>>Welcome to the cubes, continuing coverage of AWS reinvent 2021. I'm your host, Lisa Martin. We are running one of the industry's most important and largest hybrid tech events of the year. This year with AWS and its ecosystem partners. We have two life studios, two remote studios, and over 100 guests. So stick around as we talk about the next 10 years of cloud innovation, I'm very excited to be joined by another Lisa from Zscaler. Lisa Lorenzen is here with me, the field CTO for the Americas. She's here to talk about ZScaler's mission to make doing business and navigating change a simpler, faster, and more productive experience. Lisa, welcome to the program. >>Thank you. It's a pleasure to be here. >>So let's talk about Zscaler in AWS. Talk to me about the partnership, what you guys are doing together. >>Yeah, definitely. Z scaler is a strategic security ISV partner with AWS. So we provide AWS customers with zero trust, secure remote access to AWS, and this can improve their security posture as well as their user experience with AWS. These scaler recently announced that we are the first and only cloud security service to achieve the FedRAMP PI authorization to operate. And that FedRAMP ZPA service is built on AWS gov cloud. ZScaler's also an AWS marketplace seller where our customers can purchase our zero trust exchange services as well as request or high value security assessments. We're excited about that as we're seeing a rapid increase in customer adoption as these scaler via the AWS marketplace, we vetted our software on AWS edge services that support emerging use cases, including 5g, IOT, and OT. So for example, Zscaler runs on wavelength, outposts, snowball and snowcones, and Zscaler has strategic partnerships with leading AWS service providers and system integration partners, including Verizon NTT, BT, Accenture, Deloitte, and many of the leading national and regional AWS consulting partners. >>Great summary there. So you mentioned something I want to get more understanding on this. It sounds like it's a differentiator for CSO scale. You said that you guys recently announced to the first and only cloud security service to achieve FedRAMP high. Uh, ATO built on AWS gov cloud. Talk to me about and what the significance of that is. >>I L five authorization to operate means that we are able to protect federal assets for the department of defense, as well as for the civilian agencies. It just extends the certification of our cloud by the government to ensure that we meet all of the requirements to protect that military side of the house, as well as the civilian side of the house. >>Got it super important there, let's talk about zero trust. It's a super hot topic. We've seen so many changes to the threat landscape during the pandemic. How are some of the ways that Z scaler and AWS are helping customers tackle this together? >>Well, I'd actually like to answer that by telling a little bit of a story. Um, Growmark is one of our Z scaler and AWS success stories when they had to send everyone home to work from home overnight, the quote that we had from is the users just went home and nothing changed. ZPA made work from anywhere, just work, and they were able to maintain complete business continuity. So even though their employers might have had poor internet service at home, or, you know, 80 challenging infrastructure, if you've got kids on your wifi bunch of kids in the neighborhood doing remote school, everyone's working from home, you don't have the reliability or the, maybe the bandwidth capacity that you would when you're sitting in an office. And Zscaler private access is a cloud delivered zero trust solution that leverages dynamic resilient, TLS encrypted tunnels to connect the user to an application rather than putting an end point on a network. >>And the reason that's important is it makes for a much more reliable and resilient service, even in environments that may not have the best connectivity I live out in the county. I really, some days think that there's a hamster on a wheel somewhere in my cable modem network, and I am a consumer of this, right. I connect to Z scaler over Zscaler private access, I'm protected by Zscaler internet access. And so I access our internal applications that are running in AWS as well this way. And it makes a huge difference. Growmark really started with an SAP migration to AWS, and this was long before the pandemic. So they started out looking for that better user experience and the zero trust capability. They were able to ensure that their SAP environment was dark to the internet, even though it was running in the cloud. And that put them in this position to leverage that zero trust service when the pandemic was upon us, >>That ability or that quote that you mentioned, it just worked was absolutely critical for all of us in every industry. And I'm sure a lot of folks who were trying to manage working from home, the spouses from home kids doing, you know, school online also felt like you with the hamster on the wheel, I'm sure their internet access, but being able to have that business continuity was table-stakes especially early on for most organizations. We saw a lot of digital transformation, a lot of acceleration of it in the last 20 months during the pandemic. Talk to me about how Z scaler helps customers from a digital transformation perspective and maybe what some of the things were that you saw in the last 20 months that have accelerated >>Absolutely. Um, another example, there would be Jefferson health, and really, as we saw during the pandemic, as you say, it accelerated a lot of the existing trends of mobility, but also migration to the cloud. And when you move applications to the cloud, honestly, it's a complex environment and maybe the controls and the risk landscape is not as well. Understood. So Z scaler also has another solution, which is our cloud security posture management. And this is really ensuring that your configuration on your environment, that those workloads run in is controlled, understood correctly, coordinated and configured. So as deference and health migrated to the cloud first model, they were able to leverage the scalers workload posture to measure and control that risk. Again, it's environment where the combination of AWS and Z scaler together gives them a flexible, resilient solution that they can be confident is correctly configured and thoroughly locked down. >>And that's critical for businesses in any organization, especially as quickly as how quickly things changed in the last 20 months or so I do wonder how your customer conversations have has changed as I introduced you as the field CTO of the America's proceeds killer. I'm sure you talk with a lot of customers. How has the security posture, um, zero trust? How has that risen up within the organizational chain? Is that something that the board is concerned about? >>My gosh, yes. And zero trust really has gone through the Gartner hype cycle. You've got the introduction, the peak of interest, the trough of despair, and then really rising back into what's actually feasible. Only zero trust has done that on a timeline of over a decade. When the term was first introduced, I was working with firewall VPN enact technology, and frankly, we didn't necessarily have the flexibility, the scalability, or the resilience to offer true zero trust. You can try to do that with network security controls, but when you're really protecting a user connecting to an application, you've got an abstraction layer mismatch. What we're seeing now is the reemergence of zero trust as a priority. And this was greatly accelerated honestly by the cybersecurity executive order that came out a few months ago from the Biden administration, which made zero trust a priority for the federal government and the public sector, but also raised visibility on zero trust for the private sector as well. >>When we're looking at zero trust as a way to perhaps ward off some of these high profile breaches and outages like the colonial pipeline, whole situation that was based on some legacy technology for remote access that was exploited and led to a breach that they had to take their entire infrastructure offline to mitigate. If we can look at more modern delivery mechanisms and more sophisticated controls for zero trust, that helps the board address a number of challenges ranging from obviously risk management, but also agility and cost reduction in an environment where more than ever belts are being tightened. New ways of delivering applications are being considered. But the ability to innovate is more important than ever. >>It is more important than ever the ability to innovate, but it really changing security landscape. I'm glad to hear that you're seeing, uh, this change as a result of the executive order that president Biden put down in the summer. That's good news. It sounds like there's some progress being made there, but we saw, you mentioned colonial pipeline. We saw a lot in the last 20, 22 months or so with ransomware becoming a household word, also becoming something that is a matter of when companies in any industry get hit and versus if it's no longer kind of that choice anymore. So talk to me about some of the threats and some of the stats that Z scaler has seen particularly in the last 20, 22 months. >>Oh gosh. Well, let's see. I'm just going to focus on the last 12 months, cause that's really where we've got some of the best data. We've seen a 500% increase in ransomware delivered over encrypted channels. And what that means is it's really critical to have scalable SSL inspection that can operate at wire speed without impeding the user experience or delay in critical projects, server communications, activities that need to happen without any introduced in any additional latency. So if you think about what that takes the Z scaler internet access solution is protecting users, outbound access in the same way that Zscaler private access protects access to private resources. So we're really seeing more and more organizations seeing that both of these services are necessary to deliver a comprehensive zero trust. You have to protect and control the outbound traffic to make sure that nothing good leaks out, nothing bad sneaks in. >>And at the same time, you have to protect and control the inbound traffic and inbound is, you know, a much broader definition with apps in the data center in the cloud these days. We're also seeing that 30% of malware is delivered through trusted applications like file shares or collaboration tools. So it's no longer enough to only inspect web traffic. Now you have to be able to really inspect all flavors of traffic when you're doing that outbound protection. So another good example where Z scaler and AWS work together here is in Amazon workspaces. And there's a huge trend towards desktop as a service, for example, and organizations are starting to recognize that they need to protect both the user experience and also the connectivity onward in Amazon workspaces, the same way that they would for a traditional end user device. So we see Z scaler running in the Amazon workspaces instances to protect that outbound traffic and control that inbound traffic as well. >>Another big area is the ransomware infections are not the problem. It's the result. So over half of the ransomware infections include data theft or leakage. And that is a double whammy because you get what's called double extortion where not only do you have to pay to unlock your machines, but you have to pay not to have that stolen data exposed to the rest of the world. So it's more important than ever to be able to break that kill chain as early as possible to ensure that the or the server traffic itself isn't exposed to the initial infection vector. If you do happen to get an infection vector that sneaks through, you need to be able to control the lateral movement so that it doesn't spread in your environment. And then if both of those controls fail, you also need the outbound protection such as CASBY and DLP to ensure that even if they get into the environment, they can't exfiltrate any of the data that they find as a result. We're seeing that the largest security risk today is lateral movement inside the corporate network. And that's one of the things that makes these ransomware double extortion situations, such a problem. >>Last question for you. And we've got about a minute left. I'm curious, you said over 50% of ransomware attacks are now double extortion. How do you guys help customers combat that? So >>We really deliver a solution that eliminates a lot of the attack surface and a lot of the risks. We have no inbound listener, unlike a traditional VPN. So the outbound only connections mean you don't have the external attack surface. You can write these granular policy controls to eliminate lateral movement. And because we integrate with customer's existing identity and access management, we can eliminate the credential exposure that can lead to a larger spread in a compromised environment. We also can eliminate the problem of unpatched gateways, which led to things like colonial pipeline or some of the other major breaches we've seen recently. And we can remove that single point of failure. So you can rely on dynamic optimized traffic distribution for all of these secure services. Basically, what we're trying to do is make it simpler and more secure at the same time, >>Simpler and more secure at the same time is what everyone needs regardless of industry. Lisa, thank you for joining me today, talking about Zscaler in AWS, zero trust the threat landscape that you're seeing, and also how's the scaler and AWS together can help customers mitigate those growing risks. We appreciate your insights and your thoughtfulness. >>Thank you >>For Lisa Lorenzen. I'm Lisa Martin. You're watching the cubes coverage of AWS reinvent stick around more great content coming up next.

>>Welcome back to the cubes coverage of splunk.com 21. Finally, some Arten twenty-nine next word Holloway, the director of technology alliances at Z scaler ward. Welcome to the program. >>Thanks for having me great to be here. >>Talk to me a little bit about Zscaler and Splunk working together. How are you helping companies to improve their security posture? >>Yeah, I think, um, you know, we're each, uh, market leaders in our respective areas as these scale are the market leader for cloud delivered security as a service and Splunk is really the market leader in log monitoring and correlation across the entire security environment, uh, really providing their customers deeper insights through zero trust analytics and orchestration, and together our integrated solution protects enterprises from threat campaigns, reduces security operations burdens through automation, and really provides our customers with actionable data much faster than they could do, uh, on their own. >>That actionable data at speed is, is incredibly important. You mentioned zero trust. That's a hot topic right now. Let's dig more into how Z scaler and Splunk handle zero trust. >>Yeah, well, I think first and foremost, um, our integration is cloud native. Um, so you're getting that data in real time and not requiring any on-premise appliances or infrastructure. Um, and that's a real key thing in this cloud enabled cloud-first world that we're all operating in. And by getting that data in quickly to Splunk really enabled, uh, our customers to do some interesting things. Um, we have some prebuilt dashboards, VRR Splunk application, uh, that allows customers to very quickly leverage our data and logs on and give insights into what exactly is going on. And they can view usage, uh, applications threats all immediately. And that data that we're sending to Splunk is, uh, natively configured in splints SIM, uh, logging, uh, protocol. So it natively and easily is, um, leveraged by our users, uh, when they deploy out the Splunk app from Zscaler. >>So what are some of the things that differentiate how's the scalar delivers zero trust network access compared to some of the other guys? >>Well, I think first and foremost, um, zero trust has to enable zero network access. It requires zero access to the network. So you only connect to a particular application, really eliminating the possibility for lateral movement. It's really, uh, like the difference between letting a guest in your office wander around your headquarters on escorted, uh, versus escorting a guest to a meeting room, and then it's scoring them out once the meeting is over. I think the second key really is then also having a zero attack surface. Anything that resolves on the open internet today can be discovered exploited, um, denial of service. This means traditional solutions like firewalls, VPNs, uh, any web portal will that are visible on the internet are ultimately an attack surface, which is really a security risk. Um, if they can find it, if they can discover it, they can attack it. >>If they can't find your application, they can attack it. So that's really the key about a zero trust approach. That's Zscaler takes a, we don't expose anything on the internet and finally we have zero pass-through. So our zero trust exchange, doesn't go through a pass through connection, if utilize as a proxy architecture, which allows you to hold the data, inspect it, and then making a verdict before allowing it to pass. This is really a fundamental key for zero trust, ensure that all connections are secure from threats and data loss, and only allowing things in based on the context of the actual data itself. >>We've seen a massive change in the threat landscape in the last 18, 19 months. I'm wondering what, if you can kind of elaborate on some of the trends from a security perspective, a threat perspective that Zscaler has seen? >>Yeah, I think, um, you know, with the pandemic, obviously, um, it's greatly accelerated, uh, work from home work from anywhere. Um, so users are no longer on their company's corporate networks. Uh, they're working from their homes, they're working from traveling around wherever they might be, uh, in the country. And I think that really has increased, um, the threat attack surface. Um, it's not protected by the traditional security infrastructure that companies have spent years putting in place in their networks because everyone is remote. And we think things like a 500 and 500% increase in ransomware delivered over encrypted channels, for example, uh, and 30% of malware delivered through trusted apps, such as file sharing and collaboration tools. Um, and so ultimately the largest risk is really lateral movement inside of the corporate networks. Uh, once these things get in because traditional approaches such as VPNs are placing the users on the network, uh, and ultimately exposing them to risk. >>You said a 500% increase in ransomware delivered over encrypted channels. That's huge. And that is what, one of the things that we've seen just this year alone is ransomware becoming a household word, everyone understanding what happened with the colonial pipeline, the executive order, that's a huge threat there. And of course, ransomware is also getting more personal. Are you seeing that as well? >>Yeah, definitely. Um, I think again with all of the remote workforce being distributed, um, and no longer protected by the traditional security approaches, um, it's exposing them to this ransomware and it's what attackers are really kind of leaning on to go after, um, these remote users in order to gain access into the corporate infrastructures and ultimately deploy ransomware within those infrastructures. And that's really why zero trust is so important. Zero trust is really the idea of kind of putting an exchange, uh, in the, the cloud itself, so that security is buy all of your users wherever they may be. So regardless of where those users are working, whether it's remotely from home, whether it's traveling at a hotel, uh, whether they've decided to sell everything and get an RV and travel around the country, uh, by placing a zero trust cloud exchange, uh, in place to secure your assets and secure the connections, uh, you're protecting those users wherever they are, and ultimately protecting against that ransomware threat. >>And that's going to be key as this work from anywhere persist for a while. And then eventually there'll be probably some hybrid environment with a good amount of people working remotely and that the need to secure that landscape and deliver that zero trust. Is this going to be table stakes for businesses in any industry? Talk to me about, uh, about digital transformation. We've been talking about that for years now, but what are, how are some of the ways that Z scaler helps your customers? And then what are some of the things that you've seen perhaps accelerate in the last 18, 19 months? >>Yeah, I think we touched on it already. Obviously the pandemic really accelerated the work from anywhere work from our remote, um, dynamic. Um, and I think, uh, you know, that combined with, um, most corporations moving towards embracing the cloud and, uh, software as a service has really accelerated this whole digital transformation movement. Um, and the pandemic has just made it, you know, come to us exceptionally faster. So now that, um, users are working remotely anywhere, and now that your assets are no longer in data centers, but sitting in the cloud, whether it's things like, you know, Workday or Microsoft office 365 or Salesforce or whatever application that you're using, you know, the traditional castle and moat approach to security that we used to take, doesn't really work in this cloud first world. Um, you know, corporations spend a lot of years deploying firewalls, VPNs. DLPs things of that nature in all of the data centers that they physically controlled. >>Uh, and that was great when all of the users were physically at the office and going through that physical infrastructure. But now that the pandemic has accelerated this remote work from anywhere, uh, dynamic, uh, that old castle and load approach doesn't work anymore. So you have these users scattered around, not connecting through your data centers, not connecting through your infrastructure. And the pandemic also really explodes, um, the weakness of that, that model as well. Uh, when everybody got sent home, initially, they were leveraging those VPNs to try to connect back through those legacy data centers and then out the cloud. And we're really experiencing a terrible, uh, experience working in that environment. Uh, the VPNs were overwhelmed. They fell over and a lot of users started just going directly to the cloud themselves. And that's really where you risk this exposure. And this problem with ransomware as they were bypassing traditional security measures, if you had in place and exposing you to a much greater risk. And that's why the zero trust approach that Zscaler takes was much more effective and combined with what we're doing with Splunk really needed to do to get full visibility across that deployed disparate infrastructure, that you have an insight into what those users are doing and the ability to automatically react to it with the integration that we have with Splunk, sor >>That insight is absolutely critical. You talked about that rapid scatter to work from home that occurred 18, 19 months ago. And of course we all, all of us workers that were remote and are still remote we're are reliant on SAS tools, collaboration tools, video conferencing. And of course you mentioned a step now 30% of malware is delivered through trusted apps, like collaboration tools. Talk to me about how Zscaler and Splunk are helping customers combat challenges like that as they still are in this dynamic work from anywhere environment. >>Yeah, I think, um, we've got a couple of interesting integrations. Again, first we're automatically sitting the data from, uh, all of our ZScaler's zero trust infrastructure to Splunk, uh, automatically normalized and their SIM format. So it is natively and easily ingested into Splunk. And you start getting actionable insight from that. Uh, once that data is in Splunk and start doing an analysis, um, and seeing what is going on with those users, looking at things like, uh, most hits sites sites that are blocked, uh, any suspicious information that they're starting to see through their analysis and correlation engine. Uh, and they can even take action on that. If they suddenly see users going to known bad malware sites, for example, they can use the Splunk soar integration that we have to call the endpoint detection and response system that they may have in place and block that user from connecting it. So we're giving users full insight into what their user base is doing and the ability to automatically react to that and even block and prevent a bad actions that can ultimately expose them to risk >>The customer example that you can share of how you guys are doing this together. >>Uh, I mean, we have many examples through multiple verticals, be it financial healthcare, uh, manufacturing, uh, there's one insurance company in particular that I can think of that, uh, has integrated the solutions together. And really, as soon as they put the two integrations in place, we're able to identify a number of users that were hitting malicious sites and automatically block and protect those users from going to those sites and eliminating that risk from their environment. >>Excellent. Talk to me about some of the key, uh, pain points that you're solving for and some of the business outcomes that customers can expect working with Zscaler and Splunk. >>Uh, great question. Uh, I think one of the first is the zero trust exchange. The vScaler Habs enables really the much needed modern workplace, um, that COVID is further accelerated. Um, users really can work anywhere, uh, so that they can safely access any application from any network. Uh, whether that location is external, internal on any device. And the exchange really provides consistent security by being the inline policy enforcement point between all devices and services. The other thing that I think is key is users really require a great experience. And so if something goes wrong, you need to be able to quickly figure out what that is. Um, so we're constantly collecting a huge amount of telemetry, uh, to really understand and see exactly what that user experience is like, uh, and what issues they may be having, and really giving you the ability to see those issues before they arise and cause a problem. >>So you can proactively identify them and eliminate them. So they don't cause a problem. Uh, we've been able to allow our customers to roll the solution out and days and even over the weekend in order to get started. And this really allows them to accelerate, implementing zero trust for their organization by ensuring that all traffic for the internet goes through the zero trust exchange first, where it's fully did prepped it in inspected for any threats or data loss. And that's really key. Uh, I think one of the things that's so important in differentiating about what ZScaler's does is we're able to inspect traffic at scale. Uh, we have over 150 points of presence around the world that allows us to inspect all traffic, including SSL, encrypted traffic. So I think that's really a key point to focus on is that, you know, most of the threats that you and I were talking about earlier, especially around ransomware, tend to try to hide themselves, uh, and SSL, encrypted traffic. So whatever solution you want to deploy for CR trust it's imperative, that it has the ability to fully expect SSL traffic at scale, not just a limited subset of that traffic, but all of it, because so much of the threats today are coming, uh, in an encrypted format. >>And that's probably something that I I'm wondering if you, if you're seeing that those threats in terms of the increase and the, and the significance is only going to persist as this work from any more environment does. So how can customers get started with these scaler and Splunk? Where would, where would they start? >>Well, I think, uh, the great thing is, um, if they are a Z scaler customer or a Splunk customer, uh, it's very easy for them just to go to the Splunk app store and download the Zscaler app, uh, to allow them to very quickly and easily integrate the two solutions together. Uh, once they've made that connection, uh, we start automatically sending all of our logging and telemetry data into Splunk, and then they're able to leverage to the Splunk, the infrastructure and the dashboards that we've created to automatically start getting that insight into what's going on within their user community to see what threats are spooling up and to leverage Splunk, soar, to take automated action, to protect and eliminate those threats from their environment. So it's very easy for our users and our customers to get the application up and running quickly and start realizing value from the deployment itself. >>Yeah. You mentioned a stat a minute ago in terms of being able to deploy over the weekend, not fast time to value in this dynamic, uh, landscape where the threats are constantly changing, that that fast time to value is critical for businesses in any industry. >>Yeah, absolutely. Uh, I think that's the key again in this cloud world where you no longer have, uh, everything in your data center, and it's not a very simple and easy process. Just someone down to the data center to deploy a new solution, the solutions that you do choose need to be able to spin up quickly and easily. And that's really what we've built together with our integration with Splunk. Um, it was designed to be easy, quick to deploy and quick to re leverage value from. >>Excellent. Thank you for joining me talking about what Z scaler and Splunk are doing together, how you're helping customers to solve key pain points and that fast time to value that you're delivering. We appreciate your insights and your time. >>Thank you >>For ward Holloway. I'm Lisa Martin. You're watching the cubes coverage of splunk.com 21.

from the cube studios in palo alto in boston bringing you data driven insights from the cube and etr this is breaking analysis with dave vellante by the dip has been been an effective strategy since the market bottomed in early march last year the approach has been especially successful in tech and even more so for those tech names that one were well positioned for the forced march to digital i sometimes call it i.e remote work online commerce data centric platforms and certain cyber security plays and two already had the cloud figured out the question on investors minds is where to go from here should you avoid some of the high flyers that are richly valued with eye-popping multiples or should you continue to buy the dip and if so which companies that capitalized on the trends from last year will see permanent shifts in spending patterns that make them a solid long-term play hello and welcome to this week's wikibon cube insights powered by etr in this breaking analysis we shine the spotlight on three companies that may be candidates for a buy the dip strategy and it's our pleasure to welcome in ivana delevco who's the chief investment officer and founder of spear alpha a new research-centric etf focused on industrial technology ivana is a long-time equity analyst with a background in both long and short investing ivana welcome to the program thanks so much for coming on thanks for having me david yeah it's really our pleasure i i want to start with your etf and give the folks a bit more background about you first you know we gotta let people know i'm not an investment pro i'm not an advisor i don't make stock recommendations i don't sell investments so you got to do your own research i have a lot of data so happy to share it but you got to understand your own risks you of course yvonne on the other hand you do offer investment services and so people before investing got to carefully review all the available available investment docs understand what you're getting into before you invest now with that out of the way ivana i have some stats up here on this slide your spear you're a newly launched female lead firm that does deep research into the supply chain we're going to talk about that you try to uncover as i understand it under-appreciated industrial tech firms and some really pretty cool areas that we list here but tell us a little bit more about your background and your etf so thanks for having me david my background is in industrial research and industrial technology investments i've spent the past 15 years covering this space and what we've seen over the past five years is technology changes that are really driving fundamental shifts in industrial manufacturing processes so whether this is 5g connectivity innovation in the software stack increasing compute speeds all of these are major technological advancements that are impacting uh traditional manufacturers so what we try to do is assess speak to these firms and assess who is at the leading and who is at the lagging end of this digital transformation and we're trying to assess what vendors they're using what processes they're implementing and that is how we generate most of our investment ideas okay great and and we show on the bottom of of this sort of intro slide if you will uh so one of the processes that you use and one of the things that that is notable a lot of people compare you uh to kathy woods are investments when you came out uh i think you use a different process i mean maybe there are some similarities in terms of disruption but at the bottom of this slide it shows a mckinsey sort of graphic that that i think informs people as to how you really dig into the supply chain from a research standpoint is that right absolutely so for us it's all about understanding the supply chain going deep in the supply chain and gather data points from primary sources that we can then translate into investment opportunities so if you look at this mckinsey graph uh you will see that there is a lot of opportunity to for these companies to transform themselves both on the front end which means better revenue better products and on their operation side which means lower cost whether it's through better operations or through better processes on the the back end so what we do is we will speak to a traditional manufacturing company and ask them okay well what do you use for better product development and they will give us the name of the firms and give us an assessment of what's the differences between the competitors why they like one versus the other so then we're gonna take the data and we will put it into our financial model and we'll understand the broader market for it um the addressable market the market share that the company has and will project the growth so for these higher growth stocks that that you cover the main alpha generation uh potential here is to understand what the amount of growth these companies will generate over the next 10 to 20 years so it's really all about projecting growth in the next three years in the next five years and where will growth ultimately settle in in the next 10 to 20 years love it we're gonna have a fun conversation because today we're going to get into your thesis for cooper snowflake and z scalar we're going to bring in some of our own data some of our data from etr and and why you think these companies may be candidates for long-term growth and and be buy the dip stock so to do that i hacked up this little comparison slide we're showing here i do this for context our audience knows i'm not a cfa or a valuation expert but we like to do simple comparisons just to give people context and a sense of relative size growth and valuation and so this chart attempts to do that so what i did is i took the most recent quarterly revenue for cooper snowflake and z scalar multiplied it by four to get a run rate we included servicenow in the table just for baseline reference because bill mcdermott as we've reported aspires to make service now the next great enterprise software company alongside with salesforce and oracle and some of the others and and all these companies that we list here that through the three here they aspire to do so in their own domain so we're displaying the market cap from friday morning september 10th we calculated a revenue run rate multiple and we show the quarterly revenue growth and what this data does is gives you a sense of the three companies they're well on their way to a billion dollars in revenue it underscores the relationship between revenue growth and valuation snowflake being the poster child for that dynamic savannah i know you do much more detailed financial analysis but let's talk about these companies in order maybe start with koopa they just crushed their quarter i mean they blew away consensus on the top line what else about the company do you like and why is it on your by the dip list so just to back up david on valuation these companies investors either directly or indirectly value on a dcf basis and what happened at the beginning of the year as interest rates started increasing people started freaking out and once you plug in 100 basis points higher interest rate in your dcf model you get significant price downside so that really drove a lot of the pullback at the beginning of the year right now where we stand today interest rates haven't really moved all that significantly off the bot of the bottom they're still around the same levels maybe a little bit higher but those are not the types of moves that are going to drive significant downside in this stock so as things have stabilized here a lot of these opportunities look pretty attractive on that basis so koopa specifically came out of our um if you go back to that uh the chart of like where the opportunities lie in um in across the manufacturing uh um enterprise koopa is really focused on business pen management so they're really trying to help companies reduce their cost uh and they're a leader in the space uh they're unique uh unique in that they're cloud-based so the feedback we've been hearing from from our companies that use it jetblue uses it train technologies uses it the feedback we've been hearing is that they love the ease of implementation so it's very easy to implement and it drives real savings um savings for these companies so we see in our dcf model we see multiple years of this 30 40 percent growth and that's really driving our price target yeah and we can i can confirm that i mean i mean just anecdotally you know you know we serve a lot of the technology community and many of our clients are saying hey okay you know when you go to do invoicing or whatever you work with procurement it's koopa you know this is some ariba that's kind of the legacy which is sap we'll talk about that a little later but let's talk about snowflake um you know snowflake we've been tracking them very closely we know the management there we've watched them through their last two companies now here and have been following that company early on since since really 2015. tell us why you like snowflake um and and maybe why you think it can continue its rapid growth thanks david so first of all i need to compliment you on your research on the company on the technology side so where we come in is more from understanding where our companies can use soft snowflake and where snowflake can add value so what we've been hearing from our companies is the challenge that they're facing is that everybody's moving to the cloud but it's not as simple as just send your data to the cloud and call aws and they're gonna generate more revenue for your solve your cost problem so what we've been hearing is that companies need to find tools that are easy to use where they can use their own domain expertise and just plug and play so um ansys is one of the companies we covered the dust simulation they've found snowflake to be an extremely useful tool in sales lead generation and within sales crm systems have been around for a while and they're they've really been implemented but analyzing sales numbers is something that is new to this company some some of our companies don't even know what their sales are even when they look back after the quarter is closed so tools like this help um companies do easy analytics and therefore drive revenue and cost savings growth so we see really big runway for for this company and i think the most misunderstood part about it is that people view it as a warehousing data warehousing play while this is all about compute and the company does a good job separating the two and what our their customers like or like the companies that we cover like about it is that it can lower their compute costs um and make it much easier much more easily manageable for them great and we're going to talk about more about each of these companies but let's talk about z-scaler a bit i mean z-scaler is a company we've been very excited about and identified them kind of early on they've definitely benefited from the move to cloud generally and specifically the remote work uh situation with the cyber threats etc but tell us why you like z-scaler so interestingly z-scaler um we like the broader security space um the broader cyber security space and interestingly our companies are not yet spending to the level that is commensurate with the increase in attack rate so we think this is a trend that is really going to accelerate as we go forward um my own board 20 of the time on the last board meeting was spent on cyber security what we're doing and this is a pretty simple operation that that we're running here so you can imagine for a large enterprise with thousands of people all around the world um needing to be on a single simple system z-scaler really fits well here very easy to implement several of our industrial companies use it siemens uses it ge uses it and they've had great great experience with it excellent i just want to take a quick look at how some of these names have performed over the last year and and what if anything this data tells us this is a chart comparing the past 12 months performance of of those four companies uh that we just talked about and we added in you know servicenow z scalar as you can see has outperformed the other despite your commentary on discounted cash flow snowflake is underperformed really precisely for the reasons that you mentioned not to mention the fact that it was pretty highly valued and you can see relative to the nas but it's creeping back lately after very strong earnings even though the stock dropped after it beat earnings because the street wants the cfo to say to guide even higher than maybe as mike scarpelli feels is prudent and you can see cooper has also underperformed relatively speaking i mean it absolutely destroyed consensus this week the stock went up but it's been off with the the weaker market this week i know you like to take a longer term view but but anything you would add here yeah so interestingly both z-scaler and koopa were in the camp of as we went into earnings expectations were already pretty high because few of their competitors reported very strong results so this scalar yesterday their revenue growth was was pretty strong the stock is down today uh and the reason is because people were kind of caught up a little bit in the noise of this quarter growth is 57 last quarter it was 60 like is this a deceleration we don't see it as that at all and the company brought up one point that i thought was extremely interesting which is as their deal sizes are getting larger it takes a little longer time for them to see the revenue come through so it takes a little bit of time to for you to see it into from billings into into revenue same thing with cooper very strong earnings report but i think expectations were already pretty high going into it uh given the service now and um and anna plan as well reported strong results so i think it's all about positioning so we love these setups where you can buy the deep in on this opportunity where like people get caught up in um short-term noise and and it creates good entry points excellent i i want to bring in some data from our partner etr and see if you have any comments ivana so what we're showing here is a two-dimensional chart we like to show this uh very frequently it's based on a survey of between a thousand and fifteen hundred chief information officers and technology buyers every quarter this is from their most recent july survey the vertical axis shows net score which is a measure of spending momentum i mean this it measures the net percentage of customers in the survey that are spending more on a particular product or platform in other words it essentially subtracts the percentage of customers spending less from those spending more which yields a net score it's more granular than that but basically that's what it does the horizontal axis is market share or pervasiveness in the data set it's not revenue market share like you get from idc it's it's a mention market share and now that red dotted line at the 40 percent mark on the vertical represents an elevated level in other words anything above 40 percent we consider notable and we've plotted our three by the dip companies and included some of their competitors for context and you can see we added salesforce servicenow and oracle and that orange ellipse because they're some of the bigger names in the software business so let's take these in alphabetical order ivana starting with koopa in the blue you can see we plotted them next to sap's ariba and you can see cooper has stronger spending momentum but not as much presence in the market so to me my influence is oh that's an opportunity for them to steal share more modern technology you know more facile and of course oracle has products in this space but the oracle dot includes all oracle products not just the procurement stuff but uh maybe your thoughts on this absolutely i love this chart i think that's your spot on this would be the same way i would interpret the chart where um increased spending momentum is is a sign of the company providing products that people like and we we expect to see cooper's share grow market share grow over time as well so let's come back to the chart and i want to i want to really point out the green ellipse this is the data zone if you will uh and we're like a broken record on this program with snowflake has performed unbelievably well in net score and spending momentum every quarter the dtr has captured enough end sample in its survey holding near or above 80 percent its net score consistently is has been up there and we've plotted data bricks in that zone it's been expected right that data bricks is going to do an ipo this year late last month company raised 1.6 billion in a private round so i guess that was either a strategy to delay the ipo or raise a bunch more cash and give late investors a low risk bite at the apple you know pre-ipo as we saw with snowflake last year what we didn't plot here are some of snowflake's biggest competitors ivana who also happen to be their partners most notably the big cloud players all who have their own database offerings aws microsoft and google now you've said snowflake is much more than a database company i wonder if you could add some color here yeah that's a very good point david uh basically the the driver of the thesis in snowflake is all about acceleration and spending and what we are seeing is the customers that are signed up on their platform today they're not even spending they're probably spending less than five percent of what they can ultimately spend on this product and the reason is because they don't yet know what the ultimate applications are for this right so you're gonna start with putting the data in a format you can use and you need to come up with use cases or how are you actually going to use this data so back to the example that i gave with answers the first use case that they found was trying to optimize leads there could be like 100 other use cases and they're coming up with with those on a daily basis so i would expect um this score to keep keep uh keep up pretty high or or go even higher as we as people figure out how they can use this product you know the buy-the-dip thesis on snowflake was great last quarter because the stock pulled back after they announced earnings and when we reported we said you know mike the the company see well cleveland research came out remember they got the dip on that and we looked at the data and we said mike scarpelli said that you know we're going to probably as a percentage of overall customers decelerate the net net new logos but we're going deeper into the customer base and that's exactly what's happening with with snowflake but okay let's bring up the slide again last but not least the z scaler we love z scalar we named z scaler in 2019 as an emerging four-star security company along with crowdstrike and octa and we said these three should be on your radar and as you see we've plotted z scalar with octa who with its it's its recent move into to converging identity and governance uh it gets kind of interesting uh we plotted them with palo alto as well another cyber security player that we've covered extensively we love octa in addition to z-scaler we great respect for palo alto and you'll note all of them are over that 40 percent line these are disruptors they're benefiting well not so much palo alto they're more legacy but the the other two are benefiting from that shift to work from home cloud security modern tech stack uh the acquisition that octa-made of of of auth0 and again z scalar cloud security getting rid of a lot of hardware uh really has a huge tailwind at its back if on a zscaler you know they've benefited from the huge my cloud migration trend what are your thoughts on the company so i actually love all three companies that are there right and the point is people are just going to spend more money whether you are on the cloud of the cloud the data centers need more security as well so i think there is a strong case to be made for all three with this scaler the upside is that it's just very easy to use very easy to implement and if you're somebody that is just setting up infrastructure on the cloud there is no reason for you to call any other competitor right with palo alto the case there is that if you have an established um security platfor if you're on their security platform the databa on the data center side uh they they did introduce through several acquisitions a pretty attractive cloud offering as well so they've been gaining share as well in the space and and the company does look pretty attractive on valiation basis so for us cyber security is really all about rising tide lifts all boats here right so you can have a pure play like this scaler uh that benefits from the cloud but even somebody like palo alto is pretty well positioned um to benefit yeah we think so too over a year ago we reported on the valuation divergence between palo alto and fortinet fortinet was doing a better job moving to the cloud and obviously serves more of a mid-market space palo alto had some go-to-market execution challenges we said at the time they're going to get through those and when we talk to chief information security officers palo alto is like the gold standard they're the thought leader they want to work with them but at the same time they also want to participate in some of these you know modern cloud stacks so i we agree there's plenty of room for all three um just to add a bit more color and drill into the spending data a little bit more this slide here takes that net score and shows the progression since january 2019 and you can see a snowflake just incredible in terms of its ability to maintain that elevated net score as we talked about and the table on the insert it shows you the number of responses and all three of these companies have been getting more mentions over time but snowflake and z scale are now both well over 100 n in the survey each quarter and the other notable piece here and this is really important you can see all three are coming out of the isolation economy with the spending uptick nice upticks shown in the most recent survey so that's again another positive but i want to close ivana with kind of making the bull and bear case and have you address really the risks to the buy the dip scenario so look there are a lot of reasons to like these companies we talked about them cooper they've got earnings momentum you know management on the call side had very strong end market demand this the stock you know has underperformed the nasdaq you know this year snowflake and zscaler they also have momentum snowflake get this enormous tam uh although they were punished for not putting a hard number on it which is ridiculous in my opinion i mean the thing is it's huge um the investors were just kind of you know wanting a little binky baby blanket but they all have modern tech in the cloud and really importantly this shows in the etr surveys you know the momentum that they have so very high retention is the other point i wanted to make the very very low churn of these companies however cooper's management despite the blowout quarter they gave kind of underwhelming guidance they've cited headwinds uh they've with the the the lamisoft uh migration to their cloud platform snowflake is kind of like price to perfection so maybe that's an advantage because every every little negative news is going to going to cause the company to dip but it's you know it's pretty high value because salutman and scarpelli everybody expects them to surpass what happened at servicenow which was a rocket ship and it could be all argued that all three are richly priced and overvalued so but ivana you're looking out as you said a couple of years three years maybe even five years how do you think about the potential downside risks in in your by the dip scenario you buy every dip you looking for bigger dips or what's your framework there so what we try to do is really look every quarter the company reports is there something that's driving fundamental change to the story or is it a one-off situation where people are just misunderstanding what the company is reporting so in the case we kind of addressed some of the earnings that that were reported but with koopa we think the man that management is guiding conservatively as they should so we're not very concerned about their ability to execute on on the guidance and and to exceed the guidance with snowflake price to perfection that's never a good idea to avoid a stock uh because it just shows that there is the company is doing a great job executing right so um we are looking for reports like the cleveland report where they would be like negative on the stock and that would be an entry point uh for us so broadly we apply by the deep philosophy but not not if something fundamentally changes in the story and none of these three are showing any signs of fundamental change okay we're going to leave it right there thanks to my guest today ivana tremendous having you would love to have you back great to see you thank you david and def you definitely want to check out sprx and the spear etf now remember i publish each week on wikibon.com and siliconangle.com these episodes they're all available as podcasts all you do is search breaking analysis podcasts you can always connect with me on twitter i'm at d vallante or email me at david.vellante at siliconangle.com love the comments on linkedin don't forget to check out etr.plus for all the survey action this is dave vellante for the cube insights powered by etr be well and we'll see you next time [Music] you

>>from around the globe. It's the Cube with digital coverage of VM World 20 >>20 brought to you by VM Ware and its ecosystem partners. Hello and welcome back to the cubes. Virtual coverage of VM World 2020 Virtual. Is the Cube virtual not there in person this year because of CO of it? I'm John for your host of the Cube. Got David wants to meet him in all the Cube folks covering, of course, with VM Ware and VM World 2022. Great guest here to talk about the future of the workforce solutions and the impact of network security and partnerships. Tom Gala, senior vice president general manager of networking and security business unit at VM Ware and put it, Men OSHA. Who's the VP of business development and corporate development at Z Scaler. Two great companies all doing extremely well as customers are dealing with Cove it And the reality is this market and putting plans in place for coming out with a growth strategy. Gentlemen, thank you for joining me today. >>Yeah, John, thanks for having us. >>Thanks for having us, >>Tom. I want to start with you. Actually, the partnership with the scaler is the discussion of this topic. But you guys do have some hard news around the future of workforce solutions. What's the hard news and has that relate to all this? >>Yeah, we sure do, John. So you know, networks were built in a very different time. Networks were built when work was a place that you came. Now, work is the thing that you do. Oftentimes you do from your living room or your den. As I am on DSO, it really calls into question some of the fundamental principles of how we build a deploy networks. In the old model, we would set up something like a branch office and we would back haul traffic using a dedicated circuit like an mpls circuit back, haul it to one of a handful of locations that we called the DMZ or Demilitarized and those locations where you would stitch together a security ensemble made out of dedicated hardware appliances, firewalls, Web proxies, I PS systems and the like And that model service? Well, Azan industry for many decades, three. I'd say 30 years. Um, all of a sudden, the whole notion of the workplace has changed and changed dramatically We're all living through that and experiencing it firsthand. And so the original model of back hauling traffic to some point in, you know, precipitating New Jersey so that you can run it through some magic black box because the model doesn't apply anymore. And so at the end, where we have a new vision for how we can take the security, the reliability, the performance that you get when you're on the corporate network and extended into people's homes. And this is in line with what industries air calling, sassy or secure access services edge. And so the news that we're announcing is we have a complete, sassy solution that involves zero trust access. It involves firewall I. D. S I. P s capability, Advanced security services and then importantly ah, very strong partnership with the scaler on. We can walk through how that works, but it's really driven by this new shape of the workplace. >>Put it, Talk about the partnership with VM where we've been following see scaler for a long time. What a great success story. Great technology team. Great business model growth in your marketplace. Congratulations on your success as you guys continue to grow the world has spun in this disruption kind of world we're in now. You guys are well poised for that. Talk about your partnership with VM Ware. >>Thanks, John. And thank you, Tom, for that quick overview. You know, just to play out this idea we started over it over a decade ago. The basic idea was you know, the users, uh, pretty much everywhere, and the applications are moving to the cloud. And so back to Tom's comment. You know, we had these networks where you were back hauling. Maybe I'll just give a very simple analogy the CIA off Nestle, you know, when he first deployed, uh, Z skater, you know, and and realized a tremendous amount of cost savings that a security. But then, more importantly, the employees off Nestle actually started blogging that the Internet had gotten faster. And when the CEO came to ah customer advisory board meeting, he made a very simple analogy. Imagine having to get out to the Internet through four major international airports worldwide. All right, so you couldn't drink directly traverse from point A to point B. But you have to transit through these four. It would be very inefficient it would really slow you down. And more often than not, you'll be complaining that was the old network architectural. And what we have chosen to do here from a security standpoint at sea Scaler, is make that security closer to the end user. Now we pride ourselves from a security standpoint, and we certainly need networking to also adapt to that. And that's where we have found our partnership with VM Ware, to be particularly strategic. We started partnering with VM were actually prior to them, acquiring Vettel Cloud, which is the software defined when, uh, networking provider, uh, just primarily because they were a cloud based networking player. And this idea off locally breaking out to the Internet Getting out to the end destination as quickly as possible is something that they did quite seamlessly. And so we started this journey, this partnership with them a few years ago and today at VM. Well, we're enhancing that, expanding the partnership not only from a product standpoint, but then, more importantly, we're leaning in from a sales go to market customer support standpoint. >>You know, that's a great point. What? I've been saying this in the queue for a while with the joke was, um the When is the new Land E? I mean, we used to have the old days, remember? Oh, campus connecting networks drive to the airport as you mentioned, the great analogy there, by the way, has to be better. People are working at home. You got technically a land un security, you know, working at home. People are realizing this. These core services have to change. It's not just connect to the Internet the old way. It's everywhere. It's networking everywhere. This is the reality of the kinds of Internet things that used to go on where it's kind of cool and secure. You know, you've got a perimeter. Everything was working. Great. Put it. You mentioned it. Why drive to the airport? Four airports with world. That's a great analogy, Tom. This points to the future. Ready concept, access anywhere. Services that are needed for the security and, more importantly, the user experience. I don't want to slow down to go faster. I wanna I wanna I wanna make it. I wanna make a good experience happen. What's your thought? >>Yeah, well, I mean, I think we're all living through this new world where we're working from home, and sometimes the user experience is less than perfect. In fact, on this broadcast you may see stuttering and break up of the video, and you know, that's that's a problem that I think needs to be solved. It's a problem that we're able to solve with virtualization. So the idea behind virtualization by putting a layer of software on top of a physical asset, you could make it easier to manage that asset. You could make that asset more efficient. We certainly did that with servers. It was really obvious. Now we're doing it to the network itself. So what this means is we have some customers. We have one customer that is in the health care industry, like during the height of the crisis, all of their doctors and researchers had to work from home, and yet they needed to use video communication tools like we're doing here. And they needed a consistently good and user experience. And so we were able to ship these customers more than 8000 boxes over the course of two weeks into people's homes. So think of a little tiny device about the size of a set top box shows up in your house and all of a sudden your zoom or your WebEx sessions just work, no more stuttering. And we're breaking up because we're able to manage the network and virtualized prioritized traffic and deliver consistently good and user experience. So managing the quality of services, a foundational capability, and we have a unique ways to do that with virtualization that I think never existed before the second step is I wanna make sure not only that it's a good user experience, but my security. All of those controls that used to live in black boxes that those replied, This is where our partnership with the scaler is so important. So the scaler has the same philosophy that we do of like, let's put this stuff in many points of presence around the world. I think you know you're in like, 100 or so points of presence, so we weren't 150. And so whatever an end user is, you just find that nearest point of presence, connect and make the shortest route possible to deliver good quality and user experience and also consistent world class security. It's zero. It's >>interesting. First of all. We'll sign up for the Cube Virtual. We need that video late challenges. But we're you know what? We shouldn't have to be video engineers to manage the packets on the round trip. This software, I mean, you know, Web Zoom, they build their entire application to manage these kinds of intellectual property challenges. So that >>brings the >>complexity of applications. So, you know, people are gonna have all these new complexities. And how do you integrate it all? >>Yeah, you know, obviously, Zoom and WebEx companies are, you know, this is court or what they do. The challenges they gotta control both ends of the wire, and and so so with with our network virtualization, we actually control the wire itself, right? We can make the wire behave in a way we can prioritize traffic so that your zoom goes ahead of Xbox Live or Netflix do things like traffic shaping, which are techniques that are actually well understood, but difficult to deploy in a physical world. In a virtual world, we could employ these techniques constantly adapting and changing to make sure that engineer experience is smooth and easy on. That's really pretty impactful. >>Put it. What's your reaction all of this because you know I'm a customer, you know? You know, I'm like, What's in it for me, guys? Integration with the scale of VM Ware. What's in it for me? Because I got now multi clouds in the horizon. I'm dealing with multiple clouds today. I got complexity and applications themselves, and I want to create the nirvana that you laid out, which is access anywhere. High speed eso I might not have the expertise in house. What do I do? What's in it for me? Take me through the value proposition. >>Absolutely. So you know, Tom touched on it. You know the idea of bringing security as close to the end user as possible. If you step back for a minute and you start to think about security usually security and user experience off a contradictory Usually if you add more security, you lose use of experience and vice versa. That's sort of what Ziese killers start to go solve. And so, you know, over a decade ago, you know, when we started to build the architectures, it was built with a few core principles in mind, right? The idea of being completely distributed today we're in over 200 points of presence worldwide. That gives us a pretty good footprint to be as close to the end user. We absolutely could not compromise own security. So this idea that if you have a finite appliance, maybe the appliance has a, you know, a limited amount of CPU or horsepower And so I will tweet the security s so that I could get more performance, not the case with how we ran about, you know, offering security. All security services run all the time. Right? So without any compromise to the end user, and then finally, you know, when it comes to the actual security itself architectures based on something called a proxy. And usually again, if you start to think about a proxy and security was, uh people don't think in a very favorable manner, they usually think it slows things down. It adds Leighton, see, it breaks applications. And again I go back to, you know, the foundational elements of the skater. When we started this journey, it was with this idea that we're gonna build this proxy from the ground up. Very high performance. Mike was second, like late and see something that you would not see in the market anywhere with this partnership. Now, right? Seamless integration between VM Wednesay skater You are now able to set up these tunnels instantly automatically, so go back to Tom's. Example. 8000 set top boxes like devices sent out to this healthcare institution. Right? You can automatically set up tunnels such that the traffic is pointing to Z scale. There's feel over capabilities, so any and all of that has been instrumented in in software. The end customers sets that up. You know can automate that templates all across those 8000 devices. You now have security at the same time with user experience. A passed away to go adapt to business needs agility, you know, being able to keep up and lower your costs because you're substantially reducing the Mpls footprint. So there's a whole bunch of disparate, uh, you know, advantages that an enterprise gets. But the biggest one off amongst them, in my mind, is just being able to address the business needs. I mean, how Maney CEO is today with Colvin are starting to realize my network is not adapting to this new normal right, and so that's sort of where this partnership between VM Ware and Z scaler comes in. It's very timely. >>Everyone's like they want more about their network, and that's like, you know, everyone's banging on the table. Great. Great point there. Thanks for taking that great explanation. I wanna just follow up with you if you if you don't mind, compare that what you just said in terms of the value of Z scaler with this partnership versus the old way, because you what you just laid out was, you know, dynamic provisioning, setting up connections, having software, automate things, compare what it was like before because, remember, I mean, people have been around the industry. No, the pain in the butt that it's been and human error Compare what the old way it was like And now with this experience, can just just >>really And I let Tom talk about, you know, things on the network side. You know, where you might have had a large behemoth like a Cisco box where you try to tweak some policy and the entire box would fall over or something along those lines from a security standpoint. Usually when you had a a box, you know, You know, folks would call it a youth name box that God about box with, You know, as much security as you could push into a finite amount of appliance unified threat management function. Usually what would end up happening the old way was, you know, you would, you would you would have some basic security capabilities. Maybe it was. It's a traditional DMC that Thoma alluded to. You know, there's a firewall, there's an I. P s. There's some Web proxy capabilities and and that that was the that was the journey that a customer had, you know, So they would replicate this box and all those various locations. Or in the case of Nestle, before the scaler, they had those Dems es in four locations around the world, right? And the moment security, security keeps changing, right, the threat landscape keeps adopting. I mean, today, within disease killer cloud, we provide over 125,000 updates everyday, right? That's how dynamic security is. And so because the threat keeps changing, usually one of the things that vendors will try and do is add more security to that existing appliance. Right? So you're trying to make sure that a customer bottom appliance on, they need to make sure that they recoup the full investment. Let's add a little more security to it. Let's add a little more security to it so that I can keep up with the latest threats. Well, the problem with that is, when you have a finite amount of horsepower within the appliance, the performance starts to drop. And so usually that was the trade off that enterprises were making. With the security now being in the cloud right, And this idea that you're in the way, you sort of have infinite compute. Uh, you are now decoupling security from those those branch devices that Tom just alluded to. I mean, that 8000 boxes, right? One of the key points of a sassy framework that Tom alluded to is a very lightweight branch. And that's the piece That's the North Star that I think both VM Ware and Czyz killer have had right that that that low end not not lowering but of a thin branch and let the heavy lifting whether it's on the US side from the networking standpoint, whether it's security, um, you know, as it related to Z skater. Let that heavy lifting be done in the cloud. >>Yeah, and of course, there's a lot of lot of moving parts, so it's It's might be lower in lightweight, but it's more functionality. That's what the cloud Because I get that point, by the way, that anyone in the D M Z knows that as you add more stuff in there, get more, you know, cooks in the kitchen. Nothing good comes from that. Um, Tom, I'm gonna get your thoughts for the your audience out there and your customers and your prospects. What does the Z scale of partnership mean for them? >>Well, like I said, it zone opportunity to think differently about how we build a deploy enterprise networks. This a dramatic change. Most of us have been familiar with the old model where you had a spoon. It was referring to those big heavy boxes, the VPN concentrators and at the same time, most of us have been employees of those companies on. We've had the, you know, sort of less than stellar experience of turning the VPN on, and all of a sudden interest in Internet go slow. That's that's not what we want Thio achieve, and so so having the ability to use a distributed architectures. It's being forced upon us. Everyone is distributed where they like. They like it or not, Right? And so having a distributed architecture where I can put security and quality of service network controls closer to the end user is really, really critical. And I think just as puny was saying they started with this idea of of pushing security closely on user. We started with fellow Cloud with the idea of virtual izing the network in lots of physical places. So retail locations. So you've got thousands of stores around the world. You need to deliver video and audio services into those stores with a very high quality. So we were designed to have a very light, uh, entry point, and a light interviewing can just be pure software. It could be a small box three advantage of a small boxes. It's so turnkey it's designed that totally unskilled operator can use this retail people. A store manager gets a little box in the mail. You plug it in, you know, snap to Internet cables into it, and it just works again, Put it referred to this. This is part of our value. Proposition is, you plug this thing in a zone and used all you know is the Internet just got faster. You don't have to configure proxy settings. What's my I p range? Like that stuff's? Yeah, exactly. Well, and this is so many of us are feeling it now when you have, you know, sub optimal network connections. So being able to deliver a quality and user experience, >>you know, Cove, it accelerated a lot of a lot of opportunities. Also exposes the scabs and and, you know, things that been laying around and some suboptimal projects. I mean, and everyone's gonna be doubling down on things that are working and probably, you know, putting on the back burner or killing projects that don't make sense. So, um, this is a great opportunity, and I think forces things right in you guys. Wheelhouse is so I appreciate taking the time for the last minute that we have left Tom and putting. If you don't mind, I'd love to get your thoughts real quick on what's next after cloud. Obviously, cloud brings up all these benefits you're talking about. Um, what do you guys see is what's next after cloud Tom will start with you. >>I think that the you know, the range of services that will deliver in this format is not at all limited to traditional DMC services. So thank ap. I gateways. Think about core infrastructure offerings like DNS. Pretty much everything that we used in the network can actually now be delivered as a service in software more efficiently, Um, then standing up boxes and and racking, stacking yourselves. And so our view is that that cove, it has killed the appliance once and for all. And that's broadly. That's not just at the at the edge. That's in the core of the data center, things like load balancers. They're all moving to software with scale out scale out infrastructure software running on X 86 on DE. So I think that change of that magnitude will still take a while to roll out. But it's happening, >>Cove. It killed appliance. That's the headline right there. Love that. Put it after cloud. What's next? >>Well, you know, I'll say this job very similar to what Tom just mentioned. I think we're in the early innings, you know, when we would talk to our customers about transforming the network and adapting to this new normal. You know, we had some early adopters, but there was still a fair number of people that was skeptical and that loved their appliances. Covert has changed a lot of that. And so we have seen, in general acceleration of the business. The market is moving in our direction, and we feel that with this partnership you have to market leaders coming together. Right? VM ware on the networking side on the cloud networking side on the data center z scaler as it relates to cloud security user base security. This idea that we are a zero trust exchange that allows users to connect your applications to the Internet in a safe manner and at scale. That's the beauty off. You know, this'll, uh, partnership that we have brought together. And we are hopeful that customers will embrace it with confidence. And I'm mindful that we're in the early innings. >>Great points, gentlemen. Awesome stuff, great insights. And I think the cloud native integration shows that people in the ecosystem is evolving to be cloud native toe have these kinds of integrations these value points physical virtualization. Tom. Great point. I mean, we're not in face to face, but we're here. Virtually the The Cube is gonna be virtual. It's suffered to find operations. The world has changed. I think everyone is now seeing it. Thanks for the insight. And congratulations, Tom. On the news putting. Thank congratulations on the partnership with VM. Where sounds like it's great for customers looking forward to digging in. Thanks for your time. Appreciate it. Okay. That's the cube coverage here. We're in Palo Alto, California. We're in the Bay Area, but this is the emerald virtual. We're not in person, but we're virtual. I'm showing for your host for coverage of the emerald 2020. Thanks for watching.

>> Welcome back to the Cuban Peterborough's chief research officer of Silicon Angle and general manager of Wicked Bond. We're as part of our continuing coverage of the arse a show. We have a great guest Z scaler amid sin. Ha! Welcome to the Cube. >> Thank you for having me here. It's a pleasure to be here. >> So, um, it what exactly does Z scaler? D'oh >> Z's killer is in the business of providing the entire security stack as a service for large enterprises. We sit in between enterprise users and the Internet and various destinations they want to goto, and we want to make sure that they have a fast, nimble Internet experience without compromising any security. >> So if I can interpret what that means, that means that as Maur companies are trying to serve their employees that Air Mobile or customers who aren't part of their corporate network they're moving more. That communication in the Cloud Z scale is making it possible for them to get the same quality of security on that communication in the cloud is he would get on premise. >> Absolutely. If you look at some of the big business transformations that are happening, work lords for enterprises are moving to the cloud. For example, enterprises are adopting Office 3 65 instead, off traditional exchange based email and on your desktop applications. They might be adopting sales force for CR M Net suite for finance box for storage. So as these workloads are moving to the cloud and employees are becoming more and more mobile, you know they might be at a coffee shop. They might be on an iPad. Um, and they might be anywhere in the world. That begs the basic security question. Where should that enterprise DMC the security stack be sitting back in the day? Enterprises had a hub and spokes model, right? They might have 50 branch offices across the world. A few mobile workers, all of them, came back over private networks to a central hub, and that hub was where racks and racks of security appliances were deployed. Maybe they started off with a firewall. Later on, they added a proxy. You are l filtering some d e l P er down the road. People realized that you need to inspect us to sell. So they added some SSL offload devices. Someone said, Hey, we need to do some sand boxing for behavioral analysis. People started adding sandboxes. And so, over time the D. M. Z got cluttered and complicated and fast forward to Today. Users have become mobile. Workloads have moved to the cloud. So if I'm sitting in a San Francisco office on my laptop trying to do my regular work, my email is in the cloud. My my court applications are sitting in the cloud. Why should I have to vpn back to my headquarters in Cincinnati over a private network, you know, incurring all the Leighton see and the delays just so that I can get inspected by some legacy appliances that are sitting in that DMC, right? So we looked at that network transformation on We started this journey at Ze scale or eight years ago, and we said, Look, if users are going to be mobile and workloads are going to be in the cloud, the entire security stack should be as close as possible to where the users are. In that example, I described, I'm sitting here. I'm going to Salesforce. We're probably going to the same data center in San Francisco. Shouldn't my entire security stag be available right where I am, um, and my administrators should have full visibility, full control from a single pane of glass. I get a fast, nimble user experience. The enterprise doesn't have to compromise in any security, and that's sort of the vision that we have executing towards. >> But it's not just for some of the newer applications or some of the newer were close. We're also seeing businesses acknowledge that the least secure member of their community has an impact on overall security. So the whole concept of even the legacy has to become increasingly a part of this broad story. So if anybody accesses anything from anywhere through the cloud that those other workloads increasing, they're gonna have to come under the scrutiny of a cloud based security option. >> Absolutely. I mean, that's a brilliant point, Peter. >> I >> think of >> it this way. Despite all those security appliances that have been deployed over time, they're still security breach is happening. And why is that? That is because users are the weakest link, right? If I'm a mobile work user, I'm sitting in a branch office. It's just painful for me to go back to those headquarter facilities just for additional scanning so two things happen either I have a painful user experience. What? I bypassed security, right? Um, and more and more of the attacks that we see leverage the user as the weakest link. I send you a phishing email. It looks like it came from HR. It has a excel sheet attached to it to update some information. But, you know, inside is lurking a macro, right? You open it. It is from a squatter domain that looks very similar to the company you work for. You click on it and your machine is infected. And then that leads to further malware being downloaded, data being expatriated out. So the Z scaler solution is very, very simple. Conceptually, we want to sit between users and the destinations they goto all across the world. And we built this network of 100 data centers. Why? Because you cannot travel faster than the speed of light. So if you're in San Francisco, you better go through our San Francisco facility. All your policies will show up here. All the latest and greatest security protections will be available. We serve 5000 large enterprises. So if we discover a new security threat because of an employee from, let's say, a General Electric. Then someone from United Airlines automatically gets protection simply because the cloud is live all the time. You're not waiting for your security boxes to get, you know, the weekly patch updates for new malware indicators and so on. Right, So, um, you get your stack right where you are. It's always up to date. User experience is not compromised. Your security administrators get a global view off things. And one >> of the >> things that that I that we haven't talked about here it is the dramatic cost savings that this sort of network transformation brings for enterprises. To put that in perspective, let's say you're a Fortune 100 organization with 100,000 employees worldwide in that, huh? Been spoke model. You are forcing all those workloads to come toe a few choke points, right? That is coming over. Very expensive. NPLs circuits private circuits from service providers. You're double trombone in traffic, back and forth. You know, you and I are in a branch. We might be on. Ah, Skype session. Ah, Google Hangout session. All our traffic goes to H Q. Goes to the cloud comeback comes back to h. Q comes back to you, there's this is too much back and forth, and you're paying for those expensive circuits and getting a poor user experience. Wouldn't it be great if you and I could go straight to the Internet? And that can only be enabled if we can provide that pervasive security stack wherever you are? And for that, we built this network of 100 data centers worldwide. Always live, always up to date you. You get routed to the closest the scaler facility. All your policy show up. They're automatically and you get the latest and greatest protection. >> So it seems as though you end up with three basic benefits. One is you get the cost benefit of being able to, uh, have being able to leverage a broader network of talent, skills and resources You reduce. Your risk is not the least of which is that the cost and the challenges configuring a whole bunch of appliances has not gotten any easier over the last. No, it hasn't cheaters. And so not only do you have user error, but you also Administrator Erin, absolutely benign, but nonetheless it's there, and then finally and this is what I want to talk about. Increasingly, the clot is acknowledged as the way that companies are going to improve their portfolio through digital assets. Absolutely. Which means new opportunities, new competition, new ways of improving customer experience. But security has become the function of no within a lot of organizations. Absolutely. So How does how does AE scaler facilitate the introduction of new business capabilities that can attack these opportunities in a much more timely way by reducing doesn't reduce some of those some of those traditional security constraints. >> Absolutely right, and we call it the Department of No right. We've talked to most people in the industry. They view their I t folks there, security forces, the department of Know Why? Because there's this big push from users to adopt newer, nimble, faster cloud based ah solutions that that improved productivity. But often I t comes in the way. No, If you look at what Izzy's killer is doing, it's trying to transform the adoption of these Cloud service. Is that do improve business productivity? In fact, there is no debate now because there are many, many industries that ever doubt adopted a cloud first strategy. Well, that means is, as they think of the network and their security, they want to make sure that cloud is front and center. Words E scaler does is it enables that cloud for a strategy without any security compromise. I'll give you some specific examples. Eight out of 10 c I ose that we talk to our thinking about office 3 65 or they have already deployed it right. One of the first challenge is that happens when you try to adopt office. 3 65 is that your legacy network and security infrastructure starts to come crumble. Very simple things happen. You have your laptop. Suddenly, that laptop has many, many persistent SSL connections to the clothes. Because exchange is moved to the cloudy directory, service is are moving to the cloud. If you have a small branch office with 2000 users, each of them having 30 40 persistent connections to the cloud will your edge firewall chokes. Why? Because it cannot maintain so many active ports at the same time, we talked about the double trombone ing of traffic back and forth. If you try to not go direct to the Internet but force everyone to go through a couple of hubs. So you pay for all the excessive band with your traditional network infrastructure, and your security infrastructure might need a forklift upgrades. So a cloud transformation project quickly becomes a network in a security transformation project. And this is where you nosy scaler helps tremendously because we were born and bred in the cloud. Many of these traditional limitations that you have with appliance based security or networking, you know, in the traditional sense don't exist for the scaler, right? We can enable your branch officers to go directly to the cloud. In fact, we've started doing some very clever things. For example, we peer with Microsoft in about 20 sites worldwide. So what that means is, when you come to the scaler for security, there's a very high likelihood that Microsoft has a presence in the same data center. We might be one or two or three millisecond hops away because we're in the same equinox facility in New York or San Jose. And so not only are you getting your full security stack where you are, you're getting the superfast peered connections to the end Cloud service is that you want to goto. You don't have to work. Worry about you know your edge Firewalls not keeping up. You don't have to worry about a massive 30 40% increase in back hole costs because you were now shipping all this extra traffic to those couple of hubs. And more importantly, you know, you've adopted these transformative technologies on your users don't have to complain about how slow they are because you know, most of the millennials hitting the workforce. I used to a very fast, nimble experience on their mobile phones with consumer APS. And then they come into the enterprise and they quickly realize that, well, this is all cumbersome and old and legacy stuff >> in me s. So let's talk a little bit about Let's talk a bit about this notion of security being everywhere and increasingly is removed to a digital business or digital orientation. With digital assets being the basis for the value proposition, which is certainly happening on a broad scale right now, it means it's security going back to the idea of security being department. No security has to move from an orientation of limiting access to appropriately sharing. Security becomes the basis for defining the digital brand. So talk to us a little bit about how the how you look out, how you see the world, that you think security's gonna be playing in ultimately defining this notion of digital brand digital perimeters from a not a iittie standpoint. But from a business value standpoint, >> absolutely. I would love to talk about that. So Izzy's killer Our cloud today sees about 30,000,000,000 transactions a day from about 5000 enterprises. So we have a very, very good pulse on what is happening in large enterprises, from from a cloud at perspective or just what users are doing on the Internet. So here are some of the things that we see. Number one. We see that about 50 60% of the threats are coming inside SSL, so it's very important to inspect SSL. The second thing that we observe is without visibility. It is very different, very difficult for your security guys to come up with a Chris policy, right? If you cannot see what is happening inside an SSL connection, how are you going to have a date? A leakage policy, right? Maybe your policy is no P I information should leak out. No source code should leak out. How can you make sure that an engineer is not dropping something in this folder, which is sinking to Google Drive or drop box in an in an SSL tano, Right. How do you prioritize mission Critical business applications like office 3 65 over streaming media, Right. So for step two, crafting good policy is 100% real time visibility. And that's what happens when you adopt the Siskel a network. You can see what any user is doing anywhere in the world within seconds. And once you have that kind of visibility, you can start formulating policies, both security and otherwise that strike a good balance between business productivity that you want to achieve without compromising security. >> That's the policy's been 10 more net. You can also end that decisions. >> Yes, right. So, for example, you can you can have a more relaxed social media policy, right? You can say Well, you know, everyone is allowed access, but they can. Maybe streaming media is restricted to one hour a day. You know, after hours, or you can say, I want to adopt um, storage applications in the clothes here are some sanctioned APS These other raps were not going to allow right. You can do policies by users, by locations by departments, right? And once you have the visibility, you can. You can be very, very precise and say, Well, boxes, my sanction story, Jap other APS are not allowed right and hear other things that a particular group of users can do on box. Or they cannot do because we were seeing every transaction between the user on going to the destination and as a result, begin, you know, we can enable the enterprise administrator to come up with very, very specific policies that are tailored for that. >> You said something really interesting. I'm gonna ask you one more question, but I'm gonna make a common here. And that common is that the power of digital technology is that it can be configured and copied and changed, and it's very mutable. It's very plastic, but at the end of the day it has to be precise, and I've never heard anybody talk about the idea of precise and security, and I think it's a very, very powerful concept. But what are what's What's the scale are talking about in our say this year. >> Well, we're going to talk about a bunch of very interesting things. First, we'll talk about the scale of private access. This is a new offering on the scale of platform. We believe that VP ends have become irrelevant because of all the discussions we just had, um, Enterprises are treating their Internet as though it was the Internet, right? You know, sort of a zero trust model. They're moving the crown jewel applications to either private cloud offerings are, you know, sort of restricting that in a very micro segmented way. And the question is, how do you access those applications? Right? And the sea skill immortal is very straightforward. You have a pervasive cloud users authenticate to the cloud and based on policies, we can allow them to go to the Internet to sites that have been sanctioned and allowed. We make sure nothing good is leaking out. Nothing bad is coming in, and that same cloud model can be leveraged for private access to crown jewel applications that traditionally would have required a full blown vpn right. And the difference between a VPN and the skill of private access is VP ends basically give you full network access keys to the kingdom, right? Whether it's a contractor with, it's an employee just so that you could access, you know, Internet application. You allow full network access, and we're just gonna getting rid of that whole notion. That's one thing we're gonna stroke ISS lots of cloud white analytics, As I mentioned, you know, we process 30,000,000,000 transactions a day. To put that in perspective, Salesforce reports about four and 1 30,000,000,000 4 1/2 to 5,000,000,000 transactions. They're about three and 1/2 1,000,000,000 Google searches done daily, right? So it is truly a tin Internet scale. We're blocking over 100,000,000 threats every day for, ah, for all our enterprise user. So we have a very good pulse on you know what's what's an average enterprise user doing? And you're going to see some interesting cloud? Wait, Analytics. Just where we talk about a one of the top prevalent Claude APs, what are the top threats? You know, by vertical buy by geography, ese? And then, you know, we as a platform has emerged. We started off as a as a sort of a proxy in the cloud, and we've added sand boxing capabilities. Firewall capabilities, you know, in our overall vision, as I said, is to be that entire security stack that sits in your inbound and outbound gateway in that DMC as a pure service. So everything from firewall at layer three to a proxy at Layer seven, everything from inline navy scanning right to full sand. Boxing everything from DLP to cloud application control. Right? And all of that is possible because, you know, we have this very scalable architecture that allows you to to do sort of single scan multiple action right in that appliance model that I describe. What ends up happening is that you have many bumps in the wire. One of the examples we use is if you wanted to build a utility company, you don't start off with small portable generators and stack them in a warehouse, right? That's inefficient. It requires individual maintenance. It doesn't scale properly. Imagine if you build a turbine and ah, and then started your utility company. You can scale better. You can do things that traditional appliance vendors cannot think about. So we build this scalable, elastic security platform, and on that platform it's very easy for us to add. You know, here's a firewall. Here's a sandbox. And what does it mean for end users? You know, you don't need to deploy new boxes. You just go and say, I want to add sand boxing capabilities or I want to add private access or I want to add DLP. And it is as simple as enabling askew, which is what a cloud service offering should be. >> Right. So we're >> hardly know software. >> So we're talking about we're talking about lower cost, less likelihood of human error, which improves the quality, security, greater plasticity and ultimately, better experience, especially for your non employees. Absolutely. All right, so we are closing up this particular moment I want Thank you very much for coming down to our Pallotta studio is part of our coverage on Peter Boris. And we've been talking to the scanner amidst, huh? Thank you very much. And back to Dio Cube.