>> From The Cube studios in Palo Alto in Boston, bringing you data driven insights from The Cube and ETR, this is Breaking Analysis with Dave Vellante. >> UiPath has always been an unconventional company. You know it started with humble beginnings. It's essentially a software development shop. Then it caught lightning in a bottle with its computer vision technology. It's really, it's simplification mantra and it created a very easy to deploy software robot system for bespoke departments so they could automate mundane tasks. You know the story. The company grew rapidly, was able to go public early this year. Now consistent with its out-of-the-ordinary approach, while other firms are shutting down travel and physical events, UiPath is moving ahead with Forward IV, it's annual user conference next week with a live audience there at the Bellagio in Las Vegas. It's also fast forwarding as a company, determined to lead the charge beyond RPA and execute on a more all-encompassing Enterprise automation agenda. Hello everyone and welcome to this week's Wikibond Cube Insights powered by ETR. In this breaking analysis and ahead of Forward IV, we'll update you in the RPA market the progress that UiPath has made since its IPO and bringing some ETR customer survey data that's contextualized the company's position in the overall market and relative to the competition. Here's a quick rundown of today's agenda. First I want to tell you theCube is going to be at Forward IV at the Bellagio next week. UiPath, this is their big customer event. It's live, it's a physical event. It's primarily outdoors. You have to be vaccinated to attend. Now, this not completely out of the ordinary. John Furrier and theCube were at AWS Public Sector this past week and we were at Mobile World Congress in one of the first big hybrid events of the year at Barcelona. We thought that event would kick of the fall event season, live event in earnest but the COVID crisis has caused many tech firms, most tech firms actually, to hit pause button. Not UiPath, they're moving ahead. They're going forward and we see a growing trend for smaller VIP events with a virtual component, topic maybe for another day. Now we've talked extensively about the productivity challenges and the automation mandate the pandemic has thrust upon us. Now, we've seen pretty dramatic productivity improvements as remote work kicked in but its brought new stresses. For example, according to Qualtrics, 32% of working moms said their mental health has declined since the pandemic hit. 15% of working dads said the same by the way. So, one has to question the sustainability of this perpetual workday. And we're seeing a continuum of automation solutions emerging and we'll talk about that today. We're seeing tons of M&A as well but now, in that continuum, on the left-side of the spectrum, there's Microsoft who in some ways, they stand alone and their Azure is becoming ubiquitous as a SaaS-Cloud collaboration and productivity platform. Microsoft is everywhere and in virtually every market, whether video conferencing, security, database, cloud, CRM, analytics, you name it. Microsoft is pretty much there and RPA is no different. With the acquisition of Softomotive last year, Microsoft entered the RTA market in earnest and is penetrating very deeply into the space, particularly as it pertains to personal productivity building on its software stake. Now in the middle of that spectrum if you will, we're seeing more M&A and that's defined really by the big software giants. Think of this domain as integrated software place. SAP, they acquired Contextere. They also acquired a company called Process Insights, Service now acquired Inttellebot. Salesforce acquired Servicetrace, we see Infor entering the frame and I would put even Pega, Pega systems in this camp. Software companies focused on integrating RPA into their broader workflows, into their software platforms and this is important because these platforms are entrenched Their well guardants of thoughts and complicated with lots of touchpoints and integration points and frankly they are much harder to automate because of their entrenched legacy. Now, on the far side of that spectrum, are the horizontal automation players and that's been let by UiPath with automation anywhere as the number two player in this domain. And I even put a blue prism in there more M&A recently announced that Vista is going to acquire them Vista also owns Tibco, they are going to merge those two companies. You know Tibco is come up with the integration play. So again I would put them in that you know, horizontal piece of the spectrum. So with that as background, we're going to look at how UiPath has performed since we last covered them and IPO and I'm going to bring in some ETR survey data to get the spending view from customers and we'll wrap up. Now, just to emphasize the importance of automation and the automation mandate, we talk about it all the time in this program. We use this ETR chart. It's a two dimensional view with net score which is the measure of spending momentum on the vertical axis and market share which is a proxy for pervasiveness in the data set that's on the horizontal axis. Now note that red dotted line, it signifies companies within elevated position on the net score vertical axis anything over that is considered pretty good. Very good. Now this shows every spending segment within the ETR taxonomy. And the four spending categories with the greatest velocity are AI, cloud, containers and RPA. And they have topped the charts for quite a while now. They are the only 4 categories which have sustained above that 40% line consistently throughout the pandemic and even before. Now the impressive thing about cloud of course is it has both spending momentum on the vertical axis and a very large market share or presence in the data set. The point is RPA is nascent still. It has an affinity with AI as a means of more intelligently identifying and streamlining process improvements. And so we expect those two to remain elevated and grow to the right together. UiPath pegs its TAM, total available market at 60 billion. And the reality is that could be understated. Okay, as we reported from the UiPath S1 analysis we did pre IPO, the company at that time had an ARR annual recurring revenue of $580 million and it was growing at 65% annually. And nearly 8000 customers at the time, a 1000 of which had an ARR in excess of a 100k. And the net revenue retention the company had was over 145%. So let's take a look at the pictures 6 months forward. We mentioned the $60 billion TAM, ARR now up over $726.5 million on its way to a billion ARR holding pretty steady at 60% growth as is NRR, net revenue retention and more then a 1000 new customers and 200 more with over a 100000 in ARR and a small operating profit which by the way exceeded the consensuses pretty substantially. Profitability is not shown here and no one seems to care anyway these days. It's all about growing into that TAM. Well that's a pretty good looking picture, isn't it? The company had a beat and a raise for the quarter earlier this month, so looking good right. Well you ask how come the stock is not doing better. That's an interesting question. So let's first look at the stocks performance on a relative basis. Here we show UiPath performance against Pega systems and blue prism, the other two publicly traded automation. Pure plays sort of in the case of Pega. So UiPath outperformed post its IPO but since the early summer Pega is been the big winner while UiPath slowly decelerated. You see Blue prism was at the lag until it was announced that it was in an acquisition talks with a couple of PE firms and the prospects of a bidding war sent that yellow line up as you can see. UiPath as you can see on the inset, has a much higher valuation than Pega and way higher than blue Prism. Pega interestingly is growing revenues nicely at around 40%. And I think what's happening is that the street simply wants more. Even though UiPath beat and raised, Wallstreet is still getting comfortable with management which is new to the public market game and the company just needs to demonstrate a track record and build trust. There's also some education around billings and multi-year contracts that the company addressed on its last earnings call. But the street was concerned about ARR for new logos. It appears to be slowing down sequentially and a notable decline in billings momentum which UiPath CFO addressed on the earnings call saying look they don't need the trade margin for prepaid multi year deals, given the strong cash position. Why give anything up. And even though I said nobody cares about profitability well, I guess that's true until you guide for an operating loss when you've been showing small profit in recent quarters what UiPath did. Then, obviously people start to care. So UiPath is in bit of an unknown territory to the street and it has a valuation, it's pretty rich. Very rich actually at 30 times revenue multiple or greater than 30 times revenue multiple. So that's why in my view, investors are being cautious. But I want to address a dynamic that we have seen with this high growth rocket chip companies. Something we talked about Snowflake and I think you are seeing some of that here with UiPath. Different model in the sense that Snowflake is pure cloud but I'm talking about concerns around ARR and from new logos and that growth in a sequential basis. And here's what's happening in my view with UiPath. You have a company that started within departments with a smaller average contract size, ACV maybe 25000, may be 50000 but not deep six figure deals. That wasn't UiPath's play. And because the company focused so heavily on simplicity and made it really easy to adapt, customers saw really fast ROI. I mean break-even in months. So we very quickly saw expansion into other departments. So when ACV started to rise and installations expanded within each customer, UiPath realized it had to move beyond a point product and it started thing about a platform and making acquisitions like Processgold and others and this marked a much deeper expansion into the customer base. And you can see that here in this UiPath chart that they shared at their investor deck, customers that bought in 2016 and 2017 expanded their spend 13, 15, 18, 20x So the LTV, life time value of the customer is growing dramatically and because UiPath is focused on simplicity, and has a very facile premium model much easier to try before you buy than its competitors it's CAC, Customer acquisition cost are likely much lower than some of its peers. And that's a key dynamic. So don't get freaked out by some of those concerns that we raised earlier because just like Snowflake what's happening is that the company for sure is gaining new customers, may be just not at the same rate but don't miss the forest through the trees I.e getting more money from their existing customers which means retention, loyalty and growth. Now speaking of forest, this chart is the dynamic I'm talking about, its an ETR graphic that shows the components of net score against spending momentum. Net score breaks down into 5 areas. That lime green at the top is new additions. Okay, so that's only 11% of the customer mentions. By the way we are talking about more than a 125 responses for UiPath. So it's meaningful, it's actually larger in this survey or certainly comparable to Microsoft. So that's just something right there. The next bar is the forest green. Forest green is what I want you to focus. That's customer spending 6% or more in the second half of the year relative to the first half. The gray is flat spending which is quite large. The pink or light red, that's spending customers spending 6% or worse, that's a 4% number. But look at the bottom bar. There is no bar, that's churn. 0% of the responders in the survey are churning. And Churn is the silent killer of SaaS companies. 0% defections. So you've got 46% spending more, nobody leaving. That's the dynamic powering UiPath right now and I would take this picture any day over a larger lime green and a smaller forest green and a bigger churn number. Okay, it's pretty good, not Snowflake good but it's solid. So how does this picture compare to UiPath's peers. Let's take a look at that. So this is ETR data, same data showing the granularity net score for Microsoft power automate, UiPath automation anywhere, Blue Prism and Pega. So as we said before, Microsoft is ubiquitous. What can we say about that. But UiPath is right there with a more robust platform. Not to overlook Microsoft, you can't but UiPath will you that the don't compete head to head for enterprise automation deals with Microsoft and may be they will over time. They do however compete head to head with automation anywhere. And their picture is quite strong as you can see here. You know as is Blue Prism's picture and even Pega. Although Blue Prism automation anywhere UiPtah and power automate all have net scores on this chart as you can see the tables in the upper right over 40%, Pega does not. But you can see Pega as a pure play RPA vendor it's a little bit of sort of apples and oranges there but they do sell RPA and ETR captures in their taxonomy so why not include them. Also note that UiPath has as I said before more mentions in the survey than power automate which is actually quite interesting given the ubiquity of Microsoft. Now, one other notable note is the bright red that's defections and only UiPath is showing zero defections Everybody else has at least little of the slims on defections. Okay, so take that as you will but its another data point, the one that is powerful nit only for UiPath but really for the entire sector. Now the last ETR data point that we want to share is the famous two dimensional view. Like the sector chart we showed earlier, this graphic shows the net score on the vertical axis that's against spending velocity and market share or pervasiveness on the horizontal axis. So as we said earlier, UiPath actually has a greater presence in the survey than the ever present Microsoft. Remember, this is the July survey. We don't have full results from the September-October survey yet and we can't release them until ETR is out of its quiet period but I expect the entire sector, like everything is going to be slightly down because as reported last week tech spending is moderated slightly in the second half of this year. But we don't expect the picture to change dramatically UiPath and power automate we think are going to lead in market presence and those two plus automation anywhere is going to show the strength in spending momentum as will most of the sector. We'll see who comes in above the 40% line. Okay, what to watch at Forward IV. So in summary I'll be looking for a few things. One, UiPath has hinted toward a big platform announcement that will deepen its capabilities to beyond being an RPA point tool into much more of an enterprise automation platform, rewriting a lot of the code Linux, cloud, better automation of the UI, you are going to hear all kind of new product announcements that are coming so I'll be listening for those details. I want to hear more from customers that further confirm what I've been hearing from them over the last couple of years and get more data especially on their ROI, on their land and expand, I want to understand that dynamic and that true enterprise automation. It's going to be good to get an update face to face and test some of our assumptions here and see where the gaps are and where UiPath can improve. Third, I want to talk to ecosystem players to see where they are in participating in the value chain here. What kind of partner has UiPath become since its IPO, are they investing more in the ecosystem, how do partners fit into that flywheel. Fourth, I want to hear from UiPath management Daniel Dines and other UiPath leaders, their exiting toddler wheel and coming into an adolescence phase or early adulthood. And what does that progression look like, how does it feel, what's the vibe at the show. And finally I'm very excited to participate in a live in-person event to see what's working, to see how hybrid events are evolving, we got to good glimpse at Mobile congress and this week in DC at public sector summit. As you know theCube is doing hybrid events for years and we intend to continue to lead in this regard and bring you the best real time information as possible. Okay, that's it for today. Remember these episodes are all available as podcasts wherever you listen, all you do is search breaking analysis podcast. We publish each week on Wikibound.com and Siliconangle.com and you can always connect on twitter @dvellante or email me at David.vellante@siliconangle.com Appreciate the comments on LinkedIn and don't forget to check out ETR.plus for all the survey data. This is Dave Vellante for theCube insights powered by ETR. Be well and will see you next time. (upbeat music)

>> Announcer: Live from San Jose, in the heart of Silicon Valley, it's theCUBE, covering DataWorks Summit 2017, brought to you by Hortonworks. >> Hi, welcome to theCUBE. We are live in San Jose, in the heart of Silicon Valley at the DataWorks Summit, day one. I'm Lisa Martin, with my co-host, George Gilbert. And we're very excited to be talking to two Robs. With Rob squared on the program this morning. Rob Bearden, the CEO of Hortonworks. Welcome, Rob. >> Thank you for having us. >> And Rob Thomas, the VP, GM rather, of IBM Analytics. So, guys, we just came from this really exciting, high energy keynote. The laser show was fantastic, but one of the great things, Rob, that you kicked off with was really showing the journey that Hortonworks has been on, and in a really pretty short period of time. Tremendous inertia, and you talked about the four mega-trends that are really driving enterprises to modernize their data architecture. Cloud, IOT, streaming data, and the fourth, next leg of this is data science. Data science, you said, will be the transformational next leg in the journey. Tell our viewers a little bit more about that. What does that mean for Hortonworks and your partnership with IBM? >> Well, what I think what IBM and Hortonworks now have the ability to do is to bring all the data together across a connected data platform. The data in motion, the data at rest, now have in one common platform, irrespective of the deployment architecture, whether it's on prim across multiple data centers or whether deployed in the cloud. And now that the large volume of data and we have access to it, we can now start to begin to drive the analytics in the end as that data moves through each phase of its life cycle. And what really happens now, is now that we have visibility and access to the inclusive life cycle of the data we can now put a data science framework over that to really now understand and learn those patterns and what's the data telling us, what's the pattern behind that. And we can bring simplification to the data science and turn data science actually into a team sport. Allow them to collaborate, allow them to have access to it. And sort of take the black magic out of doing data science with the framework of the tool and the power of DSX on top of the connected data platform. Now we can advance rapidly the insights in the end of the data and what that really does is drive value really quickly back into the customer. And then we can then begin to bring smart applications via the data science back into the enterprise. So we can now do things like connected car in real time, and have connected car learn as it's moving and through all the patterns, we can now, from a retail standpoint really get smart and accurate about inventory placement and inventory management. From an industrial standpoint, we know in real time, down to the component, what's happening with the machine, and any failures that may happen and be able to eliminate downtime. Agriculture, same kind of... Healthcare, every industry, financial services, fraud detection, money laundering advances that we have but it's all going to be attributable to how machine learning is applied and the DSX platform is the best platform in the world to do that with. >> And one of the things that I thought was really interesting, was that, as we saw enterprises start to embrace Hadoop and Big Data and Segano this needs to co-exist and inter-operate with our traditional applications, our traditional technologies. Now you're saying and seeing data science is going to be strategic business differentiator. You mentioned a number of industries, and there were several of them on stage today. Give us some, maybe some, one of your favorite examples of one of your customers leveraging data science and driving a pretty significant advantage for their business. >> Sure. Yeah, well, to step back a little bit, just a little context, only ten companies have out performed the S&P 500 in each of the last five years. We start looking at what are they doing. Those are companies that have decided data science and machine learning is critical. They've made a big bet on it, and every company needs to be doing that. So a big part of our message today was, kind of, I'd say, open the eyes of everybody to say there is something happening in the market right now. And it can make a huge difference in how you're applying data analytics to improve your business. We announced our first focus on this back in February, and one of our clients that spoke at that event is a company called Argus Healthcare. And Argus has massive amounts of data, sitting on a mainframe, and they were looking for how can we unleash that to do better care of patients, better care for our hospital networks, and they did that with data they had in their mainframe. So they brought data science experience and machine learning to their mainframe, that's what they talked about. What Rob and I have announced today is there's another great trove of data in every organization which is the data inside Hadoop. HDP, leading distribution for that, is a great place to start. So the use case that I just shared, which is on the mainframe, that's going to apply anywhere where there's large amounts of data. And right now there's not a great answer for data science on Hadoop, until today, where data science experience plus HDP brings really, I'd say, an elegant approach to it. It makes it a team sport. You can collaborate, you can interact, you can get education right in the platform. So we have the opportunity to create a next generation of data scientists working with data and HDP. That's why we're excited. >> Let me follow up with this question in your intro that, in terms of sort of the data science experience as this next major building block, to extract, or to build on the value from the data lake, the two companies, your two companies have different sort of, better markets, especially at IBM, but the industry solutions and global business services, you guys can actually build semi-custom solutions around this platform, both the data and the data science experience. With Hortonworks, what are those, what's your go to market motion going to look like and what are the offerings going to look like to the customer? >> They'll be several. You just described a great example, with IBM professional services, they have the ability to take those industry templates and take these data science models and instantly be able to bring those to the data, and so as part of our joint go to market motion, we'll be able now partner, bring those templates, bring those models to not only our customer base, but also part of the new sales go to market motion in the light space, in new customer opportunities and the whole point is, now we can use the enterprise data platforms to bring the data under management in a mission critical way that then bring value to it through these kinds of use case and templates that drive the smart applications into quick time to value. And just increase that time to value for the customers. >> So, how would you look at the mix changing over time in terms of data scientists working with the data to experiment on the model development and the two hard parts that you talked about, data prep and operationalization. So in other words, custom models, the issue of deploying it 11 months later because there's no real process for that that's packaged, and then packaged enterprise apps that are going to bake these models in as part of their functionality that, you know, the way Salesforce is starting to do and Workday is starting to do. How does that change over time? >> It'll be a layering effect. So today, we now have the ability to bring through the connected data platforms all the data under management in a mission critical manner from point of origination through the entire stream till it comes at rest. Now with the data science, through DSX, we can now, then, have that data science framework to where, you know, the analogy I would say, is instead of it being a black science of how you do data access and go through and build the models and determine what the algorithms are and how that yields a result, the analogy is you don't have to be a mechanic to drive a car anymore. The common person can drive a car. So, now we really open up the community business analyst that can now participate and enable data science through collaboration and then we can take those models and build the smart apps and evolve the smart apps that go to that very rapidly and we can accelerate that process also now through the partnership with IBM and bringing their core domain and value that, drivers that they've already built and drop that into the DSX environments and so I think we can accelerate the time to value now much faster and efficient than we've ever been able to do before. >> You mentioned teamwork a number of times, and I'm curious about, you also talked about the business analyst, what's the governance like to facilitate business analysts and different lines of business that have particular access? And what is that team composed of? >> Yeah, well, so let's look at what's happening in the big enterprises in the world right now. There's two major things going one. One is everybody's recognizing this is a multi-cloud world. There's multiple public cloud options, most clients are building a private cloud. They need a way to manage data as a strategic asset across all those multiple cloud environments. The second piece is, we are moving towards, what I would call, the next generation data fabric, which is your warehousing capabilities, your database capabilities, married with Hadoop, married with other open source data repositories and doing that in a seamless fashion. So you need a governance strategy for all of that. And the way I describe governance, simple analogy, we do for data what libraries do for books. Libraries create a catalog of books, they know they have different copies of books, some they archive, but they can access all of the intelligence in the library. That's what we do for data. So when we talk about governance and working together, we're both big supporters of the Atlas project, that will continue, but the other piece, kind of this point around enterprise data fabric is what we're doing with Big SQL. Big SQL is the only 100% ANSI-SQL compliant SQL engine for data across Hadoop and other repositories. So we'll be working closely together to help enterprises evolve in a multi-cloud world to this enterprise data fabric and Big SQL's a big capability for that. >> And an immediate example of that is in our EDW optimization suite that we have today we be loading Big SQL as the platform to do the complex query sector of that. That will go to market with almost immediately. >> Follow up question on the governance, there's, to what extent is end to end governance, meaning from the point of origin through the last mile, you know, if the last mile might be some specialized analytic engine, versus having all the data management capabilities in that fabric, you mentioned operational and analytic, so, like, are customers going to be looking for a provider who can give them sort of end to end capabilities on both the governance side and on all the data management capabilities? Is that sort of a critical decision? >> I believe so. I think there's really two use cases for governance. It's either insights or it's compliance. And if you're focus is on compliance, something like GDPR, as an example, that's really about the life cycle of data from when it starts to when it can be disposed of. So for compliance use case, absolutely. When I say insights as a governance use case, that's really about self-service. The ideal world is you can make your data available to anybody in your organization, knowing that they have the right permissions, that they can access, that they can do it in a protected way and most companies don't have that advantage today. Part of the idea around data science on HDP is if you've got the right governance framework in place suddenly you can enable self-service which is any data scientist or any business analyst can go find and access the data they need. So it's a really key part of delivering on data science, is this governance piece. Now I just talked to clients, they understand where you're going. Is this about compliance or is this about insights? Because there's probably a different starting point, but the end game is similar. >> Curious about your target markets, Tyler talked about the go to market model a minute ago, are you targeting customers that are on mainframes? And you said, I think, in your keynote, 90% of transactional data is in a mainframe. Is that one of the targets, or is it the target, like you mention, Rob, with the EDW optimization solution, are you working with customers who have an existing enterprise data warehouse that needs to be modernized, is it both? >> The good news is it's both. It's about, really the opportunity and mission, is about enabling the next generation data architecture. And within that is again, back to the layering approach, is being able to bring the data under management from point of origination through point of it reg. Now if we look at it, you know, probably 90% of, at least transactional data, sits in the mainframe, so you have to be able to span all data sets and all deployment architectures on prim multi-data center as well as public cloud. And that then, is the opportunity, but for that to then drive value ultimately back, you've got to be able to have then the simplification of the data science framework and toolset to be able to then have the proper insights and basis on which you can bring the new smart applications. And drive the insights, drive the governance through the entire life cycle. >> On the value front, you know, we talk about, and Hortonworks talks about, the fact that this technology can really help a business unlock transformational value across their organization, across lines of business. This conversation, we just talked about a couple of the customer segments, is this a conversation that you're having at the C-suite initially? Where are the business leaders in terms of understanding? We know there's more value here, we probably can open up new business opportunities or are you talking more the data science level? >> Look, it's at different levels. So, data science, machined learning, that is a C-suite topic. A lot of times I'm not sure the audience knows what they're asking for, but they know it's important and they know they need to be doing something. When you go to things like a data architecture, the C-suite discussion there is, I just want to become more productive in how I'm deploying and using technology because my IT budget's probably not going up, if anything it may be going down, so I've got to become a lot more productive and efficient to do that. So it depends on who you're talking to, there's different levels of dialogue. But there's no question in my mind, I've seen, you know, just look at major press Financial Times, Wallstreet Journal last year. CEOs are talking about AI, machine learning, using data as a competitive weapon. It is happening and it's happening right now. What we're doing together, saying how do we make data simple and accessible? How do we make getting there really easy? Because right now it's pretty hard. But we think with the combination of what we're bringing, we make it pretty darn easy. >> So one quick question following up on that, and then I think we're getting close to the end. Which is when the data lakes started out, it was sort of, it seemed like, for many customers a mandate from on high, we need a big data strategy, and that translated into standing up a Hadoop cluster, and that resulted in people realizing that there's a lot to manage there. It sounds like, right now people know machine learning is hot so they need to get data science tools in place, but is there a business capability sort of like the ETL offload was for the initial Hadoop use cases, where you would go to a customer and recommend do this, bite this off as something concrete? >> I'll start and then Rob can comment. Look, the issue's not Hadoop, a lot of clients have started with it. The reason there hasn't been, in some cases, the outcomes they wanted is because just putting data into Hadoop doesn't drive an outcome. What drives an outcome is what do you do with it. How do you change your business process, how do you change what the company's doing with the data, and that's what this is about, it's kind of that next step in the evolution of Hadoop. And that's starting to happen now. It's not happening everywhere, but we think this will start to propel that discussion. Any thoughts you had, Rob? >> Spot on. Data lake was about releasing the constraints of all the silos and being able to bring those together and aggregate that data. And it was the first basis for being able to have a 360 degree or wholistic centralized insight about something and, or pattern, but what then data science does is it actually accelerates those patterns and those lessons learned and the ability to have a much more detailed and higher velocity insight that you can react to much faster, and actually accelerate the business models around this aggregate. So it's a foundational approach with Hadoop. And it's then, as I mentioned in the keynote, the data science platforms, machine learning, and AI actually is what is the thing that transformationally opens up and accelerates those insights, so then new models and patterns and applications get built to accelerate value. >> Well, speaking of transformation, thank you both so much for taking time to share your transformation and the big news and the announcements with Hortonworks and IBM this morning. Thank you Rob Bearden, CEO of Hortonworks, Rob Thomas, General Manager of IBM Analytics. I'm Lisa Martin with my co-host, George Gilbert. Stick around. We are live from day one at DataWorks Summit in the heart of Silicon Valley. We'll be right back. (tech music)

>> Announcer: Live from Las Vegas it's theCUBE. Covering HPE Discover 2017 Brought to you by Hewlett-Packard Enterprise. >> Okay welcome back everyone, we're here live in Las Vegas it's theCUBE's exclusive coverage of HPE Discover 2017. HP Enterprises premier show, it's theCube on our third day I'm John Furrier, my co-host Dave Vallante. And our next guest Bob Moore returning back, Director of Server Software Private Security, he's got the hottest product, he's here on the show. We're going to go do a deeper dive. And Jason Shropshire SVP, CTO of InfusionPoints. Welcome back welcome to theCUBE. >> John, thank you Dave. You're the talk of the town here on the show with the simple messaging that is clean and tight. But outside of that, from a product stand point is really some of the security stuff you guys are doing in the Silicon. >> Bob: It is. >> In the server with Gen 10, pretty game changing, we've been curious, we want more information. >> Bob: Yeah. >> John: Give us some more update, what's the update? >> Glad to do that we're really proud of the announcement of course it's a big bold announcement this week. Claiming ourselves the world's most secure industry standard server. So that's big, that's huge, that's based on this new revolutionary security technology that we've been developing frankly over the past couple of years. So it's been two or three years in the making. A lot of hard work, we actually started to look at what type of security trends were happening, and what we might have to do to protect the servers. And we've come up with a game changing capability here. And it's one thing for us to say it internally at HPE, but we are so certain that we are in a great security position that we went external and found a security firm outside, that independently could look at it and do some compare, contrast testing with a competitive unit, so. >> So let's drill into that, actually I had some other questions on the industry in terms of what is going on at the chip level. Always on security is kind of a theme we've heard in the past from some of your competitors, but lets get into some of the competitive analysis. What do you guys see in the benchmarks. Jason, what do you guys discussing , because at the end of the day, claims are one thing. No offense to HP, you're kind of biased of course. We have folks on from the marketing team as well. Where's the proof in the pudding? >> Oh yeah, well one thing that we know for sure is that threat is real, right, with firmware. And it was great for us to analyze HP's new technology. We had on the bench two different beta units. >> John: You guys are the ones who did the benchmark. >> Jason: Yes the analysis. >> Independent. >> Independent yeah, FusionPoints is a cyber security firm independent from HP, they approached us to do the testing. >> John: Okay. >> We have head analysts that do this sort of thing all the time for our customers. >> So take us through what happened. >> Yeah so they procured for us three competitor servers. Sent them to our shop. We set them on a bench, all side by side. From what I can tell, no one's ever really done a test like that, you know, within the server industry. It was very exciting. There's been a lot of benchmarking done and performance, things like that. But from a black hat stand point, to actually look at the hardware, that hardware level testing, we couldn't find any examples of anyone doing it. I thought that alone was just evidence that HP was very serious about security and they knew what they had. So. >> John: You guys getting your answer, because you know the malware, and all the ransomware going on. People are going through elaborate lengths. >> Jason: Absolutely. >> Business model, organized teams, this is a really orchestrated security market now, with the black hat guys out there, really hacking away at every angle. >> Yeah well, you know we saw evidence that firmware issues and exploits are here to stay. The Vault7 release that happened recently showed us that there are exploit kits. Intel security released within a day a tool to let you do firmware validation. But to do that you have to take your server offline and build a gold image of what that firmware should look like. And then compare like a week later if you think you might have had a breech. You have to take your server down and compare it against that gold image. And who has the time to do that? But what we found in analyzing the Gen 10 server is HP has built this in, where this can be done in real time, while the server is running. No performance hit, no down time. It really is a revolutionary game changer I think for firmware security. >> So Bob, can you explain what IP you developed in Silicon that Intel, where do they leave off and you pick up? >> Sure, sure because Intel has some great security technology. And we actually support a lot of Intel technology. Their TXT, their Trusted Execution Technology as part of our Gen 10 servers. But what we've done at HPE is we've really taken it multiple steps further than that and we've developed. Because we're in a position where we develop our own custom HPE iLo-silicon chip, we're able to anchor what we actually do, imbed the cryptographic algorithms into that, and we anchor all the server's essential firmware. Right, think of it as anchoring it down into the bedrock. So there's really no way you can get in and breach that. And even if you did, instead of taking it offline like Jason was talking about here. We have the ability to not only provide that protection, but we would detect any type of malware or virus that gets in. And then frankly, we can recover that, almost immediately within a few minutes. In fact we're demonstrating that here during Discover this week. >> Is there anyplace online where people can get information, people watching, probably curious. >> Bob: Sure >> You can just give them the URL. >> Yeah just naturally it's our HPE.com/security. And that where there we've got some white papers there and other things there. >> So you say you can recover universally instantaneously. >> Bob: Yes. >> And you do that by what, fencing certain resources or... >> Yeah well what we've done, is we verify as the server is running, we're doing a runtime for more validation. So we're checking that firmware, making sure it's free of any malware, viruses, or compromised code. Completely perfect in original shape, like when we ship it from the factory. And we're storing in another location inside the server, a secure copy of that. Think of it as log box, inside the server, where it can't be found unless we need it to go into recovery mode. Then we draw from that, we've checked it daily, we've stored it there, we know it's authentic, and we can pull that back into recover in case something does happen to the server. >> And then asynchronously reclaim that wasted resource, clean it up and bring it back online. >> We can, we can recover the server, the firmware, toward the end of the year, we'll be recovering the operating system as well. Also we've got a really holistic way to get that recovered. When we talk to customers, a real big concern, and sometimes it's called bricking a server, you've got a bricked server, something that just won't operate. And it's important because 60% of small businesses that suffer a security breach, go out of business within six months, so it can be huge that lack of cashflow for customers. It's that denial of service, that disruption of business. Well we prevent all that, because we can not only protect the server, but then recover from a breach. >> So the anatomy of that breach, can we go through a common use case? So malware gets in, it gets into the server, it's hiding, typically you don't know about it. And in this new scenario with your Gen 10. You'll be able to identify that. >> Bob: That's right. >> To protect it, okay. And if I understand, the business impact of the problem you're solving is, not only are you sort of automating that protection, but you're also eliminating, a lot of wasted time, and downtime, and accelerating the response. >> Yeah I think that's what Jason was talking about earlier. Normally, if you're server gets infected, you completely take it off line and then do a manual recovery. And customers still have the choice to do that, but in our case we can recover immediately within a few minutes if something happens and gets a breach. >> Those types of exploits are typically in the data plane as well. With firmware you can't even really detect that you've been hacked. So down in the firmware virus scanners, those things don't work. So if you have a BIOS exploit, that is on either the iLO, that would be on the BMC the baseboard management controller. And undetectable by the operating system. >> That's crazy because it's a clean haven for hackers. I mean they know how to get in there, once you're in there, you're in. >> I don't know if a lot of customers realize this but the first thing when you turn a server on, there first thing that comes on is the firmware. In our case it's the iLO firmware. Over a million lines of the firmware code run before the operating system even starts. So that can be a cess pool for a trojan horse. And the research shows a virus, somewhat analogous to a human virus, it can stay there, hibernate in there for months, maybe even a year or more until it springs forth and opens up the passwords or bricks your servers, or does some nefarious thing. >> A cesspool from the customer standpoint, from a hacker is like going to the beach. Pina Coladas, you're clean you're down there having fun. >> Well what's your stats? The average time to detect an intrusion is over 200 days. >> Bob: That's right yeah. >> So essentially, you're detecting it instantaneously. >> We can, we run that runtime firmware validation on a regular basis, can be run as much as everyday, and so you'll know almost immediately. Which is really great because of a lot of regulatory bodies want to know if a breach has occurred. So this gives customers the ability to know somethings happened to them. >> Jason I want to challenge the claim here, because first of all I love the bravado. Yeah, we're bad ass, we're number one. >> We know that. >> What is the, how did the leaderboard come out? What was the results? Did HP come out number one? >> Oh absolutely. >> What's the lead, what's the gap, talk about the gap between HP and other servers. Did they send you the best servers? What was the benchmark, I'm sure you did your due diligence, take us to more of the results. >> Sure, sure, so yeah again we were comparing all the servers side by side. A test that had never been done from what I'd seen. When we looked at by feature, by feature, and started analyzing things. We sort of broke down and we saw we really had two different angles that we were looking at. The penetration test as aspect. What we were looking for vulnerabilities in the firmware, at the physical layer, at the network layer. They passed that with flying colors. We found a few minor issues that they jumped on and resolved for us in a matter of hours or days. And then the other aspect was a feature by feature comparison that we looked at. We looked at the silicon retruss obviously and we saw what the others were doing there. At best the other guys were using firmware to validate firmware. The obvious issue with that is if the firmware is compromised it's not trustworthy. >> Spoof, yeah, yeah. >> It's in no position to validate and verify. >> It's like Wallstreet policing itself. >> Jason: Yeah, can't trust that, They have a revolutionary intrusion detection switch on the Gen 10, that actually detects. If the lid is lifted on the server, anywhere from when it leaves the factory to the garage of the installation point, server doesn't have to be plugged in like the other guys. >> So if it's just a physical casing breach, >> Jason: Exactly. >> What happens there, flags the firmware, makes a note, does it shut it down? What happens? >> It makes a note, it puts it in the log entry so you can tell if that server has been tampered with in transit. >> So the insider threat potential should go away with that. >> Right, physical access, you don't have to worry about that because we can verify that server gets to the customer in it's unique, original, authentic condition. Because even though the power is off that is going to register and auto log an alert if that chassis has been opened. >> So I can't go to the vault of the Bellagio, like they did in Ocean's Eleven and put my little, and break into the server and you know go in there. >> Bob: Exactly. >> Okay, now back to the results. So the other guys, did they all pass or what. >> Well we did find some issues that we're looking at and doing some further testing on. >> So we're going to be polite and respect the confidentiality you have the ethos of security as you know sharing data is a huge deal, and it's for the integrity of the customer that you have to think about so props for that. For not digging into it, we'll wait for an official report if it does come out. Alright, so I got to ask you a personal question Jason. As someone who is in the front lines. You know every time there's a new kind of way, whether it's Bitcoin and Block chaining, you see a slew of underbelly hacking that goes mainstream that people are victimized. In this case firmware is now exposed, well known. >> Jason: Yeah. >> What as a professional, what gets you excited, and what gets you alarmed if anything about this? What new revelations have you walked away with from this? >> Well it's just how pervasive this issue is. You know the internet of things has exploded the number of IP devices that are out there. Most of them have, firmware issues, almost all of them have firmware issues. And we've just now seen bot nets being created by these devices. Cameras, IP cameras and things like that, that become attack platforms. So I just want, one of the things that impressed me very much about HP's approach here is that they're being a good corporate citizen by making a platform that's going to be implemented in tens of thousands IP addresses. Those systems I think will be much more secure. Again it can't become an attack platform for other people, for attackers to abuse. >> So the surface area, so your point about IOT. We always talk about the surface area of attack vectors. And that vector can then be minimized at the server level, because that's like the first mile in. >> Right we come and really refer to that as the attack vector or the attack surface. And so we narrow that attack surface way down. >> Can you even subjectively giVe us a sense as to how much of the problem this approach addresses? I mean is it 1%, 10%, 50% of the attacks that are out there? >> I think the important thing here is moving, shifting the bar. I've likened this, what HP is doing here to what Bill Gates did 15 years ago with the Microsoft memo. I mean that really revolutionized operating systems security within Microsoft and I think it had a ripple effect out into the industry as well. So I think HP is really pushing the bar in the same way but for firmware, instead of the operating system level that was the paradigm 15 years ago. >> And I think you'll find on our website we put some of the studies actually, and it's over half, I think it's 52% of the firms that responded have had a breach or malware virus in their firmware. So over half of those, and 17% had a catastrophic issue with that, it really is more pervasive. We've seen a lot of news about the data plane level, where thefts are taking place at the application level of the operati6ng system. And we've got to pay attention to the firmware layer now because that's like I said, a million lines of code in there running. And it could be an area where a trojan horse can sit, and we essentailly narrow that attack surface. We're also delivering with the Gen 10, the highest, the strongest set of security ciphers available in the world today. And that's a commercial national security algorithms. We're the only ones to support in our server, so we're proud of that. >> Well Bob and Jason thanks so much for sharing the insite. It's super exciting and relevant area, in the sense that it's super important for businesses and we're going to keep tracking this because the Wikibond team just put out new research around true private cloud, showing the on prim, cloudlike environments will be 260 billion dollar market. That's new research, that's groundbreaking, but points to the fact that the on pram server situation is going to be growing actually. >> Jason: For sure. >> So this is, and with cloud there's no perimeter so here you go, firmwares, potential exposure you solved that problem with good innovation. Thanks so much for sharing. >> Thanks you guys. >> Thank you. >> The inside Jason and Bob here on theCUBE talking about security servers, attack vectors, no perimeter, it's a bad world out there. Make sure you keep it protected of course. This is CUBE bringing you all the action here at HPE Discover. We'll be right back with more live coverage after this short break. I'm John Furrier, Dave Vellan6te. Be right back after this short break, stay with us.