>>Hello, and welcome back to the live cube coverage here in San Francisco, California, the cube live coverage. Two days, day two of a summit 2022, a summit New York city coming up in the summer. We'll be there as well. Events are back. I'm the host, John fur, the cube got great guest here, Johnny Dallas with Ze. Um, here's on the cube. We're gonna talk about his background. Uh, little trivia here. He was the youngest engineer ever worked at Amazon at the age. 17 had to get escorted into reinvent in Vegas cause he was underage <laugh> with security, all good stories. Now the CEO of gonna called Ze know DevOps kind of focus, managed service, a lot of cool stuff, John, welcome to the cube. >>Thanks John. Great. >>So tell a story. You were the youngest engineer at AWS. >>I was, yes. So I used to work at a company called Bebo. I got started very young. I started working when I was about 14, um, kind of as a software engineer. And when I, uh, was about 16, I graduated out of high school early. Um, worked at this company, Bebo running all of the DevOps at that company. Um, I went to reinvent in about 2018 to give a talk about some of the DevOps software I wrote at that company. Um, but you know, as many of those things are probably familiar with reinvent happens in a casino and I was 16, so I was not able to actually go into the casino on my own <laugh> um, so I'd have <inaudible> security as well as C security escort me in to give my talk. >>Did Andy jazzy, was he aware of this? >>Um, you know, that's a great question. I don't know. <laugh> >>I'll ask him great story. So obviously you started a young age. I mean, it's so cool to see you jump right in. I mean, I mean, you never grew up with the old school that I used to grew up in loading package software, loading it onto the server, deploying it, plugging the cables in, I mean you just rocking and rolling with DevOps as you look back now what's the big generational shift because now you got the Z generation coming in, millennials are in the workforce. It's changing. Like no one's putting package software on servers. >>Yeah, no, I mean the tools keep getting better, right? We, we keep creating more abstractions that make it easier and easier. When I, when I started doing DevOps, I could go straight into E two APIs. I had APIs from the get go and you know, my background was, I was a software engineer. I never went through like the CIS admin stack. I, I never had to, like you said, rack servers, myself. I was immediately able to scale to I, I was managing, I think 2,500 concurrent servers across every Ables region through software. It was a fundamental shift. >>Did you know what an SRE was at that time? Uh, you were kind of an SRE on >>Yeah, I was basically our first SRE, um, familiar with the, with the phrasing, but really thought of myself as a software engineer who knows cloud APIs, not a SRE. >>All right. So let's talk about what's what's going on now, as you look at the landscape today, what's the coolest thing that's going on in your mind and cloud? >>Yeah, I think the, I think the coolest thing is, you know, we're seeing the next layer of those abstraction tools exist and that's what we're doing with Ze is we've basically gone and we've, we're building an app platform that deploys onto your cloud. So if you're familiar with something like Carku, um, where you just click a GitHub repo, uh, we actually make it that easy. You click a GI hub repo and it'll deploy on a AWS using Al AWS tools. >>So, right. So this is Z. This is the company. Yes. How old's the company >>About a year and a half old now. >>Right. So explain what it does. >>Yeah. So we make it really easy for any software engineer to deploy on a AWS. Um, that's not SREs. These are the actual application engineers doing the business logic. Mm-hmm <affirmative> they don't really want to think about Yamo. They don't really want to configure everything super deeply. Um, they want to say, run this API on a AWS in the best way possible. We've encoded all the best practices into software and we set it up for you. >>Yeah. So I think the problem you're solving is, is that there's a lot of want to be DevOps engineers. And then they realize, oh shit, I don't wanna do this. Yeah. And the people want to do it. They loved under the hood. Right. People love that infrastructure, but the average developer needs to actually be as agile on scale. So that seems to be the problem you solve. Right? Yeah. >>We, we, we give way more productivity to each individual engineer, you know? >>All right. So let me ask you a question. So let me just say, I'm a developer. Cool. I built this new app. It's a streaming app or whatever. I'm making it up cube here, but let's just say I deploy it. I need your service. But what happens about when my customers say, Hey, what's your SLA? The CDN went down from this it's flaky. Does Amazon have? So how do you handle all that SLA reporting that Amazon provides? Cause they do a good job with sock reports all through the console. But as you start getting into DevOps and sell your app, mm-hmm <affirmative> you have customer issues. You, how do you view that? Yeah, >>Well, I, I think you make a great point of AWS has all this stuff already. AWS has SLAs. AWS has contract. Aw, has a lot of the tools that are expected. Um, so we don't have to reinvent the wheel here. What we do is we help people get to those SLAs more easily. So, Hey, this is a AWS SLA as a default. Um, Hey, we'll configure your services. This is what you can expect here. Um, but we can really leverage AWS reli ability of you don't have to trust us. You have to trust S and trust that the setup is good there. >>Do you handle all the recovery or mitigation between, uh, identification say downtime for instance, oh, the servers not 99% downtime, uh, went down for an hour, say something's going on? And is there a service dashboard? How does it get what's the remedy? Do you have, how does all that work? >>Yeah, so we have some built in remediation. You know, we, we basically say we're gonna do as much as we can to keep your endpoint up 24 7 mm-hmm <affirmative>. If it's something in our control, we'll do it. If it's a disc failure, that's on us. If you push bad code, we won't put out that new version until it's working. Um, so we do a lot to make sure that your endpoint stays up, um, and then alert you if there's a problem that we can't fix. So cool. Hey, S has some downtime, this thing's going on. You need to do this action. Um, we'll let you know. >>All right. So what do you do for fun? >>Yeah, so, uh, for, for fun, um, a lot of side projects. <laugh>, uh, >>What's your side hustle right now. You got going on >>The, uh, it's a lot of schools playing >>With serverless. >>Yeah. Playing with a lot of serverless stuff. Um, I think there's a lot of really cool Lam stuff as well, going on right now. Um, I love tools is, is the truest answer is I love building something that I can give to somebody else. And they're suddenly twice as productive because of it. Um, >>That's a good feeling, isn't it? Oh >>Yeah. There's nothing >>Like that. Tools versus platforms. Mm-hmm, <affirmative>, you know, the expression, too many tools in the tool, she becomes, you know, tools for all. And then ultimately tools become platforms. What's your view on that? Because if a good tool works and starts to get traction, you need to either add more tools or start building a platform platform versus tool. What's your, what's your view on our reaction to that kind of concept debate? >>Yeah, it's a good question. Uh, we we've basically started as like a, a platform. First of we've really focused on these, uh, developers who don't wanna get deep into the DevOps. And so we've done all of the piece of the stacks. We do C I C D management. We do container orchestration, we do monitoring. Um, and now we're, spliting those up into individual tools so they can be used awesome in conjunction more. >>Right. So what are some of the use cases that you see for your service? It's DevOps basically nano service DevOps for people on a DevOps team. Do clients have a DevOps person and then one person, two people what's the requirements to run >>Z? Yeah. So we we've got teams, um, from no DevOps is kind of when they start and then we've had teams grow up to about, uh, five, 10 man DevOps teams. Mm-hmm <affirmative> um, so, you know, as more structured people come in, because we're in your cloud, you're able to go in and configure it on top you're we can't block you. Uh, you wanna use some new AOL service. You're welcome to use that alongside the stack that we deploy for >>You. How many customers do you have now? >>So we've got about 40 companies that are using us for all of their infrastructure, um, kind of across the board, um, as well as >>What's the pricing model. >>Uh, so our pricing model is we, we charge basically similar to an engineer salary. So we charge, uh, a monthly rate. We have plans at 300 bucks a month, a thousand bucks a month, and then enterprise plan for based >>On the requirement scale. Yeah. You know, so back into the people cost, you must offer her discounts, not a fully loaded thing, is it? >>Yeah. There's a discounts kind of at scale, >>Then you pass through the Amazon bill. >>Yeah. So our customers actually pay for the Amazon bill themselves. Oh. So >>They have their own >>Account. There's no margin on top. You're linking your Aless account in, um, it, which is huge because we can, we are now able to help our customers get better deals with Amazon. Um, got it. We're incentivized on their team to drive your cost down. >>And what's your unit main unit of economics software scale. >>Yeah. Um, yeah, so we, we think of things as projects. How many services do you have to deploy as that scales up? Um, awesome. >>All right. You're 20 years old now you not even can't even drink legally. <laugh> what are you gonna do when you're 30? We're gonna be there. >>Well, we're, uh, we're making it better. And >>The better, the old guy on the cube here. >><laugh> I think, uh, I think we're seeing a big shift of, um, you know, we've got these major clouds. AWS is obviously the biggest cloud. Um, and it's constantly coming out with new services. Yeah. But we're starting to see other clouds have built many of the common services. So Kubernetes is a great example. It exists across all the clouds. Um, and we're starting to see new platforms come up on top that allow you to leverage tools from multiple clouds. At the same time. Many of our customers actually have AWS as their primary cloud and they'll have secondary clouds or they'll pull features from other clouds into AWS, um, through our software. I think that I'm very excited by that. And I, uh, expect to be working on that when I'm 30. Awesome. >>Well, you gonna have a good future. I gotta ask you this question cuz uh, you know, I've always, I was a computer science undergraduate in the, in the eighties and um, computer science back then was hardcore, mostly systems OS stuff, uh, database compiler. Um, now there's so much compi, right? So mm-hmm <affirmative> how do you look at the high school college curriculum experience slash folks who are nerding out on computer science? It's not one or two things much. You've got a lot of, a lot of things. I mean, look at Python, data engineering, merging as a huge skill. What's it? What's it like for college kids now and high school kids? What, what do you think they should be doing if you had to give advice to your 16 year old self back a few years ago now in college? Um, I mean Python's not a great language, but it's super effective for coding and the data's really relevant, but it's you got other language opportunities, you got tools to build. So you got a whole culture of young builders out there. What should, what should people gravitate to in your opinion stay away from yeah. Or >>Stay away from that's a good question. I, I think that first of all, you're very right of the, the amount of developers is increasing so quickly. Um, and so we see more specialization. That's why we also see, you know, these SREs that are different than typical application engineering. You get more specialization in job roles. Um, I think if, what I'd say to my 16 year old self is do projects, um, the, I learned most of my, what I've learned just on the job or online trying things, playing with different technologies, actually getting stuff out into the world, um, way more useful than what you'll learn in kind of a college classroom. I think classrooms great to, uh, get a basis, but you need to go out and experiment actually try things. >>You know? I think that's great advice. In fact, I would just say from my experience of doing all the hard stuff and cloud is so great for just saying, okay, I'm done, I'm abandoning the project. Move on. Yeah. Because you know, it's not gonna work in the old days. You have to build this data center. I bought all this certain, you know, people hang on to the old, you know, project and try to force it out there. >>You can launch a project, >>Can see gratification, it ain't working <laugh> or this is shut it down and then move on to something new. >>Yeah, exactly. Instantly you should be able to do that much more quickly. Right. >>So you're saying get those projects and don't be afraid to shut it down. Mm-hmm <affirmative> that? Do you agree with that? >>Yeah. I think it's ex experiment. Um, you're probably not gonna hit it rich on the first one. It's probably not gonna be that idea is DJing me this idea. So don't be afraid to get rid of things and just try over and over again. It's it's number of reps that a win. >>I was commenting online. Elon Musk was gonna buy Twitter, that whole Twitter thing. And, and, and someone said, Hey, you know, what's the, I go look at the product group at Twitter's been so messed up because they actually did get it right on the first time <laugh> and, and became such a great product. They could never change it because people would freak out and the utility of Twitter. I mean, they gotta add some things, the added button and we all know what they need to add, but the product, it was just like this internal dysfunction, the product team, what are we gonna work on? Don't change the product so that you kind of have there's opportunities out there where you might get the lucky strike, right. Outta the gate. Yeah. Right. You don't know, >>It's almost a curse too. It's you're not gonna Twitter. You're not gonna hit a rich second time too. So yeah. >><laugh> Johnny Dallas. Thanks for coming on the cube. Really appreciate it. Give a plug for your company. Um, take a minute to explain what you're working on, what you're looking for. You're hiring funding. Customers. Just give a plug, uh, last minute and have the last word. >>Yeah. So, um, John Dallas from Ze, if you, uh, need any help with your DevOps, if you're a early startup, you don't have DevOps team, um, or you're trying to deploy across clouds, check us out ze.com. Um, we are actively hiring. So if you are a software engineer excited about tools and cloud, or you're interested in helping getting this message out there, hit me up. Um, find a Z. >>Yeah. LinkedIn Twitter handle GitHub handle. >>Yeah. I'm the only Johnny on a LinkedIn and GitHub and underscore Johnny Dallas underscore on Twitter. Right? Um, >>Johnny Dallas, the youngest engineer working at Amazon. Um, now 20 we're on great new project here. The cube builders are all young. They're growing in to the business. They got cloud at their, at their back it's, uh, tailwind. I wish I was 20. Again, this is a cue. I'm John for your host. Thanks for watching. >>Thanks.

>> Hey, welcome back, everybody. Jeffrey here with the cue, we're having acute conversation that are probably out. The studio's a little bit of a break in the conference schedule, which means we're gonna have a little bit more intimate conversations outside of the context of a show we're really excited to have. Our next guest is running $1,000,000,000 company evaluation that been added for almost 10 years. Cloud first from the beginning, way ahead of the curve. And I think the curves probably kind of catching up to him in terms of really thinking about security in a cloud based way. It's J. Charger. He's the founder and CEO of Ze Scaler. J Welcome. Thank you, Jeff. So we've had a few of your associates on, but we've never had you on. So a great to have you on the Cube >> appreciate the opportunity. >> Absolutely. So you guys from the get go really took a cloud native approach security when everyone is building appliances and shipping appliances and a beautiful fronts and flashing lights and everyone's neighborhood appliances. You took a very different tact explain kind of your thinking when you founded the company. >> So all the companies I had done. I looked for a fuss to move her advantage. So if you are first mover, then you got significant advantage. A lot of others. So look at 2008 we were goingto Internet for a whole range of service is lots of information sitting there from weather to news and all the other stuff right now on Cloud Applications. Point of view sales force was doing very well. Net Suite was doing well, and I have been using sales force in that suite and all of my start up since the year 2001. Okay, when each of them was under 10,000,000 in sales. So my notion was simple. Will more and more information sit on the Internet? Answer was yes. If sales force the nets weed is so good, why won't other applications move? The cloud answer was yes. So if that's the case, why should security appliances sit in the data? Security should sit in the cloud as well. So with that simple notion, I said, if I start a new company, no legacy boxes to what he bought, you start a clean slate, clean architecture designed for the cloud. What we like to call. Born in the cloud for a cloud. That's what I did. What >> great foresight. I mean trying in 2008 if tha the enterprise Adoption of cloud I mean sales was really was the first application to drive that. I mean, I just think poor 80 p gets no credit for being really the earliest cloud that they weren't really a solution right there. That's the service provider. But sales force really kind of cracked the enterprise, not four. Trust with SAS application wasn't even turn back back then. So So, taking a cloud approach to security. Very different strategy than an appliance. And, you know, credit to you for thinking about you know, you could no longer build the wall in the moat anymore. Creon and Internet world. Yeah. >> So my no show, no simple. The old world off security Waas What you just mentioned castle and moat. I am safe in my castle. But when people wanted to go out to call it greener pastures, right, you needed to build a drawbridge. And that's the kind of drawbridge these appliances bills. And then if you really want to be outside for business and all other reasons you're not coming in right? So notion of Castle and Motors, No good. So we said, Let's give it up. So let's get away from the notion that I must secure my network on which users and applications are sitting. I really need to make sure the right user has access to write application or service, which may be on the Internet, which may be on a public cloud, which may be a sass application like Salesforce. Or it may be the data center. So we really thought very differently, Right? Network security will become irrelevant. Internet will become your corporate network, and we connect the right user to write application, Right? Very logical. It took us a while to evangelize and convince a bunch of customers, right. But as G and Nestle and Seaman's off, the Wolf jumped on it because they love the technology. We got fair amount of momentum, and then lots of other enterprises came along >> right, right. It's so interesting that nobody ever really talked about the Internet, has an application delivery platform back in the day, right? It was just it was Bbn. And then we had a few pictures. Thank you Netscape, but really to think of the Internet as a way to deliver application and an enterprise applications with great foresight that you had there. >> Yes. So I think we built >> on the foresight off sales force in that suite and other information sources on the great. I >> came from security side off it. I built a number of companies that build and sold appliances, right. But it was obvious that in the new world, security will become a service. So think of cloud computing. People get surprised about cloud computing being big. It's natural. It's a utility service. If I'm in the business on manufacturing veg, it's a B and C. Gray computing is not my business. If just like I plug into the wall socket, get electricity right, I should be able to turn on some device and terminal and access abdication, sitting somewhere right and managed by someone right and all. So we re needed good connectivity over the Internet to do that. As that has matured over the past 10 years, as devices have become more capable and mobile, it's a natural way to go to cloud computing, and for us to do cloud security was a very natural >> threat. Right. So then you use right place right time, right. So then you picked up on a couple These other tremendous trends that that that ah cloud centric application really take advantage of first is mobile. Next is you know, B Bring your own global right B y o d. And then this this funky little thing called Shadow I T. Which Amazon enabled by having a data center of the swipe of a credit card. Your application, your technology. This works great with all those various kind of access methodologies. Still consistently right >> now. And that is because the traditional security vendors so called network security vendors but protecting the network they assumed that you sat in an office on the Net for great. Only if you're outside. You came back to the network through vpn, right? We assume that Forget the network. Ah, user sitting in the office or at home or coffee shop airport has to get to some destination over some network. That's not What about securing the net for Let's have a policy and security. It says Whether you are on a PC auto mobile phone, you're simply connecting through our security check post. Do what you want to go. So mobile and clothes for the natural. Two things mobile became the user cloud became the destination, and Internet became the connector off the two. And we became the policy check post in the middle. >> So what? So what do you do in terms of your security application? Are you looking at, you know, Mac addresses? Are you looking at multi factor authentication? Cause I would assume if you're not guarding the network per se, you're really must be all about the identity and the rules that go along with that identity. >> It's a good question, so user needs to get to certain applications, and service is so you put them into buckets. First is external service is external means that a company doesn't need to management, and that is either open Internet, which could be Google Search could be Facebook lengthen and type of stuff. Or it could be SAS applications that Salesforce offers on Microsoft Office E 65. So in that case, we want to make sure that been uses. Go to those sites. Nothing bad should comment. That means the malware stuff and nothing good chili con you confidential information. So we are inspecting traffic going in and out. So we are about inspecting the traffic, the packets, the packets to make sure this is not malicious. Okay, Now, for authentication, we use third party serves like Microsoft A D or Octagon. They tell us who the user is into what the group is. And based on that sitting in the traffic path were that I who enforce the policy so that is for external applications. Okay, the second part of the secular service, what we called the school a private access is to make sure that you can get to your internal applications. Either in your data center, all this sitting in a public cloud, such chance as your eight of us there were less. Whatever mouth we're more worried about is the right person getting to the right application and the other checks are different. There you are connecting the right parties, Okay. Unless worried about >> security, and then does it work with the existing, um, turn of the of, you know, the internal corporate systems. Who identified you? Integrate, I assume, with all those existing types of systems. >> Yes. So we look at the destination you did. Existing system could be sitting on in your data center or in the cloud. It doesn't really matter. We look at your data center as a destination. OK, we look at stuff sitting in Azure as a destiny. >> And then and then this new little twist. So obviously Salesforce's been very successfully referenced them a few times, and I just like to point to the new 60 story tower. If anyone ever questions whether people think Cloud of Secures, go look downtown at the new school. But there's a big new entrance in play on kind of the Enterprise corporate SAS side. And that's office 3 65 It's not that noone you are still relatively new. I'm just curious to get your perspective. You've been at this for 10 years? Almost, um, the impact of that application specifically to this evolution to really pure SAS base model, getting more and more of the enterprise software stack. >> So number one application in any enterprise is email >> before you gotta think that's gonna be your next started. We gotta fix today after another e >> mail calendar ring sharing files and what it used to sit in your data center and you had to buy deploy manage Sutter was with in a Microsoft exchange. So Microsoft said, Forget about you managing it. I've will manage your exchange, uh, with a new name, all 50 65 in the clout so you don't what he bought it and are You come to me and I'll take care off it. I think it's a brilliant move by Microsoft, and customers are ready to give up. The headaches are maintaining the boxes, the software and sordid and everything. Right now, when the biggest application moves the cloud, every CEO pays attention to it. So as Office God embraced the corporate network start to break. Now, why would that happen if you aren't in 50 cities and on the globe, your exchanges? Sitting in Chicago Data Center every employee from every city came to Chicago. Did know Microsoft Office. This is sun setting something. Why should every employee go to Chicago? That's the networks on and then try to go to cloud right? So they're back. Haul over traditional corporate network using Mpls technology very expensive, and then they go to them. Then they go to the Internet to go to office. If the 65 slow slow. No one likes it. Microsatellite. >> Get too damn slow >> speed. OnlyTest Fetal light. You can only go so far. It's >> not fast. If you're going around the world and you're waiting for something, I >> have to go to New York City to my data center so I could come to a local site in San Francisco. It is hard, right? Right, And that's what our traditional networks have done. That's what traditional security boxes down what Z's killer says. Don't worry about having two or three gateways to the Internet. You have as many gay tricks as your employees because every employee simply points to the Z's. Killers near this data center were the security stack. We take care of security inspection and policy, and you get to where you need to get to the fastest way. So Office 3 65 is a great catalyst for the skin. Asked customers of struggling with user experience and the traffic getting clogged on the traditional network. We go in and say, if you did local Internet breakout, you go direct, but you couldn't go direct without us because you need some security check personally. So we are the checkpost sitting 100 data centers around the globe and uses a happy customer. We are happy. >> So I was gonna be my next point. Begs the question, How many access points do you guys have just answered? You have hundreds. So you worked with local Coehlo. You got a short You got a short hop from your device into the sea scaler system and then you you're into your network. >> You know, we are deployed and 100 data center. These are generally cola is coming from leading vendors. Maybe it connects maybe level three tire cities of gold and the goal is to shorten the distance. I'll tell you two interesting anecdotes. I talked to a C i o last year. I said, How many employees do you have? He said 10,000 said, How many Internet gateways do you have? I tell you, it's safe. I he's a 10,000. I said What? He said. Every employee has a laptop and laptop goes with it. Employee goes and indirectly goes the Internet. It's a gate for you, Right? Then he said, Sorry, I'm Miss Booke. Every employee is a smartphone, and many have tablets to have 25,000 gate. So if you start thinking that way, trying to take all the traffic back to some security appliance is sitting in a data center or 10 branch offices, right? Makes no sense. So that's where we come in. And I had an interesting discussion with a very large consumer company out of Europe. I went to see them to one of her early customers. I >> met the >> head of security. I said, I'm here to understand how well these killers working. Since our security is so good, you must be loving it. He smiled, and he said, I love you security, but I love something more than your security. I said, Huh? What is that? He said. Imagine if the world had four airport hubs to connect through and you are a world traveler. You'll be missing, he said. I have 160,000 employees in hundreds, 30 countries. I have four Internet gateways with security appliance sitting there and everyone has to go to one of those four before they get out, right, so they were miserable. Now they are blogging on the Internet than entrant has become very fast, she said. As a C so I love it because security leaders are blamed for slowing you down in the name of security. Now I have made uses happy abroad in better security. So it's all wonderful. >> Hey, sounds like you're a virtual networking company that Trojan horsed in as a security company >> way. So let's put it this way. I >> mean, the value problem. Like I'm just I'm teasing you. But it's really interesting, you know, kind of twisted tale, >> so don't know you actually making a very good point. So So this is what happening Every c. I is talking about digital transformation through I t transmission Right now. If you start drilling down, what does that mean? Applications are moving in the cloud. So that's the application transformation going on because applications are no longer in your data center, which was the central gravity. If applications the move to the cloud, the network that designed to bring everything to the data center becomes irrelevant. It's no good. So no companies are transforming the data center bit. Sorry, they're transforming the network not to transform network so you could directly go to the application. The only thing that's holding you back is security, so we essentially built a new type of security, so we're bringing security transformation, which is needed. Do transform your network and transfer your application. Right? So that's why people customers who buy us is typically the head off application, head of security and head of networking. All three come together because transformation doesn't happen in isolation. Traditional security boxes are bought, typically by the security team only because they said, put a box here, you need to inspect the traffic. We go in and say the old world off ideas change. Let me help you transform to the New World. Why we call it cloned enabled enterprise, right? And that's what we come >> pretty interesting, too, when you think of the impact that not only are you leveraging us and security layer in this cloud and getting in the way of the phone traffic in the laptop traffic, but to as people migrate to Maura and Maur of these enterprise SAS APS, you're leveraging their security infrastructure, which is usually significantly bigger than any particular individual company can ever afford. >> That that's correct. So a point there so sales force an enterprise doesn't need to worry about protecting Salesforce, they need to make sure they can have a shortest path and the right user is getting so. We help as a policy jackboots in the middle, and also we make sure employees on downloading confidential customer information and sending out in Gmail to somebody else. But when applications moved to Azure or eight of us, you as an enterprise have to what he bought securing it if you expose them. If there is all to the Internet, then somebody can discover you. Somebody can do denial of service attack. So how do you handle that? So that's where we come in. We kind of say even 1,000,000,000 applications are in azure. I will give you the shortest bat with all the technology that you need to secure your internal >> happy. It's interesting because there's been recent breaches reported at Amazon, where the Emma's the eight of US customer didn't secure their own instance. Inside of eight of us, it wasn't an eight of US problems configuration problem >> or it could be the policy problem or possible. Somebody, for example, came into your data center over vpn, and once they're on you network, they can have what we call the lateral boom and they can go around to see what's out there. And they could get to applications. So we overcome all those security >> issues. Okay, so you've been at this for a while. 3 65 is a game changer and kind of accelerating as you look forward, Um, what excites you? What scares you? You know, where do you see kind of security world evolving? Obviously, you know, here in the news all the time that the attacks now or, you know, oftentimes nation states and you know it's it's the security challenges grown significantly higher than just the crazy hacker working out of his mom's basement. A CZ You see the evolution? You know what, What, what's kind of scary and what's exciting. >> I think the scary part is inertia. People kind of say this high done security than the castle and moat. That's still still because they feel like I can put my arms that only I can see the drawbridge. And I got to see the airplane right over the missing on that. So so one someone gets into your castle, you're in trouble, right? So in the new approach we advocate, don't worry about castles, and moats. The desk applications are out there somewhere. Your users are out there somewhere, right? And they just need to reach the right application. So we are focuses connecting the right people. Now, more and more devices coming in. We all here. But I owe tease out. The I. O. T. At the end of the day is a copier printer of video camera or some machine controls >> or a nuclear power plant. >> They all need to talk to something, something right if they got hijacked. You thinkyou nuclear power plant is sending information about its health to place a. But it's going to Ukraine, right? That's a problem. How do you make sure that the coyote controls in a plant are talking right parties? So we actually sit in the middle, are connecting the party. So that's another area for us. For potential, right? Looking at opportunity. >> So another big one like mobile and in 3 65 wasn't enough. Now you have I a t. >> It's a natural hanging out with you. So today, every day we see tens of thousands of cameras and copiers calling the Internet, and customers have no idea know why are they calling. Generally, there's no malicious motive. The vendor wanted to know if the toner is down or not. Are things are working fine, but they have no security control. R. C So does a demo from the Internet. He logs onto the camera, are the printer and copier and actually gets can show that information can be obtained. So those are some of the things we must control and protect. And you do it not by doing network security but a policy base access from a right device to alright, destiny. >> So, are you seeing an increase in the in the, you know, kind of machine machine? A tremendous amount of >> traffic machine to machine. So is io to traffic, and there's a machine to machine traffic. So when you have a bunch of applications said in our data center and you a bunch of applications sitting an azure eight of us, they need to talk. So lot of that traffic goes through Z Skinner. Okay, so we're long enforcing it, then you're an application that needs to go and get, say, some market pricing information from Internet. So the machine a sitting in your data center or in azure is calling someone out. There are some server to get that information. So we come in in between as a checkpost too. Have right connectivity. >> You're saying I proper. Same value difference. Very simple, but elegant. J I'm hanging out of the more you see now, the touch to nowhere to be at the right time. We're having fun. It's a great story, and and I really appreciate you taking a few minutes out of your day to stop. But I >> have a great team that makes it happen. >> That's a big piece of it. Well, and good leadership as well. Obviously >> great leaders in the company. >> All right, Thank you. J Child Reza, founder and CEO of Ze Scaler. Check it out. Thanks again for stopping by the Cube. I'm Jeff. Rick. Thanks for watching. We'll catch you next time.

>> Welcome back to the Cuban Peterborough's chief research officer of Silicon Angle and general manager of Wicked Bond. We're as part of our continuing coverage of the arse a show. We have a great guest Z scaler amid sin. Ha! Welcome to the Cube. >> Thank you for having me here. It's a pleasure to be here. >> So, um, it what exactly does Z scaler? D'oh >> Z's killer is in the business of providing the entire security stack as a service for large enterprises. We sit in between enterprise users and the Internet and various destinations they want to goto, and we want to make sure that they have a fast, nimble Internet experience without compromising any security. >> So if I can interpret what that means, that means that as Maur companies are trying to serve their employees that Air Mobile or customers who aren't part of their corporate network they're moving more. That communication in the Cloud Z scale is making it possible for them to get the same quality of security on that communication in the cloud is he would get on premise. >> Absolutely. If you look at some of the big business transformations that are happening, work lords for enterprises are moving to the cloud. For example, enterprises are adopting Office 3 65 instead, off traditional exchange based email and on your desktop applications. They might be adopting sales force for CR M Net suite for finance box for storage. So as these workloads are moving to the cloud and employees are becoming more and more mobile, you know they might be at a coffee shop. They might be on an iPad. Um, and they might be anywhere in the world. That begs the basic security question. Where should that enterprise DMC the security stack be sitting back in the day? Enterprises had a hub and spokes model, right? They might have 50 branch offices across the world. A few mobile workers, all of them, came back over private networks to a central hub, and that hub was where racks and racks of security appliances were deployed. Maybe they started off with a firewall. Later on, they added a proxy. You are l filtering some d e l P er down the road. People realized that you need to inspect us to sell. So they added some SSL offload devices. Someone said, Hey, we need to do some sand boxing for behavioral analysis. People started adding sandboxes. And so, over time the D. M. Z got cluttered and complicated and fast forward to Today. Users have become mobile. Workloads have moved to the cloud. So if I'm sitting in a San Francisco office on my laptop trying to do my regular work, my email is in the cloud. My my court applications are sitting in the cloud. Why should I have to vpn back to my headquarters in Cincinnati over a private network, you know, incurring all the Leighton see and the delays just so that I can get inspected by some legacy appliances that are sitting in that DMC, right? So we looked at that network transformation on We started this journey at Ze scale or eight years ago, and we said, Look, if users are going to be mobile and workloads are going to be in the cloud, the entire security stack should be as close as possible to where the users are. In that example, I described, I'm sitting here. I'm going to Salesforce. We're probably going to the same data center in San Francisco. Shouldn't my entire security stag be available right where I am, um, and my administrators should have full visibility, full control from a single pane of glass. I get a fast, nimble user experience. The enterprise doesn't have to compromise in any security, and that's sort of the vision that we have executing towards. >> But it's not just for some of the newer applications or some of the newer were close. We're also seeing businesses acknowledge that the least secure member of their community has an impact on overall security. So the whole concept of even the legacy has to become increasingly a part of this broad story. So if anybody accesses anything from anywhere through the cloud that those other workloads increasing, they're gonna have to come under the scrutiny of a cloud based security option. >> Absolutely. I mean, that's a brilliant point, Peter. >> I >> think of >> it this way. Despite all those security appliances that have been deployed over time, they're still security breach is happening. And why is that? That is because users are the weakest link, right? If I'm a mobile work user, I'm sitting in a branch office. It's just painful for me to go back to those headquarter facilities just for additional scanning so two things happen either I have a painful user experience. What? I bypassed security, right? Um, and more and more of the attacks that we see leverage the user as the weakest link. I send you a phishing email. It looks like it came from HR. It has a excel sheet attached to it to update some information. But, you know, inside is lurking a macro, right? You open it. It is from a squatter domain that looks very similar to the company you work for. You click on it and your machine is infected. And then that leads to further malware being downloaded, data being expatriated out. So the Z scaler solution is very, very simple. Conceptually, we want to sit between users and the destinations they goto all across the world. And we built this network of 100 data centers. Why? Because you cannot travel faster than the speed of light. So if you're in San Francisco, you better go through our San Francisco facility. All your policies will show up here. All the latest and greatest security protections will be available. We serve 5000 large enterprises. So if we discover a new security threat because of an employee from, let's say, a General Electric. Then someone from United Airlines automatically gets protection simply because the cloud is live all the time. You're not waiting for your security boxes to get, you know, the weekly patch updates for new malware indicators and so on. Right, So, um, you get your stack right where you are. It's always up to date. User experience is not compromised. Your security administrators get a global view off things. And one >> of the >> things that that I that we haven't talked about here it is the dramatic cost savings that this sort of network transformation brings for enterprises. To put that in perspective, let's say you're a Fortune 100 organization with 100,000 employees worldwide in that, huh? Been spoke model. You are forcing all those workloads to come toe a few choke points, right? That is coming over. Very expensive. NPLs circuits private circuits from service providers. You're double trombone in traffic, back and forth. You know, you and I are in a branch. We might be on. Ah, Skype session. Ah, Google Hangout session. All our traffic goes to H Q. Goes to the cloud comeback comes back to h. Q comes back to you, there's this is too much back and forth, and you're paying for those expensive circuits and getting a poor user experience. Wouldn't it be great if you and I could go straight to the Internet? And that can only be enabled if we can provide that pervasive security stack wherever you are? And for that, we built this network of 100 data centers worldwide. Always live, always up to date you. You get routed to the closest the scaler facility. All your policy show up. They're automatically and you get the latest and greatest protection. >> So it seems as though you end up with three basic benefits. One is you get the cost benefit of being able to, uh, have being able to leverage a broader network of talent, skills and resources You reduce. Your risk is not the least of which is that the cost and the challenges configuring a whole bunch of appliances has not gotten any easier over the last. No, it hasn't cheaters. And so not only do you have user error, but you also Administrator Erin, absolutely benign, but nonetheless it's there, and then finally and this is what I want to talk about. Increasingly, the clot is acknowledged as the way that companies are going to improve their portfolio through digital assets. Absolutely. Which means new opportunities, new competition, new ways of improving customer experience. But security has become the function of no within a lot of organizations. Absolutely. So How does how does AE scaler facilitate the introduction of new business capabilities that can attack these opportunities in a much more timely way by reducing doesn't reduce some of those some of those traditional security constraints. >> Absolutely right, and we call it the Department of No right. We've talked to most people in the industry. They view their I t folks there, security forces, the department of Know Why? Because there's this big push from users to adopt newer, nimble, faster cloud based ah solutions that that improved productivity. But often I t comes in the way. No, If you look at what Izzy's killer is doing, it's trying to transform the adoption of these Cloud service. Is that do improve business productivity? In fact, there is no debate now because there are many, many industries that ever doubt adopted a cloud first strategy. Well, that means is, as they think of the network and their security, they want to make sure that cloud is front and center. Words E scaler does is it enables that cloud for a strategy without any security compromise. I'll give you some specific examples. Eight out of 10 c I ose that we talk to our thinking about office 3 65 or they have already deployed it right. One of the first challenge is that happens when you try to adopt office. 3 65 is that your legacy network and security infrastructure starts to come crumble. Very simple things happen. You have your laptop. Suddenly, that laptop has many, many persistent SSL connections to the clothes. Because exchange is moved to the cloudy directory, service is are moving to the cloud. If you have a small branch office with 2000 users, each of them having 30 40 persistent connections to the cloud will your edge firewall chokes. Why? Because it cannot maintain so many active ports at the same time, we talked about the double trombone ing of traffic back and forth. If you try to not go direct to the Internet but force everyone to go through a couple of hubs. So you pay for all the excessive band with your traditional network infrastructure, and your security infrastructure might need a forklift upgrades. So a cloud transformation project quickly becomes a network in a security transformation project. And this is where you nosy scaler helps tremendously because we were born and bred in the cloud. Many of these traditional limitations that you have with appliance based security or networking, you know, in the traditional sense don't exist for the scaler, right? We can enable your branch officers to go directly to the cloud. In fact, we've started doing some very clever things. For example, we peer with Microsoft in about 20 sites worldwide. So what that means is, when you come to the scaler for security, there's a very high likelihood that Microsoft has a presence in the same data center. We might be one or two or three millisecond hops away because we're in the same equinox facility in New York or San Jose. And so not only are you getting your full security stack where you are, you're getting the superfast peered connections to the end Cloud service is that you want to goto. You don't have to work. Worry about you know your edge Firewalls not keeping up. You don't have to worry about a massive 30 40% increase in back hole costs because you were now shipping all this extra traffic to those couple of hubs. And more importantly, you know, you've adopted these transformative technologies on your users don't have to complain about how slow they are because you know, most of the millennials hitting the workforce. I used to a very fast, nimble experience on their mobile phones with consumer APS. And then they come into the enterprise and they quickly realize that, well, this is all cumbersome and old and legacy stuff >> in me s. So let's talk a little bit about Let's talk a bit about this notion of security being everywhere and increasingly is removed to a digital business or digital orientation. With digital assets being the basis for the value proposition, which is certainly happening on a broad scale right now, it means it's security going back to the idea of security being department. No security has to move from an orientation of limiting access to appropriately sharing. Security becomes the basis for defining the digital brand. So talk to us a little bit about how the how you look out, how you see the world, that you think security's gonna be playing in ultimately defining this notion of digital brand digital perimeters from a not a iittie standpoint. But from a business value standpoint, >> absolutely. I would love to talk about that. So Izzy's killer Our cloud today sees about 30,000,000,000 transactions a day from about 5000 enterprises. So we have a very, very good pulse on what is happening in large enterprises, from from a cloud at perspective or just what users are doing on the Internet. So here are some of the things that we see. Number one. We see that about 50 60% of the threats are coming inside SSL, so it's very important to inspect SSL. The second thing that we observe is without visibility. It is very different, very difficult for your security guys to come up with a Chris policy, right? If you cannot see what is happening inside an SSL connection, how are you going to have a date? A leakage policy, right? Maybe your policy is no P I information should leak out. No source code should leak out. How can you make sure that an engineer is not dropping something in this folder, which is sinking to Google Drive or drop box in an in an SSL tano, Right. How do you prioritize mission Critical business applications like office 3 65 over streaming media, Right. So for step two, crafting good policy is 100% real time visibility. And that's what happens when you adopt the Siskel a network. You can see what any user is doing anywhere in the world within seconds. And once you have that kind of visibility, you can start formulating policies, both security and otherwise that strike a good balance between business productivity that you want to achieve without compromising security. >> That's the policy's been 10 more net. You can also end that decisions. >> Yes, right. So, for example, you can you can have a more relaxed social media policy, right? You can say Well, you know, everyone is allowed access, but they can. Maybe streaming media is restricted to one hour a day. You know, after hours, or you can say, I want to adopt um, storage applications in the clothes here are some sanctioned APS These other raps were not going to allow right. You can do policies by users, by locations by departments, right? And once you have the visibility, you can. You can be very, very precise and say, Well, boxes, my sanction story, Jap other APS are not allowed right and hear other things that a particular group of users can do on box. Or they cannot do because we were seeing every transaction between the user on going to the destination and as a result, begin, you know, we can enable the enterprise administrator to come up with very, very specific policies that are tailored for that. >> You said something really interesting. I'm gonna ask you one more question, but I'm gonna make a common here. And that common is that the power of digital technology is that it can be configured and copied and changed, and it's very mutable. It's very plastic, but at the end of the day it has to be precise, and I've never heard anybody talk about the idea of precise and security, and I think it's a very, very powerful concept. But what are what's What's the scale are talking about in our say this year. >> Well, we're going to talk about a bunch of very interesting things. First, we'll talk about the scale of private access. This is a new offering on the scale of platform. We believe that VP ends have become irrelevant because of all the discussions we just had, um, Enterprises are treating their Internet as though it was the Internet, right? You know, sort of a zero trust model. They're moving the crown jewel applications to either private cloud offerings are, you know, sort of restricting that in a very micro segmented way. And the question is, how do you access those applications? Right? And the sea skill immortal is very straightforward. You have a pervasive cloud users authenticate to the cloud and based on policies, we can allow them to go to the Internet to sites that have been sanctioned and allowed. We make sure nothing good is leaking out. Nothing bad is coming in, and that same cloud model can be leveraged for private access to crown jewel applications that traditionally would have required a full blown vpn right. And the difference between a VPN and the skill of private access is VP ends basically give you full network access keys to the kingdom, right? Whether it's a contractor with, it's an employee just so that you could access, you know, Internet application. You allow full network access, and we're just gonna getting rid of that whole notion. That's one thing we're gonna stroke ISS lots of cloud white analytics, As I mentioned, you know, we process 30,000,000,000 transactions a day. To put that in perspective, Salesforce reports about four and 1 30,000,000,000 4 1/2 to 5,000,000,000 transactions. They're about three and 1/2 1,000,000,000 Google searches done daily, right? So it is truly a tin Internet scale. We're blocking over 100,000,000 threats every day for, ah, for all our enterprise user. So we have a very good pulse on you know what's what's an average enterprise user doing? And you're going to see some interesting cloud? Wait, Analytics. Just where we talk about a one of the top prevalent Claude APs, what are the top threats? You know, by vertical buy by geography, ese? And then, you know, we as a platform has emerged. We started off as a as a sort of a proxy in the cloud, and we've added sand boxing capabilities. Firewall capabilities, you know, in our overall vision, as I said, is to be that entire security stack that sits in your inbound and outbound gateway in that DMC as a pure service. So everything from firewall at layer three to a proxy at Layer seven, everything from inline navy scanning right to full sand. Boxing everything from DLP to cloud application control. Right? And all of that is possible because, you know, we have this very scalable architecture that allows you to to do sort of single scan multiple action right in that appliance model that I describe. What ends up happening is that you have many bumps in the wire. One of the examples we use is if you wanted to build a utility company, you don't start off with small portable generators and stack them in a warehouse, right? That's inefficient. It requires individual maintenance. It doesn't scale properly. Imagine if you build a turbine and ah, and then started your utility company. You can scale better. You can do things that traditional appliance vendors cannot think about. So we build this scalable, elastic security platform, and on that platform it's very easy for us to add. You know, here's a firewall. Here's a sandbox. And what does it mean for end users? You know, you don't need to deploy new boxes. You just go and say, I want to add sand boxing capabilities or I want to add private access or I want to add DLP. And it is as simple as enabling askew, which is what a cloud service offering should be. >> Right. So we're >> hardly know software. >> So we're talking about we're talking about lower cost, less likelihood of human error, which improves the quality, security, greater plasticity and ultimately, better experience, especially for your non employees. Absolutely. All right, so we are closing up this particular moment I want Thank you very much for coming down to our Pallotta studio is part of our coverage on Peter Boris. And we've been talking to the scanner amidst, huh? Thank you very much. And back to Dio Cube.