet anyway. >> Then you have these disruptors over here that are saying "Yeah, we're going to enable ISVs." How do you see it? What's the landscape look like? Help us understand, you know, what the horses on the track are doing. >> Sure. I think what has happened, Dave, is that the conversation has moved a little bit from where they were just looking at IS infrastructure service with virtual machines and OpenStack, as you mentioned, to how do we move up the value chain and look at different applications. And therein comes the rub, right? You have applications with different requirements, IT network that have various different requirements that are there. So as you start to build those cloud platform, as you start to modernize those set of applications, you then start to look at microservices and how you build them. You need the ability to orchestrate them. So some of those problem statements have moved from not just refactoring those applications, but actually now to how do you reliably deploy, manage in a multicloud multi cluster way. So this conversation around Supercloud or this conversation around multicloud is very >> You could say Supercloud. That's okay >> (Dave Duggal and Azhar laughs) >> It's absolutely very real though. The reason why it's very real is, if you look at transformations around Telco, there are two things that are happening. One, Telco IT, they're looking at partnerships with hybrid cloud, I mean with public cloud players to build a hybrid environment. They're also building their own Telco Cloud environment for their network functions. Now, in both of those spaces, they end up operating two to three different environments themselves. Now how do you create a level of abstraction across those? How do you manage that particular infrastructure? And then how do you orchestrate all of those different workloads? Those are the type of problems that they're actually beginning to solve. So they've moved on from really just putting that virtualizing their application, putting it on OpenStack to now really seriously looking at "How do I build a service?" "How do I leverage the catalog that's available both in my private and public and build an overall service process?" >> And by the way what you just described as hybrid cloud and multicloud is, you know Supercloud is what multicloud should have been. And what, what it originally became is "I run on this cloud and I run on this cloud" and "I run on this cloud and I have a hybrid." And, and Supercloud is meant to create a common experience across those clouds. >> Dave Duggal: Right? >> Thanks to, you know, Supercloud middleware. >> Yeah. >> Right? And, and so that's what you guys do. >> Yeah, exactly. Exactly. Dave, I mean, even the name EnterpriseWeb, you know we started from looking from the application layer down. If you look at it, the last 10 years we've looked from the infrastructure up, right? And now everybody's looking northbound saying "You know what, actually, if I look from the infrastructure up the only thing I'll ever build is silos, right?" And those silos get in the way of the interoperability and the agility the businesses want. So we take the perspective as high level abstractions, common tools, so that if I'm a CXO, I can look down on my environments, right? When I'm really not, I honestly, if I'm an, if I'm a CEO I don't really care or CXO, I don't really care so much about my infrastructure to be honest. I care about my applications and their behavior. I care about my SLAs and my quality of service, right? Those are the things I care about. So I really want an EnterpriseWeb, right? Something that helps me connect all my distributed applications all across all of the environments. So I can have one place a consistency layer that speaks a common language. We know that there's a lot of heterogeneity down all those layers and a lot of complexity down those layers. But the business doesn't care. They don't want to care, right? They want to actually take their applications deploy them where they're the most performant where they're getting the best cost, right? The lowest and maybe sustainability concerns, all those. They want to address those problems, meet their SLAs meet their quality service. And you know what, if it's running on Amazon, great. If it's running on Google Cloud platform, great. If it, you know, we're doing one project right here that we're demonstrating here is with with Amazon Tech Mahindra and OpenShift, where we took a disaggregated 5G core, right? So this is like sort of latest telecom, you know net networking software, right? We're deploying pulling elements of that network across core, across Amazon EKS, OpenShift on Red Hat ROSA, as well as just OpenShift for cloud. And we, through a single pane of deployment and management, we deployed the elements of the 5G core across them and then connected them in an end-to-end process. That's Telco Supercloud. >> Dave Vellante: So that's an O-RAN deployment. >> Yeah that's >> So, the big advantage of that, pardon me, Dave but the big advantage of that is the customer really doesn't care where the components are being served from for them. It's a 5G capability. It happens to sit in different locations. And that's, it's, it's about how do you abstract and how do you manage all those different workloads in a cohesive way? And that's exactly what EnterpriseWeb is bringing to the table. And what we do is we abstract the underlying infrastructure which is the cloud layer. So if, because AWS operating environment is different then private cloud operating environment then Azure environment, you have the networking is set up is different in each one of them. If there is a way you can abstract all of that and present it in a common operating model it becomes a lot easier than for anybody to be able to consume. >> And what a lot of customers tell me is the way they deal with multicloud complexity is they go with mono cloud, right? And so they'll lose out on some of the best services >> Absolutely >> If best of, so that's not >> that's not ideal, but at the end of the day, agree, developers don't want to muck with all the plumbing >> Dave Duggal: Yep. >> They want to write code. >> Azhar: Correct. >> So like I come back to are the traditional Telcos leaning in on a way that they're going to enable ISVs and developers to write on top of those platforms? Or are there sort of new entrance and disruptors? And I know, I know the answer is both >> Dave Duggal: Yep. >> but I feel as though the Telcos still haven't, traditional Telcos haven't tuned in to that developer affinity, but you guys sell to them. >> What, what are you seeing? >> Yeah, so >> What we have seen is there are Telcos fall into several categories there. If you look at the most mature ones, you know they are very eager to move up the value chain. There are some smaller very nimble ones that have actually doing, they're actually doing something really interesting. For example, they've provided sandbox environments to developers to say "Go develop your applications to the sandbox environment." We'll use that to build an net service with you. I can give you some interesting examples across the globe that, where that is happening, right? In AsiaPac, particularly in Australia, ANZ region. There are a couple of providers who have who have done this, but in, in, in a very interesting way. But the challenges to them, why it's not completely open or public yet is primarily because they haven't figured out how to exactly monetize that. And, and that's the reason why. So in the absence of that, what will happen is they they have to rely on the ISV ecosystem to be able to build those capabilities which they can then bring it on as part of the catalog. But in Latin America, I was talking to one of the providers and they said, "Well look we have a public cloud, we have our own public cloud, right?" What we want do is use that to offer localized services not just bring everything in from the top >> But, but we heard from Ericson's CEO they're basically going to monetize it by what I call "gouge", the developers >> (Azhar laughs) >> access to the network telemetry as opposed to saying, "Hey, here's an open platform development on top of it and it will maybe create something like an app store and we'll take a piece of the action." >> So ours, >> to be is a better model. >> Yeah. So that's perfect. Our second project that we're showing here is with Intel, right? So Intel came to us cause they are a reputation for doing advanced automation solutions. They gave us carte blanche in their labs. So this is Intel Network Builders they said pick your partners. And we went with the Red Hat, Fort Net, Keysite this company KX doing AIML. But to address your DevX, here's Intel explicitly wants to get closer to the developers by exposing their APIs, open APIs over their infrastructure. Just like Red Hat has APIs, right? And so they can expose them northbound to developers so developers can leverage and tune their applications, right? But the challenge there is what Intel is doing at the low level network infrastructure, right? Is fundamentally complex, right? What you want is an abstraction layer where develop and this gets to, to your point Dave where you just said like "The developers just want to get their job done." or really they want to focus on the business logic and accelerate that service delivery, right? So the idea here is an EnterpriseWeb they can literally declaratively compose their services, express their intent. "I want this to run optimized for low latency. I want this to run optimized for energy consumption." Right? And that's all they say, right? That's a very high level statement. And then the run time translates it between all the elements that are participating in that service to realize the developer's intent, right? No hands, right? Zero touch, right? So that's now a movement in telecom. So you're right, it's taking a while because these are pretty fundamental shifts, right? But it's intent based networking, right? So it's almost two parts, right? One is you have to have the open APIs, right? So that the infrastructure has to expose its capabilities. Then you need abstractions over the top that make it simple for developers to take, you know, make use of them. >> See, one of the demonstrations we are doing is around AIOps. And I've had literally here on this floor, two conversations around what I call as network as a platform. Although it sounds like a cliche term, that's exactly what Dave was describing in terms of exposing APIs from the infrastructure and utilizing them. So once you get that data, then now you can do analytics and do machine learning to be able to build models and figure out how you can orchestrate better how you can monetize better, how can how you can utilize better, right? So all of those things become important. It's just not about internal optimization but it's also about how do you expose it to third party ecosystem to translate that into better delivery mechanisms or IOT capability and so on. >> But if they're going to charge me for every API call in the network I'm going to go broke (team laughs) >> And I'm going to get really pissed. I mean, I feel like, I'm just running down, Oracle. IBM tried it. Oracle, okay, they got Java, but they don't they don't have developer jobs. VMware, okay? They got Aria. EMC used to have a thing called code. IBM had to buy Red Hat to get to the developer community. (Lisa laughs) >> So I feel like the telcos don't today have those developer shops. So, so they have to partner. [Azhar] Yes. >> With guys like you and then be more open and and let a zillion flowers bloom or else they're going to get disrupted in a big way and they're going to it's going to be a repeat of the over, over the top in, in in a different model that I can't predict. >> Yeah. >> Absolutely true. I mean, look, they cannot be in the connectivity business. Telcos cannot be just in the connectivity business. It's, I think so, you know, >> Dave Vellante: You had a fry a frozen hand (Dave Daggul laughs) >> off that, you know. >> Well, you know, think about they almost have to go become over the top on themselves, right? That's what the cloud guys are doing, right? >> Yeah. >> They're riding over their backbone that by taking a creating a high level abstraction, they in turn abstract away the infrastructure underneath them, right? And that's really the end game >> Right? >> Dave Vellante: Yeah. >> Is because now, >> they're over the top it's their network, it's their infrastructure, right? They don't want to become bid pipes. >> Yep. >> Now you, they can take OpenShift, run that in any cloud. >> Yep. >> Right? >> You can run that in hybrid cloud, enterprise web can do the application layer configuration and management. And together we're running, you know, OSI layers one through seven, east to west, north to south. We're running across the the RAN, the core and the transport. And that is telco super cloud, my friend. >> Yeah. Well, >> (Dave Duggal laughs) >> I'm dominating the conversation cause I love talking super cloud. >> I knew you would. >> So speaking of super superpowers, when you're in customer or prospective customer conversations with providers and they've got, obviously they're they're in this transformative state right now. How, what do you describe as the superpower between Red Hat and EnterpriseWeb in terms of really helping these Telcos transforms. But at the end of the day, the connectivity's there the end user gets what they want, which is I want this to work wherever I am. >> Yeah, yeah. That's a great question, Lisa. So I think the way you could look at it is most software has, has been evolved to be specialized, right? So in Telcos' no different, right? We have this in the enterprise, right? All these specialized stacks, all these components that they wire together in the, in you think of Telco as a sort of a super set of enterprise problems, right? They have all those problems like magnified manyfold, right? And so you have specialized, let's say orchestrators and other tools for every Telco domain for every Telco layer. Now you have a zoo of orchestrators, right? None of them were designed to work together, right? They all speak a specific language, let's say quote unquote for doing a specific purpose. But everything that's interesting in the 21st century is across layers and across domains, right? If a siloed static application, those are dead, right? Nobody's doing those anymore. Even developers don't do those developers are doing composition today. They're not doing, nobody wants to hear about a 6 million lines of code, right? They want to hear, "How did you take these five things and bring 'em together for productive use?" >> Lisa: Right. How did you deliver faster for my enterprise? How did you save me money? How did you create business value? And that's what we're doing together. >> I mean, just to add on to Dave, I was talking to one of the providers, they have more than 30,000 nodes in their infrastructure. When I say no to your servers running, you know, Kubernetes,running open stack, running different components. If try managing that in one single entity, if you will. Not possible. You got to fragment, you got to segment in some way. Now the question is, if you are not exposing that particular infrastructure and the appropriate KPIs and appropriate things, you will not be able to efficiently utilize that across the board. So you need almost a construct that creates like a manager of managers, a hierarchical structure, which would allow you to be more intelligent in terms of how you place those, how you manage that. And so when you ask the question about what's the secret sauce between the two, well this is exactly where EnterpriseWeb brings in that capability to analyze information, be more intelligent about it. And what we do is provide an abstraction of the cloud layer so that they can, you know, then do the right job in terms of making sure that it's appropriate and it's consistent. >> Consistency is key. Guys, thank you so much. It's been a pleasure really digging through EnterpriseWeb. >> Thank you. >> What you're doing >> with Red Hat. How you're helping the organization transform and Supercloud, we can't forget Supercloud. (Dave Vellante laughs) >> Fight Supercloud. Guys, thank you so much for your time. >> Thank you so much Lisa. >> Thank you. >> Thank you guys. >> Very nice. >> Lisa: We really appreciate it. >> For our guests and for Dave Vellante, I'm Lisa Martin. You're watching theCUBE, the leader in live tech coverage coming to you live from MWC 23. We'll be back after a short break.

(intro music plays) >> Okay, welcome back to Supercloud 2. I'm John Furrier with my co-host, Dave Vellante, here in our Palo Alto Studio, with a live performance all day unpacking the wave of Supercloud. This is our second edition. Back for keynote review here is Vittorio Viarengo, talking about the hype and the reality of the Supercloud momentum. Vittorio, great to see you. You got a presentation. Looking forward to hearing the update. >> It's always great to be here on this stage with you guys. >> John Furrier: (chuckles) So the business imperative for cloud right now is clear and the Supercloud wave points to the builders and they want to break through. VMware, you guys have a lot of builders in the ecosystem. Where do you guys see multicloud today? What's going on? >> So, what we see is, when we talk with our customers is that customers are in a state of cloud chaos. Raghu Raghuram, our CEO, introduced this term at our user conference and it really resonated with our customers. And the chaos comes from the fact that most enterprises have applications spread across private cloud, multiple hyperscalers, and the edge increasingly. And so with that, every hyperscaler brings their own vertical integrated stack of infrastructure development, platform security, and so on and so forth. And so our customers are left with a ballooning cost because they have to train their employees across multiple stacks. And the costs are only going up. >> John Furrier: Have you talked about the Supercloud with your customers? What are they looking for when they look at the business value of Cross-Cloud Services? Why are they digging into it? What are some of the reasons? >> First of all, let's put this in perspective. 90, 87% of customers use two or more cloud including the private cloud. And 55%, get this, 55% use three or more clouds, right? And so, when you talk to these customers they're all asking for two things. One, they find that managing the multicloud is more difficult than the private cloud. And that goes without saying because it's new, they don't have the skills, and they have many of these. And pretty much everybody, 87% of them, are seeing their cost getting out of control. And so they need a new approach. We believe that the industry needs a new approach to solving the multicloud problem, which you guys have introduced and you call it the Supercloud. We call it Cross-Cloud Services. But the idea is that- and the parallel goes back to the private cloud. In the private cloud, if you remember the old days, before we called it the private cloud, we would install SAP. And the CIO would go, "Oh, I hear SAP works great on HP hardware. Oh, let's buy the HP stack", right? (hosts laugh) And then you go, "Oh, oh, Oracle databases. They run phenomenally on Sun Stack." That's another stack. And it wasn't sustainable, right? And so, VMware came in with virtualization and made everything look the same. And we unleashed a tremendous era of growth and speed and cost saving for our customers. So we believe, and I think the industry also believes, if you look at the success of Supercloud, first instance and today, that we need to create a new level of abstraction in the cloud. And this abstraction needs to be at a higher level. It needs to be built around the lingua franca of the cloud, which is Kubernetes, APIs, open source stacks. And by doing so, we're going to allow our customers to have a more unified way of building, managing, running, connecting, and securing applications across cloud. >> So where should that standardization occur? 'Cause we're going to hear from some customers today. When I ask them about cloud chaos, they're like, "Well, the way we deal with cloud chaos is MonoCloud". They sort of put on the blinders, right? But of course, they may be risking not being able to take advantage of best-of-breed. So where should that standardization layer occur across clouds? >> [Vittorio Viarengo] Well, I also hear that from some customers. "Oh, we are one cloud". They are in denial. There's no question about it. In fact, when I met at our user conference with a number of CIOs, and I went around the room and I asked them, I saw the entire spectrum. (laughs) The person is in denial. "Oh, we're using AWS." I said, "Great." "And the private cloud, so we're all set." "Okay, thank you. Next." "Oh, the business units are using AWS." "Ah, okay. So you have three." "Oh, and we just bought a company that is using Google back in Europe." So, okay, so you got four right there. So that person in denial. Then, you have the second category of customers that are seeing the problem, they're ahead of the pack, and they're building their solution. We're going to hear from Walmart later today. >> Dave Vellante: Yeah. >> So they're building their own. Not everybody has the skills and the scale of Walmart to build their own. >> Dave Vellante: Right. >> So, eventually, then you get to the third category of customers. They're actually buying solutions from one of the many ISVs that you are going to talk with today. You know, whether it is Azure Corp or Snowflake or all this. I will argue, any new company, any new ISV, is by definition a multicloud service company, right? And so these people... Or they're buying our Cross-Cloud Services to solve this problem. So that's the spectrum of customers out there. >> What's the stack you're focusing on specifically? What is VMware? Because virtualization is not going away. You're seeing a lot more in the cloud with networking, for example, this abstraction layer. What specifically are you guys focusing on? >> [Vittorio Viarengo] So, I like to talk about this beyond what VMware does, just 'cause I think this is an industry movement. A market is forming around multicloud services. And so it's an approach that pretty much a whole industry is taking of building this abstraction layer. In our approach, it is to bring these services together to simplify things even further. So, initially, we were the first to see multicloud happening. You know, Raghu and Sanjay, back in what, like 2016, 17, saw this coming and our first foray in multicloud was to take this sphere and our hypervisor and port it natively on all the hyperscaling, which is a phenomenal solution to get your enterprise application in the cloud and modernize them. But then we realized that customers were already in the cloud natively. And so we had to have (all chuckle) a religion discussion internally and drop that hypervisor religion and say, "Hey, we need to go and help our customers where they are, in a native cloud". And that's where we brought back Pivotal. We built tons around it. We shifted. And then Aria. And so basically, our evolution was to go from, you know, our hypervisor to cloud native. And then eventually we ended up at what we believe is the most comprehensive multicloud services solution that covers Application Development with Tanzu, Management with Aria, and then you have NSX for security and user computing for connectivity. And so we believe that we have the most comprehensive set of integrated services to solve the challenges of multicloud, bringing excess simplicity into the picture. >> John Furrier: As some would say, multicloud and multi environment, when you get to the distributed computing with the edge, you're going to need that capability. And you guys have been very successful with private cloud. But to be devil's advocate, you guys have been great with private cloud, but some are saying like, you guys don't get public cloud yet. How do you answer that? Because there's a lot of work that you guys have done in public cloud and it seems like private cloud successes are moving up into public cloud. Like networking. You're seeing a lot of that being configured in. So the enterprise-grade solutions are moving into the cloud. So what would you say to the skeptics out there that say, "Oh, I think you got private cloud nailed down, but you don't really have public cloud." (chuckles) >> [Vittorio Viarengo] First of all, we love skeptics. Our engineering team love skeptics and love to prove them wrong. (John laughs) And I would never ever bet against our engineering team. So I believe that VMware has been so successful in building a private cloud and the technology that actually became the foundation for the public cloud. But that is always hard, to be known in a new environment, right? There's always that period where you have to prove yourself. But what I love about VMware is that VMware has what I believe, what I like to call "enterprise pragmatism". The private cloud is not going away. So we're going to help our customers there, and then, as they move to the cloud, we are going to give them an option to adopt the cloud at their own pace, with VMware cloud, to allow them to move to the cloud and be able to rely on the enterprise-class capabilities we built on-prem in the cloud. But then with Tanzu and Aria and the rest of the Cross-Cloud Service portfolio, being able to meet them where they are. If they're already in the cloud, have them have a single place to build application, a single place to manage application, and so on and so forth. >> John Furrier: You know, Dave, we were talking in the opening. Vittorio, I want to get your reaction to this because we were saying in the opening that the market's obviously pushing this next gen. You see ChatGPT and the success of these new apps that are coming out. The business models are demanding kind of a digital transformation. The tech, the builders, are out there, and you guys have a interesting view because your customer base is almost the canary in the coal mine because this is an Operations challenge as well as just enabling the cloud native. So, I want to get your thoughts on, you know, your customer base, VMware customers. They've been in IT Ops for generations. And now, as that crowd moves and sees this Supercloud environment, it's IT again, but it's everywhere. It's not just IT in a data center. It's on-premises, it's cloud, it's edge. So, almost, your customer base is like a canary in the coal mine for this movement of how do you operationalize multiple environments? Which includes clouds, which includes apps. I mean, this is the core question. >> [Vittorio Viarengo] Yeah. And I want to make this an industry conversation. Forget about VMware for a second. We believe that there are like four or five major pillars that you need to implement to create this level of abstraction. It starts from observability. If you don't know- You need to know where your apps are, where your data is, how the the applications are performing, what is the security posture, what is their performance? So then, you can do something about it. We call that the observability part of this, creating this abstraction. The second one is security. So you need to be- Sorry. Infrastructure. An infrastructure. Creating an abstraction layer for infrastructure means to be able to give the applications, and the developer who builds application, the right infrastructure for the application at the right time. Whether it is a VM, whether it's a Kubernetes cluster, or whether it's microservices, and so on and so forth. And so, that allows our developers to think about infrastructure just as code. If it is available, whatever application needs, whatever the cost makes sense for my application, right? The third part of security, and I can give you a very, very simple example. Say that I was talking to a CIO of a major insurance company in Europe and he is saying to me, "The developers went wild, built all these great front office applications. Now the business is coming to me and says, 'What is my compliance report?'" And the guy is saying, "Say that I want to implement the policy that says, 'I want to encrypt all my data no matter where it resides.' How does it do it? It needs to have somebody logging in into Amazon and configure it, then go to Google, configure it, go to the private cloud." That's time and cost, right? >> Yeah. >> So, you need to have a way to enforce security policy from the infrastructure to the app to the firewall in one place and distribute it across. And finally, the developer experience, right? Developers, developers, developers. (all laugh) We're always trying to keep up with... >> Host: You can dance if you want to do... >> [Vittorio Viarengo] Yeah, let's not make a fool of ourselves. More than usual. Developers are the kings and queens of the hill. They are. Why? Because they build the application. They're making us money and saving us money. And so we need- And right now, they have to go into these different stacks. So, you need to give developers two things. One, a common development experience across this different Kubernetes distribution. And two, a way for the operators. To your point. The operators have fallen behind the developers. And they cannot go to the developer there and tell them, "This is how you're going to do things." They have to see how they're doing things and figure out how to bring the gallery underneath so that developers can be developers, but the operators can lay down the tracks and the infrastructure there is secure and compliant. >> Dave Vellante: So two big inferences from that. One is self-serve infrastructure. You got- In a decentralized cloud, a Supercloud world, you got to have self-serve infrastructure, you got to be simple. And the second is governance. You mentioned security, but it's also governance. You know, data sovereignty as we talked about. So the question I have, Vittorio, is where does the customer start? >> [Vittorio Viarengo] So I, it always depends on the business need, but to me, the foundational layer is observability. If you don't know where your staff is, you cannot manage, you cannot secure it, you cannot manage its cost, right? So I think observability is the bar to entry. And then it depends on the business needs, right? So, we go back to the CIO that I talked to. He is clearly struggling with compliance and security. >> Hosts: Mm hmm. >> And so, like many customers. And so, that's maybe where they start. There are other customers that are a little behind the head of the pack in terms of building applications, right? And so they're looking at these, you know, innovative companies that have the developers that get the cloud and build all these application. They are leader in the industry. They're saying, "How do I get some of that?" Well, the way you get some of that is by adopting modern application development and platform operational capabilities. So, that's maybe, that's where they should start. And so on and so forth. It really depends on the business. To me, observability is the foundational part of this. >> John Furrier: Vittorio, we've been on this conversation with you for over a year and a half now with Supercloud. You've been a leader in seeing the wave, you and Raghu and the team at VMware, among other industry leaders. This is our second event. If you're- In the minute and a half that we have left, when you get asked, "what is this Supercloud multicloud Cross-Cloud thing? What's it mean?" I mean, I mentioned earlier, the market, the business models are changing, tech's changing, society needs more economic value out of the cloud. Builders are out there. If someone says, "Hey, Vittorio, what's the bottom line? What's really going on? Why should I pay attention to this wave? What's going on?" How would you describe the relevance of Supercloud? >> I think that this industry is full of smart vendors and smart customers. And if we are smart about it, we look at the history of IT and the history of IT repeats itself over and over again. You follow the- He said, "Follow the money." I say, "Follow the developers." That's how I made my career. I follow great developers. I look at, you know, Kit Colbert. I say, "Okay. I'm going to get behind that guy wherever he is going." And I try to add value to that person. I look at Raghu and all the great engineers that I was blessed to work with. And so the engineers go and explore new territories and then the rest of the stacks moves around. The developers have gone multicloud. And just like in any iteration of IT, at some point, the way you get the right scales at the right cost is with abstractions. And you can see it everywhere from, you know, bits and bytes, integration, to SOA, to APIs and microservices. You can see it now from best-of-breed hyperscaler across multiple clouds to creating an abstraction layer, a Supercloud, that creates a unified way of building, managing, running, securing, and accessing applications. So if you're a customer- (laughs) A minute and a half. (hosts chuckle) If you are customers that are out there and feeling the pain, you got to adopt this. If you are customers that is behind and saying, "Maybe you're in denial" look at the customers that are solving the problems today, and we're going to have some today. See what they're doing and learn from them so you don't make the same mistakes and you can get there ahead of it. >> Dave Vellante: Gracely's Law, John. Brian Gracely. That history repeats itself and- >> John Furrier: And I think one of these, "follow the developers" is interesting. And the other big wave, I want to get your comment real quick, is that developers aren't just application developers. They're network developers. The stack has completely been software-enabled so that you have software-defined networking, you have all kinds of software at all aspects of observability, infrastructure, security. The developers are everywhere. It's not just software. Software is everywhere. >> [Vittorio Viarengo] Yeah. Developers, developers, developers. The other thing that we can tell, I can tell, and we know, because we live in Silicon Valley. We worship developers but if you are out there in manufacturing, healthcare... If you have developers that understand this stuff, pamper them, keep them happy. (hosts laugh) If you don't have them, figure out where they hang out and go recruit them because developers indeed make the IT world go round. >> John Furrier: Vittorio, thank you for coming on with that opening keynote here for Supercloud 2. We're going to unpack what Supercloud is all about in our second edition of our live performance here in Palo Alto. Virtual event. We're going to talk to customers, experts, leaders, investors, everyone who's looking at the future, what's being enabled by this new big wave coming on called Supercloud. I'm John Furrier with Dave Vellante. We'll be right back after this short break. (ambient theme music plays)

>> TheCUBE presents UI Path Forward Five brought to you by UI Path. >> Welcome back to UI Path Forward Five. You're watching The Cubes, Walter Wall coverage. This is day one, Dave Vellante, with my co-host Dave Nicholson. We're taking RPA to intelligence automation. We're going from point tools to platforms. Neeraj Mathur is here. He's the director of Intelligent Automation at VMware. Yes, VMware. We're not going to talk about vSphere or Aria, or maybe we are, (Neeraj chuckles) but he's joined by Thomas Stocker who's a principal product manager at UI Path. And we're going to talk about testing automation, automating the testing process. It's a new sort of big vector in the whole RPA automation space. Gentleman, welcome to theCUBE. Good to see you. >> Neeraj: Thank you very much. >> Thomas: Thank you. >> So Neeraj, as we were saying, Dave and I, you know, really like VMware was half our lives for a long time but we're going to flip it a little bit. >> Neeraj: Absolutely. >> And talk about sort of some of the inside baseball. Talk about your role and how you're applying automation at VMware. >> Absolutely. So, so as part of us really running the intelligent automation program at VMware, we have a quite matured COE for last, you know four to five years, we've been doing this automation across the enterprise. So what we have really done is, you know over 45 different business functions where we really automated quite a lot different processes and tasks on that. So as part of my role, I'm really responsible for making sure that we are, you know, bringing in the best practices, making sure that we are ready to scale across the enterprise but at the same time, how, you know, quickly we are able to deliver the value of this automation to our businesses as well. >> Thomas, as a product manager, you know the product, and the market inside and out, you know the competition, you know the pricing, you know how customers are using it, you know all the features. What's your area of - main area of focus? >> The main area of the UiPathT suite... >> For your role, I mean? >> For my role is the RPA testing. So meaning testing RPA workflows themselves. And the reason is RPA has matured over the last few years. We see that, and it has adopted a lot of best practices from the software development area. So what we see is RPA now becomes business critical. It's part of the main core business processes in corporation and testing it just makes sense. You have to continuously monitor and continuously test your automation to make sure it does not break in production. >> Okay. And you have a specific product for this? Is it a feature or it's a module? >> So RPA testing or the UiPath T Suite, as the name suggests it's a suite of products. It's actually part of the existing platform. So we use Orchestrator, which is the distribution engine. We use Studio, which is our idea to create automation. And on top of that, we build a new component, which is called the UiPath Test Manager. And this is a kind of analytics and management platform where you have an oversight on what happened, what went wrong, and what is the reason for automation to **bring. >> Okay. And so Neeraj, you're testing your robot code? >> Neeraj: Correct. >> Right. And you're looking for what? Governance, security, quality, efficiency, what are the things you're looking for? >> It's actually all of all of those but our main goal to really start this was two-front, right? So we were really looking at how do we, you know, deliver at a speed with the quality which we can really maintain and sustain for a longer period, right? So to improve our quality of delivery at a speed of delivery, which we can do it. So the way we look at testing automation is not just as an independent entity. We look at this as a pipeline of a continuous improvement for us, right? So how it is called industry as a CICD pipeline. So testing automation is one of the key component of that. But the way we were able to deliver on the speed is to really have that end to end automation done for us to also from developers to production and using that pipeline and our testing is one piece of that. And the way we were able to also improve on the quality of our delivery is to really have automated way of doing the code reviews, automated way of doing the testing using this platform as well. and then, you know, how you go through end to end for that purpose. >> Thomas, when I hear testing robots, (Thomas chuckles) I don't care if it's code or actual robots, it's terrifying. >> It's terrify, yeah. >> It's terrifying. Okay, great. You, you have some test suite that says look, Yeah, we've looked at >> The, why is that terrifying? >> What's, It's terrifying because if you have to let it interact with actual live systems in some way. Yeah. The only way to know if it's going to break something is either you let it loose or you have some sort of sandbox where, I mean, what do you do? Are you taking clones of environments and running actual tests against them? I mean, think it's >> Like testing disaster recovery in the old days. Imagine. >> So we are actually not running any testing in the production live environment, right? The way we build this actually to do a testing in the separate test environment on that as well by using very specific test data from business, which you know, we call that as a golden copy of that test data because we want to use that data for months and years to come. Okay. Right? Yeah. So not touching any production environmental Facebook. >> Yeah. All right. Cause you, you can imagine >> Absolutely >> It's like, oh yeah we've created a robotic changes baby diapers let's go ahead and test it on these babies. [Collective Laughter] Yeah >> I don't think so. No, no, But, but what's the, does it does it matter if there's a delta between the test data and the, the, the production data? How, how big is that delta? How do you manage that? >> It does matter. And that's where actually that whole, you know, angle of how much you can, can in real, in real life can test right? So there are cases where you would have, even in our cases where, you know, the production data might be slightly different than the test data itself. So the whole effort goes into making sure that the test data, which we are preparing here, is as close to the products and data itself, right? It may not be a hundred percent close but that's the sort of you know, boundary or risk you may have to take. >> Okay. So you're snapshotting, that moving it over, a little V motion? >> Neeraj: Yeah. >> Okay. So do you do this for citizen developers as well? Or is you guys pretty much center of excellence writing all the bots? >> No, right now we are doing only for the unattended, the COE driven bots only at this point of time, >> What are you, what are your thoughts on the future? Because I can see I can see some really sloppy citizen coders. >> Yeah. Yeah. So as part of our governance, which we are trying to build for our citizen developers as well, there there is a really similar consideration for that as well. But for us, we have really not gone that far to build that sort of automation right >> Now, narrowly, just if we talk about testing what's the business impact been on the testing? And I'm interested in overall, but the overall platform but specifically for the testing, when did that when did you start implementing that and, and what what has been the business benefit? >> So the benefit is really on the on the speed of the delivery, which means that we are able to actually deliver more projects and more automation as well. So since we adopted that, we have seen our you know, improvement, our speed is around 15%, right? So, so, you know, 15% better speed than previously. What we have also seen is, is that our success rate of our transactions in production environment has gone to 96% success rate, which is, again there is a direct implication on business, on, on that point of view that, you know, there's no more manual exception or manual interaction is required for those failure scenarios. >> So 15% better speed at what? At, at implementing the bots? At actually writing code? Or... >> End to end, Yes. So from building the code to test that code able to approve that and then deploy that into the production environment after testing it this is really has improved by 15%. >> Okay. And, and what, what what business processes outside of sort of testing have you sort of attacked with the platform? Can you talk to that? >> The business processes outside of testing? >> Dave: Yeah. You mean the one which we are not testing ourself? >> Yeah, no. So just the UI path platform, is it exclusively for, for testing? >> This testing is exclusively for the UI path bots which we have built, right? So we have some 400 plus automations of UI bots. So it's meant exclusively >> But are you using UI path in any other ways? >> No, not at this time. >> Okay, okay. Interesting. So you started with testing? >> No, we started by building the bots. So we already had roughly 400 bots in production. When we came with the testing automation, that's when we started looking at it. >> Dave: Okay. And then now building that whole testing-- >> Dave: What are those other bots doing? Let me ask it that way. >> Oh, there's quite a lot. I mean, we have many bots. >> Dave: Paint a picture if you want. Yeah. In, in finance, in auto management, HR, legal, IT, there's a lot of automations which are there. As I'm saying, there's more than 400 automations out there. Yeah. So so it's across the, you know, enterprise on that. >> Thomas. So, and you know, both of you have a have a view on this, but Thomas's views probably wider across other, other instances. What are the most common things that are revealed in tests that indicate something needs to be fixed? Yeah, so think of, think of a test, a test failure, an error. What are the, what are the most common things that happen? >> So when we started with building our product we conducted a, a survey among our customers. And without a surprise the main reason why automation breaks is change. >> David: Sure. >> And the problem here is RPA is a controlled process a controlled workflow but it runs in an uncontrollable environment. So typically RPA is developed by a C.O.E. Those are business and automation experts, but they operate in an environment that's driven by new patches new application changes ruled out by IT. And that's the main challenge here. You cannot control that. And so far, if you, if you do not proactively test what happens is you catch an issue in production when it already breaks, right? That's reactive, that's leads to maintenance to un-claim maintenance actually. And that was the goal right from the start from the taste suite to support our customers here and go over to proactive maintenance meaning testing before and finding those issues before the heat production. >> Yeah. Yeah, yeah. So I'm, I'm still not clear on, so you just gave a perfect example, changes in the environment. >> Yeah. >> So those changes are happening in the production environment. >> Thomas: Yeah. The robot that was happily doing its automation stuff before? >> Thomas: Yeah. Everyone was happy with it. Change happens. Robot breaks. >> Thomas: Yeah. >> Okay. You're saying you test before changes are implemented? To see if those changes will break the robot? >> Thomas: Yeah. >> Okay. How do you, how do you expose those changes that are in the, in a, that are going to be in a production environment to the robot? You must have a, Is is that part of the test environment? Does that mean that you have to have what fully running instances of like an ERP system? >> Thomas: Yeah. You know, a clone of an environment. How do you, how do you test that without having the live robot against the production environment? >> I think there's no big difference to standard software testing. Okay. The interesting thing is, the change actually happens earlier. You are affected on production side with it but the change happens on it side or on DevOps side. So you typically will test in a test environment that's similar to your production environment or probably in it in a pre-product environment. And the test itself is simply running your workflow that you want to test, but mark away any dependencies you don't want to invoke. You don't want to send a, a letter to a customer in a test environment, right? And then you verify that the result is what you actually expect, right? And as soon as this is not the case, you will be notified you will have a result, the fail result, and you can act before it breaks. So you can fix it, redeploy to production and you should be good now. >> But the, the main emphasis at VMware is testing your bots, correct? >> Neeraj: Testing your bots. Yes. Can I apply this to testing other software code? >> Yeah, yeah. You, you can, you can technically actually and Thomas can speak better than me on that to any software for that matter, but we have really not explored that aspect of it. >> David: You guys have pretty good coders, good engineers at VMware, but no, seriously Thomas what's that market looking like? Is that taking off? Are you, are you are you applying this capability or customers applying it for just more broadly testing software? >> Absolutely. So our goal was we want to test RPA and the application it relies on so that includes RPA testing as well as application testing. The main difference is typical functional application testing is a black box testing. So you don't know the inner implementation of of that application. And it works out pretty well. The big, the big opportunity that we have is not isolated Not isolated testing, isolated RPA but we talk about convergence of automation. So what we offer our customers is one automation platform. You create one, you create automation, not redundantly in different departments, but you create once probably for testing and then you reuse it for RPA. So that suddenly helps your, your test engineers to to move from a pure cost center to a value center. >> How, how unique is this capability in the industry relative to your competition and and what capabilities do you have that, that or, or or differentiators from the folks that we all know you're competing with? >> So the big advantage is the power of the entire platform that we have with UiPath. So we didn't start from scratch. We have that great automation layer. We have that great distribution layer. We have all that AI capabilities that so far were used for RPA. We can reuse them, repurpose them for testing. And that really differentiates us from the competition. >> Thomas, I I, I detect a hint of an accent. Is it, is it, is it German or >> It's actually Austrian. >> Austrian. Well, >> You know. Don't compare us with Germans. >> I understand. High German. Is that the proper, is that what's spoken in Austria? >> Yes, it is. >> So, so >> Point being? >> Point being exactly as I drift off point being generally German is considered to be a very very precise language with very specific words. It's very easy to be confused about between the difference the difference between two things automation testing and automating testing. >> Thomas: Yes. >> Because in this case, what you are testing are automations. >> Thomas: Yes. >> That's what you're talking about. >> Thomas: Yes. >> You're not talking about the automation of testing. Correct? >> Well, we talk about >> And that's got to be confusing when you go to translate that into >> Dave: But isn't it both? >> 50 other languages? >> Dave: It's both. >> Is it both? >> Thomas: It actually is both. >> Okay. >> And there's something we are exploring right now which is even, even the next step, the next layer which is autonomous testing. So, so far you had an expert an automation expert creating the automation once and it would be rerun over and over again. What we are now exploring is together with university to autonomously test, meaning a bot explores your application on the test and finds issues completely autonomously. >> Dave: So autonomous testing of automation? >> It's getting more and more complicated. >> It's more clear, it's getting clearer by the minute. >> Sorry for that. >> All right Neeraj, last question is: Where do you want to take this? What's your vision for, for VMware in the context of automation? >> Sure. So, so I think the first and the foremost thing for us is to really make it more mainstream for for our automation developer Excel, right? What I mean by that is, is to really, so so there is a shift now how we engage with our business users and SMEs. And I said previously they used to actually test it manually. Now the conversation changes that, hey can you tell us what test cases you want what you want us to test in an automated measure? Can you give us the test data for that so that we can keep on testing in a continuous manner for the months and years to come down? Right? The other part of the test it changes is that, hey it used to take eight weeks for us to build but now it's going to take nine weeks because we're going to spend an extra week just to automate that as well. But it's going to help you in the long run and that's the conversation. So to really make it as much more mainstream and then say that out of all these kinds of automation and bots which we are building, So we are not looking to have a test automation for every single bot which we are building. So we need to have a way to choose where their value is. Is it the quarter end processing one? Is it the most business critical one, or is it the one where we are expecting of frequent changes, right? That's where the value of the testing is. So really bring that as a part of our whole process and then, you know >> We're still fine too. That great. Guys, thanks so much. This has been really interesting conversation. I've been waiting to talk to a real life customer about testing and automation testing. Appreciate your time. >> Thank you very much. >> Thanks for everything. >> All right. Thank you for watching, keep it right there. Dave Nicholson and I will be back right after this short break. This is day one of theCUBE coverage of UI Path Forward Five. Be right back after this short break.

(intro music) >> Hi everybody. Dave Vellante, back with Day Two coverage, we're live at the ARIA Hotel in Las Vegas for fal.con '22. Several thousand people here today. The keynote was, it was a little light. I think people were out late last night, but the keynote was outstanding and it's still going on. We had to break early because we have to strike early today, but we're really excited to have Stephan Goldberg here, Vice President of Technology Alliances at Claroty. And we're going to talk about an extremely important topic, which is the internet of things, the edge, we talk about it a lot. We haven't covered securing the edge here at theCUBE this week. And so Stephan really excited to have you on. >> Thank you for having me. >> You're very welcome. Tell us more about Claroty, C-L-A-R-O-T-Y, a very interesting spelling, but what's it all about? >> Claroty is cybersecurity company that specializes in cyber physical systems, also known as operational technology systems and the extended internet of things. The difference between the traditional IoT and what what everyone calls an IoT in the cyber physical system is that an IoT device has anything connected on the network that traditionally cannot carry an agent, a security camera, a card reader. A cyber physical system is a system that has influence and operates in the physical world but is controlled from the cyberspace. An example would be a controller, a turbine, a robotic arm, or an MRI machine. >> Yeah, so those are really high-end systems, run, are looked after by engineers, not necessarily consumers. So what's what's happening in that world? I mean, we've talked a lot on theCUBE about the schism between OT and IT, they haven't really talked a lot, but in the last several years, they've started to talk more. You look at the ecosystem of IoT providers. I mean, it's companies like Hitachi and PTC and Siemens. I mean, it's the different names than we're used to in IT. What are the big trends that you're seeing the macro? >> So, first of all, traditionally, most manufacturers and environments that were heavy on operations, operational technology, they had the networks air-gapped, completely separated. You had your IT network for business administration, you had the OT network to actually build stuff. Today with emerging technologies and even modern switching architecture everything is being converged. You have the same physical infrastructure in terms of networking, that carries both networks. Sometimes a human error, sometimes a business logic that needs to interconnect these networks to transmit data from the OT side of the house, to the IT side of the house, exposes the OT environment to cyber threats. >> Was that air-gap by design or was it just that there wasn't connectivity? >> It was air-gap by design, due to security and operational reasons, and also ownership in these organizations. The IT-managed space was completely separate from the OT-managed space. So whoever built a network for the controllers to build a car, for example, was an automation engineer and the vendors, that have built these networks, were automation vendors, unlike the traditional Ciscos of the world, that we're specializing in IT. Today we're seeing the IT vendors on the OT side, and the OT vendors, they're worried about the IT side. >> But I mean, tradition, I mean, engineers are control freaks. No offense, but, I'm glad they are, I'm thankful for that. So there must have been some initial reticence to them connecting up these air-gap systems. They went wanted to make sure that they were secure, that they did it right, and presumably that's where you guys come in. What are the exposures and risks of these, of this critical infrastructure that we should be aware of? >> So you're completely right. And from an operational perspective let let's call it change control is very rigorous. So they did not want to go on the internet and just, we're seeing it with adoption of cloud technologies, for example. Cloud as in industry four ago, five ago, cloud as in cyber security. We all heard Amol's keynote from this morning talking about critical infrastructures and we'll touch upon our partnership in a second, but CrowdStrike, CrowdStrike being considered and deployed within these environments is a new thing. It's a new thing because the OT operation managers and the chief information security officers, they understand that air-gap is no longer a valid strategy. From a business perspective, these networks are already connected. We're seeing the trends of cyber attacks, IT cyber attacks, like not Patreon, I'm not talking about the Stoxnet, the targeted OT. I'm talking about WannaCry, EternalBlue, IT vulnerabilities that did not target OT, but due to the outdated and the specification of OT posture on the networks, they hit healthcare, they hit OT much harder than they did IT. >> Was Log4J, did that sleep into OT, or any IT that. >> So, absolutely. >> So Log4J right, which was so pervasive, like so many of these malwares. >> All these vulnerabilities that, it's a windows vulnerability, it has nothing to do with OT. But then when you stop and you say, hold on, my human machine interface workstation, although it has some proprietary software by Rockwell or Siemens running on it, what is the underlying operating system? Oh, hold on, it's Windows. We haven't updated that for like eight years. We were focused on updating the software but not the underlying operating system. The vulnerabilities exist to a greater extent on the OT side of the house because of the same characteristic of operational technology environments. >> So the brute force air-gap approach was no longer viable because the business imperative came in and said, no, we have to connect these systems to digitally transform, or advance our business, there's opportunities to monetize, whatever it was. The business laid that out as an imperative. So now OT engineers have to rethink how they secure it. So what are the steps that they're taking and how does Claroty help? Is there a sort of a playbook, a sequential playbook? >> Absolutely, so before we discussed the maturity curve of adopting an CPS security, or OT security technology, let's touch upon the characteristic of the space and what it led vendors like Claroty to build. So you have the rigorous chain control. You have the security in mind, operations, lowered the risk state of mind. That led vendors, likes of Claroty, to build a solution. And I'm talking about seven, eight years ago, to be passive, mostly passive or passive only to inspect network and to analyze network and focus on detection rather than taking action like response or preventative maintenance. >> Um-hmm. >> It made vendors to build on-prem solutions because of the cloud-averse state of mind of this industry. And because OT is very specific, it led vendors to focus only on OT devices, overlooking what we discussed as IoT, Unfortunately, besides HMI and PLC, the controller in the plant, you also have the security camera. So when you install an OT security solution I'm talking about the traditional ones, they traditionally overlook the security camera or anything that is not considered traditional OT. These three observations, although they were necessary in the beginning, you understand the shortcomings of it today. >> Um-hmm. >> So cloud-averse led to on-prem which leads to war security. It's like comparing CrowdStrike and one of its traditional competitors in the antivirus space. What CrowdStrike innovated is the SaaS first, cloud-native solution that is continuously being updated and provide the best in cloud security, right? And that is very much like what Claroty's building. We decided to go SaaS first and cloud-native solution. >> So, because of cloud-aversion, the industry shows somewhat outdated deployment models, on-prem, which limited scale and created greater diversity, more stovepipes, all the problems that we always talk about. Okay, and so is the answer to that, just becoming more cloud, having more of an affinity to cloud? That was a starting point, right. >> This is exactly it. Air-gap is perceived as secured, but you don't get updates and you don't really know what's going on in your network. If you have a Claroty or a crosswork installer, you have much higher probability detecting fast and responding fast. If you don't have it, you are just blind. You will be bridged, that's the. >> I was going to say, plus, air-gap, it's true, but people can get through air-gaps, too. I mean, it's harder, but Stoxnet. Yeah, look at Stoxnet right, oh, it's mopping the floor, boom, or however it happened, but so yeah. >> Correct. >> So, but the point being, you know, assume that breach, even though I know CrowdStrike thinks that the unstoppable breach is a myth, but you know, you talk to people like Kevin Mandia, it's like, we assume you're going to get breached, right? Let's make that assumption. Yeah, okay, and so that means you've got to have visibility into the network. So what are those steps that you would, what's that maturity model that you referenced before? >> So on top of these underlying principles, which is cloud-native, comprehensive, not OT only, but XIoT, and then bring that the verticalization and OT specificity. On top of that, you're exactly right. There is a maturity curve. You cannot boil the ocean, deploy protections, and change the environment within one day. It starts with discovering everything that is connected to your network. Everything from the traditional workstations to the cameras, and of course ending up with the cyber physical systems on the network. That discovery cannot be only a high level profile, it needs to be in depth to the level you need to know application versions of these devices. If you cannot tell the application version you cannot correlate it to a vulnerability, right? Just knowing that's an HMI or that's a PLC by Siemens is insufficient. You need to know the app version, then you can correlate to vulnerability, then you can correlate to risk. This is the next step, risk assessment. You need to put up a score basically, on each one of these devices. A vulnerability score, risk score, in order to prioritize action. >> Um-hmm. >> These two steps are discovery and thinking about the environment. The next two steps are taking action. After we have the prioritized devices discovered on your network, our approach is that you need to ladle in and deploy protections from a preventative perspective. Claroty delivers recommended policies in the form of access control lists or rules. >> Right. >> That can leverage existing infrastructure without touching a device without patching it, just to protect it. The next step would be detection and response. Once you have these policies deployed you also can leverage them to spot policy deviations. >> And that's where CrowdStrike comes in. So talk about how you guys partner with CrowdStrike, what that integration looks like and what the differentiation is. >> So actually the integration with CrowdStrike crosses the the entire customer journey. It starts with visibility. CrowdStrike and us exchange data on the asset level. With the announcement during FalCon, with Falcon Discover for IoT, we are really, really proud working on that with CrowdStrike. Traditionally CrowdStrike discovered and provided data about the IT assets. And we did the same thing with CPS and OT. Today with Falcon Discover for IoT, and us expanding to the XIoT space, both of us look at all devices but we can discover different things. When you merge these data sets you have an unparalleled visibility into any environment, and specifically OT. The integrations continue, and maybe the second spotlight I'll put, but without diminishing the other ones, is detection and response. It's the XDR Alliance. Claroty is very proud to be one of the first partners, XDR Alliance partners, for CrowdStrike, fitting in to the XDR, to CrowdStrike's XDR, the data that is needed to mitigate and respond and get more context about breaches in these OT environments, but also take action. Also trigger action, via Claroty and leverage Claroty's network-centric capabilities to respond. >> We hear a lot. We heard a lot in today's keynote note about the data, the importance of data, of the graph database. How unique is this Stephan, in the industry, in your view? >> The uniqueness of what exactly? >> Of this joint solution, if you will, this capability. >> I told my counterparts from CrowdStrike yesterday, the go-to market ones and the product management ones. If we are successful with Falcon Discover for IoT, and that product matures, as we plan for it to mature, it will change the industry, the OT security industry, for all of us. Not only for Claroty, for all players in this space. And this is why it's so important for us to stay coordinated and support this amazing company to enter this space and provide better security to organizations that really support our lives. >> We got to leave it there, but this is such an important topic. We're seeing in the war in Ukraine, there's a cyber component in the future of war. >> Yes. >> Today. And what do they do? They go after critical infrastructure. So protecting that critical infrastructure is so important, especially for a country like the United States, which has so much critical infrastructure and a lot to lose. So Stephan, thanks so much. >> Thank you. >> For the work that you're doing. It was great to have you on theCUBE. >> Thank you. >> All right, keep it right there. Dave Vellante for theCUBE. We'll be right back from fal.con '22. We're live from the ARIA in Las Vegas. (techno music)

>> We're back in Las Vegas at the ARIA for Fal.Con 22, CrowdStrike's big user conference. I'm Dave Vellante and you're watching the cube. Sven Krasser is here as the senior vice president and chief scientist at CrowdStrike and we're going to get a masterclass in AI for security, Sven. Thanks for coming on. Appreciate it. >> Thanks for having me. >> So I love the title. I just, I'm excited to have you on, I understand you were like employee number two or, you know, really early on >> Among the initial nine. Yeah. >> 11 years ago and I think two days you started. >> Yes. >> What was that like? You know, was that, you know, did you know George beforehand or you kind of? >> Yeah, I, I knew I knew George before, like not as well as I know him now. >> Yeah. >> And it, it sounded like a pretty good proposition about what he was having in mind. Like things security wise didn't really work that well back in the day. And we wanted to try something new, like cloud native, data driven, AI, and use that to stop, to stop breaches. So yeah, like it was very exciting. Like you go there, you have nothing there. First day, you open your laptop and you try to reinvent security. >> Yeah. So, I mean, I know he never, he talks about this. I never said we're going to be an AV company. But of course, you know, you start with antivirus and when at an endpoint and known malware, okay. But unknown malware at the time wasn't really being addressed. And if I understand it you guys brought in machine intelligence from the start. Explain that. >> That's that's right. And like, the way we, we looked at it is like, back then we said, you don't have a malware problem. You have an adversary problem. Just like recognizing that it's not malware but there's people behind it that act on objectives that you need to, that you need to counter and you don't want to run after them. You want to be ahead of them. Like that was, that was the approach, like at a very high level that we were taking and you know, now we have it a little bit more summed up and we say, we stop breaches. So like, that's, that's the end result. >> So how do you specifically leverage AI? Which parts of the portfolio, is it across the portfolio and you know, where did it start? How did it evolve? >> Yeah, we are very, we're very data driven. So we are working hard to use the, the proper tools to work with data wherever we can. And AI being one of these, these tools that we like to bring to bear. The, the cloud, the CrowdStrike security cloud at the moment we're doing about roughly 2 trillion events, with a T, per day. Like that, that volume of data, like going through our platform, that that's not something that you can, that you can work with manually, right? So we need, we need to bring the heavy machinery, like that's, that's how we're bringing AI to bear. >> 2 trillion events per day. I mean, there aren't a lot of organizations that see that many events a day. I mean, maybe, maybe some of the hyperscalers possibly. I don't know. That's a... >> Yeah. I think, I think it really allows us to get unprecedented insights into what's actually going on out there in the, in, in the landscape. And, you know, it's, it's like, it's like with a camera or a telescope, the bigger your aperture the fainter signals you can detect. And that's why like, that's why the volume is, is critical. And that's why we, that's why we from the get go, set out to build a cloud native platform so that we can actually aggregate this type of data and analyze it in one spot, basically where where everything comes together that we can draw these connections. >> Will we ever see security without humans? >> I don't, I don't think so. This, this, this notion that machine intelligence is so intelligent that it just takes these jobs over. To me it's more like a tool, right? Like these, these algorithms, they do need to learn from something they need to learn from human expertise. The way at CrowdStrike we have things set up is like our, our human teams our threat hunters, our MDR staff, our incident responders, like whatever they do, we, we are taking these insights and we're feeding them into the AI algorithms. So if there's, if there's a new type of attack and we have an incident response team on the ground and they find something, that gets leveraged put into a database and our AI can learn from that. I, I, I really like that in the keynote, Kevin Mandia actually talked to that, you know. Like get the incident responders out there, get their knowledge, bake it into products. And that that's, that's the approach that we're taking with, with with our AI. >> So in my head, I'm thinking okay, what do humans do better than machines? I mean, humans are creative, right? Machines really aren't creative, right? I mean, and adversaries are very creative. So, so I guess flip side question, what is, what does AI do? What does the machine intelligence do that that humans can't do? Is it scale? Is it just massive volumes? Help us understand what humans do well and machines do well and how they compliment each other. >> Yeah. So AI is, is very good at working with extremely large amounts of data. Again, like cloud native platform, like that's where you get this AI advantage. It can work with data that is a lot more complex like more facets of data. So we talked about XDR here at Fal.Con a lot, right? Like you get data from all these different products, from all these different angles. Like the more different facets you add to that like it becomes overwhelming for the human mind. It's just like so much complexity that a human can put together in their brain. With AI you don't have these limitations. It's just math. It's just like multiplying big matrices and you can work with a lot larger data sets, like those 2 trillion events that we do per day on the on the CrowdStrike security cloud. But also data that is a lot more complex, that has more facets, looks at the problem from different angles. That's where AI is especially useful. >> I want to ask you as a topic I haven't asked anybody this week and I've been meaning to, is, you know there's this concept of, of living off the land, right? Using your own tools against you. How are you able to detect that? Is that cuz of lateral movement or, I mean I'm sure there are many, many factors, but but how are you addressing that problem? That kind of stealthy using your tools against you? >> Yeah, so adversaries, this is, again there's motivated humans behind that. They figured if they drop a malware file on the machine that's an artifact, an indicator of compromise, right? And that can be detected. So they're avoiding dropping files on disc that could be detected or to bring their to bring their own tools. They try to work with the tools that they find on the machines. They need to act on objective though. There's something they want to accomplish. Like they're not, they're not logging in just to, you know, like do nothing. And this is where indicators of attack come in, right? Like we know what their objectives are and we're trying to capture this. We're describing this in an abstract way. What is it that they try to accomplish? That's what indicators of attack describe and when they act on these objectives then we can catch them. >> So I, I think that the the term indicators of attack, I, I, you may have coined it. I'm, I'm not sure. I think it was you announcement at, at black hat. Those indicators are not static, right? To your point, the humans on the other end are motivated. Are you a can, can AI help predict future indicators of attack maybe working with, with humans? >> Yeah, this is, this is something that we recently rolled out where we are connecting our AI intelligence to our indicator of attack framework. Where basically the AI crunches the big data and then the indicators, the, the knowledge that the AI generates, understanding the context of the situation, can feed into the indicators of attack that we're evaluating to see if an adversary is acting on a specific objective. And then if an IOA triggers, that can feed back into the AI and the AI can use that information to derive for more precise results. We have a good feedback loop between these two, these two systems and they're more tightly integrated now. >> As a, as an AI expert, I want to ask you, is is the intelligence, is AI actually artificial? Or is it, is it real? >> Well, it, it is artificial cause I guess we, we build it right? Like it's a human made. I, I think a lot of people get hung up on the term intelligent and it, it's not really intelligent in the say, in the sense that it acts on agency with, with agency like you would look at a problem, right? It's good at solving specific types of tasks and problems that we can define in ways that these algorithms work on it. But it is not the same level of creative thinking that a human brings to the problem. And this is, going back to the beginning of the conversation, this is where we like to have humans involved in the teaching of the AI. The AI connect autonomously in real time stopping threats. But there's humans that take a look at what is going on to give the AI input and feedback and, and improvements because we are up against other humans, right? You don't want to have a human kind of press the buttons of the AI until they found a way around it. But that's called adversarial machine learning. Very real threat as well. Like we are, we're looking at the problem as humans against humans. Like what, what tools do we need to bring to the battle to keep the adversaries out of our customer's networks? >> Okay. So my follow up is, but there are systems of agency for our detection is a, as an example. But your, I think your point is that that never would've been possible without humans. Is that right? Or... >> Yeah, like on, on the one hand, these systems get trained with human knowledge. On the other hand, there, there are humans that take a look at, if the systems give the right responses. Like there, there isn't like if you talk to your smart speaker, like, like for me, like I'm, I'm asking my smart speaker to turn a specific light on in my living room and it, it, half the time doesn't work, right? Like that, that wouldn't happen with a human. There's like a lot more context and understanding and humans are more robust. Like it's, it's harder to fool a human. The limitation that we humans have is complexity, complexity and volume. So we're trying to make like a peanut butter and cookie approach, a peanut butter and chocolate approach rather, where we want to use the human creativity alongside the AI, which can handle scale complexity and volume at unprecedented, unprecedented scales. >> And when you bring it out to the edge, we, we were just talking to Stefan Goldberg about IOT and extended IOT. When you think about, you know, AI, a lot of lot of AI today is modeling that's done in the cloud and then applied. But when you go out to the edge, you you're starting to see more AI inferencing and near realtime, or even real time. Will that change the equation? What's the future of, of, of AI and cyber look like? >> I think, I, I think it would be pervasively applied. So we are using it already on the edge, on our sensors, but also in the cloud, right? On the sensor, we want to be able to act very quickly on the endpoint, want to be able to act very quickly without any delay with local inflammation. Or if the system is offline for a period of time, right? So we have AI models running there. In the cloud, we have the advantage of being able to work with vast amounts of data without slowing down our customer's machines. So like models will be applied everywhere where there's data, like that's kind of the name of the game. Like let's bring, let's bring this, this type of artificial intelligence, this type of, of like refined digested expertise, wherever the data sits on the end point, in the clouds, where you have it. >> And CrowdStrike doesn't care, right? I mean, it's... >> We care about stopping the breaches. >> Yeah. But you're agnostic to the physical location of >> That, that's correct. >> The activity. So last question is, how should we as humans prepare for the future of AI in, in cyber? >> That's a, that's a good question. I, I would say like, stay, stay creative and like figure out how we can get that knowledge that you have like formalized into, into databases, right? AI, the way I look at it is an amplifier of human expertise. You do something at a small scale as a human, the AI system can do it at a big scale, right? Like it's kind of like digging with a spoon whether it's digging with an excavator, with a, with a backhoe. So I I'd say stay, stay creative and see how we can take things that we do as humans in the small scale and let's do it in the cloud, like with with large data volumes. >> Great advice, creativity, I think is, is a key. Sven, thanks so much for coming on the cube. Really appreciate your time. >> Thanks for having me. >> You're very welcome. Okay. Keep it right there. Listen, by, by the way, I meant to to tell our audience a lot of resources at siliconangle.com, thecube.net, wikibon.com, has a ton of research all available at for no charge. No, no, no password needed. Just access that. Check it out. We're live from the ARIA hotel in Las Vegas, Fal.Con 22, Dave Vellante for the cube. We'll be back after this short break. (calming xylophone music)

hi everybody this is dave vellante and this is day two of the cube's coverage of falcon 2022 we're live from the aria in las vegas everybody was out last night at the brooklyn bowl awesome band customers were dancing a lot of fun a lot of business going on here todd crosley's here he's to my left he's the senior director of cloud partnerships at crowdstrike and patrick mcdowell is the global technical lead for security partners at aws these guys have been partnering for a long time and we're going to dig into that partnership gents welcome to the cube thanks for having us thanks happy birthday you're very welcome todd talk about the the history of the relationship you guys are kind of bet business on each other but take us back sure thing so you know yesterday or the day before the company turned 11 years old or so i think george talked a lot about that the other day but uh we've actually been working closely with the amazon team for more than five years at this point and it's really evolved into a strategic collaboration really so uh from an executive on down into field alignment channel alignment uh the marketing team and and the build team where we we work with patrick and his extended team on different service integrations and different uh you know effectively positive security outcomes for the customers together i mean patrick if you think about the history of aws it's like you guys realized you had lightning in a bottle and then also realized wow and ecosystem play is the way to go and when you go to re invent it's palpable the the ecosystem innovation and the the flywheel effect that you've created but what's aws's perspective on the partnership with crowdstrike yeah it's essential to us and our customers right so we've been doing deep integrations probably since i think the first big one of crowdstrike was with guard duty amazon guard duty which is our uh easy to use threat detection service in aws one click on and their threat intelligence actually build is built directly into that service so an aws customer turns on guard duty it's automatically uh being uh enhanced and enriched with falcon x threat intelligence uh by default yeah so the cloud has become the first line of defense for a lot of the csos that i talk to you know everybody's cloud first cloud first and it's like okay that's awesome because cloud has really good security but then it's okay but if there's some differences i got there's a shared security model that i have to understand and and so when you guys talk to customers i know it's you know one of the leadership principles is you got to be focused you know insanely focused on customers crowdstrike very customer focused as well that's how you sort of created this company that is doing such innovative things what are customers telling you um about how they want you to work together what kind of feedback are you getting any other examples that you might have in the future yeah sure thing i'll go first so that well so they they depend on uh the like you said this shared security model but there's ample opportunity where vendors like crowdstrike and we've worked with patrick's team extensively to to pinpoint areas where we can provide so examples of that would be like on the in compute so like you recently released the graviton processors we've had a recent success with a customer where uh they've walked down their digital transformation journey they had they were looking to switch over to the graviton processors and we work closely with patrick's team to say okay we're going to certify our sensor uh on that particular area of compute so the customer continue to enjoy crowdstrike in our single-platform cloud-first native platform to say okay you've got skill sets on the on-prem environment your endpoint environment and good news you're switching to graviton no problem we still support that and we've been able to do that by working closely with each other inclusive not just the architects but the product teams work closely together as well yeah in this customer case um you know uh crowdstrike already supported for amazon linux but this customer a very large customer of ours need to move 10 000 ec2 instances to graviton on red hat linux not amazon linux so we got crowdstrike engineering our engineering our architects and we were able to get this customer red hat support for graviton within two months right in production ready to go and unblock this migration so i love the graviton example so what i always default to when somebody says oh we're cloud native i'd say are you running on graviton uh because because graviton is is is uh amazon's custom silicon that complements what you're doing with intel what you're doing with amd and they're all kinds of different instant types but it's based on an arm system and it's delivering new levels of performance and and an energy reduction if i can use that term um and and it's on a new curve yeah and so tremendous cost savings as well right i think out of the box with no change in the application you're getting 20 and that's and i i don't even think you're really driving it as hard as you can is my assessment but you gotta be considerate of these days so but that's an example of of how you're using from a technology standpoint cloud native and then and then sort of partnering does this you know graviton one graviton true graviton three i'm sure there'll be graviton 10 someday no doubt i think it's a good example of us working closely together paying attention to the customer's needs and making sure they don't they don't miss a step and and still stop the breach and pay attention to their security needs so you're part of the apn the amazon partner network yep what do you got to do to be like certified at an elite level there you probably have to go through a lot of hoops and maybe you could describe what you guys do there and how you work together to ensure that a company is adequate and more than adequate for its customers yeah sure thing so we we've participated in and we're certified in for example the security competency area which elevates us amongst other security isvs we're one of the few that have that um we have the well we participate in the well architected program which means that we've demonstrated a common set of criteria and customer references i mean that's a example um another area where we've participated quite a bit is in in the land of digital supply chains notably aws marketplace where we've uh latched on to many of their features and capabilities and participated in strategic programs whether it be um you know including the channel partner or taking a look at traditional private offers or taking a look at like the looping in the entire ecosystem to make sure the customer gets what they need so how do you integrate with things like control tower where where are the seams and how do you make that as seamless as possible for customers or maybe you can explain what control power yeah so uh they have multiple integrations for control tower for their cspm horizon uh it automatically onboards new aws accounts so uh you know as you're vending accounts you're giving to more devops teams horizon is automatically deploying and being protected those accounts so it has those guard rails in place for customers in a nice easy to use deployment model that you don't have to think about right so control tower in general is uh it kind of gives customers guard rails an easy button if you're new to aws i'm migrating hey aws can you just tell me the best practices how should i set up my accounts i need a landing zone i'm doing migration so it's really like a wizard for getting started in aws and crowdstrike integrates that with falcon discover and as well as falcon horizon and your age so yeah you guys really don't compete um you know maybe there's some overlap overlap is better than than gaps but you know when you when you take something like you know network firewalls and things like that amazon brings that to the table and then crowdstrike will build on top of that is that correct yeah i'll take this one uh so george has said it crowdstrike is not a network security company right however they have an integration using their threat intelligence on on our amazon network firewall so aws amazon and crouchstrike coming together actually have a joint offering for customers in a space that crowdstrike has never been in before itself so i think that's very exciting so yeah yeah all those integrations that pat's talking about we've actually cataloged the whole thing on a github page where we find that's where customers go they took a look at the integration and the supporting documentation we're like okay yeah this makes sense this these two companies augment each other well and it turns out to be a good outcome and you check you'll take telemetry data from the aws cloud you can take it from you know any your agents can run anywhere right and then you bring that in to the or i guess you sort of you index it i in my term in in the aws cloud enables that because you've got virtually unlimited scaling capability and that's kind of where you guys started yeah cloud native dogma that's right yeah it's a competitive differentiator for us uh i we think it's nice we're a market leader in our space and amazon's a market leader in their space and and we've got a lot of synergy together where do you guys last question where do you guys respectively want to see the the relationship go if you had to put on your binoculars or even telescope where do you want to see this go well i think we're i think we're all in the business of accelerating positive security outcomes for the customer and the what we're doing is we're spending a lot of time educating our respective fields and respective customers to know that these these integrations do in fact exist uh they absolutely complement each other we were in a meeting uh you know maybe six ten months ago we're in a cio said i didn't know that the two that the two products work so well together speaking about the control tower and horizon particular example had i known that i would have bought it uh a lot quicker this is this is a great outcome and the fact that you're working with amazon together is a bit of a relief so that was nice yeah i'm gonna echo what george kirk said in his keynote yesterday that like security's a journey xdr is a journey and i think the work that we did on the open cyber security schema framework which is an open source common uh security language that all vendors can use including aws and crowdstrike i think that is where we're going to see uh the the industry rally around in the upcoming year there's so much security data there's a common uh now language that all products and clouds could talk to each other that's right tell tell me more about it ocsf is that right where did that come from and yeah so um it's it's a it's an open source framework and you know both crowdstrike aws and other uh you know players in the industry are like there's a common problem none of our products talk together it's all about customer benefit right so what can we do to democratize security data make things talk well play together everyone wants to do more analytics on lots of data lakes so this is where it's all coming together yeah better collaboration in industry obviously is is needed and then the other piece is education you guys both sort of refer to that that's what i when i come to conferences like this and reinforce as well as a lot of it i mean i remember the first reinforcement was like explaining the shared responsibility model now of course a lot of people understood it but a lot of people didn't when you fast forward to 2022 and reinvent it was a lot more focused on how to really exploit the capabilities that aws has and then here at crowdstrike it's like okay helping practitioners really understand how to take advantage of the full platform and and that's to your point patrick the journey all right guys hey we got to go thanks so much you for having us all right keep it right there fast and furious day two from crowdstrike's falcon 2022. you're watching thecube [Music] you

(upbeat music) >> Welcome back to The Cube's coverage of Fal.Con 22. I'm Dave Vellante with Dave Nicholson. This is day one of our coverage. We had the big keynotes this morning. Derek Jeter was one of the keynotes. We have a big Yankee fan here: George Kurtz is the co-founder and CEO of CrowdStrike. George, thanks for coming on The Cube. >> It's great to be here. >> Boston fan, you know, I tweeted out Derek Jeter. He broke my heart many times, but I can't hate on Jeter. You got to have respect for the guy. >> Well, I still remember I was in Japan when Boston was down you know, by three games and came back to win. So I've got my own heartbreak as well. >> It did heal some wounds, but it almost changed the rivalry, you know? I mean, >> Yeah. >> Once, it's kind of neutralized it, you know? It's just not as interesting. I mean, I'm a season ticket holder. I go to all the games and Yankee games are great. A lot of it used to be, you would never walk into Fenway park with, you know pin stripes, when today there's as many Yankee fans as there are... >> I know. >> Boston fans. Anyway, at Fenway, I mean. >> Yeah. >> Why did you start CrowdStrike? >> Biggest thing for me was to really change the game in how people were looking at security. And at my previous company, I think a lot of people were buying security and not getting the outcome that they wanted. Not- I got acquired by a company, not my first company. So, to be clear, and before I started CrowdStrike, I was in the antivirus world, and they were spending a lot of money with antivirus vendors but not getting the outcome I thought they should achieve, which is to stop the breach, not just stop malware. And for me, security should be outcome based not sort of product based. And the biggest thing for us was how could we create the sales force of security that was focused on getting the right outcome: stopping the breach. >> And the premise, I've seen it, the unstoppable breach is a myth. No CSOs don't live by that mantra, but you do. How are you doing on that journey? >> Well I think, look, there's no 100% of anything in security, but what we've done is really created a platform that's focused on identifying and stopping breaches as well as now, extending that out into helping IT identify assets and their hygiene and basically providing more visibility into IT assets. So, we talked about the convergence of that. Maybe we'll get into it, but. >> Dave Vellante: Sure. >> We're doing pretty well. And from our standpoint, we've got a lot of customers, almost 20,000, that rely on us day to day to help stop the breach. >> Well, and when you dig into the CrowdStrike architecture, what's so fascinating is, you know, Dave, we've talked about this: agent bad. Well, not necessarily, if you can have a lightweight agent that can scale and support a number of modules, then you can consolidate all these point tools out there. You talked about in your keynote, your pillars, workloads, which really end points >> Right. >> ID, which we're going to talk about. Identity data and network security. You're not a network security specialist, >> Right. >> But the other three, >> Yes. >> You're knocking down. >> Yeah. >> You guys went deep into that today. Talk about that. >> We did, most folks are going to know us for endpoint and Cloud workload protection and visibility. We did an acquisition almost two years to the day on preempt. And that was our identity play, identity threat protection and detection. And that really turned out to be a smart move, because it's the hottest topic right now. If you look at all the breaches over the last couple years, it's all identity based. Big, big talking points in our keynotes today. >> Dave Vellante: Right. >> And then the third area is on data, and data is really the you know, the new currency that people trade in. So how do you identify and protect endpoints and workloads? How do you tie that together with identity, as well as understanding how you connect the dots and the data and where data flows? And that's really been our focus and we continue to deliver on that for customers. >> And you've had a real dogma, I'll call it, about Cloud Native. I've had this conversation with Frank Slootman, "No we're not going to do a halfway house." You, I think, said it really well today. I think it was you who said it. If you've got On-Prem and Cloud, you got two code bases, >> George Kurtz: Right. >> That you got to maintain. >> That's it, yeah. >> And that means you're taking away resources from one or the other. >> That's exactly right. And what a lot of our competitors have done is they started On-Prem as an AV vendor, and then they took what they had and they basically put it in a Cloud instance called a Cloud, which doesn't really scale. And then, you know, where they need to, they basically still keep their On-Prem, and that just diffuses your engineering team. And most of the On-Prem stuff doesn't even have the features of what they're trying to offer from the Cloud. So either you're Cloud Native or you're not. You can't be halfway. >> But it doesn't mean that you can't include and ingest On-Prem data- >> Well, absolutely. >> into your platform, and that's what I think most people just some reason don't seem to understand. >> Well our agents run wherever. They certainly run On-Prem. >> Dave Vellante: Right. Right. >> And they run in the Cloud, they run wherever. But the crowd in the CrowdStrike is the fact that we can crowdsource this threat information at scale into our threat graph, which gives us unique insight, 7 trillion events per week. And you can't do that if you're not Cloud Native. And that crowd gives the, we call, community immunity. We see all kinds of attacks across 176 different countries. That benefit accrues to all of our customers. >> But how do you envision and maintain and preserve a lightweight agent that can support so many modules? As you do more acquisitions and you knock down new areas and bring in new functionality, go after things like operations technology, how is it that you're able to keep that agent lightweight? >> Well, we started as a platform company, meaning that the whole idea was we're going to build a lightweight agent. First iteration had no security capabilities. It was collect data, get it into a common data architecture or threat graph, in one spot. And then once we had the data then we applied AI to it and we created different workflows. So, the first incarnation was get data into the Cloud at scale. And that still holds true today. So if you think about why we can actually have all these different modules without an impact on the performance, it's we collect data one time. It's a threat data, you know? We're not collecting user data, but threat data collection mechanism. Once we have all that data, then we can slice and dice and create other modules. So the new modules never have to even touch the agent 'cause we've already collected the data. >> I'm going to just keep going, Dave, unless you shove your way in. >> No, no, go ahead. No, no, no. I'm waiting to pounce. >> But okay, so, I think, George, but George, I need to ask you about a comment that you made about we're not just shoving it into a data lake. But you are collecting all the data. Can you explain that nuance? >> Yeah. So there's a difference between a collect and forward agent. It means they just collect a bunch of data. They'll probably store it in a lot of space on the endpoint. It's slow and cumbersome, and then they'll forward it up into another data lake. So you have no context going into no context. Our agent is a smart agent, which actually allows us to always track the context of all these processes in what's happening on the endpoint. And it's a mini graph, meaning we keep track of the relationships. And as we ship that contextual information to the Cloud, we never lose that context. And then it goes into the bigger graph database, always with the same level of context. So, we keep the context of each individual workload or endpoint, and then across the Cloud, we have the context of all of those put together. It's massive. And that allows us to create different insights rather than a data lake, which is, you know, you're looking for, you're creating a bigger needle stack looking for needles. >> And I'm envisioning almost an index that is super, super fast. I mean, you're talking about sub, well second kind of near real time responses, correct? >> Absolutely. So a lot of what we do in terms of protection is already pushed down to the endpoint , 'cause it has intelligence and the AI model. And then again, the Cloud is always looking for different anomalies, not only on each individual endpoint or workload, but across the entire spectrum of our customer base. And that's all real time. It continually self-learns from all the data we collect. >> So when, yeah, when you've made these architectural decisions over time, there was a time when saying that you needed to run an agent could be a deal killer somewhere for people who argued against that. >> George Kurtz: Right. >> You've made the right decision there, clearly. Having everything be crowdsourced into Cloud makes perfect sense. Has that, though, posed a challenge from a sovereignty perspective? If you were deploying stuff On-Prem all over the place, you don't need to worry about that. Everything is here >> George Kurtz: Yeah. >> in a given country. How do you address the challenges of sovereignty when these agents are sending data into some sort of centralized Cloud space that crosses boundaries? >> Well, yeah, I guess what we would, let me go back to the beginning. So I started company in 2011 and I had to convince people that delivering endpoint security from the Cloud was going to be a good thing. >> Dave Vellante: Right. (chuckles) >> You know, you go into a Swiss bank and a bunch of other places and they're like, you're crazy. Right? >> Dave Nicholson: Right. >> They all became customers afterwards, right? And you have to just look at what they're doing. And the question I would have in the early days is, well, let me ask you are you using Dropbox, Box? Are you using a Microsoft? You know, what are you using? Well, they're all sending data to the Cloud. So good news! You already have a model, you've already approved that, right? So let's talk about our benefit. And you know, you can either have an adversary steal your data or you can send threat data to our Cloud, which by the way is in a lot of sovereign Clouds that are out there. And when you actually break it down to what we're sending to the Cloud, it's threat data, right? It isn't user files and documents and stuff. It's threat data. So, we work through all of that. And the Cloud is bigger than CrowdStrike. So you look at Sales Force, Service Now, Workday, et cetera. That's being used all over the place, Box, Dropbox. We just tagged onto it. Like why shouldn't security be the platform of record, and why shouldn't CrowdStrike be the platform of record and be the pillar of Cloud security? >> Explain your observability strategy, 'cause you acquired Humio for, I mean, I think it was $400 million, which is a song. >> Yeah. >> And then Reposify is the latest acquisition. I see that as an extension, 'cause it gives you visibility. Is that part of your security, of your observability play? Explain where you do play and don't play. >> Sure. Well observability is a big, you know, fluffy word. Where we play is in probably the first two areas of observability, right? There's five, kind of, pillars. We're focused on event collection. Let's get events from the endpoints. Let's get events from really anywhere in the network. And we can do that with Humio is now log scale. And then the second piece is with our agents, let's get an understanding of their, the asset itself. What is the asset? What state is it in? Does it have vulnerabilities? Does it have, you know, is it running out of disc space? Is it have, does it have a performance issue? Those are really the first two, kind of, areas of observability. We're not in application performance, we're in let's collect data from the endpoint and other sources, and let's understand if the thing is working, right? And that's a huge value for customers. And we can do that because we already have a privileged spot on the endpoint with our agent. >> Got it. Question on the TAM. Like I look at your TAMs, your charts, I love it. You know, generally do. Were you taking known data from you know, firms like IDC >> George Kurtz: Yeah. >> and saying, okay we're going to play there, now we're made this acquisition. We're new modules, now we're playing there. Awesome. I think you got a big TAM. And I guess that's, that's the point. There's no lack of market for you. >> George Kurtz: Right. >> But I do feel like there's this unknown unquantifiable piece of your TAM. IDC can't see it, 'cause they're kind of looking back >> George Kurtz: Right. >> seein' what the market do last year and we'll forecast it out. It's almost, you got to be a futurist to see it. How do you think about your total available market and the opportunity that's out there? >> Well, it's well in excess of 120 billion and we've actually updated that recently. So it's even beyond that. But if you look at all the modules each module has a discreet TAM and again, for what, you know, what we're focused on is how do you give an outcome to a customer? So a lot of the modules map back into specific TAM and product categories. When you add 'em all up and when you look at, you know, some of the new things that we're coming out with, again, it's well in excess of 120 billion. So that's why we like to say like, you know, we're not an endpoint company. We're really, truly a security platform company that was born in the Cloud. And I think if you see the growth rates, and one of the things that we've talked about, and I think you might have pointed out in prior podcasts, is we're the second fastest company to 2 billion dollars in annual recurring revenue, only behind Zoom. And you know I would argue- great company, by the way, a customer- but that was a black Swan event in a pandemic, right? >> Dave Vellante: I'll say! >> Yeah. >> So we are rarefied air when you think about the capabilities that we have and the performance and the TAM that's available to us. >> The other thing I said in my breaking analysis was 'cause you guys aspire to be a generational company. And I think you got a really good shot at being one, but to be a generational company, you have to have an ecosystem. So I'd love you to talk about the ecosystem, but where you want to see it in five years. >> Well, it really is a good point and we are a partner first company. Ecosystem is really important. Cameras probably can't see all the vendors that are here that are our partners, right? It's a big part of this show that we're at. You see a lot of, well, you see some vendors behind us. >> Yep. >> We have to realize in 2022, and I think this is something that we did well and it's my philosophy, is we are not the only game in town. We like to be, and we are, for many companies the security platform on record, but we don't do everything. We talked about network in other areas. We can't do everything. You can't be good and try to do everything. So, for customers today, what they're looking at is best of platform. And in the early days of security, I've been in it over 30 years, it used to be best of breed products, then it was best of suite, now it's best of platform. So what do I mean by that? It means that customers don't want to engineer their own solution. They, like Lego blocks, they want to pull the platforms, and they want to stitch 'em together via API. And they want to say, okay, CrowdStrike works with Okta, works with Zscaler, works with Proofpoint, et cetera. And that's what customers want. So, ecosystem is incredibly important for us. >> Explain that. You mentioned Okta, I had another question for you. I was at Reinforce, and I saw this better together presentation, CrowdStrike and Okta talking about identity. You've got an identity module. Explain to people how you're not competing with Okta. You guys complement each other, there. >> Well, an identity kind of broker, if you will, is basically what Okta does in others, right? So you log in single sign on and you get access. They broker access to all these other applications. >> Dave Vellante: Right. >> That's not what we do. What we do is we look at those endpoints and workloads and domain controllers and directory services and we figure out, are there vulnerabilities and are there threats associated with them? And we call that out. The second piece, which is critical, is we prevent lateral movement. So if credentials are stolen we can prevent those credentials from being laundered or used and moved laterally, which is a key part of how breaches happen. We then create a trust score on those endpoints and workloads. And we basically say, okay, do we think the trust on the endpoint and workload is high or low? Do we think the identity, you know, is it George on the endpoint, or not? We give that a score. And we pass that along to Okta or Ping or whoever, and they then use that as part of their calculus in how they broker access to other resources. So it really is better together. >> So your execution has been stellar. This is my competition question. You obviously have competition out there. I think architecturally, you've got some advantages. You have a great relationship with AWS. I don't know what's going on with Google, but Kevin's up on stage. >> George Kurtz: Yeah. >> They're now part of Google. >> George Kurtz: We have a great relationship with them. >> Microsoft obviously, a competitor. You obviously do some things in, >> Right. >> in Azure. Are you building the security Cloud? >> We are. We think we are, because when you look at the amount of data that we actually ingest, when you look at companies using us for critical decisions and critical protection, not only on their On-Prem, but also in their Cloud environment, and the knowledge we have, we think it is a security Cloud. You know, you had, you had Salesforce and Workday and ServiceNow and each of them had their respective Clouds. When I started the company, there was no security Cloud. You know, it wasn't any of the companies that you know. It wasn't the firewall companies, wasn't the AV companies. And I think we really defined ourselves as the security Cloud. And the level of knowledge and insights we have in our Cloud, I think, are world class. >> But you know, it's a difference of being those- 'cause you mentioned those other, you know, seminal Clouds. They, like Salesforce, Workday, they're building their own Clouds. Maybe not so much Workday, but certainly Salesforce and ServiceNow built their own >> Yeah. >> Clouds, their own data centers. You're building on top of hyperscalers, correct? >> Well, >> Well you have your own data centers, too. >> We have our own data centers, yeah. So when we first started, we started in AWS as many do, and we have a great relationship there. We continue to build out. We are a huge customer and we also have, you know, with data sovereignty and those sort of things, we've got a lot of our sort of data that sits in our private Cloud. So it's a hybrid approach and we think it's the best of both worlds. >> Okay. And you mean you can manage those costs and it's, how do you make the decision? Is it just sovereignty or is it cost as well? >> Well, there's an operational element. There's cost. There's everything. There's a lot that goes into it. >> Right. >> And at the end of the day we want to make sure that we're using the right technology in the right Clouds to solve the right problem. >> Well, George, congratulations on being back in person. That's got to feel good. >> It feels really good. >> Got a really good audience here. I don't know what the numbers are but there's many thousands here, >> Thousands, yeah. >> at the ARIA. Really appreciate your time. And thanks for having The Cube here. You guys built a great set for us. >> Well, we appreciate all you do. I enjoy your programs. And I think hopefully we've given the audience a good idea of what CrowdStrike's all about, the impact we have and certainly the growth trajectory that we're on. So thank you. >> Fantastic. All right, George Kurtz, Dave Vellante for Dave Nicholson. We're going to wrap up day one. We'll be back tomorrow, first thing in the morning, live from the ARIA. We'll see you then. (calm music)

>> We're back at the ARIA Las Vegas. We're covering CrowdStrike's Fal.Con 22. First one since 2019. Dave Vellante and Dave Nicholson on theCUBE. Adam Meyers is here, he is the Senior Vice President of Intelligence at CrowdStrike. Adam, thanks for coming to theCUBE. >> Thanks for having me. >> Interesting times, isn't it? You're very welcome. Senior Vice President of Intelligence, tell us what your role is. >> So I run all of our intelligence offerings. All of our analysts, we have a couple hundred analysts that work at CrowdStrike tracking threat actors. There's 185 threat actors that we track today. We're constantly adding more of them and it requires us to really have that visibility and understand how they operate so that we can inform our other products: our XDR, our Cloud Workload Protections and really integrate all of this around the threat actor. >> So it's that threat hunting capability that CrowdStrike has. That's what you're sort of... >> Well, so think of it this way. When we launched the company 11 years ago yesterday, what we wanted to do was to tell customers, to tell people that, well, you don't have a malware problem, you have an adversary problem. There are humans that are out there conducting these attacks, and if you know who they are what they're up to, how they operate then you're better positioned to defend against them. And so that's really at the core, what CrowdStrike started with and all of our products are powered by intelligence. All of our services are our OverWatch and our Falcon complete, all powered by intelligence because we want to know who the threat actors are and what they're doing so we can stop them. >> So for instance like you can stop known malware. A lot of companies can stop known malware, but you also can stop unknown malware. And I infer that the intelligence is part of that equation, is that right? >> Absolutely. That that's the outcome. That's the output of the intelligence but I could also tell you who these threat actors are, where they're operating out of, show you pictures of some of them, that's the threat intel. We are tracking down to the individual persona in many cases, these various threats whether they be Chinese nation state, Russian threat actors, Iran, North Korea, we track as I said, quite a few of these threats. And over time, we develop a really robust deep knowledge about who they are and how they operate. >> Okay. And we're going to get into some of that, the big four and cyber. But before we do, I want to ask you about the eCrime index stats, the ECX you guys call it a little side joke for all your nerds out there. Maybe you could explain that Adam >> Assembly humor. >> Yeah right, right. So, but, what is that index? You guys, how often do you publish it? What are you learning from that? >> Yeah, so it was modeled off of the Dow Jones industrial average. So if you look at the Dow Jones it's a composite index that was started in the late 1800s. And they took a couple of different companies that were the industrial component of the economy back then, right. Textiles and railroads and coal and steel and things like that. And they use that to approximate the overall health of the economy. So if you take these different stocks together, swizzle 'em together, and figure out some sort of number you could say, look, it's up. The economy's doing good. It's down, not doing so good. So after World War II, everybody was exuberant and positive about the end of the war. The DGI goes up, the oil crisis in the seventies goes down, COVID hits goes up, sorry, goes down. And then everybody realizes that they can use Amazon still and they can still get the things they need goes back up with the eCrime index. We took that approach to say what is the health of the underground economy? When you read about any of these ransomware attacks or data extortion attacks there are criminal groups that are working together in order to get things spammed out or to buy credentials and things like that. And so what the eCrime index does is it takes 24 different observables, right? The price of a ransom, the number of ransom attacks, the fluctuation in cryptocurrency, how much stolen material is being sold for on the underground. And we're constantly computing this number to understand is the eCrime ecosystem healthy? Is it thriving or is it under pressure? And that lets us understand what's going on in the world and kind of contextualize it. Give an example, Microsoft on patch Tuesday releases 56 vulnerabilities. 11 of them are critical. Well guess what? After hack Tuesday. So after patch Tuesday is hack Wednesday. And so all of those 11 vulnerabilities are exploitable. And now you have threat actors that have a whole new array of weapons that they can deploy and bring to bear against their victims after that patch Tuesday. So that's hack Wednesday. Conversely we'll get something like the colonial pipeline. Colonial pipeline attack May of 21, I think it was, comes out and all of the various underground forums where these ransomware operators are doing their business. They freak out because they don't want law enforcement. President Biden is talking about them and he's putting pressure on them. They don't want this ransomware component of what they're doing to bring law enforcement, bring heat on them. So they deplatform them. They kick 'em off. And when they do that, the ransomware stops being as much of a factor at that point in time. And the eCrime index goes down. So we can look at holidays, and right around Thanksgiving, which is coming up pretty soon, it's going to go up because there's so much online commerce with cyber Monday and such, right? You're going to see this increase in online activity; eCrime actors want to take advantage of that. When Christmas comes, they take vacation too; they're going to spend time with their families, so it goes back down and it stays down till around the end of the Russian Orthodox Christmas, which you can probably extrapolate why that is. And then it goes back up. So as it's fluctuating, it gives us the ability to really just start tracking what that economy looks like. >> Realtime indicator of that crypto. >> I mean, you talked about, talked about hack Wednesday, and before that you mentioned, you know, the big four, and I think you said 185 threat actors that you're tracking, is 180, is number 185 on that list? Somebody living in their basement in their mom's basement or are the resources necessary to get on that list? Such that it's like, no, no, no, no. this is very, very organized, large groups of people. Hollywood would have you believe that it's guy with a laptop, hack Wednesday, (Dave Nicholson mimics keyboard clacking noises) and everything done. >> Right. >> Are there individuals who are doing things like that or are these typically very well organized? >> That's a great question. And I think it's an important one to ask and it's both it tends to be more, the bigger groups. There are some one-off ones where it's one or two people. Sometimes they get big. Sometimes they get small. One of the big challenges. Have you heard of ransomware as a service? >> Of course. Oh my God. Any knucklehead can be a ransomwarist. >> Exactly. So we don't track those knuckleheads as much unless they get onto our radar somehow, they're conducting a lot of operations against our customers or something like that. But what we do track is that ransomware as a service platform because the affiliates, the people that are using it they come, they go and, you know, it could be they're only there for a period of time. Sometimes they move between different ransomware services, right? They'll use the one that's most useful for them that that week or that month, they're getting the best rate because it's rev sharing. They get a percentage that platform gets percentage of the ransom. So, you know, they negotiate a better deal. They might move to a different ransomware platform. So that's really hard to track. And it's also, you know, I think more important for us to understand the platform and the technology that is being used than the individual that's doing it. >> Yeah. Makes sense. Alright, let's talk about the big four. China, Iran, North Korea, and Russia. Tell us about, you know, how you monitor these folks. Are there different signatures for each? Can you actually tell, you know based on the hack who's behind it? >> So yeah, it starts off, you know motivation is a huge factor. China conducts espionage, they do it for diplomatic purposes. They do it for military and political purposes. And they do it for economic espionage. All of these things map to known policies that they put out, the Five Year Plan, the Made in China 2025, the Belt and Road Initiative, it's all part of their efforts to become a regional and ultimately a global hegemon. >> They're not stealing nickels and dimes. >> No they're stealing intellectual property. They're stealing trade secrets. They're stealing negotiation points. When there's, you know a high speed rail or something like that. And they use a set of tools and they have a set of behaviors and they have a set of infrastructure and a set of targets that as we look at all of these things together we can derive who they are by motivation and the longer we observe them, the more data we get, the more we can get that attribution. I could tell you that there's X number of Chinese threat groups that we track under Panda, right? And they're associated with the Ministry of State Security. There's a whole other set. That's too associated with the People's Liberation Army Strategic Support Force. So, I mean, these are big operations. They're intelligence agencies that are operating out of China. Iran has a different set of targets. They have a different set of motives. They go after North American and Israeli businesses right now that's kind of their main operation. And they're doing something called hack and lock and leak. With a lock and leak, what they're doing is they're deploying ransomware. They don't care about getting a ransom payment. They're just doing it to disrupt the target. And then they're leaking information that they steal during that operation that brings embarrassment. It brings compliance, regulatory, legal impact for that particular entity. So it's disruptive >> The chaos creators that's.. >> Well, you know I think they're trying to create a they're trying to really impact the legitimacy of some of these targets and the trust that their customers and their partners and people have in them. And that is psychological warfare in a certain way. And it, you know is really part of their broader initiative. Look at some of the other things that they've done they've hacked into like the missile defense system in Israel, and they've turned on the sirens, right? Those are all things that they're doing for a specific purpose, and that's not China, right? Like as you start to look at this stuff, you can start to really understand what they're up to. Russia very much been busy targeting NATO and NATO countries and Ukraine. Obviously the conflict that started in February has been a huge focus for these threat actors. And then as we look at North Korea, totally different. They're doing, there was a major crypto attack today. They're going after these crypto platforms, they're going after DeFi platforms. They're going after all of this stuff that most people don't even understand and they're stealing the crypto currency and they're using it for revenue generation. These nuclear weapons don't pay for themselves, their research and development don't pay for themselves. And so they're using that cyber operation to either steal money or steal intelligence. >> They need the cash. Yeah. >> Yeah. And they also do economic targeting because Kim Jong Un had said back in 2016 that they need to improve the lives of North Koreans. They have this national economic development strategy. And that means that they need, you know, I think only 30% of North Korea has access to reliable power. So having access to clean energy sources and renewable energy sources, that's important to keep the people happy and stop them from rising up against the regime. So that's the type of economic espionage that they're conducting. >> Well, those are the big four. If there were big five or six, I would presume US and some Western European countries would be on there. Do you track, I mean, where United States obviously has you know, people that are capable of this we're out doing our thing, and- >> So I think- >> That defense or offense, where do we sit in this matrix? >> Well, I think the big five would probably include eCrime. We also track India, Pakistan. We track actors out of Columbia, out of Turkey, out of Syria. So there's a whole, you know this problem is getting worse over time. It's proliferating. And I think COVID was also, you know a driver there because so many of these countries couldn't move human assets around because everything was getting locked down. As machine learning and artificial intelligence and all of this makes its way into the cameras at border and transfer points, it's hard to get a human asset through there. And so cyber is a very attractive, cheap and deniable form of espionage and gives them operational capabilities, not, you know and to your question about US and other kind of five I friendly type countries we have not seen them targeting our customers. So we focus on the threats that target our customers. >> Right. >> And so, you know, if we were to find them at a customer environment sure. But you know, when you look at some of the public reporting that's out there, the malware that's associated with them is focused on, you know, real bad people, and it's, it's physically like crypted to their hard drive. So unless you have sensor on, you know, an Iranian or some other laptop that might be target or something like that. >> Well, like Stuxnet did. >> Yeah. >> Right so. >> You won't see it. Right. See, so yeah. >> Well Symantec saw it but way back when right? Back in the day. >> Well, I mean, if you want to go down that route I think it actually came from a company in the region that was doing the IR and they were working with Symantec. >> Oh, okay. So, okay. So it was a local >> Yeah. I think Crisis, I think was the company that first identified it. And then they worked with Symantec. >> It Was, they found it, I guess, a logic controller. I forget what it was. >> It was a long time ago, so I might not have that completely right. >> But it was a seminal moment in the industry. >> Oh. And it was a seminal moment for Iran because you know, that I think caused them to get into cyber operations. Right. When they realized that something like that could happen that bolstered, you know there was a lot of underground hacking forums in Iran. And, you know, after Stuxnet, we started seeing that those hackers were dropping their hacker names and they were starting businesses. They were starting to try to go after government contracts. And they were starting to build training offensive programs, things like that because, you know they realized that this is an opportunity there. >> Yeah. We were talking earlier about this with Shawn and, you know, in the nuclear war, you know the Cold War days, you had the mutually assured destruction. It's not as black and white in the cyber world. Right. Cause as, as Robert Gates told me, you know a few years ago, we have a lot more to lose. So we have to be somewhat, as the United States, careful as to how much of an offensive posture we take. >> Well here's a secret. So I have a background on political science. So mutually assured destruction, I think is a deterrent strategy where you have two kind of two, two entities that like they will destroy each other if they so they're disinclined to go down that route. >> Right. >> With cyber I really don't like that mutually assured destruction >> That doesn't fit right. >> I think it's deterrents by denial. Right? So raising the cost, if they were to conduct a cyber operation, raising that cost that they don't want to do it, they don't want to incur the impact of that. Right. And think about this in terms of a lot of people are asking about would China invade Taiwan. And so as you look at the cost that that would have on the Chinese military, the POA, the POA Navy et cetera, you know, that's that deterrents by denial, trying to, trying to make the costs so high that they don't want to do it. And I think that's a better fit for cyber to try to figure out how can we raise the cost to the adversary if they operate against our customers against our enterprises and that they'll go someplace else and do something else. >> Well, that's a retaliatory strike, isn't it? I mean, is that what you're saying? >> No, definitely not. >> It's more of reducing their return on investment essentially. >> Yeah. >> And incenting them- disincening them to do X and sending them off somewhere else. >> Right. And threat actors, whether they be criminals or nation states, you know, Bruce Lee had this great quote that was "be like water", right? Like take the path of least resistance, like water will. Threat actors do that too. So, I mean, unless you're super high value target that they absolutely have to get into by any means necessary, then if you become too hard of a target, they're going to move on to somebody that's a little easier. >> Makes sense. Awesome. Really appreciate your, I could, we'd love to have you back. >> Anytime. >> Go deeper. Adam Myers. We're here at Fal.Con 22, Dave Vellante, Dave Nicholson. We'll be right back right after this short break. (bouncy music plays)

foreign okay we're back at Falcon 2022 crowdstrike's big user conference first time in a couple of years obviously because of kova this is thecube's coverage Dave vellante and Dave Nicholson wall-to-wall coverage two days in a row Michael Rogers the series the newly minted vice president of global alliances at crowdstrike Michael first of all congratulations on the new appointment and welcome to the cube thank you very much it's an honor to be here so dial back just a bit like think about your first hundred days in this new role what was it like who'd you talk to what'd you learn wow well the first hundred days were filled with uh excitement uh I would say 18 plus hours a day getting to know the team across the globe a wonderful team across all of the partner types that we cover and um just digging in and spending time with people and understanding uh what the partner needs were and and and and it was just a it was a blur but a blast I agree with any common patterns that you heard that you could sort of coalesce around yeah I mean I think that uh really what a common thing that we hear at crowdstrike whether it's internal is extra external is getting to the market as fast as possible there's so much opportunity and every time we open a door the resource investment we need we continue to invest in resources and that was an area that we identified and quickly pivoted and started making some of those new investments in a structure of the organization how we cover Partners uh how we optimize uh the different routes to Market with our partners and yeah just a just a it's been a wonderful experience and in my 25 years of cyber security uh actually 24 and a half as of Saturday uh I can tell you that I have never felt and had a better experience in terms of culture people and a greater mission for our customers and our partners you'll Max funny a lot of times Dave we talk about this is we you know we learned a lot from Amazon AWS with the cloud you know taking something you did internally pointing it externally to Pizza teams there's shared responsibility model we talk about that and and one of the things is blockers you know Amazon uses that term blocker so were there any blockers that you identified that you're you're sort of working with the partner ecosystem to knock down to accelerate that go to market well I mean if I think about what we had put in place prior and I had the benefit of being vice president of America's prior to the appointment um and had the pleasure of succeeding my dear friend and Mentor Matthew Pauley um a lot of that groundwork was put in place and we work collectively as a leadership team to knock down a lot of those blockers and I think it really as I came into the opportunity and we made new Investments going into the fiscal year it's really getting to Market as fast as possible it's a massive Target addressable market and identifying the right routes and how to how to harness that power of we to drive the most value to the marketplace yeah what is it what does that look like in terms of alliances alliances can take a lot of shape we've we've talked to uh service providers today as an example um our Global Systems integrators in that group also what what is what does the range look like yeah I mean alliances at crowdstrike and it's a great question because a lot of times people think alliances and they only think of Technology alliances and for us it spans really any and all routes to Market it could be your traditional solution providers which might be regionally focused it could be nationally focused larger solution providers or Lars as you noted service providers and telcos global system integrators mssps iot Partners OEM Partners um and store crouchstrike store Partners so you look across that broad spectrum and we cover it all so the mssps we heard a lot about that on the recent earnings call we've heard this is a consistent theme we've interviewed a couple here today what's driving that I mean is it the fact that csos are just you know drowning for talent um and why crowdstrike why is there such an affinity between mssps and crowdstrike yeah a great question we um and you noted that uh succinctly that csos today are faced with the number one challenge is lack of resources and cyber security the last that I heard was you know in the hundreds of thousands like 350 000 and that's an old stat so I would venture to Guess that the open positions in cyber security are north of a half a million uh as we sit here today and um service providers and mssps are focused on providing service to those customers that are understaffed and have that Personnel need and they are harnessing the crowdstrike platform to bring a cloud native best of breed solution to their customers to augment and enhance the services that they bring to those customers so partner survey what tell us about the I love surveys I love data you know this what was the Genesis of the survey who took it give us the breakdown yeah that's a great question no uh nothing is more important than the feedback that we get from our partners so every single year we do a partner survey it reaches all partner types in the uh in the ecosystem and we use the net promoter score model and so we look at ourselves in terms of how we how we uh rate against other SAS solution providers and then we look at how we did last year and in the next year and so I'm happy to say that we increased our net promoter score by 16 percent year over year but my philosophy is there's always room for improvement so the feedback from our partners on the positive side they love the Falcon platform they love the crowdstrike technology they love the people that they work with at crowdstrike and they like our enablement programs the areas that they like us to see more investment in is the partner program uh better and enhanced enablement making it easier to work with crowdstrike and more opportunities to offer services enhance services to their customers dramatic differences between the types of Partners and and if so you know why do you think those were I mean like you mentioned you know iot Partners that's kind of a new area you know so maybe maybe there was less awareness there were there any sort of differences that you noticed by type of partner I would say that you know the areas or the part the partners that identified areas for improvement were the partners that that uh either were new to crowdstrike or they're areas that we're just investing in uh as as we expand as a company and a demand from the market is you know pull this thing into these new routes to Market um not not one in particular I mean iot is something that we're looking to really blow up in the next uh 12 to 18 months um but no no Common Thread uh consistent feedback across the partner base speaking of iot he brought it up before it's is it in a you see it as an adjacency to i-team it seems like it and OT used to never talk to each other and now they're increasingly doing so but they're still it still seems like different worlds what have you found and learned in that iot partner space yeah I mean I think the key and we the way we look at the journey is it starts with um Discovery discovering the assets that are in the OT environment um it then uh transitions to uh detection and response and really prevention and once you can solve that and you build that trust through certifications in the industry um you know it really is a game changer anytime you have Global in your job title first word that comes to mind for me anyway is sovereignty issues is that something that you deal with in this space uh in terms of partners that you're working with uh focusing on Partners in certain regions so that they can comply with any governance or sovereignty yeah that's that's a great question Dave I mean we have a fantastic and deep bench on our compliance team and there are certain uh you know parameters and processes that have been put in place to make sure that we have a solid understanding in all markets in terms of sovereignty and and uh where we're able to play and how that were you North America before or Americas uh Americas America so you're familiar with the sovereignty issue yeah a little already Latin America is certainly uh exposed me plenty of plenty of that yes 100 so you mentioned uh uh Tam before I think it was total available Market you had a different word for the t uh total addressable Mark still addressable Market okay fine so I'm hearing Global that's a tam expansion opportunity iot is definitely you know the OT piece and then just working better um you know better Groove swing with the partners for higher velocity when you think about the total available total addressable market and and accelerating penetration and growing your Tam I've seen the the charts in your investor presentation and you know starts out small and then grows to you know I think it could be 100 billion I do a lot of Tam analysis but just my back a napkin had you guys approaching 100 billion anyway how do you think about the Tam and what role do Partners play in terms of uh increasing your team yeah that's a great question I mean if you think about it today uh George announced on the day after our 11th anniversary as a company uh 20 000 customers and and if you look at that addressable Market just in the SMB space it's north of 50 million companies that are running on Legacy on-prem Solutions and it really provides us an opportunity to provide those customers with uh Next Generation uh threat protection and and detection and and response partners are the route to get there there is no doubt that we cannot cover 50 50 million companies requires a span of of uh of of of a number of service providers and mssps to get to that market and that's where we're making our bets what what's an SMB that is a candidate for crowdstrike like employee size or how do you look at that like what's the sort of minimum range yeah the way we segment out the SMB space it's 250 seats or endpoints and below 250 endpoints yes right and so it's going to be fairly significant so math changes with xdr with the X and xdr being extended the greater number of endpoints means that a customer today when you talk about total addressable Market that market can expand even without expanding the number of net new customers is that a fair yeah Fair assessment yep yeah you got that way in that way but but map that to like company size can you roughly what's the what's the smallest s that would do business with crowdstrike yeah I mean we have uh companies as small as five employees that will leverage crowd strike yeah 100 and they've got hundreds of endpoints oh no I'm sorry five uh five endpoints is oh okay so it's kind of 250 endpoints as well like the app that's the sweets that's it's that's kind of the Top Line we look at and then we focus oh okay when we Define SMB it's below so five to 250 endpoints right yes and so roughly so you're talking to companies with less than 100 employees right yeah yeah so I mean this is what I was talking about before I say I look around the the ecosystem myself it kind of reminds me of service now in 2013 but servicenow never had a SMB play right and and you know very kind of proprietary closed platform not that you don't have a lot of propriety in your platform you do but you they were never going to get down Market there and their Tam is not as big in my view but I mean your team is when you start bringing an iot it's it's mind-boggling it's endless how large it could be yeah all right so what's your vision for the Elevate program partner program well I I look at uh a couple things that we've we've have in place today one is um one is we've we've established for the first time ever at crowdstrike the Alliance program management office apmo and that team is focused on building out our next Generation partner program and that's you know processes it's you know uh it's it's ring fencing but it's most important importantly identifying capabilities for partners to expand to reduce friction and uh grow their business together with crowdstrike we also look at uh what we call program Harmony and that's taking all of the partner types or the majority of the partner types and starting to look at it with the customer in the middle and so multiple partners can play a role on the journey to bringing a customer on board initially to supporting that customer going forward and they can all participate and be rewarded for their contribution to that opportunity so it's really a key area for us going forward Hub and spoke model with the center of the that model is the customer you're saying that's good okay so you're not like necessarily fighting each other for for a sort of ownership of that model but uh cool Michael Rogers thanks so much for coming on thecube it was great to have you my pleasure thank you for having me you're welcome all right keep it right there Dave Nicholson and Dave vellante we'll be right back to Falcon 22 from the Aria in Las Vegas you're watching thecube foreign [Music]

(intro music) >> Hi, everybody, we're back. Dave Vellante and Dave Nicholson. We're covering Fal.Con 22. This is CrowdStrike's big user conference. CrowdStrike is a very hot company, as you probably know started on endpoint security, expanding into another, a number of other areas trying to build the next great generational company in cybersecurity. Michael Sherwood is here. He's the chief innovation and technology officer for the city of Las Vegas. >> Got to love that. >> Thanks so much for coming to theCUBE. >> Welcome! >> Yeah, we got to love that. I mean, if it weren't for Las Vegas, I'm not sure where we would have our CUBE events, but so thank you for hosting us. >> Thank you for being here. This is awesome. It's a great day and a lot of people, and it's exciting to see everything that's going on here. >> Yeah, the city is booming. Obviously the convention, the conference business is booming. Tech is a big part of that but there's so many other industries that come to Las Vegas. Talk about your role, really interesting, chief innovation, technology officer, CTO. Tell us about what you do day to day. >> Kind of all over the place. But a lot of it has to do with day to day technology within the organization. So managing all the different technology components. When you start looking at any city, it's a lot of different companies inside of it. Think of fire service as a different company. They all have different missions. And so our technology needs are expansive. So while we have operational IT, we also have our innovation unit. Innovation unit works on next generation technology. So Las Vegas was one of the first cities in the United States to have a autonomous vehicle drive in mix-flow traffic, meaning it was out there with, driving along cars. We're also the first city to have an accident in a autonomous vehicle. That happened on day two. (Vellante laughing) So, there's always a lot of firsts in Las Vegas, but. >> Despite the grid. >> Despite the grid, you know. But even today, so that was in 2017, when we first started working with autonomous vehicles. Up until today, where you have the ability, anybody in Las Vegas, including yourselves right after the show can go ahead and use Lyft, go outside and hail an autonomous taxi to come pick you up and drive you up and down the strip. Those vehicles actually communicate with our infrastructure. So the innovation is, how do cities work with private companies to start building next generation amenities, next generation technologies? And so that happens a lot of times. People don't realize. They come to Las Vegas for entertainment, and now we're known for sports but we do have a lot of technology here that permeates through the entire community. >> So I'm from Boston. We're trying to get the smart traffic lights, we're not quite there yet. But I was at a session, Dave you'll appreciate it, it was John Rose, who was the CTO. He was the CTO of, he's a CTO of Dell Technologies now. And the mayor of Boston, we were talking about the vision for a smart city. But Boston and I mean talk about, a challenge for building a smart city. So when I come out here, it's like amazing to me to see the technology that's there. So as a CTO and innovation officer, you've got a playground where... Now, of course you have legacy infrastructure, you've got technical debt, but you also have, in certain cases, an opportunity and more latitude to get creative. So what are some of the cool things that you're working on that you're really excited about? >> There's a lot of things I'm excited about. It's just great being in this city. But a lot of the things that we're excited about here in the next year to two years, we have an innovation district. So not a lot of cities have this but Downtown around the Fremont Street Experience, there's a corridor there that covers government, covers entertainment, medical. And so this innovation district is where we test out new technologies. So some of the things we're testing out, computer vision. So we're, our smart parks program is how do we provide better security and enjoyment of those amenities without providing physical labor to constantly patrol. And so we're using cameras and vision and different types of AI algorithms to kind of manage the park. And while we're doing that, we're also getting data back on how often is the park used? Are the facilities, are the sprinklers going on during the day? Water's a big deal here. And so those type of projects. Again, autonomy is still huge, vehicle autonomy, still working on driving those next generation changes where you'll actually have a driverless vehicle. Right now, there's a safety driver in a lot of the autonomous vehicles. Even the one I talked about earlier, you have the, while the vehicles driving itself, for safety reasons, there's still a human driver in the seat. But as we go forward in the next year to two, that >> That's soon. >> is getting ready to change. I believe that's soon. You can quote it here, you heard it here first. >> Wow. >> But that would be coming up. You got drones as well. We've already started looking at a few types of drone delivery systems. It may not be too far away. Your pizza or maybe some other item that you want is delivered in the general area. Probably not in the hotel corridor but in the outside areas of the city. I just think there's a lot of, again, we're building amenities for the future. We really want people to understand that Las Vegas is not just a place to come visit, but it's a place to live and have fun and be part of a community. >> So from an academic perspective, what you just described is a highly ambidextrous organization, right? >> Yes. >> Because you're not just worried about keeping the lights on, but you're also looking at innovation. How did your organization get to this place? What you're describing is sort of the gold standard that any organization public or private would seek to implement. How did you get there? >> Baby steps, small steps. It all started back when there was the Smart Cities Challenge. So we were not selected as the finalist. We were in the, I think top 15 at the time but we didn't give up on it. And we continued to move forward. The pandemic helped us do things. When you ask, what do I do? Well, my normal job is running the day to day infrastructure. I also see my role as economic development to help bring companies here and bring new ideas. We have a great community, diverse and ready to do things. But when you take, talk about the innovation and the technology and what we're doing. Like I said, during a pandemic, we came up with the idea of, Hey, we don't want to send our building inspectors or our inspectors in the people's homes, one for the inspector's health and one for the citizen's health. So we used normal tools. We took an iPhone and made it a virtual inspector. So now if you get a new water heater, you can actually do your inspection via like a FaceTime. And you hold your phone up around the water heater. We can view it, we record the video, save it, and boom give you an inspection remotely. And so you build on it. So how do you get, I wouldn't quite say we're the gold. I appreciate, we're moving there, that's the bar. You've laid out the bar for us, but we're moving in that direction. But it's building on one win and not all of our things that we've deployed. We can talk about those as well. Some of the things like trash can sensors, we looked at doing, which would monitor when the trash can was full or empty, just didn't pan out. So a lot of the times I talk about the wins a lot not as much about the things that didn't pan out. >> So what're the big challenges, generally of building out a smart city and then specifically around cyber? >> So there's, community acceptance number one. Las Vegas, I'm very lucky cameras are everywhere. So there's not as much resistance to using video technology. But a lot of times it's just getting the constituents, getting people to understand the value of what we're trying to do. Not everybody is interested in autonomous vehicles or believes they're ready for that. But when you start looking at the increments, more than any other city I know, the community here is so robust and so supportive of bringing on these technologies. Look, what other city do you know that builds new buildings and knocks them down five years later to build something new again? Or, who has a volcano in the middle of their downtown? So different things like that. But when you start looking at all the advancements we're making, you brought up one of the biggest concerns. When people ask me, what keeps you up at night? It's not the autonomous vehicle not performing, its the cyber, it's the cyber issues that go along with becoming more advanced. And as you bring innovation in, you start bleeding the lines of what's government, what's private. And then how do you continue to have the data transmission between these multiple entities? How do you keep the endpoint secure? And that is something that you learn as you go, but it's always out there. And endpoint security and security in general is a huge, huge area. >> And how about the data? You were talking before about you can get actually approval for an inspection. That's data, it's video data. How have you changed the way in which you're using data? What are you doing with that data? How do you leverage it? How do you secure it? >> It's all great questions. One of the things we've undertaken is called an open data initiative. So we have an open data portal. It's opendata.lasvegasnevada.gov, where we publish a lot of the data sets that we collect. If it's air quality, if it's ambulance runs, and we make that data available. A lot of that is, one for the public for transparency, two though, it's, we hope enables the private sector to build apps off of the data that we have. A lot of times, you either you have the data but you don't have the app or you have the app, but no data. So in our way, it's trying to help the community build up new ideas. Our push has been moving to the cloud a lot. So we're pushing a lot more data into the cloud where before I think a lot of governments keep a lot of that internal, but obviously look, the cloud's here to stay and it's not going anywhere. And so now it's more about as we migrate, using our partners, our relationship with CrowdStrike, to start securing not only our endpoints but start looking at the cloud space as well. And then we have this new technology. It's not really new, but edge compute. You've heard a lot of, there's different people talking about it. When you start talking about autonomous vehicles, autonomous delivery, drones. We own a large private wireless network. A lot of data now is computed at the edge and we're only taking the metadata and sending it up to the cloud. So it becomes rather complicated with security being at the forefront. >> Yeah, so that very small portion of the actual amount of data that's created goes back but it's such a massive amount of data. It's not to trivialize it, it's still a lot. And some of it is probably ephemeral. Do you persist at all? Or probably not. >> Not always, I mean. A lot of it, what we're learning is, it's a learning process as you go through this smart city or what we call just basically emerging into, 'cause I believe all cities are smart. Not one city smarter than another necessarily. So I'm not really a fan of the term smart city. It's more in line with me as we're building amenities for the future and building amenities for people. And a lot of that is built upon data and then built upon providing things that citizens want. And we all know, we all live somewhere and we live there because it's safe community, it has good education, good infrastructure whatever it might be. And so we're trying to build out that smart community to be as many things as we can to as many people. >> Yeah, that's fair. And there's automation, there's certainly machine intelligence that's heavily involved. Of course, you talking autonomous. Now I understand your work transcends the city of Las Vegas into the broader state of Nevada helping make Nevada a safer state. What's that all about? >> So we have a great partnership. One of the great things, I come from California, so a rather large state. Here in Nevada, it's a very close knit state. So we have a lot of communications with the state. We get to work with them very closely. One of the initiatives we've been working on is how do we, a lot of organizations spend a lot of time doing cybersecurity for just their organization. So it's focused internal on the employees that might work in that organization. We're kind of now looking outwards and saying, how do we not only do that for our internal government employees but how do we involve the entire community? One of the things is, is Las Vegas over 40,000 conventions per year. You're here a lot. What happens in Vegas stays in Vegas and a lot of people bring malware with them and it stays here. We're trying to educate people. We do a lot in government to help people with police and fire and services. What is local government doing to help the community prepare for the next generation of cyber threats and issues? So our initiative is really working with the community, bringing in CrowdStrike and other partners to help us not only work with small business, but work with those entrepreneurs as well as the midsize businesses. >> So what do you do with Crowd? You got the cool little CrowdStrike, not CrowdStrike, but you got the red splash in your lapel. Very cool cuff links, I noticed that you have there. I love the red. >> Little poker chips there. >> They're Very nice, very nice. >> They're very cool. So what do you do with CrowdStrike? >> So CrowdStrike is one of our major components in our security posture. We use them as endpoint protection. I can tell you a quick story. I know my CISO's listening probably was going to cringe now when I tell this story, but our journey with CrowdStrike has been amazing. We deployed the product and when that first week of deployment, we had a malicious actor and CrowdStrike was able to catch it. I would probably would not be here today with you two gentlemen if it wasn't for CrowdStrike. That's not an endorsement it's just a, that's a fact of how things rolled out. But we depend on CrowdStrike and their capabilities to ensure the safety of our digital assets. >> You wouldn't be here 'cause we, it used to be failure means fire. Is that what you mean? >> That's what I mean. I'm not going to, I don't like to use that word in my terminology, but basically failure is not an option in my job. It's just not there. >> Well, it's funny, we had Kevin Mandy on early, he was like, look I started my company in 2004 with the assumption that breaches will happen, you are going to get breached. >> Yes >> So that's why I say, I think there was a day when, if you got breached, oh, you're fired. Well that, then everybody got breached. So I think that that sentiment changing 'cause CrowdStrike saying that the unstoppable breach is a myth. Well, we're not there yet, but. >> I'd say damage control now. At least we have a little bit more control but, again, look, government is about trust. And so when you have that trust level, from my perspective, I keep a high standard and try to prevent any loss of data or any type of malicious activity from happening. I hope the mayor's listening and she doesn't fire me if anything would happen, but you know. >> You got a fun job. How'd you get into this? >> It was a great opportunity. I worked in law enforcement prior to here. I was a Deputy Police Chief in city of Irvine. I oversaw technology as part of that role. I've always loved Las Vegas, always liked the energy of the city and I had a great opportunity to apply and I applied and was lucky enough to be selected. I have a great team that supports me. >> Deputy Police Chief, it sounds like, what you just described, the technology role. You had an operations role essentially, is that right? >> Correct. And so kind of gave me a lot of insights and really helped me, as you progress in government, having different roles in your portfolio makes you a little bit more adaptive and it's kind of, it helps in, especially now with so much video and cameras prevalent in cities, having that law enforcement role, understanding a little of the legal aspects and understanding some of the, what law enforcement wants kind of makes that bridge from technology to the actual end user. >> A really interesting story, Michael. Thanks so much for sharing on theCUBE, appreciate it. >> Thank you for having me here. >> You're very welcome. All right, keep it right there. Dave Nicholson and Dave Vellante will be back from Las Vegas at the Aria from Fal.Con 22. You're watching theCUBE. (outro music)

>> Welcome back to FalCon 2022. This is Dave Vellante. We get a special presentation segment for you today. This is Walter Wall day one of day two's cube coverage. JC Herrera is here, he's my designated cohost. He's the chief human resource officer at CrowdStrike. Craig Neri is to my left. He's the beneficiary and the beneficiary trustee and ambassador of, of operation Motorsport and former US air force. Thank you for your service. >> Thank you. >> And Diezel Lodder, who is CEO and co-founder of operation Motorsport. Gents, welcome to the cube. Thanks so much for coming on. >> Thank you, Great to be here >> JC, set this up for us. Explain your role, explain the corporate giving, the whole student connection, and the veterans, take us through that. >> Yeah, sure. Yeah, so as, as head of HR, one of the one of the things that we do is, is help manage part of the corporate giving strategy. And, and one of those things that, that we love to do is to also invest in students and in our veterans, it's just a part of our giving program. So this partnership with operation Motorsport is really critical to that. And if you want to dive a little bit deeper into that we just see that there's a gigantic skills gap in cybersecurity. And so when we, when there's over millions of open roles around the world and 700,000 of them in the us alone, we've got to go close that gap. And so our next gen scholarships that come out of the, are giving funds are, are awarded to students who are studying cyber security or AI. And the other side of that, is that this partnership with operation Motorsport then, we get the opportunity to do some internships with veterans through operation Motorsport as well. >> The number is 700,000 now, but pre pandemic I remember number 350, 350,000. It's, it's doubled now just in the US, amazing. All right, diezel, tell us about the mission of operation Motorsport like who are the beneficiaries let's get into it. >> So operation Motorsport engages ill, injured wounded service members, those that are medically retiring from the service or disabled veterans these individuals will be taken out of their units. They lose their team identity, their purpose. And, and what we do is those that apply to the program and have a desire to work around shiny objects and fast cars and all the great smells or just car guys or gals that we have some of those as well. They, we, we bring them onto the teams as beneficiaries. So embed them into a race team and give them opportunity to find something new. We're a recovery program. We're not about, you know, finding jobs for these folks. It's about networking and getting out of that, you know out of the dark places where some of them end up going because this is a, a huge change for them. And, and in doing so, we now expose them to CrowdStrike. You know, that's, that's one of the new relationships that, that we have where potentially if they want to they can pursue new opportunities in areas like cybersecurity. >> And they're chosen through an application process you're, I, I'm inferring. >> Yep. They just go online and say, you know through word of mouth or through a friend or through the, the USO and other organizations, they go online and they click the apply here and they fill it out. And, our beneficiary trustee Craig, and calls them up and says, Hey, tell me about what you're looking for. And, and we, we pair them up with the race team. >> And Craig you're also a, a beneficiary in addition to being the beneficiary trustee. So explain that, what's your story? >> Right. So I started in this organization as a beneficiary. I was the one that hit the button on the website. And, and then a few minutes later, I got a phone call from then Tiffany Lodder, Diezel's wife, who's our executive director in the organization. And, and I had that same conversation that I now have with beneficiaries today. I did a, I did a full season with them last year in 2021 as a beneficiary. But at the end I realized how big of an impact that this has with folks. Transition can be very difficult, especially if they're ill injured or wounded. And so I asked if I could help if I could give back cause it meant such, it had such a big impact on me. I'd like to, to help other veterans as well. >> Can I ask you what made you hit that button? What made you apply? >> Oh, that's a great question. So I was one of the very fortunate ones that had a transition coach. I was in the military for 29 years and had a lot of great connections in the military and, and was connected to a coach, a transition coach and just exploring, you know what that, what that would look like and she was the one who say, why don't we, why don't we explore this passion of Motorsports that you have? My family had been going to, to Motorsports events for you know, 50 years. And so, so I thought back, all right, this is I like this idea. Let's, let's pursue this. So a quick Google search and operation Motorsport popped up and I hit the button. >> And what programs are available in operation Motorsport? >> And so, Diezel kind of outline, outlined it. We have basically three different programs. We have the, our immersion program, which is exactly what Diezel described, where we take that veteran and we actually immerse them in a race team they're doing the, exactly what I was doing, doing tires and fuel and whatever the team needs them to do. We also have our E-motor sports program where folks who can't do the immersion program, immersion program is takes a pretty big time commitment sometimes. And so, they just don't have the capacity or abilities to be able to do those. We could put them in our E-motor sports program where they can do it all virtually. we're actually, we have a season going on right now where we're, we have veterans racing in that E-motor sports program. And then we have a, the diversionary therapy program where we have a, a Patriot car corral set up at all these tracks so, they can go out with like-minded individuals and spend the day out there with those folks, other veterans. And we do pit, pit tours and, and we get 'em out on the track for a little bit of a, you know, highway speeds nothing ridiculous, but we, we been doing some highway speeds. So we have a, a few, few different ways for them to be involved. >> So, so the number three is like a splash in the pond whereas number one's the, like full immersion. >> Yeah, correct, yes. >> And so what are you doing in the full immersion? What is, what is that like? I mean you're literally changing tires and, and you're, >> Yeah. You name it. >> In the, you're, you're in that sort of sphere of battle, if you will. >> The beauty of this is we could take somebody's capabilities and skill set and we can match it to whatever that looks like on a race team. Some people come in and have no experience whatsoever. And so we find a team that needs, you know, that has a development opportunities where they could come in, their, their initial job might be to fuel fuel cans or, you know, take tires off the car or wipe the car down, it's little things in the beginning. And then slowly as they start to grow and learn then they take on bigger roles. But we also have different positions. They can be immersed in, in teams, but they can also be immersed in the series. So we have folks that are doing like tech inspections. We have folks that are doing race control up in the, up in the tower, directing race operations. So, we have lots of opportunities, tons of potential. We, we foster those relationships and take the folks and whatever their capabilities and, and abilities are and find the right position for them. >> Think, thinking about your personal experience, how, how did it, how would you say it affected you? >> Yeah, um, to understand that you really have to understand military transition. And I think that's where a lot of the folks that have never experienced this really struggle. transition from the military is really difficult. And it's really difficult, even if you're, if you're not broke and, or you don't have some kind of illness or injury but, you add that factor into it at the same time and it could be extremely difficult. And that's why we see like the 22 a day suicide rates with veterans, it's very, very high, Right? And so when you, when you come into this program, it's, it is a little bit of a leap of faith, right? This is very new experience for somebody, right? For somebody like myself who had 29 years of experience in the military, very senior person in the military. And now you're at the bottom of the totem pole and trying to figure it all out again, it's, it's a it's a big jump. But, what you realize really quickly is a lot of the things that you experience in the military you experience in that paddock, same exact things, lots of, small team environment, lots of diversity, lots of challenges, lots of roadblocks ups downs, you, you'd deploy just like you would deploy in, in the military you bring the cars to a track, you execute a mission then you pack it up and bring it home. So it's, there's so many similarities in the process. >> I mean, yeah. Diezel hear, hearing Craig explained that there are, the similarities sound very clear, but, but, but how did how'd you come up with this idea? (Diezel laughs) It makes sense now in retrospect, but, somebody just said Hey, you know, we have this and we have this and we can marry them or... >> No, not really. And it, it's a funny story because I always said, I, I, I don't believe in reinventing the wheel I believe in stealing the car. And so there's a sister organization that we have in the UK called mission Motorsport. And, and, and they invented this five years before we did. And, and they were successful. And I was, you know, through, through friendships and opportunities, I got to witness it in, in 2016. So went over to, to Wales in, in the UK and, and watched it in action. And we were there for one race weekend, race of remembrance which is where we go back to we'll be going back to November, taking 13 beneficiaries over to race in our own race team for a 12 hour race. And that's a whole other story but that's where it all started. You know, we, we saw the opportunities and said, wow they're changing lives through recovery, you know through Motorsport and the similarities and what they were achieving, our initial goal was let's just come back and do this again next year, because we need to bring north American transitioning members over to, to witness this and take part. And then fast forward, we said, why stop there? And we, stood up an organization. Now, I'll tell you that the organization is not what it was the initial vision, this not where, I mean I never imagine that we get to this point this day especially with the announcement this morning, you know with the partnership with CrowdStrike, it it's huge for us but, we've evolved into something that was very similar to the initial vision. And that was, helping, helping medically transitioning service members with their own personal struggles and recovery. You know, the reason we call it operation Motorsport is because operations have no beginning and no end and our, and what we do makes us so different in that we're not a one and done, we take care of these guys. Even when they become alumni, they, they still come back. They, they come back to volunteer they come back to check in their friends and, and all kinds, it's really, really neat. >> And, and JC of course CrowdStrike has an affinity for Motorsports, right? You got the logo on the Mercedes. You, you've got the safety car at this. I think it's called the safety car, right? >> That's it, yeah. >> So, okay. So that's an obvious connection, but, but where did the idea germinate for this partnership? >> There's so many things, but first and foremost, I think that the, the values of CrowdStrike and those of operation motors were very much aligned. If you think about it, we, we focus a lot on teamwork. There's no way we do these jobs without the teamwork part. We all love data. These guys are all in the data all the time trying to figure out, you know, what your adversaries are doing. So there's that kind of component to it. And I'd say the last bit is critical thinking. So when we think about our organizations and how well aligned they are, that was a, that was a no brainer. And into the other side of it, we get the opportunity to do mentorship programs. I mean, I think both ways, hopefully I get invited to the Patriot corral at some point I can go, go work on a car but, we'll do those both ways or mentorship opportunities. If folks from operation Motorsport win a team up with a CrowdStrikers. >> Do you ever get to drive the car? Or is that just an awful question? >> No, it's a good question. Actually I do from the from the track to the pits at, you know, very slow speeds. >> They don't let you out on the track? >> That's right, no, I don't get to go out the track. >> Diezel You ever, you ever drive one of these? >> I, I, I, I've been on, on the track on, on different cars not in the race cars that, that, that that are on the team, but something that's unique in the Patriot corral, for instance, because JC brought that up, is that when we do these Patriot corrals part of that program at lunchtime is, is taking the individuals and doing parade laps. And I'll, you know, a parade lap, well, what's the fun in that? but you drive highway speeds on a racetrack and your own personal car following a pace car, that's a pretty cool experience. >> Yeah, that's very cool. Guys, congratulations on this program and all your success and all the, the giving that you do for the community and, and your peers, really appreciate you guys coming on The Cube and telling your story. >> Thanks for having us. >> Thanks for the opportunity. >> You're very welcome. All right, keep it right there everybody. Dave Vellante and Dave Nicholson, we'll be back from FalCon 2022, at the ARIA in Las Vegas. You're watching the cube. (relaxing music)

(upbeat music) >> Welcome back to Fal.Con 22. We're here at the ARIA hotel in Las Vegas. We're here in Las Vegas, a lot. Dave Nicholson, Dave Alante. Fal.Con 22, wall to wall coverage, you're watching theCUBE. Anthony Kunya is here. He's the chief information security officer at Mercury Financial. And he's joined by his deputy CISO, Alex Arengo. Welcome, gentlemen. >> Good to see you. >> Thank you very much. Good to be here. Thank you for the opportunity to speak. >> Yeah, so this is a great event. This is our first time being at the, a CrowdStrike customer event. We do a lot of security shows, but this is really intimate. We got a high flying company. Tell us first about, of Mercury Financial. What are you guys all about? >> Oh, that's a fantastic question. Let's leeway into that. So Mercury Financial is a credit card company that serves people who are near prime. So be it some kind of hardship in their life. They had something impacted, be a financial impact, maybe a medical impact, an emergency, something, a death family where somehow their credit was impacted. We give 'em the opportunity through our motto, better credit, better life, to build up that credit score to add livelihood to their ability to be financially stable. >> I mean, I think this is huge because you know, so many people it's like, okay, one strike and you're out. >> Right. >> You know, that's just not right. You got- >> No, not at all. >> You got to give people another chance. And so there's so much talent out there. I think about some of the mistakes I made, Dave, when I was a younger man, but- >> No comment. >> Right. So I heard a stat today that I thought was great. Did you guys see the keynote? >> Yes. >> Of course. >> So in the keynote, the, they did the thing at Black Hat but they said what's XDR and I thought- Anthony] Oh goodness. >> My favorite, and I'm not going to ask you what XDR is. >> Okay, good, thank God. >> But my favorite answer was a holistic approach to endpoint security. And, you know, I think as a CISO you have to take a holistic approach to a security- >> Of course. >> Okay. >> Maybe talk about, a little bit about how you do that. >> Wow, a holistic approach I would say and I could, I'll give you an opportunity to speak as well, but a holistic approach it's people processes in technology. So a holistic approach would be, it isn't one box that you check. It's not a technology that is a silver bullet that fixes anything. Those technologies, those services are implemented by people. So good training, our human firewall, the forefront of implementing those technologies to build those processes and incorporate people and a level of sincerity and integrity that we build. So I feel like a holistic approach is both cyber culture to build the cyber resilience program that we so dearly need. >> And I could spend all day talking about security organizations, SecOps, DevSecOps, data SecOps, et cetera, but, but Alex, how, what is your role as the deputy CISO? How do you compliment what Anthony does? >> I got to bring it all together, right? So technically, what are we putting in place? What are the requirements that these stakeholders have? Their needs, their wants. We all have something that we need and want in our environment as an employee, as a customer, as a stakeholder. How do do we get that to market? How can we get it there quickly? You know, and it's really about finding the partners that can get us there, right? That can leverage us, that can force multiply us. >> Yes. >> You know, give my people more time to get the work done, the good work. >> Right, the hard work, of course. >> So paint a picture. You know, we hear a lot about all the different, the bevy of tools, the, how complicated CISOs tell us all the time, that we just don't have enough talent. We're looking for partners to help us compromise, but paint a picture of your environment and how you guys use CrowdStrike. >> Oh, that's a good one. Do you want to take this one? >> Great one, right? I mean, we leverage CrowdStrike at every way we can. We're a Fal.Con complete customer. So they're an extension of our team. They're an extension of our SOC right? >> Yeah. >> We leverage them for many things. We leverage them to understand the risk in our environment. Where we're at in zero trust. How we can really bring a lot of the new processes that the business wants to market, right? How can we get there as fast as possible? Can we make it secure, right? I'm a Mercury card customer also. So I'm, I have a vested interested in that. And I like to drive that, that's, so it comes down to can you align your holistic approach, or your organizational goals and bring that to a really good security product that is world class? >> And I can add a little bit to that as well. So I look at it as a triangle. So we leverage Fal.Con complete as that first level, tier one triage, people who do and understand the product extremely well, we leverage them quite a bit. We also have a VSOC service that we have this like, consider tier two or the middle of the triangle, by Verse, right? >> Yeah. >> Fantastic boutique security company that just has been working with us year over year, innovation, strategic initiatives, always there to play. And then Alex Arengo, and the threat management team, is our top tier, that's tier three, that's the top of the pyramid. By the time it bubbles up to Alex, that's when the real work happens, everyone's triaging, collecting data, putting together pieces. And then Alex and his teammates, and people that he's trained, fantastic, comes and puts it all together and paints a picture so we can then take that information and describe it in layman's terms, simple terms, to the business, to make them understand the level of risk, what we have to do to get to, and through that attack, or that indication of compromise, et cetera, so that we can remediate it, rectify it. >> Right, it's building that security culture foundation, right? It's getting everyone to buy into that. >> Yeah. >> It's a holistic approach and it's really the best way to do it, right? You get bought in from the stakeholders understand what they need to do, and what the goals of the business are. And it really works really well >> We journey together. >> We build a program together. >> Dave, I think that that cultural aspect is critical. Cause I've said many times, bad user behavior trumps good security every time. >> Yeah, absolutely. >> Oh goodness. >> Every time. >> Nicely put, I like that. >> So, I know we're early in the week still, but we did have the keynote. Is there anything that you are hearing, in terms of vision, that peaks your interest specifically, and then also sort of the follow up question is, are you guys kind of like lifeguards who can't ever relax at the beach? >> That's why I have a deputy CISO. Well, nobody can take time off, we have to share this. Of course we do. Most definitely. What would you say would be the next, most innovative thing that were looking for? >> Yeah, what's the next big thing, as far as you're concerned? >> The next biggest thing is definitely building the relationships we have. As we bring in new technologies, we go even more Cloud native. How do we leverage that expertise, that of the partners that we're bringing on board like Zscaler, CrowdStrike, Verse, right? How do we make them a part of the team, and make them perform, bring that world class quality talent across the spectrum, you know, from DevOps to that security analyst, picking up the phone and saying, I'm not really sure what's going on, but there's a culture that's built there where everybody comes to the table to feed, right? We all eat together. >> The ecosystem. >> Yes. >> That is the tooling that we leverage day in and day out. That's how we sleep at night. We have to pick our partners. >> You know, we talked about the ecosystem up front, and you look around, you can see the ecosystem and it's growing. >> Yes. >> And I predict it's going to grow a lot more. >> Yes. >> That's, and it has to, right? I mean, exactly what you're saying is that no one company can do it alone. And we heard, you know, we heard, it is confusing. You hear CrowdStrike's doing Identity, but then they partner with Okta. Right, and they're here out on the floor. So that's what you guys need. Talk a little bit more about the importance of ecosystem and partnerships from your perspective. >> Oh I got a good one for this. So I use the metaphor of having a restaurant. So we run a restaurant really well. We know what we want in the menu. We have a chef, we know how we want to put together, but we need excellent ingredients. You make muffins well. Bring your muffin into the restaurant. That brings and builds that rapport. That I want the menu to be rich and empower people to come in and say, you know, I've never had scallops or octopus before, I hear you guys make it better than anyone else, well, our ingredients are fantastic. Therefore, no matter what we do when we present it, it's perfect, it's palatable. >> Yeah. That's great. You're not making ice cream, but you're serving it. >> I can't, if you ever want to show us. >> We're just converging our bakery, you know? >> Yeah, yeah, yeah, salt, salt is the key. >> We're just working the bakery part out, yeah. >> Okay, I want to ask you about Cloud because you know, in 2010, 2011, when you talk to a financial services firm, Cloud, no, that's an evil word, now everybody's Cloud first. George Kurts talks about how, I mean essentially CrowdStrike is dogmatic. We are Cloud native. We have a Cloud native architecture. I know Gartner has this term CNAP or Cloud native application platform. So what does the Cloud mean to you guys? How does it fit in? What does Cloud native architecture do for you? >> It lets us converge everything we've been talking about. How do we, you know, that's a really big struggle that all security teams are having at, having today. How do I converge threat intelligence? How do I converge the environment that I'm in? How do I converge the threat intel that's coming in, right? All this, you're getting, security teams are constantly on a swivel, right? They're looking left, they're looking right. They're trying to identify what to do first. And you bring in the right partners. >> Yes. >> And you get in, you build the right program. You cement that culture internally. And it really provides dividends. >> You know what I think as well, Dave, is in the past, everyone was more data center based. >> Right. >> The Cloud was like a thing we'd forklift, we'd move over, we were born in the Cloud. So Cloud native Application protection is something that we need and will drive innovation. Will align with our strategic initiatives. We need people to think like the Cloud is what's happening. Super Cloud, some of the things that we spoke about. >> Yeah, so I was at, when we were at reinforced, I had this new mental model emerge, and it sort of hit me in the face. And you tell me, I'd love to talk to practitioners to say, yeah, that makes sense or, no, that's crap. So it seems like the Cloud has become the first line of defense for CISOs. Now you're Cloud first or Cloud native, so, okay. But then now you've got the shared responsibility model. And I don't know if you use multiple Clouds. Do you use multiple Clouds? >> We cannot say. >> Cannot say, okay, let's assume for a second, your, some of your colleagues, CISO colleagues, use multiple Clouds. >> They should, okay, sure. >> Now they've got multiple shared responsibility models. Now you've got also the application development team. They're being asked to be the pivot point to actually execute, they got to secure the platform. They got to secure the containers, their run time. >> Workloads, yes. >> And then you got audit behind you is kind of the last line of defense. So things are shifting. Describe sort of the organizational dynamic that you see, not necessarily specific to Mercury Financial, or that would be cool, but generally in the industry. >> Oh, I would say, I could say this, that having Cloud, multitenancy Cloud or the super Cloud model where we could abstract our services our protection, the different levels of security tooling, being able to abstract and speak a common language where you could run in Azure, GCP or AWS, and still have a common language that you can interpret and leverage between all the tooling would be something I would love to see. >> That's Super Cloud >> A magical, that is that. >> That is a Cloud interpreter essentially. >> I think we use different words, but yes. >> A PAs layer, super PAs layer, sorry to take it too far. >> Yeah, like, I want to be able to abstract it and speak a language that would work in any of the- >> What does that do for you as a technology practitioner? >> Well, imagine if you had to speak three different languages with three different people, get lost in translation. If we could speak a common language across all the different platforms and all the different footprints, it would be easier to define our security posture. Where are we? Are we secure? You might say security groups in AWS, it might be, mean something else, but it's still a level of protection that surrounds the end point, right? Something that would abstract that level would be very fun. Very good for me. >> It's, you know, it's pretty easy to understand your use case for this. When you're talking about here we are, Mercury Financial, you have the most sensitive financial information about people, right? >> Right, absolutely. >> A data breach where all of the information about your customers getting out there on the dark web. Right? Heart attack time. >> Instantly. >> What are some things that people might not think about though, that are going on in your world? What would surprise someone who maybe isn't a security specialist in terms of the things that you're dealing with as far as threats are concerned? >> I'm going to leave that on you. >> Can you think of some examples of things that you could, you know, obviously generic examples. >> Right. >> Yes. >> I'm going to point to the number one and two most common ways that applications and businesses are getting owned right now. And that's misconfigurations on your web app or a vulnerable application or phishing. And those are both very important things, right? A lot of development teams, they want to get things to market as soon as possible. And maybe security's on the back foot. It's about building that culture and to, you know, being Cloud native helps you have a, you can provide different tool sets to your organization that helps you understand that posture and makes you help those business decisions. Are we in a good posture to go forward right now? That's a big question that I think most security organizations need to ask themselves and the need to hold other stakeholders accountable. >> So phishing and the concept of social engineering, still alive and well? >> Oh, goodness. >> Always. >> Everything starts with people. The human firewall has to be front of mind. Security can't be an afterthought or a bolt on, that's something that you think about, well, I guess if I have to meet our compliance, it doesn't work with us. >> Comes back to the culture that you're actually talking about before. >> 100%, yeah, cyber resiliency starts with cyber culture. >> Kevin Mandy has said it today. I, never underestimate the adversary. The adversary- >> Of course. >> Is highly capable, motivated, big ROI and it just keeps getting bigger. The more technology gets embedded into our lives. The more lucrative hacking becomes. >> And more attack vectors. We have more areas that we could be potentially penetrated. >> They have a lot of time. Those threat actors have a lot of time. >> They do have a lot of time, yeah. >> Right. >> Right and to your point, you're constantly on the swivel. Right, you don't have time. >> Right. >> No, we don't. >> So do your responsibilities touch on things like fraud detection as well? >> Yeah, oh, that- >> Is that a silly question? I'm thinking- >> Yeah, no, it really is, so- >> No, not at all. >> Or there isn't segregation between what we would think of as IT and the credit card transaction that fires up a red flag. >> Those are integrated. >> It's definitely important. And in any business, right? Is to, like I mentioned, I use this word a lot converge, right? It's converging that intel, that fraud intelligence and making it into a process where we're reducing the risk and the losses that the business is incurring. >> Yes. >> It's so important, right? That we build that culture within the fraud teams, the operational teams, the, you know really anybody who has a really large stake in whatever the business product is. And, you know, being Cloud native, bringing in the right partners, building that security culture. I mean, that's the biggest one. >> Yeah, we've flown. >> It's last and definitely not least, it is, the culture's where you need to be. >> Absolutely. >> You know, you guys, I'm sure, you know, work with a lot of different vendors, a lot of tools, or sometimes the tools are point tools, they're best to breed. CrowdStrike says it wants to be a generational company. >> Oh, yeah. >> It says this notion of an unstoppable breach is a myth. You guys can't live that way. You have to assume you're going to breach but can CrowdStrike be a generational company? >> I think they've proven themselves. They've been around over a decade now. it's 11 years. They just had their birthday yesterday, right? >> Yeah. >> Or anniversary, the company started? >> Yeah. 11 years, yeah. >> I absolutely, and I also agree to add it a little bit part, from the fraud part. I think CrowdStrike would be an integral piece of the overall solution that we have. It hits so many different aspects and looks at so many different potential attack vectors. I keep using that word, but I think integrating fraud in other parts and other functions of the business will start to see that they can leverage CrowdStrike. That there's tooling within CrowdStrike innovatively, like ahead of the game. And I always like that about CrowdStrike, being way ahead of the game and thinking in front of our adversaries. I think other departments will be like, what tools do you have, how can we use them? This is fantastic, this makes us feel better. We don't have to worry about that. We can focus in on what we're good at and build that best of breed solution. So fraud can focus on fraud and you can leverage the tooling and the infrastructure that we provide them together holistically to build a security program that's beyond reproach. >> Guys, we got to go, great perspectives. Always love having the practitioners on. >> Yeah, thank you. >> I really appreciate your time, thank you. >> Yeah, absolutely, always a pleasure. Thank you so much for your time. >> Anthony, Alex, Dave and Dave will be right back, right after this short break. You're watching theCUBE from Fal.Con 2022 from the ARIA in Las Vegas. >> Cheers my friend. >> Yeah, of course. (cheerful music)

(soft music) >> Welcome back, everyone. theCube's live coverage. Day two here at VMware Explore. Our 12th year covering VMware's annual conference formally called Vmworld, now it's VMware Explore. Exploring new frontiers multi-cloud and also bearing some of the fruit from all the investments in cloud native Tanzu and others. I'm John Furrier with Dave Vellante. We have the man who's in charge of a lot of that business and a lot of stuff coming out of the oven and hitting the market. Ajay Patel, senior vice president and general manager of the modern applications and management group at VMware, basically the modern apps. >> Absolutely. >> That's Tanzu. All the good stuff. >> And Aria now. >> And Aria, the management platform, which got social graph and all kinds of graph databases. Welcome back. >> Oh, thank you so much. Thanks for having me. >> Great to see you in person, been since 2019 when you were on. So, a lot's happened since 2019 in your area. Again, things get, the way VMware does it as we all know, they announce something and then you build it and then you ship it and then you announce it. >> I don't think that's true, but okay. (laughs) >> You guys had announced a lot of cool stuff. You bought Heptio, we saw that Kubernetes investment and all the cloud native goodness around it. Bearing fruit now, what's the status? Give us the update on the modern applications of the management, obviously the areas, the big announcement here on the management side, but in general holistically, what's the update? >> I think the first update is just the speed and momentum that containers and Kubernetes are getting in the marketplace. So if you take the market context, over 70% of organizations now have Kubernetes in production, not one or two clusters, but hundreds of clusters, sometimes tens of clusters. So, to me, that is a market opportunity that's coming to fruition. Sometimes people will come and say, Ajay, aren't you late to the market? I say, no, I'm just perfectly timing it. 'Cause where does our value come in? It's enterprise readiness. We're the company that people look to when you have complexity, you have scale, you need performance, you need security, you need the robustness. And so, Tanzu is really about making modern applications real, helping you design, develop, build and run these applications. And with Aria, we're fundamentally changing the game around multicloud management. So the one-two punch of Tanzu and Aria is I'm most excited about. >> Isn't it true that most of the Kubernetes, you know, today is people pulling down open source and banging away. And now, they're looking for, you know, like you say, more of a robust management capability. >> You know, last two years when I would go to many of the largest customers, like, you know, we're doing good. We've got a DIY platform, we're building this. And then you go to the customer a year later, he's got knocked 30, 40 teams and he has Log4j happen. And all of a sudden he is like, oh, I don't want to be in the business of patching this thing or updating it. And, you know, when's the next shoe going to fall? So, that maturity curve is what I was talking about. >> Yeah. Free like a puppy. >> Ajay, you know, mentioned readiness, enterprise readiness and the timing's perfect. You kind of included, not your exact words, but I'm paraphrasing. That's a lot to do with what's going on. I mean, I'll say Cloud Native, IWS, think of the hyper scale partner, big partner and Google and even Google said it today. You know, the market world's spinning in their direction. Especially with respect to VMware. You get the relationship with the hyperscalers. Cloud's been on everyone's agenda for a long time. So, it's always been ready. But enterprise, you are customer base at VMware, very cloud savvy in the sense they know it's there, there's some dabbling, there's some endeavors in the cloud, no problem. But from a business perspective and truly transforming the VMware value proposition, is already, they're ready and it's already time now for them, like, you can see the movement. And so, can you explain the timing of that? I mean, I get enterprise readiness, so we're ready to scale all that good stuff. But the timing of product market fit is important here. >> I think when Raghu talks about that cloud first to cloud chaos, to cloud smart, that's the transition we're seeing. And what I mean by that is, they're hitting that inflection point where it's not just about a single team. One of the guys, basically I talked to the CIO, he was like, look, let's assume hypothetically I have thousand developers. Hundred can talk about microservices, maybe 50 has built a microservice and three are really good at it. So how do I get my thousand developers productive? Right? And the other CIO says, this team comes to me and says, I should be able develop directly to the public cloud. And he goes, absolutely you can do that. You don't have to come through IT. But here's the book of security and compliance that you need to enforce to get that thing in production. >> Go for it. >> Go for it. >> Good luck with that. >> So that reality of how do I scale my dev developers is turning into a developer experience problem. We now have titles which says, head of developer experience. Imagine that two years ago. We didn't talk about it. People start, hey, containers Kubernetes. I'm good to go. I can go get all the open source technology you talked about. And now they're saying no. >> And also software supply chains, another board that you're think. This is a symptom of the growth. I mean, open source is the software industry. That is, I don't think debatable. >> Right. >> Okay. That's cool. But now integration becomes vetting, trust, trusting codes. It's very interesting software time right now. >> That's right. >> And how is that impacting the cloud native momentum in your mind? Accelerating it? What inning are we in? How would you peg the progress? >> You know, on that scale of 1 to 10, I think we're halfway marked now. And that moved pretty quickly. >> It really did. >> And if you sit back today, the kinds of applications we're involved in, I have a Chicago wealth management company. We're building the next generation wealth management application. It's a fundamental refactoring of the legacy application. If you go to a prescription company, they're building a brand new prescription platform. These are not just trivial. What they're learning is the lift and shift. Doesn't work for these major applications. They're having to refactor them which is the modernization. >> So how specifically, are they putting some kind of abstraction layer on that? Are they actually gutting it and rewriting it? >> There's always going to be brownfield. Remember the old days of SOA? >> Yeah, yeah. >> They are putting APIs in front of their main systems. They're not rewriting the core banking or the core platform, but the user experience, the business logic, the AIML capability to bring intelligence in the platform. It's surrounding the capability to make it much more intuitive, much more usable, much more declarative. That's where things are going. And so I'm seeing this mix of integration all over again. Showing my age now. But, you know, the new EAI so is now microservices and messaging and events with the same patterns. But again, being much more accelerated with cloud native services. >> And it is to the point, it's accelerated today. They're not having to freeze the code for six months or nine months and that which would kill the whole recipe for failure. So they're able to now to fast track their modernization. They have to prioritize 'cause they got limited resources. But how are you guys coming up to that? >> But the practice is changing as well, right? Well, the old days, it was 12, 18 months cycle or anything software. If you heard the CVS CIO, Rohan. >> Yeah. >> Three months where they started to engage with us in getting an app in production, right? If you look at the COVID, 10 days to get kind of a new application for getting small loans going with Pfizer, right? These are dramatically short term, but it's not rewriting the entire app. It's just putting these newer experiences, newer capability in front with newer modern developer practices. And they're saying, I need to do it not just once, but for 100, 200, 5,000 members. JPMC has 50,000 developers. Fifty thousand. They're not a bank anymore. >> We just have thousands of apps. >> Exactly. >> Ajay, I want to get your thoughts on something that we've been talking about on our super cloud event. I know we had an event a couple weeks ago, you guys were one of our sponsors, VMware was. It was called super cloud where we're defining that this next gen environment's a super cloud and every company will have a super cloud capability. And underneath that is cross cloud capabilities. So, super cloud is like a super set on top of a multi-cloud. And little word play or play on words is, ecosystem partners versus partners in the ecosystem. Because if you're coming down to the integration side of things, it's about knowing what goes what, it's almost like building an OS if you're a coder or an operating systems person. You got to put the pieces together right, not just go to the directory and say, okay, who's got the cheapest price in DR or air gaping or something or some solution. So ecosystem partners are truly partners. Partners in the ecosystem are a bunch of people out on a list. How do you see that? Because the trend we're seeing is, the development process includes partners at day one. >> That's right. Not bolt-on. >> Completely agree. >> Share your thoughts on that. >> So let's look at that. The first thing I'm hearing from my customers is, they're trying to use all the public clouds as a new IS. That's the first API or contract infrastructures code IS. From then on they're saying, I want more and more portable services. And if you see the success of some of the data vendors and the messaging vendors, you're starting to see best of breed becoming part of the platform. So you are to identify which of these are truly, you know, getting market momentum and are becoming kind of defacto leaders. So, Kafka goes hand in hand with streaming. RabbitMQ from my portfolio goes with messaging. Postgres for database. So these are the, in your definition, ecosystem partners, they're foundational. In the security space, you know, Snyk is a common player in terms of scanning or Aqua and Prisma even though we have Carbon Black. Those become partners from a container security perspective. So, what's happening is the industry stabilizing a handful of critical players that are becoming multi-cloud preference of choice in this. And our job is to bring it all together in a all coordinated, orchestrated manner to give them a platform. >> I mean, you guys always had ecosystem, but I think that priority more than ever. It wasn't really your job at VMware, even, Dave, 10 years ago to say, hey, this is the strategic role that you might play one partner. It was pretty much the partners all kind of fed off the momentum of VMware. Virtualization. And there's not a lot of nuance there. There's pretty much they plug in and you got. >> So what we're doing here is, since we're not the center of the universe, unfortunately, for the application world, things like Backstage is a developer portal from Spotify that became open source. That's becoming the place where everyone wants to provide a plugin. And so we took Backstage, we said, let's provide enterprise support for Backstage. If you take a technology like, you know, what we have with Spring. Every job where developer uses Spring, how do we make it modern with Spring cloud. We work with Microsoft to launch a service with Azure Spring Enterprise for Spring. So you're starting to see us taking communities where they have momentum and bringing the ecosystem around those technologies. Cluster API for Kubernetes, for have you managed stuff. >> Yeah. >> So it's about standard. >> Because the developers are voting with their clicks and their code repos. And so you're identifying the patterns that they like. >> That's right. >> And aligning with them and connecting with them rather than trying to sell against it. >> Exactly. It's the end story with everyone. I say stop competing. So people used to think Tanzu is Kubernetes. It's really Tanzu is the modern application platform that runs on any Kubernetes. So I've changed the narrative. When Heptio was here, we were trying to be a Kubernetes player. I'm like, Kubernetes is just another dial tone. You can use mine, you can use OpenShift. So this week we announced support for OpenShift by Tanzu application platform. The values moving up, it's around outcomes. So industry standards, taking lead and solving the problem. >> You know, we had a panel at super cloud. Dave, I know you got a question. I'll get to you in a second. But the panel was the innovator's dilemma. And then during the event, one of the panelists, Chris Hoff knows VMware very well, Beaker on Twitter, said it should be called the integrators dilemma. Because the innovations here, >> How do you put it all together? >> But the integration of the, putting the piece parts together, building the thing is the innovation. >> And we come back and say, it's a secure software supply chain. It starts with great content. Did you know, I published most of the open source content on every hyperscaler through my Bitnami acquisition. So I start with great content that's curated. Then I allow you to create your own golden images. Then I have a build service that secures and so on and so forth and we bring the part. So, that opinionated solution, but batteries included but you can change it is been one of our key differentiator. We recognize the roles is going to be modular, come back and solve for it. >> So I want to understand sort of relationship Tanzu and Aria, John was talking about, you know, super cloud before we had our event. We had an earlier session where we help people understand that Aria was not, you know, vRealize renamed. >> It's rebranded. >> And reason I bring that up is because we had said it around super cloud, that one of the defining characteristics was, sorry, super PaaS, which is a specific purpose built PaaS layer designed to support your objective for multi-cloud. And speaking to a lot of people this week, there's a federated architecture, there's graph relationships, there's real time ability to ingest and analyze. That's unique. And that's IP that is purpose built for what you're doing. >> Absolutely. When I think what came out of all that learning is after 20 years of Pivotal and BA and what we learned that you still need some abstraction layer. Kubernetes is too low level. So what are the developer problems? What are the delivery problems? What are the operations and management problems? Aria solves all the operations and management problem. Tanzu solves a super PaaS problems. >> Yes. Right. >> Of providing a consistent way to build great software and the secure software supply chain to run on any infrastructure. So the combination of Tanzu and Aria complete the value chain. >> And it's different. Again, we get a lot of heat for this, but we're saying, look, we're trying to describe, it's not just IAS, PaaS, and SaaS of last decade. There's something new that's happening. And we chose the name super cloud. >> And what's the difference? It's modular. It's pluggable. It fits into the way you operate. >> Whereas PaaS was very prescriptive. If you couldn't fit, you couldn't jump down to the next level. This is very much, you can stay at the abstraction level or go lower level. >> Oh, we got to add that to the attribute. >> We're recruiting him right now. (laughs) >> We'll give you credit. >> I mean, funny all the web service's background. Look at an app server. You well knew all about app servers. Basically the company is an app. So, if you believe that, say, Capital One is an application as a company and Amazon's providing all the CapEx, >> That's it. >> Okay. And they run all their quote, old IT spend millions, billions of dollars on operating expenses that's going to translate to the top line called the income statement. So, Dave always says, oh, it's on the balance sheet, but now they're going to go to the top line. So we're seeing dynamic. Ajay, I want to get your reaction to this where the business model shift if everything's tech enabled, the company is like an app server. >> Correct. >> So therefore, the revenue that's generated from the technology, making the app work has to get recognized in the income. Okay. But Amazon's doing all, or the cloud hyperscale is doing all the heavy lifting on the CapEx. So technically it's the cloud on top of a cloud. >> Yes and no. The way I look at it, >> I call that a super cloud. >> So I like the idea of super cloud, but I think we're mixing two different constructs. One is, the cloud is a new hardware, right? In terms of dynamic, elastic, always available, et cetera. And I believe when more and more customer I talk about, there's a service catalog of infrastructure services. That's emerging. This super cloud is the next set of PaaS super PaaS services. And the management service is to use the cloud. We spend so much time as VMware building clouds, the problem seems, how do you effectively use the cloud? What problems do we solve around digital where every company is a digital company and the product is this application, as you said. So everything starts with an application. And you look at from the lens of how you run the application, what it costs the application, what impact it's driving. And I think that's the change. So I agree with you in some way. That is a digital strategy. >> And that's the company. >> That's the company. The application is the company. >> That's the t-shirt. >> And API is the currency. >> So, Ajay, first of all, we love having you in theCube 'cause you're like a masterclass in multiple dimensions. So, I want to get your thoughts on the abstraction layer. 'Cause we were also talking earlier in theCube here as well as before. But abstraction layers happen when you have major movements in markets that are game changing or major inflection points because you've reached a complexity point where it's working so great, this new thing, that's too complex to reign it in. And we were quoting Andy Grove by saying, "let chaos reign then reign in the chaos". So, all major industry moments go back 30, 40 years happen with abstractions. So the question is is that, you can't be a vendor, we've observed you can't be a vendor and be the abstraction. Like, if Cisco's running routers, they can't be the abstraction layer. They have to be the benefit of the abstraction layer. And if you're on the other side of the abstraction layer, you can't be running that either. >> I like the way you're thinking about it. Yeah. Do you agree? >> I completely agree. And, you know, I'm an old middleware guy. And when I used to say this to my CEO, he's like, no, it's not middleware, it's just a new middleware. And what's middleware, right? It's a thing between app and infrastructure. You could define it whatever we want, right? And so this is the new distributed middleware. >> It's a metaphor and it's a good one because it does a purpose. >> It's a purpose. >> It creates a separation but then you have, it's like a DMZ zone or whatever you want to call it. It's an area that things happen. >> But the difference before last time was, you could always deploy it to a thing. The thing is now the cloud. The thing is a set of services. So now it's as much of a networking problem at the application layer is as much as security problem. It's how you build software, how we design. So APIs, become part of your development. You can't think of APIs after the fact, right? When you build an API, you got to publish API because the minute you publish it and if you change it, the API's out of. So you can't have it as a documentation process. So, the way you build software, you use software consume is all about it. So to me, digital product with an API as a currency is where we're headed towards. >> Yeah, that's a great observation. Want to make a mental note of that and make that a clip. I want to get your thoughts on software development. You mentioned that, obviously software development life cycles are changing. I'll say open sources now. I mean, it's unlimited codes, supply chain issue. What's in the code, I get that verified codes going to happen. Is software development coding as much or is coding changing the notion of writing code? Or is it more glue layer you're writing. >> I think you're onto something. I call software developments composition now. My son's at Facebook or Google. They have so many libraries. So you don't no longer start with the very similar primitive, you start with building blocks, components, services, libraries, open source technology. What are you really doing? You're composing these things from multiple artifacts. And how do you make sure those artifacts are good artifacts? So someone's not sticking in security in a vulnerability into it. So, the world is moving towards composition and there are few experts who build the core components. Most of the time we're just using those to build solutions. And so, the art here is, how do you provide that set of best practices? We call them patterns or building blocks or services that you can compose to build these next generation (indistinct) >> It's interesting. >> Cooking meals. >> I agree with you a hundred percent what you're thinking. I agree about that worldview. Here's a dilemma that I'm seeing. In the security world, you've got zero trust. You know, Which is, I don't know you, I don't trust you at all. And if you're going to go down this composed, we're going to have an orchestra of players with instruments, say to speak, Dave, metaphor. That's trust involved. >> Yes. >> So you have two spectrums of issues. >> Yes. >> If software's going trust and you're seeing Docker containers getting more verifications, software supply chain, and then you got hardware I call network guys, love zero trust. Where's the balance? How do you reconcile that? Is it just decoupled? Nuance? I mean, what's the point? >> No, no. I think it all comes together. And what I mean by that is, it starts with left shifting it all the way to hands of the developers, right? So, are you starting with good content? You have providence of the stuff you're using. Are you building it correctly? So you're not introducing bad things like solar winds along the process. Are you testing it along the way of the development process? And then once in production, do you know, half the time it's configurations of where you're running the stuff versus the software itself. So you can think of the two coming together. And the network security is protecting people from going laterally once they've got in there. So, a whole security solution requires all of the above, a secure software supply chain, the way to kind of monitor and look at configuration, we call posture management or workload management and the network security of SaaS-e for zero trust. That's a hard thing. And the boundary is the application. >> All right. >> So is it earned trust model sort of over time? >> No, it's designed in, it's been a thing. >> Okay. So it's not a, >> Because it developed. >> You can bolt in afterwards. >> Because the developers are driving it. They got to know what they're doing. >> And it's changing every week. If I'm putting a new code out every week. You can't, it can be changed to something else. >> Well, you guys got guardrails. The guardrails constant is a good example. >> It stops on the configuration side, but I also need the software. So, Tanzu is all about, the secure chain is about the development side of the house. Guardrails are on the operational side of the house. >> To make sure the developers don't stop. >> That's right. >> Things will always get out there. And I find out there's a CV that I use a library, I found after the fact. >> Okay. So again, while I got here again, this is great. I want to get test this thesis. So, we've been saying on theCube, talking about the new ops, the new kind of ops that emerging. DevOps, which we believe is cloud native. So DevOps moving infrastructure's code, that's happened, it's all good. Open source is growing. DevOps is done deal. It's done deal. Developers are doing that. That ops was IT. Then don't need the server, clouds my hardware. Check. That balances. The new ops is data and security which has to match up to the velocity of the developers. Do you believe that? >> Completely. That's why we call it DevSecOps. And the Sec is where all the action is. >> And data. And data too. >> And data is about making the data available where the app meets. So the problem was, you know, we had to move the logic to where the data is or you're going to move the data where the logic is. So data fabrics are going to become more and more interesting. I'll give you a simple example. I publish content today in a service catalog. My customer's saying, but my content catalog needs to be in 300 locations. How do I get the content to each of the repos that are running in 300 location? So I have a content distribution problem. So you call it a data problem. Yes, it's about getting the right data. Whether it's simple as even content, images available for use for deployment. >> So you think when I think about the application development stack and the analytics stack, the data stack, if I can call it that, they're separate, right? Are those worlds, I mean, people say, I want to inject data and AI intelligence into apps. Those worlds have deployment? I think about the insight from the historical being projected in the operational versus they all coming together. I have a Greenplum platform, it's a great analytics platform. I have a transactional platform. Do my customers buy the same? No, they're different buyers, they're different users. But the insight from that is being now plugged in so that at real time I can ask the question. So even this information is being made available on demand. So that's where I see it. And that's most coming together, but the insight is being incorporated in the operational use. So I can say, do I give the risk score? Do I give you credit? It's based on a whole bunch of historical analytics done. And at the real time, processing is happening, but the intelligence is behind it. >> It's a mind shift for sure because the old model was, I have a database, we're good. Now you have time series database, you got graphs. Each one has a role in the overall construct of the new thing. >> But it's about at the end. How do I make use of it? Someone built a smart AI model. I don't know how it was built, but I want to apply it for that particular purpose. >> Okay. So the final question for you, at least from my standpoint is, here at VMware Explore, you have a lot of the customers and so new people coming in that we've heard about, what's their core order of operations right now? Get on the bandwagon for modern apps. How do you see their world unfolding as they go back to the ranch, their places, and go back to their boss? Okay. We got the modern application. We're on the right track boss, full steam ahead. Or what change do they make? >> I think the biggest thing I saw was with some of the branding changes well and some of the new offerings. The same leader had two teams, the VMware team and the public cloud team. And they're saying, hey, maybe VMware's going to be the answer for both. And that's the world model. That's the biggest change I'm seeing. They were only thinking of us on the left column. Now they see us as a unifying player to play across cloud native and VMware, the uniquely set up to bring it all together. That's been really exciting this week. >> All right, Ajay, great to have you on. Great perspective. Worthy of great stuff. Congratulations on the success of all that investment coming to bear. >> Thank you. >> And on the new management platform. >> Yeah. Thank you. And thanks always for giving us all the support we need. It's always great. >> All right Cube coverage here. Getting all the data, getting inside the heads, getting all the specifics and all the new trends and actually connecting the dots here on theCube. I'm John Furrier with Dave Vellante. Stay tuned for more coverage from day two. Two sets, three days, Cube at VMware Explore. We'll be right back. (gentle music)

>>Welcome back everyone to the cubes live coverage here in San Francisco for VMware Explorer. I'm John farer, Dave LAN two days of Wal three days of Wal Walker. Two sets live events got PERA, had Metabo, senior vice president and general manager of cloud management at VMware. I got it. Right. Thanks for coming on the queue. >>You got it right. Good to >>Be here. We're all smiles. Cause we were talking about your history. You once worked at loud cloud and we were reminiscent about how cloud was before cloud was even cloud. Exactly. And how, how hard it was. >>And >>It's still hard. Complexity is a big deal. And one of the segments we want to talk to you about is the announcement around aria and you see cloud manage a big part of this direction to multi-cloud yes. To tame the complexity. And you know, we were quoting Andy Grove on the cube, let chaos rain, and then rain in the chaos. Exactly. Okay. A very famous quote in tech and the theme here is cloud chaos. Yes. And so we're starting to see signs of raining in that chaos or solving complexity. And every major inflection point has this moment where yes, it gets so hard and then it kicks up to the right and grows and link gets solved. So we feel like we're in that moment. >>I couldn't agree more. And in fact, the way I say is our, our, our tagline is we make the complexity of managing cloud invisible so that you can focus on building your business apps. And you're right about the inflection point. Every time a new technology hits, you have some point of adoption and then it becomes insanely successful. And that's when the complexity hits, then you go and tame the complexity till the next technology hits. Right? That's what happens. It's happened with virtualization. Then it has happened with cloud then with containerization and now the next one will hit. And so with aria, we said, we have to fundamentally change the problem, right? We are constantly running a race of TAing, this complexity. So very excited about this announcement with which we're doing with aria. And we said, imagine if I could have a view of my environment and all the dependencies, I don't need to know everything, just the environment and its dependencies. Then I can now start solving problems and answering questions that I was unable to before. And newer technologies can keep coming and piling on, but I'll always be able to answer that, help >>Our audience understand Ari, a great name and, and what's new. Your Heka what's new from, you know, it's not just V V realize with a new name what's what's new specifically. >>Yeah. Please. No. >>Explain some people. Well, >>There's some commentary on snarky comments, but it's a product it's not a rebrand of something >>Else. It's right. It's not explain that. It's not a, yeah. So what we did is let, let me start off. Why, why we started aria? So we said, okay, native public managing environments, native public cloud environments and cloud native applications is a different ballgame, more Emeral workloads, very large scale, highly fragmented data. So we looked at that problem rounds up and said, we need to have a management solution that solves that problem focused on native public cloud and cloud native apps and the core to solving that problem was you can't just solve it for one cloud or you can't solve it for one discipline. When I say discipline, when you think about management, what do you manage? You're managing to optimize cost. You're managing to optimize performance. You're managing to optimize your security and you're managing to speed up the delivery. That is it. And so we said, we'll have a new look to this management. And what we have done with aria is we have introduced a brand new platform, which we call aria hub powered by aria graph, which allows you to deliver this man on this management challenges, by creating a map of your environment, a near real time map of your environment. And then we are able to, once we know what an application looks like and how it maps to the infrastructure, we can go and query other subsystems to tell you, what is the cost of an application? What is the performance of an application? Creating a common understanding >>This now it's a new architecture. >>I just wanted to get that out there. It's federated >>New graph database. >>Yes. It's a new architecture federated, a platform that not only gives you a map of your environment, but it federates into other sources to pull that data together. Right now, one of the data sources that it federates into is of course also we realize, yeah, yeah. Cloud health, >>You plug and >>Cloud observability. You plug everything into it. Yeah. And as part of the announcement, we didn't just announce a platform. We also announced a set of crosscutting solutions cuz we said, okay, what is the power of the platform? The big thing is it removes the swivel share management. It allows you to answer questions you couldn't answer before. And so >>Swivel share meaning going from one app to another one app logging in exactly >>Credentials in credentials. And you don't have a common understanding of app across those. So now you hire people who do integration buses, right? All kinds of cloud. So the three new end to end solutions we are announcing also in, along with the platform, these are brand new. One is something called aria guardrails. So when I have development environments today, for example, my, I do development on public cloud as well as private cloud. I have thousands of accounts, each one with its own security rules, each one with its own policies. After I initially deploy the account, it becomes a nightmare to manage that. So what aria guardrails allows you to do is set up these multi-cloud environments with the right policies. And not only is it about one time provisioning, but it is maintaining them on >>A run basis. And those credentials are also risk. Cuz you have a password on the dark web, that's exposed on one and you've got to change it. And, and there's so many things going on exactly on security, which brings me up to the point of, you know, we were talking, we're gonna see Tom later on security. We heard earlier, why wasn't security in the keynote? Oh, it's table stakes. That's what Z has said. But we're like, okay, I get that. So let's just say that security is table stakes. There's a big trend towards security as a state of something at a, at a given time. And that CSOs and CSOs are going to defensible. Yes. Meaning being defensible all the time. Yes. As an ongoing thing, which is not just running a pen test once a week. Yes. Like multiple testing, real testing. Not simulation. Yes. To be secure. Yes. So it's not about being secure. It's about having security, but defense ability is the action now not yeah. Yeah. >>Can >>You does that, how does that fit into this? Because this seems to like be in this wheelhouse of management. >>No, I think you're bringing a very important point, which is the security as a post. The fact item is no longer. Right? Right. You want to bake in security. This is a shift left of security that we talk about when you're building an application and you are deploying code in your test, you wanna say, Hey, what is the security? Is it secure? Is it meeting my guardrail? Then when you deploy it from an operations perspective, also it is a security concern. It's not just a security team's concern now. So is my configuration right? Is my configuration secure? Has, is it drifting? It's never a snapshot in time. It's constantly, you have to look at it. Is it drifting? And that is exactly what we are doing also with aria. So >>That's part of the solution you're talking about in the guardrails within being >>Able to maintain the secure configuration right now, as I said, there's always a security discipline. Yeah. Which is you are done by security teams, but you also want operations teams and development teams to enforce security in their respective practices. And that's what Ari allows you to do. >>So the question on multi-cloud comes in, okay. So this is all good. By the way, we love that shift left again, very developer. And I would argue actually we are argue on the cube. That dev ops is the development environment for cloud native. So the it operational once called ops is now in dev just saying he is, and then data ops and security ops are now the new it because that's where the hard problems are. So how do you look at the data side of it as well as security in your view of multi-cloud because you know, hybrid cloud, I can see the steady state between, you know, on premises and cloud, if it's operating cloudlike but now you're starting to look at spanning clouds. Yes. Yes. Not full spanning workloads. That's not there yet, but certainly people have multiple clouds. Yeah. But when you data seems to be the first thing spanning not necessarily the app itself, but how do you guys view that multi-cloud aspect of what you're managing? I mean, how you look at that? >>I think there are different angles to it. Right? You can look at it from the data angle and you look at it on how the, how protected a data is for us. When you look at management discipline, it is all from the perspective of configurations. Okay. If I have configured my environment correctly, then you should not be able to do something that destroys or the data. Right. So getting the configuration right. When you're developing that, getting the configuration right. When you're provisioning the app and then getting the configuration, right. Even when you're doing day two and ongoing operations, that is what we bring to the table. And to some extent, that aria visibility, that I was talking about an Ary graph, a near real time view of the configuration state and its dependencies is very critical. So now I can ask questions. Is there a misconfiguration, by the way, the answer is yes, they, yeah. >>That is a lot by the way, too, right? Yeah. >>Which, which exposes me. And then you can say, Hey, is there user activity associated with that misconfigured? Good object. Now suddenly you have go, go to a red alert. So not only something misconfigured, but there is user activity associated with the misconfigured data. You know, this is something that I have. This >>Is where AI sings beautifully because beautifully, once you have the configuration baseline done, yes. It's like securing the S3 bucket, which is like a knee has to be a like brushing your teeth. It's gotta be a habit. Exactly. It's like, you just don't even think about, you just don't leave an S3 bucket. >>It's gotta be simplified because you're, we're asking the devs now to be security pros, correct. Secure the run time, secure the paths, you know, secure the containers. And so they need help. This is not what they wake up in the morning passionate about. Right. >>But that is where the guardrails comes in. Totally. Yeah. So a a developer, why should they care? They should just say, look, I'm developing for the credit card industry. I need a PCI compliant environment. And then let us take care of defining that environment, deploying that environment, managing that environment on an ongoing basis, they should be building code. Yeah. Right. But there is a change also, which is in the past, these were like two different islands and two different views with aria graft. We also have created this unified API that a developer could query or an ops could query to create a common understanding of the environment. So you're not looking at, you know, the elephant won the trunk and the other one, the tail you're looking at it in a common way. >>Can you talk about the collaboration between tan zoo and aria portfolios? Because obviously the VMware customers are investing in tan zoo. A lot of stuff's coming outta the oven. We heard some Dave heard some stuff from Chris Wolf and he's gonna come on tomorrow. And Raghu was hinting at some other stuff. That's not yet public, but you know, this things happening, >>Things happening, lot of >>Things, you know, you know, announcements happened years ago last year. Now some fruit's coming off the tree, this is a hot product aria. It makes a lot of sense for the customers. Where's the cloud native stuff, kicking, connecting in. What's the give us the overview what's connection >>Is lots and lots of connections. So you have a beautiful Kubernetes environment and a cloud native platform. You have accelerated app development. Now you're building more apps, more microservices based apps, more fragmented data, more information. So think of aria as an envelope around all of this. So wherever you are, whether you are building an application, deploying an application, managing an application, retiring an application through that life cycle, we can bring that management. So what we are doing with Tansu is with the platform, develop and platform. Now we can hook in management with a common perspective earlier in the life cycle. I don't have to wait for it to go to production to start saying, is it secure? Is it configured? How is it performing? What is my cost trade off as a developer, I've decided to, to fix a latency issue, I'm gonna add a new region or I'm gonna scale out a particular tier. Do I know how much it'll cost me? Can I give you that right at your fingertips, potentially even within the development platform and within the ID, that's the power, right? So bringing Ary, >>Not a lot of heavy lifting on the develop. So it's pretty much almost like a query to a database or >>As simple API that they can just query as part of their development process. Yeah. So by bringing aria and Tansu and really aria en developing Tansu right. You're able to bring that power >>Developer. I just always smile because you, I remember we, we have a group called the cloud. AATI the early OG found cloud. >>AATI >>The early days of cloud. When we were talking about infrastructure as code yes. Way back when, and finally it's actually happening. So what you're describing is infrastructure's code because now there's more complexity happening under the hard and top and you know, service are being turned on and off automatically. Yes. And sometimes you might not even know what's going on. Exactly. If you have guard rail, >>But you have to discover the state, know something has turned on, understand the implication and then synthesize, synthesize it down to the insight for the user. >>You know, a lot of people have been complaining about other older companies. Like Splunks the world who have great logging technology for gen one cloud, but now these new logging logging becomes a problem. Can you talk about how you guys are handling that? Give confidence or yeah. Explain that there's everything's gonna be logged properly. Yeah. >>So, so really look, there are three disciplines that we have management. Discipl like, ultimately there are thousands of names, but it boils down to you're managing the cost. You're managing the security, you're managing the performance of your applications. That is it. Right. So what we found is when you think of these disciplines as siloed load solutions, you can't ask a simple question as what is my cost performance trade off. You can't ask a simple question as, Hey, I'm improving performance. How, what is the implication of security? And that's when you start building complex solutions that say, okay, let me collect log from here. Let me collect this from here. Then let me correlate and normalize an application definition and tell you something and then put it in a spreadsheet and put it in a spreadsheet finally for manual work. Exactly. So one of the pillars is about managing performance. >>We have very powerful capabilities today in our portfolio. Tansu observability, which is part of aria portfolio. We realize log, which is part of aria portfolio, networks, insights, and operations. So with the common, when you, when you have a common language, we have a common language. We understand each other. Similarly with Ary graph and aria hub, we have creating this common language. So once we create a common language, all the various observability and log solutions have a meaning. They have relevance. And so we are able to take the noise from all these systems and synthesize it down to what we call business insights. And that's what is one of the big announcement as part of aria, awesome take data, which we have lots of and convert it to information. >>Give us the bumper sticker on why VMware. >>Well, I I'll tell you, when you talk about various public clouds, each public cloud has their native solutions. I've got control tower, I've got cloud wash, cloud trail, different solutions, and some of the hyperscalers are also expanding their solutions to other cloud. I think VMware in a way, from a multi-cloud perspective, we are in a wonderfully neutral position. Not only do we have a wealth of technology and assets that we can bring to the game, but we can also do it evenly across all clouds. So, so look at something like cost. Do you trust one of the hyperscalers to tell you that what is the cost comparison between them and another hyperscaler? That is where the VMware value comes in? >>I think people just try to hear what the cost of one cloud. Exactly, exactly. That is often people make money doing that is a job. No, >>No, definitely. Even a single cloud. What is the cost? >>It's a cloud economist out there and we know who he is. Corey Corey, a friend of the cube. He does it for his living. So help people figure out their bill. Exactly. Just on one cloud. >>Exactly. It's one cloud. So being able, we have the unique position where, and the right sets of technologies and experiences to bring that solution to bear across multicloud. Right. Great. >>What's your vision real quick. One minute left. What's your vision for the group? What are you investing in? What's your goals? What are you trying to do? Ask you the products. New. Gonna roll that out. What's what's the plan. I >>Really, again, the biggest one, the, the, the tagline I talked about, right. I, I, I want to, you know, I'm telling customers, managing stuff is boring. Don't waste your time on it. Let us take care of it. Right? So make the cloud complexity invisible so that you can focus on building your applications and everything that we do in the business unit is targeted towards that one goal. It is not about doing more features, more capabilities. It's are you solving customers questions? And we start from question down, >>Be thank you for spending your valuable time here in the cube, explaining the new news. Appreciate it. All right. Get lunch. After the short breaks, stay more with the cube live here in San Francisco for VMware Explorer, 22. I'm John that's. Dave. >>Thank you.

(upbeat music) >> Welcome back, everyone, to theCUBE's coverage of VMware Explore 2022, formerly Vmworld. We've been covering this event since 2010. I'm with Dave Nicholson, my cohost. We've got two sets here, live for three days, breaking down all the action, what's going on in the news, what announcements, what are the partners doing, you got the VMware execs, you got the customers, and you got the partner ecosystem, which is booming. We got Darren Wolner, Senior Director of Product Management at Lumen, SASE and SD-WAN, in the midst of it all. The internet is SD-WAN, this is all rocking. Welcome to theCUBE. Thanks for coming on. >> Hey. Thanks for having me, guys. I really appreciate being here. >> Well, we know the name change LUMEN from CenturyLink. You guys have been on many times on theCUBE talking about, you know, the connective tissue. You got infrastructure, platform, now SASE. Cloud's changing. We're calling it supercloud. Some people call it multicloud. But the game is still the same. You got an on-premise environment, you got edge, could be a building. And you got now cloud-native hyperscale, cloud players, now all connecting, kind of like the old branch office days, connect here. So a lot of the same kind of concepts, but done differently. Give us the quick update from Lumen. What are you guys seeing? What are some of the big trends? >> So the quick update from Lumen is that we just launched a new service called SASE that we're extremely excited about. And this new service from Lumen takes advantage of a lot of the infrastructure that you just mentioned. So we're able to take advantage of our cloud edge 60 plus nodes to help customers move their applications closer to where they're doing business. Major performance boosts. So even though all these customers want to move the workloads to the cloud to improve their efficiency, improve their performance, we are acting quickly to make sure that that experience is a positive one. So as things are evolving and changing, so is Lumen, Aad we're pushing towards that evolution to technology. >> Take a minute to explain, just kind of set the table to the situation of how you guys relate to your customers. You mentioned SASE, which is a service I want to get into. Okay, got connectivity. What are some of the use cases? Where does SASE fit in? What is the use case with the customers? Where are you seeing the most traction? >> And you need to define SASE. It's always a party foul to use an acronym without defining it immediately after the first time you used it, so. >> Okay, so I have to recover from that foul. So, absolutely. So SASE, we view SASE as a convergence of network and security. And what we're doing with SASE is that we're delivering this package of services that are cloud based, that customers can pick and choose whichever ones they want. And that's Secure Access Service Edge. And that is what we're very excited to talk about. >> I mean, basically it's connectivity, it's application security, it's edge. So it's end-to-end. So we all get the acronym. Nice play there. But when reality comes to the customer, what is the use case that you guys are seeing the most on? Lift and shift I get. Is it lift and shift and then cloud native to on-prem? What is some of the things specifically that you guys are selling into? >> Specifically what we're seeing is we're seeing that customers, they want to evolve their networks and move to cloud environments, but not everybody's ready to do it all at the same time. That's part of the reason why SASE has become so popular right now. Because we're enabling customers to pick and choose the order in which they want to move to cloud enabled services, and we're allowing them to choose one or choose them all. And from a use case perspective, as we've just gone through COVID, and everybody knows work from home has become extremely important way of doing business, and that we want to give that flexibility. >> No one would've forecasted 100% work-from-home, VPN, move it under provisioned. (men laughing) So again, shock to the system. >> It is, it is, it is. It was, but with a solution like this, we're able to provide our customers with flexibility to run their businesses any way they want. They to be premise-based, we can support them. They want to be remote, we can support them. That is a huge use case right now. >> I mean, all joking aside, the forcing function, necessity's the mother of invention, and the pandemic really kind of changed the game. How do you guys see security evolving? Because as you look at the security, you got FourNet out there. I know you guys have a relationship with them. You got VMware. There's a lot of different tools and platforms emerging. We hear every CSO we talk to is like, hey, I want to take my 35 tools down to 24, and more platforms, and much more defensibility, not just point security. How do you discuss that with customers around the security conversation? >> So we're finding that our customers want a little bit more simplicity. You had mentioned that they want to bring down their numbers to something that's a little bit more manageable. With the service that we've just launched, we have single vendor solutions, and we're looking to simplify that path for the customer. And it's about simplicity, but it's also about optionality. We want to make sure that we can say yes to our customers. And whatever path that they want to go to, from a software perspective, we're able to support them. And the flexibility of our platform allows that to happen. >> You know, networking, Dave, we always talk about the three major pillars: networking, compute, storage. They never go away. >> No. >> They'll always be around. Networking is now front and center, especially with the abstractions going on. You're starting to see supercloud discussions. You see companies buying more cloud native, like with AWS, to take that CapEx off, but now are putting all that energy into modern application development. Which now puts pressure on, okay, well about network policies? So networking is into the fold again. It's always been there, it never left, but it's becoming different. How do you see the different conversations happening with the network component, with cloud native trend that we're seeing here? >> Well, I think the network component is really table stakes. And what's happening is, as everybody is interested in moving to the cloud, services are becoming instant, right? Digitized. But you have the network that customers are still looking for that level of support from a company like Lumen, and they know that we have a vast infrastructure. So the network conversation doesn't go away. It just evolves. What's happening is customers want to understand how they can better secure those networks. And then what's also happening is people want to use any device, anywhere, anytime. So the conversation about the network is important, but when you think about security, it's starting to move away from the network. It already has. >> There's no more perimeter. >> Exactly. So we need to be able to secure our customers wherever they are, however they want to use their devices. And for us, that path was SASE. >> So go into a little more depth in terms of how this is deployed. What is this thing that is SASE? >> Absolutely. >> Is this software living on the edge on people's servers? Does it include some sort of physical components and wizardry? >> Well... (laughs) >> Peel back-- >> Is it self-service? Is it installable? Does it need professional services? >> So, there is a little bit of wizardry. And what we put together is really an awesome digital platform where customers have the ability to go into the Lumen marketplace, and in five simple steps, purchase a SASE solution based on a few discreet choices that they need to make. And once they've provisioned that, once they've purchased that service, now they have those entitlements. We've created an all new application from the ground up called the Lumen SASE Manager where they're able to go in, take their entitlements, design, build, manage their network. So the customer can go through this journey, and it's relatively quick. And they have tons of flexibility to do that. However, if a customer prefers a seller-led journey, we're still going to help them do that as well. So really the spirit of SASE for us was to give ultimate flexibility to the customer. Consume exactly what you want, consume it the way you want to, but the simplicity factor with our digital approach I think is something that we feel is pretty game changing. >> So when one of those customers, let's say you have a campaign, thank you SASE. What are those customers thanking you for? Give me an example of what a delighted customer would point to as, "I'm really glad we made the decision to do this with Lumen." Why would they be happy? >> Why would they be happy? Because the advantage of doing this with Lumen is not only that simplified digital approach, but we're selling them essentially a cookie, right? And that cookie has two layers, and it has cream filling. And what's going on is-- >> Tastes great. >> Definitely, definitely. But everybody has different tastes, and we'll get to that in a second. But the top layer is the infrastructure that Lumen provides. And we have a vast infrastructure, 450,000 route miles of fiber, 60 plus cloud edge nodes to bring compute closer to the customer. So that's a very important layer that we're providing. And then the other layer of the cookie is the management. Different customers have different needs. Not every business looks alike. So you're going to have some businesses who have invested in their security apparatus, and they may not need enough as much help from us. So we're offering customers different levels of managed service wrapper so they can buy exactly what they need, no more, no less. So let's get to the cream filling. Everybody likes the cream filling, but not everybody likes the same kind. Every time you go down the supermarket aisle and you look at your favorite cream cookie, there's different types of flavors that are introduced from time to time. So what we want to do is to be able to say yes to our customers and give them as much variety as the cream flavors as possible. And that's where the software comes in. If you have dedicated a lot of expertise to a certain platform, we want to be able to support that software platform. And I think the flexibility of the Lumen platform and the flexibility of Lumen SASE solutions allows us to give that flexibility back. >> So you putting that wizardry at the edge, so the customer's environment, whatever they have flexes with the connectivity? >> It does, yes. >> That's what you're getting at. I mean, at the end of the day, we need the network. Everybody wants more bandwidth. >> Its not going away. >> Faster, faster, faster. >> That's right. >> We need more bandwidth. >> That's right. >> But it could be smarter. But that also implements some potential overhead. So you got to understand the end to end. That's where I think the SD-WAN interesting tie-in comes in. How do you talk to customers about that piece? Is it simply you can have your cake and eat it too, and you lose weight with Lumen? I stole that line from Victoria from VMware. I want my cake and eat it too, and I want to lose weight. >> I mean, wouldn't that be a wonderful world if we could do that? Have our cake and lose weight. >> I want to make sure. Yeah. >> But when it comes to SD-WAN, especially under our SASE umbrella, what we're looking to do is go down the road of simplicity and try to work out the amount of compute that a customer needs, and the amount of storage, I'm sorry, not storage, the amount of throughput that a customer needs. And we're getting these customers to make these decisions. They know what they have. They know what they want to run. We will consult with them. Whether they go through our digital experience, whether they go through our seller-led experience, there's always off ramps and a way to talk to a human being and make choices. So we're giving the customer enough information to make an informed decision, and we're here to support them if they need more. >> So you're customer-centric. You guys are good there. I mean, that's solid. Great track record there. I guess my final two questions are: one, how do I consume? I'm the customer. How do I consume? And what's on the roadmap going forward? I mean, look at the project management. You got the keys to the kingdom on the roadmap. And you can share if you want, but maybe you can't share some things. But what's the consumption model? Where do I find it? Is it the marketplace? Is it through channel partners and service providers? And then what's on the roadmap? >> Sure, absolutely. So you can consume this on dotcom through the Lumen marketplace. You could interact with the learn and the buy experience. And then once you've gone through that experience, you're going to consume it through the SASE manager. That's how you're going to use and interact with the service. That's how you're going to consume it. And then you're going to continue to utilize the SASE manager for reporting, access to portals, so forth and so on. You need to make a change to your service, not a problem. It's simple. You go back into the SASE manager, you add more seats to your ZTNA solution. You want to add another site, you go back into the SASE manager, you could purchase another site. We'll take care of all of it. Everything is automated. >> If you're a VMware customer, what's in it for them? >> This is great for VMware. It's the automation of the complete security stack. It's the automation of the SD-WAN portion. And we think that this total package is something that's going to be very appealing to VMware fans, VMware customers, and most importantly, when a VMware customer comes to us and says, "I have a ton of experience with VMware, and I don't want to move away from it, but I can really use the management and the infrastructure that you guys have," I'm able to say yes. >> And then you got the Aria coming out, now you got the cross-cloud, going to be very interesting. Okay, what's on the roadmap? Tell us what's the secret sauce. Reveal some secrets. >> Reveal some secrets. I dunno, there's a lot of people watching. >> They're shaking their head over there, "Don't say it! Don't say it!" (laughs) >> We have a lot of exciting things on the roadmap. I will tell you this because I think it's very important. The way we are developing services today has shifted. No longer can companies afford to roll out one product a year and wait. It takes you a year to roll that product out, and it's stale by the time it comes out, and then it takes you another year to fix it. We have moved to continuous development cycles. We are keeping track of what's going on in the market, what the hot trends are, what the hot services are, and as SASE continues to evolve, we will be able to quickly evolve. So while we do have some ideas of where we want to go on the roadmap, and I'm sure they're shaking their heads over there, what I love is we now have the ability to listen to what our customers want and act quickly. >> I call it the holy trinity. Network storage, compute, get that software intelligence at the edge which is going to be really popular. You guys are in a really perfect position. Thanks for coming on, sharing on theCUBE. >> Thank you so much, thank you. >> Okay, Darren's here on theCUBE breaking it down for Lumen, formerly CenturyLink, rebranded a few years ago. Connectivity is the key. You still got to connect, network, compute, storage, and you got the data center now, the cloud hybrid, now multicloud. This is the super CUBE, covering supercloud here at VMware Explore 2022. We'll be right back after this short break. (upbeat music)