(Upbeat music) >> Hey everyone. Welcome back to theCUBE's continuing coverage day two Snowflake Summit '22 live from Caesar's forum in Las Vegas. Lisa Martin here with Dave Vellante, bringing you wall to wall coverage yesterday, today, and tomorrow. We're excited to welcome Matthew Carroll to the program. The CEO of Immuta, we're going to be talking about removing barriers to secure data access security. Matthew, welcome. >> Thank you for having me, appreciate it. >> Talk to the audience a little bit about Immuta you're a Snowflake premier technology partner, but give him an overview of Immuta what you guys do, your vision, all that good stuff. >> Yeah, absolutely, thanks. Yeah, if you think about what Immunta at it's core is, we're a data security platform for the modern data stack, right? So what does that mean? It means that we embed natively into a Snowflake and we enforce policies on data, right? So, the rules to be able to use it, to accelerate data access, right? So, that means connecting to the data very easily controlling it with any regulatory or security policy on it as well as contractual policies, and then being able to audit it. So, that way, any corporation of any size can leverage their data and share that data without risking leaking it or potentially violating a regulation. >> What are some of the key as we look at industry by industry challenges that Immuta is helping those customers address and obviously quickly since everything is accelerating. >> Yeah. And it's, you're seeing it 'cause the big guys like Snowflake are verticalizing, right? You're seeing a lot of industry specific, you know, concepts. With us, if you think of, like, where we live obviously policies on data regulated, right? So healthcare, how do we automate HIPAA compliance? How do we redesign clinical trial management post COVID, right? If you're going to have billions of users and you're collecting that data, pharmaceutical companies can't wait to collect that data. They need to remove those barriers. So, they need to be able to collect it, secure it, and be able to share it. Right? So, double and triple blinded studies being redesigned in the cloud. Government organizations, how do we share security information globally with different countries instantaneously? Right? So these are some of the examples where we're helping organizations transform and be able to kind of accelerate their adoption of data. >> Matt, I don't know if you remember, I mean, I know you remember coming to our office. But we had an interesting conversation and I was telling Lisa. Years ago I wrote a piece of you know, how to build on top of, AWS. You know, there's so much opportunity. And we had a conversation, at our office, theCUBE studios in Marlborough, Massachusetts. And we both, sort of, agreed that there was this new workload emerging. We said, okay, there's AWS, there's Snowflake at the time, we were thinking, and you bring machine learning, at time where we were using data bricks, >> Yeah. >> As the example, of course now it's been a little bit- >> Yeah. Careful. >> More of a battle, right, with those guys. But, and so, you see them going in their different directions, but the premise stands is that there's an ecosystem developing, new workloads developing, on top of the hyper scale infrastructure. And you guys play a part in that. So, describe what you're seeing there 'cause you were right on in that conversation. >> Yeah. Yeah. >> It's nice to be, right. >> Yeah. So when you think of this design pattern, right, is you have a data lake, you have a warehouse, and you have an exchange, right? And this architecture is what you're seeing around you now, is this is every single organization in the world is adopting this design pattern. The challenge that where we fit into kind of a sliver of this is, the way we used to do before is application design, right? And we would build lots of applications, and we would build all of our business logic to enforce security controls and policies inside each app. And you'd go through security and get it approved. In this paradigm, any user could potentially access any data. There's just too many data sources, too many users, and too many things that can go wrong. And to scale that is really hard. So, like, with Immuta, what we've done, versus what everyone else has done is we natively embedded into every single one of those compute partners. So ,Snowflake, data breaks, big query, Redshift, synapse on and on. Natively underneath the covers, so that was BI tools, those data science tools hit Snowflake. They don't have to rewrite any of their code, but we automatically enforce policy without them having to do anything. And then we consistently audit that. I call that the separation of policy from platform. So, just like in the world in big data, when we had to separate compute from storage, in this world, because we're global, right? So we're, we have a distributed workforce and our data needs to abide by all these new security rules and regulations. We provide a flexible framework for them to be able to operate at that scale. And we're the only ones in the world doing it. >> Dave Vellante: See the key there is, I mean, Snowflake is obviously building out its data cloud and the functions that it's building in are quite impressive. >> Yeah. >> Dave Vellante: But you know at some point a customer's going to say, look I have other stuff, whether it's in an Oracle database, or data lake or wherever, and that should just be a node on this global, whatever you want to call it, mesh or fabric. And then if I'm hearing you right, you participate in all of that. >> Correct? Yeah We kind of, we were able to just natively inject into each, and then be able to enforce that policy consistently, right? So, hey, can you access HIPAA data? Who are you? Are you authorized to use this? What's the purpose you want to query this data? Is it for fraud? Is it for marketing? So, what we're trying to do as part of this new design paradigm is ensure that we can automate nearly the entire data access process, but with the confidence and de-risk it, that's kind of the key thing. But the one thing I will mention is I think we talk a lot about the core compute, but I think, especially at this summit, data sharing is everything. Right? And this concept of no copy data sharing, because the data is too big and there's too many sets to share, that's the keys to the kingdom. You got to get your lake and your warehouse set with good policy, so you can effectively share it. >> Yeah, so, I wanted to just to follow up, if I may. So, you'd mentioned separating compute from storage and a lot of VC money poured into that. A lot of VC money poured into cloud database. How do you see, do you see Snowflake differentiating substantially from all the other cloud databases? And how so? >> I think it's the ease of use, right? Apple produces a phone that isn't much different than other competitors. Right? But what they do is, end to end, they provide an experience that's very simple. Right? And so yes. Are there other warehouses? Are there other ways to, you know you heard about their analytic workloads now, you know through unistore, where they're going to be able to process analytical workloads as well as their ad hoc queries. I think other vendors are obviously going to have the same capabilities, but I think the user experience of Snowflake right now is top tier. Right? Is I can, whether I'm a small business, I can load my debt in there and build an app really quickly. Or if I'm a JP Morgan or, you know, a West Farmer's I can move legacy, you know monolithic architectures in there in months. I mean, these are six months transitions. When think about 20 years of work is now being transitioned to the cloud in six months. That's the difference. >> So measuring ease of views and time to value, time to market. >> Yeah. That's it's everything is time to value. No one wants to manage the infrastructure. In the Hudup world, no one wants to have expensive customized engineers that are, you know, keeping up your Hudup infrastructure any longer. Those days are completely over. >> Can you share an example of a joint customer, where really the joint value proposition that Immuta and Snowflake bring, are delivering some pretty substantial outcomes? >> Yeah. I, what we're seeing is and we're obviously highly incentivized to get them in there because it's easier on us, right? Because we can leverage their row and com level security. We can leverage their features that they've built in to provide a better experience to our customers. And so when we talk about large banks, they're trying to move Terra data workloads into Snowflake. When we talk about clinical trial management, they're trying to get away from physical copies of data, and leverage the exchanges of mechanism, so you can manage data contracts, right? So like, you know, when we think of even like a company like Latch, right? Like Latch uses us to be able to oversee all of the consumer data they have. Without like a Snowflake, what ends up happening is they end up having to double down and invest on their own people building out all their own infrastructure. And they don't have the capital to invest in third party tools like us that keep them safe, prevent data leaks, allow them to do more and get more value out of their data, which is what they're good at. >> So TCO reduction I'm hearing. >> Matthew Carroll: Yes, exactly. >> Matt, where are you as a company, you've obviously made a lot of progress since we last talked. Maybe give us the update on you know, the headcount, and fundraising, and- >> Yeah, we're just at about 250 people, which scares me every day, but it's awesome. But yeah, we've just raised 100 million dollars- >> Lisa Martin: Saw that, congratulations. >> Series E, thank you, with night dragon leading it. And night dragon was very tactical as well. We are moving, we found that data governance, I think what you're seeing in the market now is the catalog players are really maturing, and they're starting to add a suite of features around governance, right? So quality control, observability, and just traditional asset management around their data. What we are finding is is that there's a new gap in this space, right? So if you think about legacy it's we had infrastructure security we had the four walls and we protect our four walls. Then we moved to network security. We said, oh, the adversary is inside zero trust. So, let's protect all of our endpoints, right? But now we're seeing is data is the security flaw data could be, anyone could potentially access it in this organization. So how do we protect data? And so what we have matured into is a data security company. What we have found is, there's this next generation of data security products that are missing. And it's this blend between authentication like an, an Okta or an AuthO and auth- I'm sorry, authorization. Like Immuta, where we're authorizing certain access. And we have to pair together, with the modern observability, like a data dog, to provide an a layer above this modern data stack, to protect the data to analyze the users, to look for threats. And so Immuta has transformed with this capital. And we brought Dave DeWalt onto our board because he's a cybersecurity expert, he gives us that understanding of what is it like to sell into this modern cyber environment. So now, we have this platform where we can discover data, analyze it, tag it, understand its risk, secure it to author and enforce policies. And then monitor, the key thing is monitoring. Who is using the data? Why are they using the data? What are the risks to that? In order to enforce the security. So, we are a data security platform now with this raise. >> Okay. That, well, that's a new, you know, vector for you guys. I always saw you as an adjacency, but you're saying smack dab in the heart >> Matthew Carroll: Yes. Yeah. We're jumping right in. What we've seen is there is a massive global gap. Data is no longer just in one country. So it is, how do we automate policy enforcement of regulatory oversight, like GDPR or CCPA, which I think got this whole category going. But then we quickly realized is, well we have data jurisdiction. So, where does that data have to live? Where can I send it to? Because from Europe to us, what's the export treaty? We don't have defined laws anymore. So we needed a flexible framework to handle that. And now what we're seeing is data leaks, upon data leaks, and you know, the Snowflakes and the other cloud compute vendors, the last thing they ever want is a data leak out of their ecosystem. So, the security aspects are now becoming more and more important. It's going to be an insider threat. It's someone that already has access to that and has the rights to it. That's going to be the risk. And there is no pattern for a data scientist. There's no zero trust model for data. So we have to create that. >> How are you, last question, how are you going to be using a 100 million raised in series E funding, which you mentioned, how are you going to be leveraging that investment to turn the volume up on data security? >> Well, and we still have also another 80 million still in the bank from our last raise, so 180 million now, and potentially more soon, we'll kind of throw that out there. But, the first thing is M and A I believe in a recessing market, we're going to see these platforms consolidate. Larger customer of ours are driving us to say, Hey, we need less tools. We need to make this easier. So we can go faster. They're, even in a recessing market, these customers are not going to go slower. They're moving in the cloud as fast as possible, but it needs to be easier, right? It's going back to the mid nineties kind of Lego blocks, right? Like the IBM, the SAP, the Informatica, right? So that's number one. Number two is investing globally. Customer success, engineering, support, 24 by seven support globally. Global infrastructure on cloud, moving to true SaaS everywhere in the world. That's where we're going. So sales, engineering, and customer success globally. And the third is, is doubling down on R and D. That monitor capability, we're going to be building software around. How do we monitor and understand risk of users, third parties. So how do you handle data contracts? How do you handle data use agreements? So those are three areas we're focused on. >> Dave Vellante: How are you scaling go to market at this point? I mean, I presume you are. >> Yeah, well, I think as we're leveraging these types of engagements, so like our partners are the big cloud compute vendors, right? Those data clouds. We're injecting as much as we can into them and helping them get more workloads onto their infrastructure because it benefits us. And then obviously we're working with GSIs and then RSIs to kind of help with this transformation, but we're all in, we're actually deprecating support of legacy connectors. And we're all in on cloud compute. >> How did the pivot to all in on security, how did it affect your product portfolio? I mean, is that more positioning or was there other product extensions that where you had to test product market fit? >> Yeah. This comes out of customer drive. So we've been holding customer advisory boards across Europe, Asia and U.S. And what we just saw was a pattern of some of these largest banks and pharmaceutical companies and insurance companies in the world was, hey we need to understand who is actually on our data. We have a better understanding of our data now, but we don't actually understand why they're using our data. Why are they running these types of queries? Is this machine, you know logic, that we're running on this now, we invested all this money in AI. What's the risk? They just don't know. And so, yeah, it's going to change our product portfolio. We modularized our platform to the street components over the past year, specifically now, so we can start building custom applications on top of it, for specific users like the CSO, like, you know, the legal department, and like third party regulators to come in, as well as as going back to data sharing, to build data use agreements between one or many entities, right? So an SMP global can expose their data to third parties and have one consistent digital contract, no more long memo that you have to read the contract, like, Immuta can automate those data contracts between one or many entities. >> Dave Vellante: And make it a checkbox item. >> It's just a checkbox, but then you can audit it all, right? >> The key thing is this, I always tell people, there's negligence and gross negligence. Negligence, you can go back and fix something, gross negligence you don't have anything to put into controls. Regulators want you to be at least negligent, grossly negligent. They get upset. (laughs) >> Matthew, it sounds like great stuff is going on at Immuta, lots of money in the bank. And it sounds like a very clear and strategic vision and direction. We thank you so much for joining us on theCUBE this morning. >> Thank you so much >> For our guest and Dave Vellante, I'm Lisa Martin, you're watching theCUBE's coverage of day two, Snowflake Summit '22, coming at ya live, from the show floor in Las Vegas. Be right back with our next guest. (Soft music)