(upbeat music) >> Hello, friends, and welcome to another edition of this special program series from theCUBE highlighting the brilliant women of the cloud. I am absolutely thrilled to be joined today by a transformative visionary, accelerating the route to market for many of North Americans' top businesses. Please welcome Tia Wiggins of AWS. Tia, thank you so much for being here. >> Hello. Hello everyone. Thank you for having me. >> I know there's a lot that we're going to talk about tech and innovation and the very exciting parts of your role, both at AWS as well as on the philanthropy side. Excuse me. But before we get there, I want to know how you got to where you're sitting right now. >> Yes, yes. Well, I'm proud to say my entire family is STEM born and bred. You know, I think I have a more traditional American upbringing of parents that did not have college degrees, but they've always had us in programs. So, you know, like I say, proud today. I have two sisters who are doctors and I was on a path to be a pharmacist. And, you know, I had got sponsored by a leader that took me on through the business journey and allowed me to connect the STEM side of my life to helping businesses grow. I'm also, I'm proud to share that I'm a philanthropist. I do believe in building communities and removing barriers to help people grow. Also, you know, as a child of two military parents, you know, my mother leaned on programs, right? I went through local hospital programs that taught me about medicine, that taught me about math, school that taught me about physics, right? That were free and funded, that allowed me to, you know, explore and get exposure. So, with that, you know, I've always had a knack to figure out how do I, in my own capacity, not being a billionaire, not being, you know, a trust fund child, but how do I create resourcing to help others come along on this pathway, leveraging and bringing bridging the two of STEM and community together. So, yeah, that's a little bit about my background. >> Yeah, I mean, it seems like it's a lifelong commitment not just a career long commitment to the industry and you're very clearly a curious person. You mentioned the role that resources and community have played in your journey. How would you recommend others who may be interested in a similar career path or exploring technology and business take actionable steps to do some of the similar things to you've done? >> Absolutely. So, as I believe that I have everyone watching this from from early career before actually in college. So I would tell for the entry level for you to focus on first finding programs, you know, AWS we have programs that help you come into the cloud computing. We will help you get your cloud certification. We have great internship programs but then also too, you know, there's diverse programs like National Society of Black Engineers, Society of Women Engineers, Society of Hispanic Engineers. There's so many programs, right, that can help you gain those actual training will actually provide you a job and exposure so they can help you actually figure out what the path you want to take when it comes to STEM. What I would share for mid-level something that I do personally for myself is, after you're in the industry, is to write a vision. So my superpowers or is transformation and a vision and every year I start off with like a love letter to myself and it includes something related to my career; a bold move. And as I get crisp on to saying something dangerous that I want to go do, I share that with my sponsors. I share that with my network, what I call my tribe, and those individuals help me gain the experiences that actually make the moves to get there, right? And it might not be exact, right? I might not actually hit that move that year. But if I look backwards, I actually looked I actually took some of the steps that were needed and essential for me to thrive when I actually get there. So definitely I would say, you know, one, in terms of exposure with programs. Two, for if you're actually in your career, write your vision, right? Get real crisp what you want to go do about it and then share it with your team. And then the last point that I think is essential that we don't really talk about a lot is feedback, right? It sounds it's easy, but feedback is communication and how you perceive yourself is not how others always perceive you, right? And I do believe in having pride. I do believe you need a certain level of ego for yourself, right, to thrive. However, there is nuggets in there that can help you accelerate on your journey, right? So I take time and I actually go on listening circles and I ask about what are my blind spots? Like, just be honest, right? Something about the AWS culture I love is that we use this principle of being vocally self-critical, right? That creates a level of transparency and honesty for others to be honest with us about something that we might not see, right? Or we might have failed, right? Or we might need to improve. So I would say, again, programs, write your vision, right? You know I call it a love letter to make it more personalized. And then three, get your, get feedback. It's essential. >> I like that, there's almost like an id, an ego and an external to that, as well as a qualitative and a quantitative component to that which I think is really interesting. You know, I went to five different classes, or I try, I looked at six different YouTube videos to learn about these skills, versus I took the time to think about what that would actually mean to me and to myself. And I think a lot of folks at any stage in their career journey don't necessarily give themselves the time to have that type of reflection. So it's wonderful to see someone who's been as successful as you talk about both your process as well as that level of transparency and communication. Taking feedback is a skillset that you'll have to use in many aspects of your life moving forward. >> Yeah. It's just communication. That's all it is. Just communication. >> Absolutely. Yes, and working on that is a certainly a lifelong journey. You've had a lot of success in your 15 years of being in the cloud. Can you give us some examples of your favorite moments? >> Yeah, you know, I'm proud. Like I took some, I took very... I got along with that vision, right? I took some very critical steps to ensure that I was taking roles that created mobility, right? You know, going back to starting at BAE systems, working with a aerospace and defense contractor where I had to move different states and get exposure to different platforms and lines of business, IT, manufacturing, down to actually stepping into an international nonprofit firm where I worked the redesign of that company, right? You know, understanding different levels of contracts how do we go to route in the market with other foreign countries, right? And then coming back into my previous- >> Not simple problems there. >> Not simple at all! But pretty amazing. >> To give you a shout out on complexity, yeah. >> Complexity, right? And it constantly be moving. And also, side note to everyone, you know obtaining my additional degrees. So, you know, if you look at my background, you know you'll see a lot of HR former roles. But if you look at the components of those jobs, it was business building, project management agile management, change management, right? So when I, I will say two of my major success moves, well one would be I was chair at Northrop Grumman. It actually allowed me to crack my teeth when it comes to new business acquisition, business proposals, right? So take all that idea of programs but actually being a part of a team to go after some of our most sacred nation contracts and programs that protects our country, right? Building, coming up with a solution and strategy, using technology, using data modernization, pulling together cloud components and then actually going out there and actually identifying the talent across the world that will be aligned to this. And making that and being a part of that team and actually signing off and saying, "Alright, this is what we believe is the best program for our solutions, for our employees for our world, for our nation," right? Had several multiple multi-billion dollar contracts that I worked on that we actually won with the Northrop Grumman that really also, from a side note, helped me build my confidence to say, "Hey, I can do more." Like, "Hey, I don't have 50 years in this industry but you know what I know is I have exposure, I have experience, I have, hey, I have an idea," right? And I know about technology and tools and how this links together into a story to say, "Hey, how does this bring value?" So I would say we had several, again national security programs that I was a part of, and then here at Amazon to speak more for our partners, right? Our partner experience. Just this year, you know, coming into my role within two quarters, we actually delivered, we actually confirmed that we actually identify Amazon opportunities for our partners, right? We believe Amazon opportunities helping our partners route to market helps them actually identify better partner opportunities so we can actually help them attach them to an actual customer. With that, within two quarters we were able to deliver over- >> Just to insert number for scale for folks listening. >> Yes. >> You have over a hundred thousand partners, correct? >> That's right, we have over a hundred thousand partners. >> So echoing on the complexity, it's not just like you're matchmaking, you know, two different people from two different sides of the fence here. >> No. >> The matrix is massive in the flywheel. That's wild. >> Yeah, absolutely. So, you know, with that, we took a subset to start with a subset of partners to say, "Hey how do we just pilot an experiment," right? If we did an exercise where we actually you know, do, you know use tools to identify opportunities that better aligned to partners, and how do we deliver that to them, right? Versus us reacting to just waiting for them to provide something to us. Within- >> What's the biggest challenges for you there? >> Oh gosh. Complexity, right? >> Yeah. >> Complexity partner types. You know, we deal with, you know, system integrators, we deal with independent software vendors, resellers - everyone has their own additional needs. They have their own complexity, they have their own in terms of their makeup, right? In terms of resourcing. So, you know, we have to, on top of that, we have to work with the partner to make sure they're actually ready and equipped to actually receive opportunities from us. And then also how do we help work with them to build a sales plan to go after those opportunities. So it's, it's all of the if you think about the flywheel, yeah we could throw something over the line, but we also have to work with them as one team to say, okay how do we help make this help you launch this opportunity with the customer, with us? >> Yeah. >> Yeah. >> And so what do you hope to see coming in the next five years? Where do you hope your role takes you at the next... >> Oh gosh. You know, I don't actually go off five years because if I look back at the last 15, I didn't imagine all those different opportunities, by the way. Right? >> Love that. So true. >> So, yeah. So I don't, again, it goes back to like I hate putting boxes over myself and but vision-wise, you know, just to say thank you to my mentors, to my sponsors, you know, I see myself C-suite, right? I see myself over an organization helping again connecting the dots with business growth and opportunities. Now, is it Amazon, I hope? Be wonderful, right? But if it's another large Fortune 500 company, absolutely. But in far, in terms of the cloud computing industry I mean, we're the unimaginable, right? You already, you talk about, you know AI we've talked about in the past, we talk about this meta, you know, this digital transformative world where we're living virtually. That scares me, right? By the way, just to be honest, everyone. But, I do believe that as a company, we are going to be moving to be more digital, you know, I do believe our customers will be more digital. I do think in more virtual engagement, right? And I see myself building those programs to help ensure that our workforce is there, that our sellers are there, that we can actually continue to drive growth and that they're actually equipped to actually align to those opportunities to help our customers grow their business. >> Yeah. The acceleration and the evolution of the modern workforce is a challenge that so many businesses are facing right now. I'm sure tens of thousands, if not all of the six-figure plus partners in your program are experiencing a dynamic range of challenges as a result. And they are all very lucky to have you there to support them. Hopefully everyone at AWS is listening to that nice plug and opportunity to promote you to the C-suite where I'm sure you belong, as time goes on. Switching from digital to diversity just a little bit, it's clear that you have had people in your community who have mentored you and taught and been a part of the education side of your journey. And I'm curious to see, or curious to ask you rather, what are the challenges that you still see in diversity in general today? >> Yeah. Well, you know, it unfortunately is still here. You know, we still have unconscious bias, right? In senior level career advancement. I think that's embedded in our culture and that's something that we constantly have to combat. You know, I was also trained under the mindset and had this belief that say, "Hey let your work speak for yourself." And in reality, it's not about your work, it's also about who knows you and who actually wants to know about you, right? And that equals unconscious bias, right? Someone that actually, you know, for people to see you for who you are and see what you actually contribute versus they just liking you. So, you know, and also too, you know we've run into the issue of being taught in our culture to lean in, right? For a moment there, I believe that, but at some point when you look around and you're like, "Oh gosh, you know I worked all last year, but my pay was only this." Or, "Hey, that person got promoted and they only worked on this one thing." And then you, and then it pinches like, oh, it's still there, right? So I just believe as leaders and including myself as my commitment is like any organization of my part like how do I advocate for others? How do I create opportunities? How do I address it? I'm very blessed to have a leader that also sees what's possible in me and creates those opportunities and, you know, removes those roadblocks and those barriers. But I, you know, I can't lie is that, you know, I've also personally been through that. But then again, I look around my family and my community and I have, you know family that's also civil servants, public servants. This is nothing new, right? And, you know, and I go around them and I get empowered to say, "Hey, you know you can actually do this and this is how you can overcome this." But then also with your commitment as a leader my commitment is how do I create those pathways for others and remove those barriers. And when I see that, how do I address it? >> And how to really be what you're touching on there so much is allyship. >> Yes! >> I think there's, it takes, being an ally takes many forms across workplaces and functions and genders and demographics and anything quite frankly. And not everyone can advocate for themselves as loudly as someone else can. And that's particularly if whatever that demographic is sees itself a lot on the leadership side of things. But it's really easy to compliment a friend or a teammate, and I think it's actually pretty easy to say nice things about them in the room when they're not in there. And that's one of the easiest ways to be an ally. And I love that you just brought that up. I think that, yeah, we just, we forget that someone else is still fighting to be noticed. And when I was looking at your, you let the work speak for itself. One of the lines that I've always referenced is "be so good they can't ignore you" which kind of combines exactly what you just mentioned is the being noticed piece. And I think it's all of our jobs to help other people and the right people and projects get noticed. So, I really love that. >> Yeah. >> Final question for you- >> So actually, just another quick line about that, you know. >> Yeah. >> And also, you know, and this is another reality about this is knowing when to walk away, right? Cause some people can chew and, you know, I do believe in closed doors are a blessing. You know, when you face rejection, you know it's redirection to where you need to go. But I also do believe like I was at this conference years ago and this woman made this analogy. There's, you know, she said, "There's a million men out there, you know, if it doesn't work for you, go get another one." And that's the idea is that your one company is not your only company. There's other companies that might be better aligned to you. Believe in yourself that you're worth it to go find another opportunity that's better aligned where people can actually celebrate you versus where they say this concept of tolerates you. So I just put that out there, is that bold belief that you have to know that about yourself to know that, hey, you're worth it, and there is another company that you can thrive and you're going to be okay. And when you do it, you'll be happy that you actually took that leap of faith. And that's something that I've taken. And when I know that, hey, my time's up, if I sense that if I see that, then I just will move on it. And I'm okay. >> I've been back here behind the curtain just snapping as you've been talking. I couldn't agree more. The only brand you're ever going to represent your whole life is you. >> Yeah. >> And I think you just nailed it. I was going to ask you for some closing inspiration, but I think you you just nailed it with that statement to be quite honest. So I don't want to poison the well. Tia Wiggins, thank you so much for joining us. It is very clear why you are a go-to market leader and AWS is very lucky to have you. And thank you to our audience for joining us for this a special program series here on theCUBE where we are featuring women of the cloud. My name's Savannah Peterson, and may the skies be clear and blue and with beautiful clouds in your universe today. (upbeat music)

(upbeat music) >> Hello everyone, welcome to this CUBE Showcase, accelerating business transformation with VMware Cloud on AWS. It's a solution innovation conversation with two great guests, Fred Wurden, VP of Commercial Services at AWS and Narayan Bharadwaj, who's the VP and General Manager of Cloud Solutions at VMware. Gentlemen, thanks for joining me on the showcase. >> Great to be here. >> Great. Thanks for having us on. It's a great topic. >> We've been covering this VMware cloud on AWS since the launch going back and it's been amazing to watch the evolution from people saying, Oh, it's the worst thing I've ever seen. What's this mean? And the press were not really on board with the vision, but as it played out as you guys had announced together, it did work out great for VMware. It did work out great for AWS and it continues two years later and I want to just get an update from you guys on where you guys see this has been going. I'll see multiple years. Where is the evolution of the solution as we are right now coming off VMware explorer just recently and going in to re:Invent, which is only a couple weeks away Feels like tomorrow. But as we prepare, a lot going on. Where are we with the evolution of the solution? >> I mean, first thing I want to say is October 2016 was a seminal moment in the history of IT. When Pat Gelsinger and Andy Jassy came together to announce this. And I think John, you were there at the time I was there. It was a great, great moment. We launched the solution in 2017 year after that at VMworld, back when we called it VMworld. I think we have gone from strength to strength. One of the things that has really mattered to us is we've learned from AWS also in the processes, this notion of working backwards. So we really, really focused on customer feedback as we built a service offering now five years old. Pretty remarkable journey. In the first years we tried to get across all the regions, that was a big focus because there was so much demand for it. In the second year, we started going really on enterprise great features. We invented this pretty awesome feature called Stretched Clusters, where you could stretch a vSphere cluster using vSAN and NSX-T across to AZs in the same region. Pretty phenomenal four nines of availability that applications started to get with that particular feature. And we kept moving forward, all kinds of integration with AWS Direct Connect, Transit Gateways with our own advanced networking capabilities. Along the way, Disaster Recovery, we punched out two new services just focused on that. And then more recently we launched our Outposts partnership. We were up on stage at re:Invent, again, with Pat and Andy announcing AWS Outposts and the VMware flavor of that, VMware Cloud and AWS Outposts. I think it's been significant growth in our federal sector as well with our federal and high certification more recently. So all in all, we are super excited. We're five years old. The customer momentum is really, really strong and we are scaling the service massively across all geos and industries. >> That's great, great update. And I think one of the things that you mentioned was how the advantages you guys got from that relationship. And this has been the theme for AWS, man, since I can remember from day one, Fred. You guys do the heavy lifting as you always say for the customers. Here, VMware comes on board. Takes advantage of the AWS and just doesn't miss a beat. Continues to move their workloads that everyone's using, vSphere, and these are big workloads on AWS. What's the AWS perspective on this? How do you see it? >> Yeah, it's pretty fascinating to watch how fast customers can actually transform and move when you take the skill set that they're familiar with and the advanced capabilities that they've been using on-prem and then overlay it on top of the AWS infrastructure that's evolving quickly and building out new hardware and new instances we'll talk about. But that combined experience between both of us on a jointly engineered solution to bring the best security and the best features that really matter for those workloads drive a lot of efficiency and speed for the customers. So it's been well received and the partnership is stronger than ever from an engineering standpoint, from a business standpoint. And obviously it's been very interesting to look at just how we stay day one in terms of looking at new features and work and responding to what customers want. So pretty excited about just seeing the transformation and the speed that which customers can move to while at VMC. >> That's a great value proposition. We've been talking about that in context to anyone building on top of the cloud. They can have their own supercloud, as we call it, if you take advantage of all the CapEx and investment Amazon's made and AWS has made and continues to make in performance IaaS and PaaS, all great stuff. I have to ask you guys both as you guys see this going to the next level, what are some of the differentiations you see around the service compared to other options in the market? What makes it different? What's the combination? You mentioned jointly engineered. What are some of the key differentiators of the service compared to others? >> Yeah. I think one of the key things Fred talked about is this jointly engineered notion. Right from day one we were the early adopters of the AWS Nitro platform. The reinvention of EC2 back five years ago. And so we have been having a very, very strong engineering partnership at that level. I think from a VMware customer standpoint, you get the full software-defined data center, compute storage networking on EC2, bare metal across all regions. You can scale that elastically up and down. It's pretty phenomenal just having that consistency globally on AWS EC2 global regions. Now the other thing that's a real differentiator for us, what customers tell us about is this whole notion of a managed service. And this was somewhat new to VMware. But we took away the pain of this undifferentiated heavy lifting where customers had to provision rack stack hardware, configure the software on top, and then upgrade the software and the security patches on top. So we took away all of that pain as customers transitioned to VMware cloud in AWS. In fact, my favorite story from last year when we were all going through the Log4j debacle. Industry was just going through that. Favorite proof point from customers was before they could even race this issue to us, we sent them a notification saying, we already patched all of your systems, no action from you. The customers were super thrilled. I mean, these are large banks. Many other customers around the world were super thrilled they had to take no action, but a pretty incredible industry challenge that we were all facing. >> Narayan, that's a great point. The whole managed service piece brings up the security. You kind of teasing at it, but there's always vulnerabilities that emerge when you are doing complex logic. And as you grow your solutions, there's more bits. Fred, we were commenting before we came on camera more bits than ever before and at the physics layer too, as well as the software. So you never know when there's going to be a zero-day vulnerability out there. It happens. We saw one with Fortinet this week. This came out of the woodwork. But moving fast on those patches, it's huge. This brings up the whole support angle. I wanted to ask you about how you guys are doing that as well, because to me, we see the value when we talk to customers on theCUBE about this. It was a real easy understanding of what the cloud means to them with VMware now with the AWS. But the question that comes up that we want to get more clarity on is how do you guys handle support together? >> Well, what's interesting about this is that it's done mutually. We have dedicated support teams on both sides that work together pretty seamlessly to make sure that whether there's a issue at any layer, including all the way up into the app layer, as you think about some of the other workloads like SAP, we'll go end-to-end and make sure that we support the customer regardless of where the particular issue might be for them. And on top of that, we look at where we're improving reliability in as a first order of principle between both companies. So from availability and reliability standpoint, it's top of mind and no matter where the particular item might land, we're going to go help the customer resolve that. It works really well. >> On the VMware side, what's been the feedback there? What are some of the updates? >> Yeah, I think, look, I mean, VMware owns and operates the service, but we work phenomenal backend relationship with AWS. Customers call VMware for the service or any issues. And then we have a awesome relationship with AWS on the backend for support issues or any hardware issues. The key management that we jointly do. All of the hard problems that customers don't have to worry about. I think on the front end, we also have a really good group of solution architects across the companies that help to really explain the solution, do complex things like cloud migration, which is much, much easier with the VMware Cloud in AWS. We're presenting that easy button to the public cloud in many ways. And so we have a whole technical audience across the two companies that are working with customers every single day. >> You had mentioned, I've got list here of some of the innovations. You mentioned the stretch clustering, getting the geos working, advanced network, Disaster Recovery, FedRAMP, public sector certifications, Outposts. All good, you guys are checking the boxes every year. You got a good accomplishments list there on the VMware AWS side here in this relationship. The question that I'm interested in is what's next? What recent innovations are you doing? Are you making investments in? What's on the list this year? What items will be next year? How do you see the new things, the list of accomplishments? People want to know what's next. They don't want to see stagnant growth here. They want to see more action as cloud continues to scale and modern applications cloud native. You're seeing more and more containers, more and more CI/CD pipelining with modern apps, put more pressure on the system. What's new? What's the new innovations? >> Absolutely. And I think as a five year old service offering, innovation is top of mind for us every single day. So just to call out a few recent innovations that we announced in San Francisco at VMware Explore. First of all, our new platform i4i.metal. It's isolate based. It's pretty awesome. It's the latest and greatest, all the speeds and feeds that we would expect from VMware and AWS at this point in our relationship. We announced two different storage options. This notion of working from customer feedback, allowing customers even more price reductions, really take off that storage and park it externally and separate that from compute. So two different storage offerings there. One is with AWS FSx with NetApp ONTAP, which brings in our NetApp partnership as well into the equation and really get that NetApp based really excited about this offering as well. And the second storage offering called VMware Cloud Flex Storage. VMware's own managed storage offering. Beyond that, we have done a lot of other innovations as well. I really wanted to talk about VMware Cloud Flex Compute where previously customers could only scale by hosts and a host is 36 to 48 cores, give or take. But with VMware Cloud Flex Compute, we are now allowing this notion of a resource defined compute model where customers can just get exactly the vCPU memory and storage that maps to the applications, however small they might be. So this notion of granularity is really a big innovation that we are launching in the market this year. And then last but not least, top of ransomware. Of course it's a hot topic in the industry. We are seeing many, many customers ask for this. We are happy to announce a new ransomware recovery with our VMware Cloud DR solution. A lot of innovation there and the way we are able to do machine learning and make sure the workloads that are covered from snapshots and backups are actually safe to use. So there's a lot of differentiation on that front as well. A lot of networking innovations with Project Northstar. Our ability to have layer four through layer seven, new SaaS services in that area as well. Keep in mind that the service already supports managed Kubernetes for containers. It's built in to the same clusters that have virtual machines. And so this notion of a single service with a great TCO for VMs and containers is sort at the heart of our (faintly speaking). >> The networking side certainly is a hot area to keep innovating on. Every year it's the same, same conversation, get better faster, networking more options there. The Flex Compute is interesting. If you don't mind me getting a quick clarification, could you explain the resource-defined versus hardware-defined? Because this is what we had saw at Explore coming out, that notion of resource-defined versus hardware-defined. What does that mean? >> Yeah, I mean I think we have been super successful in this hardware-defined notion. We we're scaling by the hardware unit that we present as software-defined data centers. And so that's been super successful. But customers wanted more, especially customers in different parts of the world wanted to start even smaller and grow even more incrementally. Lower the cost even more. And so this is the part where resource-defined starts to be very, very interesting as a way to think about, here's my bag of resources exactly based on what the customers request before fiber machines, five containers. It's size exactly for that. And then as utilization grows, we elastically behind the scenes, we're able to grow it through policies. So that's a whole different dimension. That's a whole different service offering that adds value and customers are comfortable. They can go from one to the other. They can go back to that host based model if they so choose to. And there's a jump off point across these two different economic models. >> It's cloud flexibility right there. I like the name. Fred, let's get into some of the examples of customers, if you don't mind, let's get into some of the, we have some time. I want to unpack a little bit of what's going on with the customer deployments. One of the things we've heard again on theCUBE is from customers is they like the clarity of the relationship, they love the cloud positioning of it. And then what happens is they lift and shift the workloads and it's like feels great. It's just like we're running VMware on AWS and then they start consuming higher level services. That adoption next level happens and because it's in the cloud. So can you guys take us through some recent examples of customer wins or deployments where they're using VMware cloud on AWS on getting started and then how do they progress once they're there? How does it evolve? Can you just walk us through a couple use cases? >> Sure. Well, there's a couple. One, it's pretty interesting that like you said, as there's more and more bits, you need better and better hardware and networking. And we're super excited about the i4 and the capabilities there in terms of doubling and or tripling what we're doing around lower variability on latency and just improving all the speeds. But what customers are doing with it, like the college in New Jersey, they're accelerating their deployment on onboarding over like 7,400 students over a six to eight month period. And they've really realized a ton of savings. But what's interesting is where and how they can actually grow onto additional native services too. So connectivity to any other services is available as they start to move and migrate into this. The options there obviously are tied to all the innovation that we have across any services, whether it's containerized and with what they're doing with Tanzu or with any other container and or services within AWS. So there's some pretty interesting scenarios where that data and or the processing, which is moved quickly with full compliance, whether it's in like healthcare or regulatory business is allowed to then consume and use things, for example, with Textract or any other really cool service that has monthly and quarterly innovations. So there's things that you just could not do before that are coming out and saving customers money and building innovative applications on top of their current app base in a rapid fashion. So pretty excited about it. There's a lot of examples. I think I probably don't have time to go into too many here. But that's actually the best part is listening to customers and seeing how many net new services and new applications are they actually building on top of this platform. >> Narayan, what's your perspective from the VMware side? 'Cause you guys have now a lot of headroom to offer customers with Amazon's higher level services and or whatever's homegrown where it's being rolled out 'cause you now have a lot of hybrid too. So what's your take on what's happening in with customers? >> I mean, it's been phenomenal. The customer adoption of this and banks and many other highly sensitive verticals are running production-grade applications, tier one applications on the service over the last five years. And so I have a couple of really good examples. S&P Global is one of my favorite examples. Large bank, they merge with IHS Markit, big conglomeration now. Both customers were using VMware Cloud and AWS in different ways. And with the use case, one of their use cases was how do I just respond to these global opportunities without having to invest in physical data centers? And then how do I migrate and consolidate all my data centers across the global, which there were many. And so one specific example for this company was how they migrated 1000 workloads to VMware Cloud and AWS in just six weeks. Pretty phenomenal if you think about everything that goes into a cloud migration process, people process technology. And the beauty of the technology going from VMware point A to VMware point B. The lowest cost, lowest risk approach to adopting VMware Cloud and AWS. So that's one of my favorite examples. There are many other examples across other verticals that we continue to see. The good thing is we are seeing rapid expansion across the globe, but constantly entering new markets with a limited number of regions and progressing our roadmap. >> It's great to see. I mean, the data center migrations go from months, many, many months to weeks. It's interesting to see some of those success stories. Congratulations. >> One of the other interesting fascinating benefits is the sustainability improvement in terms of being green. So the efficiency gains that we have both in current generation and new generation processors and everything that we're doing to make sure that when a customer can be elastic, they're also saving power, which is really critical in a lot of regions worldwide at this point in time. They're seeing those benefits. If you're running really inefficiently in your own data center, that is not a great use of power. So the actual calculators and the benefits to these workloads are pretty phenomenal just in being more green, which I like. We just all need to do our part there and this is a big part of it here. >> It's a huge point about the sustainability. Fred, I'm glad you called that out. The other one I would say is supply chain issue is another one. You see that constraints. I can't buy hardware. And the third one is really obvious, but no one really talks about it. It's security. I mean, I remember interviewing Steven Schmidt with that AWS and many years ago, this is like 2013 and at that time people were saying, the cloud's not secure. And he's like, listen, it's more secure in the cloud on-premise. And if you look at the security breaches, it's all about the on-premise data center vulnerabilities, not so much hardware. So there's a lot, the stay current on the isolation there is hard. So I think the security and supply chain, Fred, is another one. Do you agree? >> I absolutely agree. It's hard to manage supply chain nowadays. We put a lot of effort into that and I think we have a great ability to forecast and make sure that we can lean in and have the resources that are available and run them more efficiently. And then like you said on the security point, security is job one. It is the only P1. And if you think of how we build our infrastructure from Nitro all the way up and how we respond and work with our partners and our customers, there's nothing more important. >> And Narayan, your point earlier about the managed service patching and being on top of things is really going to get better. All right, final question. I really want to thank you for your time on this showcase. It's really been a great conversation. Fred, you had made a comment earlier. I want to end with a curve ball and put you eyes on the spot. We're talking about a new modern shift. We're seeing another inflection point. We've been documenting it. It's almost like cloud hitting another inflection point with application and open source growth significantly at the app layer. Continue to put a lot of pressure and innovation in the infrastructure side. So the question is for you guys each to answer is, what's the same and what's different in today's market? So it's like we want more of the same here, but also things have changed radically and better here. What's changed for the better and what's still the same thing hanging around that people are focused on? Can you share your perspective? >> I'll tackle it. Businesses are complex and they're often unique, that's the same. What's changed is how fast you can innovate. The ability to combine managed services and new innovative services and build new applications is so much faster today. Leveraging world class hardware that you don't have to worry about, that's elastic. You could not do that even five, 10 years ago to the degree you can today, especially with innovation. So innovation is accelerating at a rate that most people can't even comprehend and understand the set of services that are available to them. It's really fascinating to see what a one pizza team of engineers can go actually develop in a week. It is phenomenal. So super excited about this space and it's only going to continue to accelerate that. That's my take, Narayan. >> You got a lot of platform to compete on. With Amazon, you got a lot to build on. Narayan, your side. What's your answer to that question? >> I think we are seeing a lot of innovation with new applications that customers are constantly (faintly speaking). I think what we see is this whole notion of how do you go from desktop to production to the secure supply chain and how can we truly build on the agility that developers desire and build all the security and the pipelines to energize that production quickly and efficiently. I think we are seeing, we are at the very start of that sort of journey. Of course, we have invested in Kubernetes, the means to an end, but we're so much more beyond that's happening in industry and I think we're at the very, very beginning of this transformations, enterprise transformation that many of our customers are going through and we are inherently part of it. >> Well, gentlemen, I really appreciate that we're seeing the same thing. It's more the same here on solving these complexities with distractions, whether it's higher level services with large scale infrastructure. At your fingertips, infrastructure as code, infrastructure to be provisioned, serverless, all the good stuff happen and Fred with AWS on your side. And we're seeing customers resonate with this idea of being an operator again, being a cloud operator and developer. So the developer ops is kind of, DevOps is changing too. So all for the better. Thank you for spending the time and we're seeing again that traction with the VMware customer base and AWS getting along great together. So thanks for sharing your perspectives. >> We appreciate it. Thank you so much. >> Thank you John. >> This is theCUBE and AWS VMware showcase accelerating business transformation, VMware Cloud on AWS. Jointly engineered solution bringing innovation to the VMware customer base, going to the cloud and beyond. I'm John Furrier, your host. Thanks for watching. (gentle music)

>>Hi everyone. Welcome to the Cube special presentation here in Palo Alto, California. I'm John Foer, host of the Cube. We've got two great guests, one for calling in from Germany, our videoing in from Germany, one from Maryland. We've got VMware and aws. This is the customer successes with VMware cloud on AWS showcase, accelerating business transformation here in the showcase with Samir Candu Worldwide. VMware strategic alliance solution, architect leader with AWS Samir. Great to have you and Daniel Re Myer, principal architect global AWS synergy at VMware. Guys, you guys are, are working together. You're the key players in the re relationship as it rolls out and continues to grow. So welcome to the cube. >>Thank you. Greatly appreciate it. >>Great to have you guys both on, As you know, we've been covering this since 2016 when Pat Geling, then CEO and then then CEO AWS at Andy Chasy did this. It kind of got people by surprise, but it really kind of cleaned out the positioning in the enterprise for the success. OFM workloads in the cloud. VMware's had great success with it since, and you guys have the great partnerships. So this has been like a really strategic, successful partnership. Where are we right now? You know, years later we got this whole inflection point coming. You're starting to see, you know, this idea of higher level services, more performance are coming in at the infrastructure side. More automation, more serverless, I mean, and a, I mean it's just getting better and better every year in the cloud. Kinda a whole nother level. Where are we, Samir? Let's start with you on, on the relationship. >>Yeah, totally. So I mean, there's several things to keep in mind, right? So in 2016, right, that's when the partnership between AWS and VMware was announced, and then less than a year later, that's when we officially launched VMware cloud on aws. Years later, we've been driving innovation, working with our customers, jointly engineering this between AWS and VMware day in, day out. As far as advancing VMware cloud on aws. You know, even if you look at the innovation that takes place with a solution, things have modernized, things have changed, there's been advancements, you know, whether it's security focus, whether it's platform focus, whether it's networking focus, there's been modifications along the way, even storage, right? More recently, one of the things to keep in mind is we're looking to deliver value to our customers together. These are our joint customers. So there's hundreds of VMware and AWS engineers working together on this solution. >>And then factor in even our sales teams, right? We have VMware and AWS sales teams interacting with each other on a constant daily basis. We're working together with our customers at the end of the day too. Then we're looking to even offer and develop jointly engineered solutions specific to VMware cloud on aws, and even with VMware's, other platforms as well. Then the other thing comes down to is where we have dedicated teams around this at both AWS and VMware. So even from solutions architects, even to our sales specialists, even to our account teams, even to specific engineering teams within the organizations, they all come together to drive this innovation forward with VMware cloud on AWS and the jointly engineered solution partnership as well. And then I think one of the key things to keep in mind comes down to we have nearly 600 channel partners that have achieved VMware cloud on AWS service competency. So think about it from the standpoint there's 300 certified or validated technology solutions, they're now available to our customers. So that's even innovation right off the top as well. >>Great stuff. Daniel, I wanna get to you in a second. Upon this principal architect position you have in your title, you're the global a synergy person. Synergy means bringing things together, making it work. Take us through the architecture, because we heard a lot of folks at VMware explore this year, formerly world, talking about how the, the workloads on it has been completely transforming into cloud and hybrid, right? This is where the action is. Where are you? Is your customers taking advantage of that new shift? You got AI ops, you got it. Ops changing a lot, you got a lot more automation edges right around the corner. This is like a complete transformation from where we were just five years ago. What's your thoughts on the >>Relationship? So at at, at first, I would like to emphasize that our collaboration is not just that we have dedicated teams to help our customers get the most and the best benefits out of VMware cloud on aws. We are also enabling US mutually. So AWS learns from us about the VMware technology, where VMware people learn about the AWS technology. We are also enabling our channel partners and we are working together on customer projects. So we have regular assembled globally and also virtually on Slack and the usual suspect tools working together and listening to customers, that's, that's very important. Asking our customers where are their needs? And we are driving the solution into the direction that our customers get the, the best benefits out of VMware cloud on aws. And over the time we, we really have involved the solution. As Samia mentioned, we just added additional storage solutions to VMware cloud on aws. We now have three different instance types that cover a broad range of, of workload. So for example, we just added the I four I host, which is ideally for workloads that require a lot of CPU power, such as you mentioned it, AI workloads. >>Yeah. So I wanna guess just specifically on the customer journey and their transformation. You know, we've been reporting on Silicon angle in the queue in the past couple weeks in a big way that the OPS teams are now the new devs, right? I mean that sounds OP a little bit weird, but operation IT operations is now part of the, a lot more data ops, security writing code composing, you know, with open source, a lot of great things are changing. Can you share specifically what customers are looking for when you say, as you guys come in and assess their needs, what are they doing? What are some of the things that they're doing with VMware on AWS specifically that's a little bit different? Can you share some of and highlights there? >>That, that's a great point because originally VMware and AWS came from very different directions when it comes to speaking people at customers. So for example, aws very developer focused, whereas VMware has a very great footprint in the IT ops area. And usually these are very different, very different teams, groups, different cultures, but it's, it's getting together. However, we always try to address the customers, right? There are customers that want to build up a new application from the scratch and build resiliency, availability, recoverability, scalability into the application. But there are still a lot of customers that say, well we don't have all of the skills to redevelop everything to refactor an application to make it highly available. So we want to have all of that as a service, recoverability as a service, scalability as a service. We want to have this from the infrastructure. That was one of the unique selling points for VMware on premise and now we are bringing this into the cloud. >>Samir, talk about your perspective. I wanna get your thoughts, and not to take a tangent, but we had covered the AWS remar of, actually it was Amazon res machine learning automation, robotics and space. It was really kinda the confluence of industrial IOT software physical. And so when you look at like the IT operations piece becoming more software, you're seeing things about automation, but the skill gap is huge. So you're seeing low code, no code automation, you know, Hey Alexa, deploy a Kubernetes cluster. Yeah, I mean, I mean that's coming, right? So we're seeing this kind of operating automation meets higher level services meets workloads. Can you unpack that and share your opinion on, on what you see there from an Amazon perspective and how it relates to this? >>Yeah, totally. Right. And you know, look at it from the point of view where we said this is a jointly engineered solution, but it's not migrating to one option or the other option, right? It's more or less together. So even with VMware cloud on aws, yes it is utilizing AWS infrastructure, but your environment is connected to that AWS VPC in your AWS account. So if you wanna leverage any of the native AWS services, so any of the 200 plus AWS services, you have that option to do so. So that's gonna give you that power to do certain things, such as, for example, like how you mentioned with iot, even with utilizing Alexa or if there's any other service that you wanna utilize, that's the joining point between both of the offerings. Right off the top though, with digital transformation, right? You, you have to think about where it's not just about the technology, right? There's also where you want to drive growth in the underlying technology. Even in your business leaders are looking to reinvent their business. They're looking to take different steps as far as pursuing a new strategy. Maybe it's a process, maybe it's with the people, the culture, like how you said before, where people are coming in from a different background, right? They may not be used to the cloud, they may not be used to AWS services, but now you have that capability to mesh them together. Okay. Then also, Oh, >>Go ahead, finish >>Your thought. No, no, I was gonna say, what it also comes down to is you need to think about the operating model too, where it is a shift, right? Especially for that VS four admin that's used to their on-premises at environment. Now with VMware cloud on aws, you have that ability to leverage a cloud, but the investment that you made and certain things as far as automation, even with monitoring, even with logging, yeah. You still have that methodology where you can utilize that in VMware cloud on AWS two. >>Danielle, I wanna get your thoughts on this because at at explore and, and, and after the event, now as we prep for Cuban and reinvent coming up the big AWS show, I had a couple conversations with a lot of the VMware customers and operators and it's like hundreds of thousands of, of, of, of users and millions of people talking about and and peaked on VM we're interested in v VMware. The common thread was one's one, one person said, I'm trying to figure out where I'm gonna put my career in the next 10 to 15 years. And they've been very comfortable with VMware in the past, very loyal, and they're kind of talking about, I'm gonna be the next cloud, but there's no like role yet architects, is it Solution architect sre. So you're starting to see the psychology of the operators who now are gonna try to make these career decisions, like how, what am I gonna work on? And it's, and that was kind of fuzzy, but I wanna get your thoughts. How would you talk to that persona about the future of VMware on, say, cloud for instance? What should they be thinking about? What's the opportunity and what's gonna happen? >>So digital transformation definitely is a huge change for many organizations and leaders are perfectly aware of what that means. And that also means in, in to to some extent, concerns with your existing employees. Concerns about do I have to relearn everything? Do I have to acquire new skills? And, and trainings is everything worthless I learned over the last 15 years of my career? And the, the answer is to make digital transformation a success. We need not just to talk about technology, but also about process people and culture. And this is where VMware really can help because if you are applying VMware cloud on a, on AWS to your infrastructure, to your existing on-premise infrastructure, you do not need to change many things. You can use the same tools and skills, you can manage your virtual machines as you did in your on-premise environment. You can use the same managing and monitoring tools. If you have written, and many customers did this, if you have developed hundreds of, of scripts that automate tasks and if you know how to troubleshoot things, then you can use all of that in VMware cloud on aws. And that gives not just leaders, but but also the architects at customers, the operators at customers, the confidence in, in such a complex project, >>The consistency, very key point, gives them the confidence to go and, and then now that once they're confident they can start committing themselves to new things. Samir, you're reacting to this because you know, on your side you've got higher level services, you got more performance at the hardware level. I mean, lot improvement. So, okay, nothing's changed. I can still run my job now I got goodness on the other side. What's the upside? What's in it for the, for the, for the customer there? >>Yeah, so I think what it comes down to is they've already been so used to or entrenched with that VMware admin mentality, right? But now extending that to the cloud, that's where now you have that bridge between VMware cloud on AWS to bridge that VMware knowledge with that AWS knowledge. So I will look at it from the point of view where now one has that capability and that ability to just learn about the cloud, but if they're comfortable with certain aspects, no one's saying you have to change anything. You can still leverage that, right? But now if you wanna utilize any other AWS service in conjunction with that VM that resides maybe on premises or even in VMware cloud on aws, you have that option to do so. So think about it where you have that ability to be someone who's curious and wants to learn. And then if you wanna expand on the skills, you certainly have that capability to do so. >>Great stuff. I love, love that. Now that we're peeking behind the curtain here, I'd love to have you guys explain, cuz people wanna know what's goes on in behind the scenes. How does innovation get happen? How does it happen with the relationship? Can you take us through a day in the life of kind of what goes on to make innovation happen with the joint partnership? You guys just have a zoom meeting, Do you guys fly out, you write go do you ship thing? I mean I'm making it up, but you get the idea, what's the, what's, how does it work? What's going on behind the scenes? >>So we hope to get more frequently together in person, but of course we had some difficulties over the last two to three years. So we are very used to zoom conferences and and Slack meetings. You always have to have the time difference in mind if we are working globally together. But what we try, for example, we have reg regular assembled now also in person geo based. So for emia, for the Americas, for aj. And we are bringing up interesting customer situations, architectural bits and pieces together. We are discussing it always to share and to contribute to our community. >>What's interesting, you know, as, as events are coming back to here, before you get, you weigh in, I'll comment, as the cube's been going back out to events, we are hearing comments like what, what pandemic we were more productive in the pandemic. I mean, developers know how to work remotely and they've been on all the tools there, but then they get in person, they're happy to see people, but there's no one's, no one's really missed the beat. I mean it seems to be very productive, you know, workflow, not a lot of disruption. More if anything, productivity gains. >>Agreed, right? I think one of the key things to keep in mind is, you know, even if you look at AWS's and even Amazon's leadership principles, right? Customer obsession, that's key. VMware is carrying that forward as well. Where we are working with our customers, like how Daniel said met earlier, right? We might have meetings at different time zones, maybe it's in person, maybe it's virtual, but together we're working to listen to our customers. You know, we're taking and capturing that feedback to drive innovation and VMware cloud on AWS as well. But one of the key things to keep in mind is yes, there have been, there has been the pandemic, we might have been disconnected to a certain extent, but together through technology we've been able to still communicate work with our customers. Even with VMware in between, with AWS and whatnot. We had that flexibility to innovate and continue that innovation. So even if you look at it from the point of view, right? VMware cloud on AWS outposts, that was something that customers have been asking for. We've been been able to leverage the feedback and then continue to drive innovation even around VMware cloud on AWS outposts. So even with the on premises environment, if you're looking to handle maybe data sovereignty or compliance needs, maybe you have low latency requirements, that's where certain advancements come into play, right? So the key thing is always to maintain that communication track. >>And our last segment we did here on the, on this showcase, we listed the accomplishments and they were pretty significant. I mean go, you got the global rollouts of the relationship. It's just really been interesting and, and people can reference that. We won't get into it here, but I will ask you guys to comment on, as you guys continue to evolve the relationship, what's in it for the customer? What can they expect next? Cuz again, I think right now we're in at a, an inflection point more than ever. What can people expect from the relationship and what's coming up with reinvent? Can you share a little bit of kind of what's coming down the pike? >>So one of the most important things we have announced this year, and we will continue to evolve into that direction, is independent scale of storage. That absolutely was one of the most important items customer asked us for over the last years. Whenever, whenever you are requiring additional storage to host your virtual machines, you usually in VMware cloud on aws, you have to add additional notes. Now we have three different note types with different ratios of compute, storage and memory. But if you only require additional storage, you always have to get also additional compute and memory and you have to pay. And now with two solutions which offer choice for the customers, like FS six one, NetApp onap, and VMware cloud Flex Storage, you now have two cost effective opportunities to add storage to your virtual machines. And that offers opportunities for other instance types maybe that don't have local storage. We are also very, very keen looking forward to announcements, exciting announcements at the upcoming events. >>Samir, what's your, what's your reaction take on the, on what's coming down on your side? >>Yeah, I think one of the key things to keep in mind is, you know, we're looking to help our customers be agile and even scale with their needs, right? So with VMware cloud on aws, that's one of the key things that comes to mind, right? There are gonna be announcements, innovations and whatnot with outcoming events. But together we're able to leverage that to advance VMware cloud on AWS to Daniel's point storage, for example, even with host offerings. And then even with decoupling storage from compute and memory, right now you have the flexibility where you can do all of that. So to look at it from the standpoint where now with 21 regions where we have VMware cloud on AWS available as well, where customers can utilize that as needed when needed, right? So it comes down to, you know, transformation will be there. Yes, there's gonna be maybe where workloads have to be adapted where they're utilizing certain AWS services, but you have that flexibility and option to do so. And I think with the continuing events that's gonna give us the options to even advance our own services together. >>Well you guys are in the middle of it, you're in the trenches, you're making things happen, you've got a team of people working together. My final question is really more of a kind of a current situation, kind of future evolutionary thing that you haven't seen this before. I wanna get both of your reaction to it. And we've been bringing this up in, in the open conversations on the cube is in the old days it was going back this generation, you had ecosystems, you had VMware had an ecosystem they did best, had an ecosystem. You know, we have a product, you have a product, biz dev deals happen, people sign relationships and they do business together and they, they sell to each other's products or do some stuff. Now it's more about architecture cuz we're now in a distributed large scale environment where the role of ecosystems are intertwining. >>And this, you guys are in the middle of two big ecosystems. You mentioned channel partners, you both have a lot of partners on both sides. They come together. So you have this now almost a three dimensional or multidimensional ecosystem, you know, interplay. What's your thoughts on this? And, and, and because it's about the architecture, integration is a value, not so much. Innovation is only, you gotta do innovation, but when you do innovation, you gotta integrate it, you gotta connect it. So what is, how do you guys see this as a, as an architectural thing, start to see more technical business deals? >>So we are, we are removing dependencies from individual ecosystems and from individual vendors. So a customer no longer has to decide for one vendor and then it is a very expensive and high effort project to move away from that vendor, which ties customers even, even closer to specific vendors. We are removing these obstacles. So with VMware cloud on aws moving to the cloud, firstly it's, it's not a dead end. If you decide at one point in time because of latency requirements or maybe it's some compliance requirements, you need to move back into on-premise. You can do this if you decide you want to stay with some of your services on premise and just run a couple of dedicated services in the cloud, you can do this and you can mana manage it through a single pane of glass. That's quite important. So cloud is no longer a dead and it's no longer a binary decision, whether it's on premise or the cloud. It it is the cloud. And the second thing is you can choose the best of both works, right? If you are migrating virtual machines that have been running in your on-premise environment to VMware cloud on aws, by the way, in a very, very fast cost effective and safe way, then you can enrich later on enrich these virtual machines with services that are offered by aws. More than 200 different services ranging from object based storage, load balancing and so on. So it's an endless, endless possibility. >>We, we call that super cloud in, in a, in a way that we be generically defining it where everyone's innovating, but yet there's some common services. But the differentiation comes from innovation where the lock in is the value, not some spec, right? Samir, this is gonna where cloud is right now, you guys are, are not commodity. Amazon's completely differentiating, but there's some commodity things. Having got storage, you got compute, but then you got now advances in all areas. But partners innovate with you on their terms. Absolutely. And everybody wins. >>Yeah. And a hundred percent agree with you. I think one of the key things, you know, as Daniel mentioned before, is where it it, it's a cross education where there might be someone who's more proficient on the cloud side with aws, maybe more proficient with the viewers technology, but then for partners, right? They bridge that gap as well where they come in and they might have a specific niche or expertise where their background, where they can help our customers go through that transformation. So then that comes down to, hey, maybe I don't know how to connect to the cloud. Maybe I don't know what the networking constructs are. Maybe I can leverage that partner. That's one aspect to go about it. Now maybe you migrated that workload to VMware cloud on aws. Maybe you wanna leverage any of the native AWS services or even just off the top 200 plus AWS services, right? But it comes down to that skill, right? So again, solutions architecture at the back of, back of the day, end of the day, what it comes down to is being able to utilize the best of both worlds. That's what we're giving our customers at the end of the >>Day. I mean, I just think it's, it's a, it's a refactoring and innovation opportunity at all levels. I think now more than ever, you can take advantage of each other's ecosystems and partners and technologies and change how things get done with keeping the consistency. I mean, Daniel, you nailed that, right? I mean, you don't have to do anything. You still run the fear, the way you working on it and now do new things. This is kind of a cultural shift. >>Yeah, absolutely. And if, if you look, not every, not every customer, not every organization has the resources to refactor and re-platform everything. And we gave, we give them a very simple and easy way to move workloads to the cloud. Simply run them and at the same time they can free up resources to develop new innovations and, and grow their business. >>Awesome. Samir, thank you for coming on. Danielle, thank you for coming to Germany, Octoberfest, I know it's evening over there, your weekend's here. And thank you for spending the time. Samir final give you the final word, AWS reinvents coming up. Preparing. We're gonna have an exclusive with Adam, but Fry, we do a curtain raise, a dual preview. What's coming down on your side with the relationship and what can we expect to hear about what you got going on at reinvent this year? The big show? >>Yeah, so I think, you know, Daniel hit upon some of the key points, but what I will say is we do have, for example, specific sessions, both that VMware's driving and then also that AWS is driving. We do have even where we have what I call a chalk talks. So I would say, and then even with workshops, right? So even with the customers, the attendees who are there, whatnot, if they're looking for to sit and listen to a session, yes that's there. But if they wanna be hands on, that is also there too. So personally for me as an IT background, you know, been in CIS admin world and whatnot, being hands on, that's one of the key things that I personally am looking forward. But I think that's one of the key ways just to learn and get familiar with the technology. Yeah, >>Reinvents an amazing show for the in person. You guys nail it every year. We'll have three sets this year at the cube. It's becoming popular. We more and more content. You guys got live streams going on, a lot of content, a lot of media, so thanks, thanks for sharing that. Samir Daniel, thank you for coming on on this part of the showcase episode of really the customer successes with VMware Cloud Ons, really accelerating business transformation withs and VMware. I'm John Fur with the cube, thanks for watching. Hello everyone. Welcome to this cube showcase, accelerating business transformation with VMware cloud on it's a solution innovation conversation with two great guests, Fred and VP of commercial services at aws and NA Ryan Bard, who's the VP and general manager of cloud solutions at VMware. Gentlemen, thanks for joining me on this showcase. >>Great to be here. >>Hey, thanks for having us on. It's a great topic. You know, we, we've been covering this VMware cloud on abus since, since the launch going back and it's been amazing to watch the evolution from people saying, Oh, it's the worst thing I've ever seen. It's what's this mean? And depress work were, we're kind of not really on board with kind of the vision, but as it played out as you guys had announced together, it did work out great for VMware. It did work out great for a D and it continues two years later and I want just get an update from you guys on where you guys see this has been going. I'll see multiple years. Where is the evolution of the solution as we are right now coming off VMware explorer just recently and going in to reinvent, which is only a couple weeks away, feels like tomorrow. But you know, as we prepare a lot going on, where are we with the evolution of the solution? >>I mean, first thing I wanna say is, you know, PBO 2016 was a someon moment and the history of it, right? When Pat Gelsinger and Andy Jessey came together to announce this and I think John, you were there at the time I was there, it was a great, great moment. We launched the solution in 2017, the year after that at VM Word back when we called it Word, I think we have gone from strength to strength. One of the things that has really mattered to us is we have learned froms also in the processes, this notion of working backwards. So we really, really focused on customer feedback as we build a service offering now five years old, pretty remarkable journey. You know, in the first years we tried to get across all the regions, you know, that was a big focus because there was so much demand for it. >>In the second year we started going really on enterprise grade features. We invented this pretty awesome feature called Stretch clusters, where you could stretch a vSphere cluster using VSA and NSX across two AZs in the same region. Pretty phenomenal four nine s availability that applications start started to get with that particular feature. And we kept moving forward all kinds of integration with AWS direct connect transit gateways with our own advanced networking capabilities. You know, along the way, disaster recovery, we punched out two, two new services just focused on that. And then more recently we launched our outposts partnership. We were up on stage at Reinvent, again with Pat Andy announcing AWS outposts and the VMware flavor of that VMware cloud and AWS outposts. I think it's been significant growth in our federal sector as well with our federal and high certification more recently. So all in all, we are super excited. We're five years old. The customer momentum is really, really strong and we are scaling the service massively across all geos and industries. >>That's great, great update. And I think one of the things that you mentioned was how the advantages you guys got from that relationship. And, and this has kind of been the theme for AWS since I can remember from day one. Fred, you guys do the heavy lifting as as, as you always say for the customers here, VMware comes on board, takes advantage of the AWS and kind of just doesn't miss a beat, continues to move their workloads that everyone's using, you know, vSphere and these are, these are big workloads on aws. What's the AWS perspective on this? How do you see it? >>Yeah, it's pretty fascinating to watch how fast customers can actually transform and move when you take the, the skill set that they're familiar with and the advanced capabilities that they've been using on Preem and then overlay it on top of the AWS infrastructure that's, that's evolving quickly and, and building out new hardware and new instances we'll talk about. But that combined experience between both of us on a jointly engineered solution to bring the best security and the best features that really matter for those workloads drive a lot of efficiency and speed for the, for the customer. So it's been well received and the partnership is stronger than ever from an engineering standpoint, from a business standpoint. And obviously it's been very interesting to look at just how we stay day one in terms of looking at new features and work and, and responding to what customers want. So pretty, pretty excited about just seeing the transformation and the speed that which customers can move to bmc. Yeah, >>That's what great value publish. We've been talking about that in context too. Anyone building on top of the cloud, they can have their own supercloud as we call it. If you take advantage of all the CapEx and and investment Amazon's made and AWS has made and, and and continues to make in performance IAS and pass all great stuff. I have to ask you guys both as you guys see this going to the next level, what are some of the differentiations you see around the service compared to other options on the market? What makes it different? What's the combination? You mentioned jointly engineered, what are some of the key differentiators of the service compared to others? >>Yeah, I think one of the key things Fred talked about is this jointly engineered notion right from day one. We were the earlier doctors of AWS Nitro platform, right? The reinvention of E two back five years ago. And so we have been, you know, having a very, very strong engineering partnership at that level. I think from a VMware customer standpoint, you get the full software defined data center or compute storage networking on EC two, bare metal across all regions. You can scale that elastically up and down. It's pretty phenomenal just having that consistency globally, right on aws EC two global regions. Now the other thing that's a real differentiator for us that customers tell us about is this whole notion of a managed service, right? And this was somewhat new to VMware, but we took away the pain of this undifferentiated heavy lifting where customers had to provision rack, stack hardware, configure the software on top, and then upgrade the software and the security batches on top. >>So we took, took away all of that pain as customers transitioned to VMware cloud and aws. In fact, my favorite story from last year when we were all going through the lock for j debacle industry was just going through that, right? Favorite proof point from customers was before they put even race this issue to us, we sent them a notification saying we already patched all of your systems, no action from you. The customers were super thrilled. I mean these are large banks, many other customers around the world, super thrilled they had to take no action, but a pretty incredible industry challenge that we were all facing. >>Nora, that's a great, so that's a great point. You know, the whole managed service piece brings up the security, you kind of teasing at it, but you know, there's always vulnerabilities that emerge when you are doing complex logic. And as you grow your solutions, there's more bits. You know, Fred, we were commenting before we came on camera, there's more bits than ever before and, and at at the physics layer too, as well as the software. So you never know when there's gonna be a zero day vulnerability out there. Just, it happens. We saw one with fornet this week, this came outta the woodwork. But moving fast on those patches, it's huge. This brings up the whole support angle. I wanted to ask you about how you guys are doing that as well, because to me we see the value when we, when we talk to customers on the cube about this, you know, it was a real, real easy understanding of how, what the cloud means to them with VMware now with the aws. But the question that comes up that we wanna get more clarity on is how do you guys handle support together? >>Well, what's interesting about this is that it's, it's done mutually. We have dedicated support teams on both sides that work together pretty seamlessly to make sure that whether there's a issue at any layer, including all the way up into the app layer, as you think about some of the other workloads like sap, we'll go end to end and make sure that we support the customer regardless of where the particular issue might be for them. And on top of that, we look at where, where we're improving reliability in, in as a first order of, of principle between both companies. So from an availability and reliability standpoint, it's, it's top of mind and no matter where the particular item might land, we're gonna go help the customer resolve. That works really well >>On the VMware side. What's been the feedback there? What's the, what are some of the updates? >>Yeah, I think, look, I mean, VMware owns and operates the service, but we have a phenomenal backend relationship with aws. Customers call VMware for the service for any issues and, and then we have a awesome relationship with AWS on the backend for support issues or any hardware issues. The BASKE management that we jointly do, right? All of the hard problems that customers don't have to worry about. I think on the front end, we also have a really good group of solution architects across the companies that help to really explain the solution. Do complex things like cloud migration, which is much, much easier with VMware cloud aws, you know, we are presenting that easy button to the public cloud in many ways. And so we have a whole technical audience across the two companies that are working with customers every single day. >>You know, you had mentioned, I've got a list here, some of the innovations the, you mentioned the stretch clustering, you know, getting the GOs working, Advanced network, disaster recovery, you know, fed, Fed ramp, public sector certifications, outposts, all good. You guys are checking the boxes every year. You got a good, good accomplishments list there on the VMware AWS side here in this relationship. The question that I'm interested in is what's next? What recent innovations are you doing? Are you making investments in what's on the lists this year? What items will be next year? How do you see the, the new things, the list of accomplishments, people wanna know what's next. They don't wanna see stagnant growth here, they wanna see more action, you know, as as cloud kind of continues to scale and modern applications cloud native, you're seeing more and more containers, more and more, you know, more CF C I C D pipe pipelining with with modern apps, put more pressure on the system. What's new, what's the new innovations? >>Absolutely. And I think as a five yearold service offering innovation is top of mind for us every single day. So just to call out a few recent innovations that we announced in San Francisco at VMware Explorer. First of all, our new platform i four I dot metal, it's isolate based, it's pretty awesome. It's the latest and greatest, all the speeds and feeds that we would expect from VMware and aws. At this point in our relationship. We announced two different storage options. This notion of working from customer feedback, allowing customers even more price reductions, really take off that storage and park it externally, right? And you know, separate that from compute. So two different storage offerings there. One is with AWS Fsx, with NetApp on tap, which brings in our NetApp partnership as well into the equation and really get that NetApp based, really excited about this offering as well. >>And the second storage offering for VMware cloud Flex Storage, VMware's own managed storage offering. Beyond that, we have done a lot of other innovations as well. I really wanted to talk about VMware cloud Flex Compute, where previously customers could only scale by hosts and a host is 36 to 48 cores, give or take. But with VMware cloud Flex Compute, we are now allowing this notion of a resource defined compute model where customers can just get exactly the V C P memory and storage that maps to the applications, however small they might be. So this notion of granularity is really a big innovation that that we are launching in the market this year. And then last but not least, talk about ransomware. Of course it's a hot topic in industry. We are seeing many, many customers ask for this. We are happy to announce a new ransomware recovery with our VMware cloud DR solution. >>A lot of innovation there and the way we are able to do machine learning and make sure the workloads that are covered from snapshots and backups are actually safe to use. So there's a lot of differentiation on that front as well. A lot of networking innovations with Project Knot star for ability to have layer flow through layer seven, you know, new SaaS services in that area as well. Keep in mind that the service already supports managed Kubernetes for containers. It's built in to the same clusters that have virtual machines. And so this notion of a single service with a great TCO for VMs and containers and sort of at the heart of our office, >>The networking side certainly is a hot area to keep innovating on. Every year it's the same, same conversation, get better, faster networking, more, more options there. The flex computes. Interesting. If you don't mind me getting a quick clarification, could you explain the Drew screen resource defined versus hardware defined? Because this is kind of what we had saw at Explore coming out, that notion of resource defined versus hardware defined. What's the, what does that mean? >>Yeah, I mean I think we have been super successful in this hardware defined notion. We we're scaling by the hardware unit that we present as software defined data centers, right? And so that's been super successful. But we, you know, customers wanted more, especially customers in different parts of the world wanted to start even smaller and grow even more incrementally, right? Lower their costs even more. And so this is the part where resource defined starts to be very, very interesting as a way to think about, you know, here's my bag of resources exactly based on what the customers request for fiber machines, five containers, its size exactly for that. And then as utilization grows, we elastically behind the scenes, we're able to grow it through policies. So that's a whole different dimension. It's a whole different service offering that adds value and customers are comfortable. They can go from one to the other, they can go back to that post based model if they so choose to. And there's a jump off point across these two different economic models. >>It's kind of cloud of flexibility right there. I like the name Fred. Let's get into some of the examples of customers, if you don't mind. Let's get into some of the ex, we have some time. I wanna unpack a little bit of what's going on with the customer deployments. One of the things we've heard again on the cube is from customers is they like the clarity of the relationship, they love the cloud positioning of it. And then what happens is they lift and shift the workloads and it's like, feels great. It's just like we're running VMware on AWS and then they would start consuming higher level services, kind of that adoption next level happens and because it it's in the cloud, so, So can you guys take us through some recent examples of customer wins or deployments where they're using VMware cloud on AWS on getting started, and then how do they progress once they're there? How does it evolve? Can you just walk us through a couple of use cases? >>Sure. There's a, well there's a couple. One, it's pretty interesting that, you know, like you said, as there's more and more bits you need better and better hardware and networking. And we're super excited about the I four and the capabilities there in terms of doubling and or tripling what we're doing around a lower variability on latency and just improving all the speeds. But what customers are doing with it, like the college in New Jersey, they're accelerating their deployment on a, on onboarding over like 7,400 students over a six to eight month period. And they've really realized a ton of savings. But what's interesting is where and how they can actually grow onto additional native services too. So connectivity to any other services is available as they start to move and migrate into this. The, the options there obviously are tied to all the innovation that we have across any services, whether it's containerized and with what they're doing with Tanu or with any other container and or services within aws. >>So there's, there's some pretty interesting scenarios where that data and or the processing, which is moved quickly with full compliance, whether it's in like healthcare or regulatory business is, is allowed to then consume and use things, for example, with tech extract or any other really cool service that has, you know, monthly and quarterly innovations. So there's things that you just can't, could not do before that are coming out and saving customers money and building innovative applications on top of their, their current app base in, in a rapid fashion. So pretty excited about it. There's a lot of examples. I think I probably don't have time to go into too, too many here. Yeah. But that's actually the best part is listening to customers and seeing how many net new services and new applications are they actually building on top of this platform. >>Nora, what's your perspective from the VMware sy? So, you know, you guys have now a lot of headroom to offer customers with Amazon's, you know, higher level services and or whatever's homegrown where's being rolled out? Cuz you now have a lot of hybrid too, so, so what's your, what's your take on what, what's happening in with customers? >>I mean, it's been phenomenal, the, the customer adoption of this and you know, banks and many other highly sensitive verticals are running production grade applications, tier one applications on the service over the last five years. And so, you know, I have a couple of really good examples. S and p Global is one of my favorite examples. Large bank, they merge with IHS market, big sort of conglomeration. Now both customers were using VMware cloud and AWS in different ways. And with the, with the use case, one of their use cases was how do I just respond to these global opportunities without having to invest in physical data centers? And then how do I migrate and consolidate all my data centers across the global, which there were many. And so one specific example for this company was how they migrated thousand 1000 workloads to VMware cloud AWS in just six weeks. Pretty phenomenal. If you think about everything that goes into a cloud migration process, people process technology and the beauty of the technology going from VMware point A to VMware point B, the the lowest cost, lowest risk approach to adopting VMware, VMware cloud, and aws. So that's, you know, one of my favorite examples. There are many other examples across other verticals that we continue to see. The good thing is we are seeing rapid expansion across the globe that constantly entering new markets with the limited number of regions and progressing our roadmap there. >>Yeah, it's great to see, I mean the data center migrations go from months, many, many months to weeks. It's interesting to see some of those success stories. So congratulations. One >>Of other, one of the other interesting fascinating benefits is the sustainability improvement in terms of being green. So the efficiency gains that we have both in current generation and new generation processors and everything that we're doing to make sure that when a customer can be elastic, they're also saving power, which is really critical in a lot of regions worldwide at this point in time. They're, they're seeing those benefits. If you're running really inefficiently in your own data center, that is just a, not a great use of power. So the actual calculators and the benefits to these workloads is, are pretty phenomenal just in being more green, which I like. We just all need to do our part there. And, and this is a big part of it here. >>It's a huge, it's a huge point about the sustainability. Fred, I'm glad you called that out. The other one I would say is supply chain issues. Another one you see that constrains, I can't buy hardware. And the third one is really obvious, but no one really talks about it. It's security, right? I mean, I remember interviewing Stephen Schmidt with that AWS and many years ago, this is like 2013, and you know, at that time people were saying the cloud's not secure. And he's like, listen, it's more secure in the cloud on premise. And if you look at the security breaches, it's all about the on-premise data center vulnerabilities, not so much hardware. So there's a lot you gotta to stay current on, on the isolation there is is hard. So I think, I think the security and supply chain, Fred is, is another one. Do you agree? >>I I absolutely agree. It's, it's hard to manage supply chain nowadays. We put a lot of effort into that and I think we have a great ability to forecast and make sure that we can lean in and, and have the resources that are available and run them, run them more efficiently. Yeah, and then like you said on the security point, security is job one. It is, it is the only P one. And if you think of how we build our infrastructure from Nitro all the way up and how we respond and work with our partners and our customers, there's nothing more important. >>And naron your point earlier about the managed service patching and being on top of things, it's really gonna get better. All right, final question. I really wanna thank you for your time on this showcase. It's really been a great conversation. Fred, you had made a comment earlier. I wanna kind of end with kind of a curve ball and put you eyes on the spot. We're talking about a modern, a new modern shift. It's another, we're seeing another inflection point, we've been documenting it, it's almost like cloud hitting another inflection point with application and open source growth significantly at the app layer. Continue to put a lot of pressure and, and innovation in the infrastructure side. So the question is for you guys each to answer is what's the same and what's different in today's market? So it's kind of like we want more of the same here, but also things have changed radically and better here. What are the, what's, what's changed for the better and where, what's still the same kind of thing hanging around that people are focused on? Can you share your perspective? >>I'll, I'll, I'll, I'll tackle it. You know, businesses are complex and they're often unique that that's the same. What's changed is how fast you can innovate. The ability to combine manage services and new innovative services and build new applications is so much faster today. Leveraging world class hardware that you don't have to worry about that's elastic. You, you could not do that even five, 10 years ago to the degree you can today, especially with innovation. So innovation is accelerating at a, at a rate that most people can't even comprehend and understand the, the set of services that are available to them. It's really fascinating to see what a one pizza team of of engineers can go actually develop in a week. It is phenomenal. So super excited about this space and it's only gonna continue to accelerate that. That's my take. All right. >>You got a lot of platform to compete on with, got a lot to build on then you're Ryan, your side, What's your, what's your answer to that question? >>I think we are seeing a lot of innovation with new applications that customers are constant. I think what we see is this whole notion of how do you go from desktop to production to the secure supply chain and how can we truly, you know, build on the agility that developers desire and build all the security and the pipelines to energize that motor production quickly and efficiently. I think we, we are seeing, you know, we are at the very start of that sort of of journey. Of course we have invested in Kubernetes the means to an end, but there's so much more beyond that's happening in industry. And I think we're at the very, very beginning of this transformations, enterprise transformation that many of our customers are going through and we are inherently part of it. >>Yeah. Well gentlemen, I really appreciate that we're seeing the same thing. It's more the same here on, you know, solving these complexities with distractions. Whether it's, you know, higher level services with large scale infrastructure at, at your fingertips. Infrastructures, code, infrastructure to be provisioned, serverless, all the good stuff happen in Fred with AWS on your side. And we're seeing customers resonate with this idea of being an operator, again, being a cloud operator and developer. So the developer ops is kind of, DevOps is kind of changing too. So all for the better. Thank you for spending the time and we're seeing again, that traction with the VMware customer base and of us getting, getting along great together. So thanks for sharing your perspectives, >>I appreciate it. Thank you so >>Much. Okay, thank you John. Okay, this is the Cube and AWS VMware showcase, accelerating business transformation. VMware cloud on aws, jointly engineered solution, bringing innovation to the VMware customer base, going to the cloud and beyond. I'm John Fur, your host. Thanks for watching. Hello everyone. Welcome to the special cube presentation of accelerating business transformation on vmc on aws. I'm John Furrier, host of the Cube. We have dawan director of global sales and go to market for VMware cloud on adb. This is a great showcase and should be a lot of fun. Ashish, thanks for coming on. >>Hi John. Thank you so much. >>So VMware cloud on AWS has been well documented as this big success for VMware and aws. As customers move their workloads into the cloud, IT operations of VMware customers has signaling a lot of change. This is changing the landscape globally is on cloud migration and beyond. What's your take on this? Can you open this up with the most important story around VMC on aws? >>Yes, John. The most important thing for our customers today is the how they can safely and swiftly move their ID infrastructure and applications through cloud. Now, VMware cloud AWS is a service that allows all vSphere based workloads to move to cloud safely, swiftly and reliably. Banks can move their core, core banking platforms, insurance companies move their core insurance platforms, telcos move their goss, bss, PLA platforms, government organizations are moving their citizen engagement platforms using VMC on aws because this is one platform that allows you to move it, move their VMware based platforms very fast. Migrations can happen in a matter of days instead of months. Extremely securely. It's a VMware manage service. It's very secure and highly reliably. It gets the, the reliability of the underlyings infrastructure along with it. So win-win from our customers perspective. >>You know, we reported on this big news in 2016 with Andy Chas, the, and Pat Geling at the time, a lot of people said it was a bad deal. It turned out to be a great deal because not only could VMware customers actually have a cloud migrate to the cloud, do it safely, which was their number one concern. They didn't want to have disruption to their operations, but also position themselves for what's beyond just shifting to the cloud. So I have to ask you, since you got the finger on the pulse here, what are we seeing in the market when it comes to migrating and modern modernizing in the cloud? Because that's the next step. They go to the cloud, you guys have done that, doing it, then they go, I gotta modernize, which means kind of upgrading or refactoring. What's your take on that? >>Yeah, absolutely. Look, the first step is to help our customers assess their infrastructure and licensing and entire ID operations. Once we've done the assessment, we then create their migration plans. A lot of our customers are at that inflection point. They're, they're looking at their real estate, ex data center, real estate. They're looking at their contracts with colocation vendors. They really want to exit their data centers, right? And VMware cloud and AWS is a perfect solution for customers who wanna exit their data centers, migrate these applications onto the AWS platform using VMC on aws, get rid of additional real estate overheads, power overheads, be socially and environmentally conscious by doing that as well, right? So that's the migration story, but to your point, it doesn't end there, right? Modernization is a critical aspect of the entire customer journey as as well customers, once they've migrated their ID applications and infrastructure on cloud get access to all the modernization services that AWS has. They can correct easily to our data lake services, to our AIML services, to custom databases, right? They can decide which applications they want to keep and which applications they want to refactor. They want to take decisions on containerization, make decisions on service computing once they've come to the cloud. But the most important thing is to take that first step. You know, exit data centers, come to AWS using vmc or aws, and then a whole host of modernization options available to them. >>Yeah, I gotta say, we had this right on this, on this story, because you just pointed out a big thing, which was first order of business is to make sure to leverage the on-prem investments that those customers made and then migrate to the cloud where they can maintain their applications, their data, their infrastructure operations that they're used to, and then be in position to start getting modern. So I have to ask you, how are you guys specifically, or how is VMware cloud on s addressing these needs of the customers? Because what happens next is something that needs to happen faster. And sometimes the skills might not be there because if they're running old school, IT ops now they gotta come in and jump in. They're gonna use a data cloud, they're gonna want to use all kinds of machine learning, and there's a lot of great goodness going on above the stack there. So as you move with the higher level services, you know, it's a no brainer, obviously, but they're not, it's not yesterday's higher level services in the cloud. So how are, how is this being addressed? >>Absolutely. I think you hit up on a very important point, and that is skills, right? When our customers are operating, some of the most critical applications I just mentioned, core banking, core insurance, et cetera, they're most of the core applications that our customers have across industries, like even, even large scale ERP systems, they're actually sitting on VMware's vSphere platform right now. When the customer wants to migrate these to cloud, one of the key bottlenecks they face is skill sets. They have the trained manpower for these core applications, but for these high level services, they may not, right? So the first order of business is to help them ease this migration pain as much as possible by not wanting them to, to upscale immediately. And we VMware cloud and AWS exactly does that. I mean, you don't have to do anything. You don't have to create new skill set for doing this, right? Their existing skill sets suffice, but at the same time, it gives them that, that leeway to build that skills roadmap for their team. DNS is invested in that, right? Yes. We want to help them build those skills in the high level services, be it aml, be it, be it i t be it data lake and analytics. We want to invest in them, and we help our customers through that. So that ultimately the ultimate goal of making them drop data is, is, is a front and center. >>I wanna get into some of the use cases and success stories, but I want to just reiterate, hit back your point on the skill thing. Because if you look at what you guys have done at aws, you've essentially, and Andy Chassey used to talk about this all the time when I would interview him, and now last year Adam was saying the same thing. You guys do all the heavy lifting, but if you're a VMware customer user or operator, you are used to things. You don't have to be relearn to be a cloud architect. Now you're already in the game. So this is like almost like a instant path to cloud skills for the VMware. There's hundreds of thousands of, of VMware architects and operators that now instantly become cloud architects, literally overnight. Can you respond to that? Do you agree with that? And then give an example. >>Yes, absolutely. You know, if you have skills on the VMware platform, you know, know, migrating to AWS using via by cloud and AWS is absolutely possible. You don't have to really change the skills. The operations are exactly the same. The management systems are exactly the same. So you don't really have to change anything but the advantages that you get access to all the other AWS services. So you are instantly able to integrate with other AWS services and you become a cloud architect immediately, right? You are able to solve some of the critical problems that your underlying IT infrastructure has immediately using this. And I think that's a great value proposition for our customers to use this service. >>And just one more point, I want just get into something that's really kind of inside baseball or nuanced VMC or VMware cloud on AWS means something. Could you take a minute to explain what on AWS means? Just because you're like hosting and using Amazon as a, as a work workload? Being on AWS means something specific in your world, being VMC on AWS mean? >>Yes. This is a great question, by the way, You know, on AWS means that, you know, VMware's vse platform is, is a, is an iconic enterprise virtualization software, you know, a disproportionately high market share across industries. So when we wanted to create a cloud product along with them, obviously our aim was for them, for the, for this platform to have the goodness of the AWS underlying infrastructure, right? And, and therefore, when we created this VMware cloud solution, it it literally use the AWS platform under the eighth, right? And that's why it's called a VMs VMware cloud on AWS using, using the, the, the wide portfolio of our regions across the world and the strength of the underlying infrastructure, the reliability and, and, and sustainability that it offers. And therefore this product is called VMC on aws. >>It's a distinction I think is worth noting, and it does reflect engineering and some levels of integration that go well beyond just having a SaaS app and, and basically platform as a service or past services. So I just wanna make sure that now super cloud, we'll talk about that a little bit in another interview, but I gotta get one more question in before we get into the use cases and customer success stories is in, in most of the VM world, VMware world, in that IT world, it used to, when you heard migration, people would go, Oh my God, that's gonna take months. And when I hear about moving stuff around and doing cloud native, the first reaction people might have is complexity. So two questions for you before we move on to the next talk. Track complexity. How are you addressing the complexity issue and how long these migrations take? Is it easy? Is it it hard? I mean, you know, the knee jerk reaction is month, You're very used to that. If they're dealing with Oracle or other old school vendors, like, they're, like the old guard would be like, takes a year to move stuff around. So can you comment on complexity and speed? >>Yeah. So the first, first thing is complexity. And you know, what makes what makes anything complex is if you're, if you're required to acquire new skill sets or you've gotta, if you're required to manage something differently, and as far as VMware cloud and AWS on both these aspects, you don't have to do anything, right? You don't have to acquire new skill sets. Your existing idea operation skill sets on, on VMware's platforms are absolutely fine and you don't have to manage it any differently like, than what you're managing your, your ID infrastructure today. So in both these aspects, it's exactly the same and therefore it is absolutely not complex as far as, as far as, as far as we cloud and AWS is concerned. And the other thing is speed. This is where the huge differentiation is. You have seen that, you know, large banks and large telcos have now moved their workloads, you know, literally in days instead of months. >>Because because of VMware cloud and aws, a lot of time customers come to us with specific deadlines because they want to exit their data centers on a particular date. And what happens, VMware cloud and AWS is called upon to do that migration, right? So speed is absolutely critical. The reason is also exactly the same because you are using the exactly the same platform, the same management systems, people are available to you, you're able to migrate quickly, right? I would just reference recently we got an award from President Zelensky of Ukraine for, you know, migrating their entire ID digital infrastructure and, and that that happened because they were using VMware cloud database and happened very swiftly. >>That's been a great example. I mean, that's one political, but the economic advantage of getting outta the data center could be national security. You mentioned Ukraine, I mean Oscar see bombing and death over there. So clearly that's a critical crown jewel for their running their operations, which is, you know, you know, world mission critical. So great stuff. I love the speed thing. I think that's a huge one. Let's get into some of the use cases. One of them is, the first one I wanted to talk about was we just hit on data, data center migration. It could be financial reasons on a downturn or our, or market growth. People can make money by shifting to the cloud, either saving money or making money. You win on both sides. It's a, it's a, it's almost a recession proof, if you will. Cloud is so use case for number one data center migration. Take us through what that looks like. Give an example of a success. Take us through a day, day in the life of a data center migration in, in a couple minutes. >>Yeah. You know, I can give you an example of a, of a, of a large bank who decided to migrate, you know, their, all their data centers outside their existing infrastructure. And they had, they had a set timeline, right? They had a set timeline to migrate the, the, they were coming up on a renewal and they wanted to make sure that this set timeline is met. We did a, a complete assessment of their infrastructure. We did a complete assessment of their IT applications, more than 80% of their IT applications, underlying v vSphere platform. And we, we thought that the right solution for them in the timeline that they wanted, right, is VMware cloud ands. And obviously it was a large bank, it wanted to do it safely and securely. It wanted to have it completely managed, and therefore VMware cloud and aws, you know, ticked all the boxes as far as that is concerned. >>I'll be happy to report that the large bank has moved to most of their applications on AWS exiting three of their data centers, and they'll be exiting 12 more very soon. So that's a great example of, of, of the large bank exiting data centers. There's another Corolla to that. Not only did they manage to manage to exit their data centers and of course use and be more agile, but they also met their sustainability goals. Their board of directors had given them goals to be carbon neutral by 2025. They found out that 35% of all their carbon foot footprint was in their data centers. And if they moved their, their ID infrastructure to cloud, they would severely reduce the, the carbon footprint, which is 35% down to 17 to 18%. Right? And that meant their, their, their, their sustainability targets and their commitment to the go to being carbon neutral as well. >>And that they, and they shift that to you guys. Would you guys take that burden? A heavy lifting there and you guys have a sustainability story, which is a whole nother showcase in and of itself. We >>Can Exactly. And, and cause of the scale of our, of our operations, we are able to, we are able to work on that really well as >>Well. All right. So love the data migration. I think that's got real proof points. You got, I can save money, I can, I can then move and position my applications into the cloud for that reason and other reasons as a lot of other reasons to do that. But now it gets into what you mentioned earlier was, okay, data migration, clearly a use case and you laid out some successes. I'm sure there's a zillion others. But then the next step comes, now you got cloud architects becoming minted every, and you got managed services and higher level services. What happens next? Can you give us an example of the use case of the modernization around the NextGen workloads, NextGen applications? We're starting to see, you know, things like data clouds, not data warehouses. We're not gonna data clouds, it's gonna be all kinds of clouds. These NextGen apps are pure digital transformation in action. Take us through a use case of how you guys make that happen with a success story. >>Yes, absolutely. And this is, this is an amazing success story and the customer here is s and p global ratings. As you know, s and p global ratings is, is the world leader as far as global ratings, global credit ratings is concerned. And for them, you know, the last couple of years have been tough as far as hardware procurement is concerned, right? The pandemic has really upended the, the supply chain. And it was taking a lot of time to procure hardware, you know, configure it in time, make sure that that's reliable and then, you know, distribute it in the wide variety of, of, of offices and locations that they have. And they came to us. We, we did, again, a, a, a alar, a fairly large comprehensive assessment of their ID infrastructure and their licensing contracts. And we also found out that VMware cloud and AWS is the right solution for them. >>So we worked there, migrated all their applications, and as soon as we migrated all their applications, they got, they got access to, you know, our high level services be our analytics services, our machine learning services, our, our, our, our artificial intelligence services that have been critical for them, for their growth. And, and that really is helping them, you know, get towards their next level of modern applications. Right Now, obviously going forward, they will have, they will have the choice to, you know, really think about which applications they want to, you know, refactor or which applications they want to go ahead with. That is really a choice in front of them. And, but you know, the, we VMware cloud and AWS really gave them the opportunity to first migrate and then, you know, move towards modernization with speed. >>You know, the speed of a startup is always the kind of the Silicon Valley story where you're, you know, people can make massive changes in 18 months, whether that's a pivot or a new product. You see that in startup world. Now, in the enterprise, you can see the same thing. I noticed behind you on your whiteboard, you got a slogan that says, are you thinking big? I know Amazon likes to think big, but also you work back from the customers and, and I think this modern application thing's a big deal because I think the mindset has always been constrained because back before they moved to the cloud, most IT, and, and, and on-premise data center shops, it's slow. You gotta get the hardware, you gotta configure it, you gotta, you gotta stand it up, make sure all the software is validated on it, and loading a database and loading oss, I mean, mean, yeah, it got easier and with scripting and whatnot, but when you move to the cloud, you have more scale, which means more speed, which means it opens up their capability to think differently and build product. What are you seeing there? Can you share your opinion on that epiphany of, wow, things are going fast, I got more time to actually think about maybe doing a cloud native app or transforming this or that. What's your, what's your reaction to that? Can you share your opinion? >>Well, ultimately we, we want our customers to utilize, you know, most of our modern services, you know, applications should be microservices based. When desired, they should use serverless applic. So list technology, they should not have monolithic, you know, relational database contracts. They should use custom databases, they should use containers when needed, right? So ultimately, we want our customers to use these modern technologies to make sure that their IT infrastructure, their licensing, their, their entire IT spend is completely native to cloud technologies. They work with the speed of a startup, but it's important for them to, to, to get to the first step, right? So that's why we create this journey for our customers, where you help them migrate, give them time to build the skills, they'll help them mo modernize, take our partners along with their, along with us to, to make sure that they can address the need for our customers. That's, that's what our customers need today, and that's what we are working backwards from. >>Yeah, and I think that opens up some big ideas. I'll just say that the, you know, we're joking, I was joking the other night with someone here in, in Palo Alto around serverless, and I said, you know, soon you're gonna hear words like architectural list. And that's a criticism on one hand, but you might say, Hey, you know, if you don't really need an architecture, you know, storage lists, I mean, at the end of the day, infrastructure is code means developers can do all the it in the coding cycles and then make the operations cloud based. And I think this is kind of where I see the dots connecting. Final thought here, take us through what you're thinking around how this new world is evolving. I mean, architecturals kind of a joke, but the point is, you know, you have to some sort of architecture, but you don't have to overthink it. >>Totally. No, that's a great thought, by the way. I know it's a joke, but it's a great thought because at the end of the day, you know, what do the customers really want? They want outcomes, right? Why did service technology come? It was because there was an outcome that they needed. They didn't want to get stuck with, you know, the, the, the real estate of, of a, of a server. They wanted to use compute when they needed to, right? Similarly, what you're talking about is, you know, outcome based, you know, desire of our customers and, and, and that's exactly where the word is going to, Right? Cloud really enforces that, right? We are actually, you know, working backwards from a customer's outcome and using, using our area the breadth and depth of our services to, to deliver those outcomes, right? And, and most of our services are in that path, right? When we use VMware cloud and aws, the outcome is a, to migrate then to modernize, but doesn't stop there, use our native services, you know, get the business outcomes using this. So I think that's, that's exactly what we are going through >>Actually, should actually, you're the director of global sales and go to market for VMware cloud on Aus. I wanna thank you for coming on, but I'll give you the final minute. Give a plug, explain what is the VMware cloud on Aus, Why is it great? Why should people engage with you and, and the team, and what ultimately is this path look like for them going forward? >>Yeah. At the end of the day, we want our customers to have the best paths to the cloud, right? The, the best path to the cloud is making sure that they migrate safely, reliably, and securely as well as with speed, right? And then, you know, use that cloud platform to, to utilize AWS's native services to make sure that they modernize their IT infrastructure and applications, right? We want, ultimately that our customers, customers, customer get the best out of, you know, utilizing the, that whole application experience is enhanced tremendously by using our services. And I think that's, that's exactly what we are working towards VMware cloud AWS is, is helping our customers in that journey towards migrating, modernizing, whether they wanna exit a data center or whether they wanna modernize their applications. It's a essential first step that we wanna help our customers with >>One director of global sales and go to market with VMware cloud on neighbors. He's with aws sharing his thoughts on accelerating business transformation on aws. This is a showcase. We're talking about the future path. We're talking about use cases with success stories from customers as she's thank you for spending time today on this showcase. >>Thank you, John. I appreciate it. >>Okay. This is the cube, special coverage, special presentation of the AWS Showcase. I'm John Furrier, thanks for watching.

(upbeat music) >> Hello, everyone. Welcome back to theCUBE's presentation of the AWS Startup Showcase. This is season two, episode four of the ongoing series covering the exciting startups from the AWS ecosystem. And talking about cybersecurity. I'm your host, John Furrier. Excited to have two great guests. Ed Casmer, founder and CEO of Cloud Storage Security, back CUBE alumni, and also James Johnson, AVP of Research and Development at iPipeline. Here to talk about cloud storage security antivirus on S3. James, thanks for joining us today. >> Thank you, John. >> Thank you. >> So the topic here is cloud security, storage security. Ed, we had a great CUBE conversation previously, earlier in the month. Companies are modernizing their apps and migrating the cloud. That's fact. Everyone kind of knows that. >> Yeah. >> Been there, done that. Clouds have the infrastructure, they got the OS, they got protection, but the end of the day, the companies are responsible and they're on the hook for their own security of their data. And this is becoming more permanent now that you have hybrid cloud, cloud operations, cloud native applications. This is the core focus right now in the next five years. This is what everyone's talking about. Architecture, how to build apps, workflows, team formation. Everything's being refactored around this. Can you talk about how organizations are adjusting and how they view their data security in light of how applications are being built and specifically around the goodness of say S3? >> Yep, absolutely. Thank you for that. So we've seen S3 grow 20,000% over the last 10 years. And that's primarily because companies like James with iPipeline are delivering solutions that are leveraging this object storage more and above the others. When we look at protection, we typically fall into a couple of categories. The first one is, we have folks that are worried about the access of the data. How are they dealing with it? And so they're looking at configuration aspects. But the big thing that we're seeing is that customers are blind to the fact that the data itself must also be protected and looked at. And so we find these customers who do come to the realization that it needs to happen, finding out, asking themselves, how do I solve for this? And so they need lightweight, cloud native built solutions to deliver that. >> So what's the blind spot? You mentioned there's a blind spot. They're kind of blind to that. What specifically are you seeing? >> Well so, when we get into these conversations, the first thing that we see with customers is I need to predict how I access it. This is everyone's conversation. Who are my users? How do they get into my data? How am I controlling that policy? Am I making sure there's no east-west traffic there, once I've blocked the north-south? But what we really find is that the data is the key packet of this whole process. It's what gets consumed by the downstream users. Whether that's an employee, a customer, a partner. And so it's really, the blind spot is the fact that we find most customers not looking at whether that data is safe to use. >> It's interesting. When you talk about that, I think about all the recent breaches and incidents. "Incidents," they call them. >> Yeah. >> They've really been around user configurations. S3 buckets not configured properly. >> Absolutely. >> And this brings up what you're saying, is that the users and the customers have to be responsible for the configurations, the encryption, the malware aspect of it. Don't just hope that AWS has the magic to do it. Is that kind of what you're getting at here? Is that the similar, am I correlating that properly? >> Absolutely. That's perfect. And we've seen it. We've had our own customers, luckily iPipeline's not one of them, that have actually infected their end users because they weren't looking at the data. >> And that's a huge issue. So James, let's get in, you're a customer partner. Talk about your relationship with these guys and what's it all about? >> Yeah, well, my pipeline is building a digital ecosystem for life insurance and wealth management industries to enable the sale of life insurance to under-insured and uninsured Americans, to make sure that they have the coverage that they need, should something happen. And our solutions have been around for many years. In a traditional data center type of an implementation. And we're in process now of migrating that to the cloud, moving it to AWS, in order to give our customers a better experience, a better resiliency, better reliability. And with that, we have to change the way that we approach file storage and how we approach scanning for vulnerabilities in those files that might come to us via feeds from third parties or that are uploaded directly by end users that come to us from a source that we don't control. So it was really necessary for us to identify a solution that both solved for these vulnerability scanning needs, as well as enabling us to leverage the capabilities that we get with other aspects of our move to the cloud and being able to automatically scale based on load, based on need, to ensure that we get the performance that our customers are looking for. >> So tell me about your journey to the cloud, migrating to the cloud and how you're using S3 specifically. What led you to determine the need for the cloud based AV solution? >> So when we looked to begin moving our applications to the cloud, one of the realizations that we had is that our approach to storing certain types of data was a bit archaic. We were storing binary files in a database, which is not the most efficient way to do things. And we were scanning them with the traditional antivirus engines that would've been scaled in traditional ways. So as our need grew, we would need to spin up additional instances of those engines to keep up with load. And we wanted a solution that was cloud native and would allow us to scan more dynamically without having to manage the underlying details of how many engines do I need to have running for a particular load at a particular time and being able to scan dynamically. And also being able to move that out of the application layer, being able to scan those files behind the scenes. So scanning in, when the file's been saved in S3, it allows us to scan and release the file once it's been deemed safe rather than blocking the user while they wait for that scan to take place. >> Awesome. Well, thanks for sharing that. I got to ask Ed, and James, same question next. It's, how does all this factor in to audits and self compliance? Because when you start getting into this level of sophistication, I'm sure it probably impacts reporting workflows. Can you guys share the impact on that piece of it? The reporting? >> Yeah. I'll start with a comment and James will have more applicable things to say. But we're seeing two things. One is, you don't want to be the vendor whose name is in the news for infecting your customer base. So that's number one. So you have to put something like this in place and figure that out. The second part is, we do hear that under SOC 2, under PCI, different aspects of it, there are scanning requirements on your data. Traditionally, we've looked at that as endpoint data and the data that you see in your on-prem world. It doesn't translate as directly to cloud data, but it's certainly applicable. And if you want to achieve SOC 2 or you want to achieve some of these other pieces, you have to be scanning your data as well. >> Furrier: James, what's your take? As practitioner, you're living it. >> Yeah, that's exactly right. There are a number of audits that we go through where this is a question that comes up both from a SOC perspective, as well as our individual customers who reach out and they want to know where we stand from a security perspective and a compliance perspective. And very often this is a question of how are you ensuring that data that is uploaded into the application is safe and doesn't contain any vulnerabilities. >> James, if you don't mind me asking, I have to kind of inquire because I can imagine that you have users on your system but also you have third parties, relationships. How does that impact this? What's the connection? >> That's a good question. We receive data from a number of different locations from our customers directly, from their users and from partners that we have as well as partners that our customers have. And as we ingest that data, from an implementation perspective, the way we've approached this, there's a minimal impact there in each one of those integrations. Because everything comes into the S3 bucket and is scanned before it is available for consumption or distribution. But this allows us to ensure that no matter where that data is coming from, that we are able to verify that it is safe before we allow it into our systems or allow it to continue on to another third party whether that's our customer or somebody else. >> Yeah, I don't mean to get in the weeds there, but it's one of those things where, this is what people are experiencing right now. Ed, we talked about this before. It's not just siloed data anymore. It's interactive data. It's third party data from multiple sources. This is a scanning requirement. >> Agreed. I find it interesting too. I think James brings it up. We've had it in previous conversations that not all data's created equal. Data that comes from third parties that you're not in control of, you feel like you have to scan. And other data you may generate internally. You don't have to be as compelled to scan that although it's a good idea, but you can, as long as you can sift through and determine which data is which and process it appropriately, then you're in good shape. >> Well, James, you're living the cloud security, storage security situation here. I got to ask you, if you zoom out and not get in the weeds and look at the board room or the management conversation. Tell me about how you guys view the data security problem. I mean, obviously it's important. So can you give us a level of how important it is for iPipeline and with your customers and where does this S3 piece fit in? I mean, when you guys look at this holistically, for data security, what's the view, what's the conversation like? >> Yeah. Well, data security is critical. As Ed mentioned a few minutes ago, you don't want to be the company that's in the news because some data was exposed. That's something that nobody has the appetite for. And so data security is first and foremost in everything that we do. And that's really where this solution came into play, in making sure that we had not only a solution but we had a solution that was the right fit for the technology that we're using. There are a number of options. Some of them have been around for a while. But this was focused on S3, which we were using to store these documents that are coming from many different sources. And we have to take all the precautions we can to ensure that something that is malicious doesn't make its way into our ecosystem or into our customers' ecosystems through us. >> What's the primary use case that you see the value here with these guys? What's the aha moment that you had? >> With the cloud storage security specifically, it goes beyond the security aspects of being able to scan for vulnerable files, which is, there are a number of options and they're one of those. But for us, the key was being able to scale dynamically without committing to a particular load whether that's under committing or overcommitting. As we move our applications from a traditional data center type of installation to AWS, we anticipated a lot of growth over time and being able to scale up very dynamically, literally moving a slider within the admin console, was key to us to be able to meet our customer's needs without overspending, by building up something that was dramatically larger than we needed in our initial rollout. >> Not a bad testimonial there, Ed. >> I mean, I agree. >> This really highlights the applications using S3 more in the file workflow for the application in real time. This is where you start to see the rise of ransomware other issues. And scale matters. Can you share your thoughts and reaction to what James just said? >> Yeah. I think it's critical. As the popularity of S3 has increased, so has the fact that it's an attack vector now. And people are going after it whether that's to plant bad malicious files, whether it's to replace code segments that are downloaded and used in other applications, it is a very critical piece. And when you look at scale and you look at the cloud native capability, there are lots of ways to solve it. You can dig a hole with a spoon, but a shovel works a lot better. And in this case, we take a simple example like James. They did a weekend migration, so they've got new data coming in all the time, but we did a massive migration 5,000 files a minute being ingested. And like he said, with a couple of clicks, scale up, process that over sustained period of time and then scale back down. So I've said it before, I said it on the previous one. We don't want to get in the way of someone's workflow. We want to help them secure their data and do it in a timely fashion that they can continue with their proper processing and their normal customer responses. >> Frictionless has to be key. I know you're in the marketplace with your antivirus for S3 on the AWS. People can just download it. So people are interested, go check it out. James, I got to ask you and maybe Ed can chime in over the top, but it seems so obvious. Data. Secure the data. Why is it so hard? Why isn't this so obvious? What's the problem? Why is it so difficult? Why are there so many different solutions? It just seems so obvious. You know, you got ransomware, you got injection of different malicious payloads. There's a ton of things going on around the data. Why is, this so obvious? Why isn't it solved? >> Well, I think there have been solutions available for a long time. But the challenge, the difficulty that I see, is that it is a moving target. As bad actors learn new vulnerabilities, new approaches and as new technology becomes available, that opens additional attack vectors. >> Yeah. >> That's the challenge, is keeping up on the changing world including keeping up on the new ways that people are finding to exploit vulnerabilities. >> And you got sensitive data at iPipeline. You do a lot of insurance, wealth management, all kinds of sensitive data, super valuable. This brings me up, reminds me of the Sony hack Ed, years ago. Companies are responsible for their own militia. I mean, cybersecurity is no government help for sure. I mean, companies are on the hook. As we mentioned earlier at the top of this interview, this really is highlighted that IT departments have to evolve to large scale cloud, cloud native applications, automation, AI machine learning all built in, to keep up at the scale. But also from a defense standpoint. I mean, James you're out there, you're in the front lines, you got to defend yourself basically, and you got to engineer it. >> A hundred percent. And just to go on top of what James was saying is, I think there, one of the big factors and we've seen this. There's skill shortages out there. There's also just a pure lack of understanding. When we look at Amazon S3 or object storage in general, it's not an executable file system. So people sort of assume that, oh, I'm safe. It's not executable. So I'm not worried about it traversing my storage network. And they also probably have the assumption that the cloud providers, Amazon is taking care of this for them. And so it's this aha moment. Like you mentioned earlier, that you start to think, oh it's not about where the data is sitting per se. It's about scanning it as close to the storage spot. So when it gets to the end user, it's safe and secure. And you can't rely on the end user's environment and system to be in place and up to date to handle it. So it's that really, that lack of understanding that drives some of these folks into this. But for a while, we'll walk into customers and they'll say the same thing you said, John. Why haven't I been doing this for so long? And it's because they didn't understand that it was such a risk. That's where that blind spot comes in. >> James, it's just a final note on your environment. What's your goals for the next year? How's things going over there on your side? How you look at the security posture? What's on your agenda for the next year? How are you guys looking at the next level? >> Yeah. Well, our goal as it relates to this is to continue to move our existing applications over to AWS to run natively there. Which includes moving more data into S3 and leveraging the cloud storage security solution to scan that and ensure that there are no vulnerabilities that are getting in. >> And the ingestion, is there like a bottlenecks log jams? How do you guys see that scaling up? I mean, what's the strategy there? Just add more S3? >> Well, S3 itself scales automatically for us and the cloud storage solution gives us leverage to pull to do that. As Ed mentioned, we ingested a large amount of data during our initial migration which created a bottleneck for us. As we were preparing to move our users over, we were able to make an adjustment in the admin console and spin up additional processes entirely behind the scenes and broke the log jam. So I don't see any immediate concerns there, being able to handle the load. >> The term cloud native and hyperscale native, cloud native, one cloud's hybrid. All these things are native. We have antivirus native coming soon. And I mean, this is what we're basically doing is making it native into the workflows. Security native. And soon there's going to be security clouds out there. We're starting to see the rise of these new solutions. Can you guys share any thoughts or vision around how you see the industry evolving and what's needed? What's working and what's needed? Ed, we'll start with you. What's your vision? >> So I think the notion of being able to look at and view the management plane and control that has been where we're at right now. That's what everyone seems to be doing and going after. I think there are niche plays coming up. Storage is one of them, but we're going to get to a point where storage is just a blanket term for where you put your stuff. I mean, it kind of already is that. But in AWS, it's going to be less about S3. Less about work docs, less about EVS. It's going to be just storage and you're going to need a solution that can span all of that to go along with where we're already at the management plane. We're going to keep growing the data plane. >> James, what's your vision for what's needed in the industry? What's the gaps, what's working, and where do you see things going? >> Yeah, well, I think on the security front specifically, Ed's probably a little bit better equipped to speak to them than I am since that his primary focus. But I see the need for just expanded solutions that are cloud native that fit and fit nicely with the Amazon technologies. Whether that comes from Amazon or other partners like Cloud Storage Security to fill those gaps. We are focused on the financial services and insurance industries. That's our niche. And we look to other partners like Ed to help be the experts in these areas. And so that's really what I'm looking for, is the experts that we can partner with that are going to help fill those gaps as they come up and as they change in the future. >> Well, James, I really appreciate you coming on, sharing your story and I'll give you the final word. Put a quick, spend a minute to talk about the company. I know Cloud Storage Security is an AWS partner with the security software competency and is one of I think 16 partners listed in the competency and the data category. So take a minute to explain what's going on with the company, where people can find more information, how they buy and consume the products. >> Okay. >> Put the plug in. >> Yeah, thank you for that. So we are a fast growing startup. We've been in business for two and a half years now. We have achieved our security competency as John indicated. We're one of 16 data protection security competent ISV vendors globally. And our goal is to expand and grow a platform that spans all storage types that you're going to be dealing with and answer basic questions. What do I have and where is it? Is it safe to use? And am I in proper control of it? Am I being alerted appropriate? So we're building this storage security platform, very laser focused on the storage aspect of it. And if people want to find out more information, you're more than welcome to go and try the software out on Amazon marketplace. That's basically where we do most of our transacting. So find it there. Start of free trial. Reach out to us directly from our website. We are happy to help you in any way that you need it. Whether that's storage assessments, figuring out what data is important to you and how to protect it. >> All right, Ed. Thank you so much. Ed Casmer, founder and CEO of Cloud Storage Security. And of course James Johnson, AVP of Research and Development, iPipeline customer. Gentlemen, thank you for sharing your story and featuring the company and the value proposition, certainly needed. This is season two, episode four. Thanks for joining us. Appreciate it. >> Casmer: Thanks John. >> Okay. I'm John Furrier. That is a wrap for this segment of the cybersecurity season two, episode four. The ongoing series covering the exciting startups from Amazon's ecosystem. Thanks for watching. (upbeat music)

(upbeat music) >> Hello, and welcome back to AWS Startup Showcase, I'm John Furrier, your host. This is the Hero panel, the AWS Heroes. These are folks that have a lot of experience in Open Source, having fun building great projects and commercializing the value and best practices of Open Source innovation. We've got some great guests here. Liz Rice, Chief Open Source Officer, Isovalent. CUBE alumni, great to see you. Brian LeRoux, who is the Co-founder and CTO of begin.com. Erica Windisch who's an Architect for Developer Experience. AWS Hero, also CUBE alumni. Casey Lee, CTO Gaggle. Doing some great stuff in ed tech. Great collection of experts and experienced folks doing some fun stuff, welcome to this conversation this CUBE panel. >> Hi. >> Thanks for having us. >> Hello. >> Let's go down the line. >> I don't normally do this, but since we're remote and we have such great guests, go down the line and talk about why Open Source is important to you guys. What projects are you currently working on? And what's the coolest thing going on there? Liz we'll start with you. >> Okay, so I am very involved in the world of Cloud Native. I'm the chair of the technical oversight committee for the Cloud Native Computing Foundation. So that means I get to see a lot of what's going on across a very broad range of Cloud Native projects. More specifically, Isovalent. I focus on Cilium, which is it's based on a technology called EBPF. That is to me, probably the most exciting technology right now. And then finally, I'm also involved in an organization called OpenUK, which is really pushing for more use of open technologies here in the United Kingdom. So spread around lots of different projects. And I'm in a really fortunate position, I think, to see what's happening with lots of projects and also the commercialization of lots of projects. >> Awesome, Brian what project are you working on? >> Working project these days called Architect. It's a Open Source project built on top of AWSM. It adds a lot of sugar and terseness to the SM experience and just makes it a lot easier to work with and get started. AWS can be a little bit intimidating to people at times. And the Open Source community is stepping up to make some of that bond ramp a little bit easier. And I'm also an Apache member. And so I keep a hairy eyeball on what's going on in that reality all the time. And I've been doing this open-source thing for quite a while, and yeah, I love it. It's a great thing. It's real science. We get to verify each other's work and we get to expand and build on human knowledge. So that's a huge honor to just even be able to do that and I feel stoked to be here so thanks for having me. >> Awesome, yeah, and totally great. Erica, what's your current situation going on here? What's happening? >> Sure, so I am currently working on developer experience of a number of Open Source STKS and CLI components from my current employer. And previously, recently I left New Relic where I was working on integrating with OpenTelemetry, as well as a number of other things. Before that I was a maintainer of Docker and of OpenStack. So I've been in this game for a while as well. And I tend to just put my fingers in a lot of little pies anywhere from DVD players 20 years ago to a lot of this open telemetry and monitoring and various STKs and developer tools is where like Docker and OpenStack and the STKs that I work on now, all very much focusing on developer as the user. >> Yeah, you're always on the wave, Erica great stuff. Casey, what's going on? Do you got some great ed techs happening? What's happening with you? >> Yeah, sure. The primary Open Source project that I'm contributing to right now is ACT. This is a tool I created a couple of years back when GitHub Actions first came out, and my motivation there was I'm just impatient. And that whole commit, push, wait time where you're testing out your pipelines is painful. And so I wanted to build a tool that allowed developers to test out their GitHub Actions workflows locally. And so this tool uses Docker containers to emulate, to get up action environment and gives you fast feedback on those workflows that you're building. Lot of innovation happening at GitHub. And so we're just trying to keep up and continue to replicate those new features functionalities in the local runner. And the biggest challenge I've had with this project is just keeping up with the community. We just passed 20,000 stars, and it'd be it's a normal week to get like 10 PRs. So super excited to announce just yesterday, actually I invited four of the most active contributors to help me with maintaining the project. And so this is like a big deal for me, letting the project go and bringing other people in to help lead it. So, yeah, huge shout out to those folks that have been helping with driving that project. So looking forward to what's next for it. >> Great, we'll make sure the SiliconANGLE riders catch that quote there. Great call out. Let's start, Brian, you made me realize when you mentioned Apache and then you've been watching all the stuff going on, it brings up the question of the evolution of Open Source, and the commercialization trends have been very interesting these days. You're seeing CloudScale really impact also with the growth of code. And Liz, if you remember, the Linux Foundation keeps making projections and they keep blowing past them every year on more and more code and more and more entrance coming in, not just individuals, corporations. So you starting to see Netflix donates something, you got Lyft donate some stuff, becomes a project company forms around it. There's a lot of entrepreneurial activity that's creating this new abstraction layers, new platforms, not just tools. So you start to see a new kickup trajectory with Open Source. You guys want to comment on this because this is going to impact how fast the enterprise will see value here. >> I think a really great example of that is a project called Backstage that's just come out of Spotify. And it's going through the incubation process at the CNCF. And that's why it's front of mind for me right now, 'cause I've been working on the due diligence for that. And the reason why I thought it was interesting in relation to your question is it's spun out of Spotify. It's fully Open Source. They have a ton of different enterprises using it as this developer portal, but they're starting to see some startups emerging offering like a hosted managed version of Backstage or offering services around Backstage or offering commercial plugins into Backstage. And I think it's really fascinating to see those ecosystems building up around a project and different ways that people can. I'm a big believer. You cannot sell the Open Source code, but you can sell other things that create value around Open Source projects. So that's really exciting to see. >> Great point. Anyone else want to weigh in and react to that? Because it's the new model. It's not the old way. I mean, I remember when I was in college, we had the Pirate software. Open Source wasn't around. So you had to deal under the table. Now it's free. But I mean the old way was you had to convince the enterprise, like you've got a hard knit, it builds the community and the community manage the quality of the code. And then you had to build the company to make sure they could support it. Now the companies are actually involved in it, right? And then new startups are forming faster. And the proof points are shorter and highly accelerated for that. I mean, it's a whole new- >> It's a Cambrian explosion, and it's great. It's one of those things that it's challenging for the new developers because they come in and they're like, "Whoa, what is all this stuff that I'm supposed to figure out?" And there's no right answer and there's no wrong answer. There's just tons of it. And I think that there's a desire for us to have one sort of well-known trot and happy path, that audience we're a lot better with a more diverse community, with lots of options, with lots of ways to approach these problems. And I think it's just great. A challenge that we have with all these options and all these Cambrian explosion of projects and all these competing ideas, right now, the sustainability, it's a bit of a tricky question to answer. We know that there's a commercialization aspect that helps us fund these projects, but how we compose the open versus the commercial source is still a bit of a tricky question and a tough one for a lot of folks. >> Erica, would you chime in on that for a second. I want to get your angle on that, this experience and all this code, and I'm a new person, I'm an existing person. Do I get like a blue check mark and verify? I mean, these are questions like, well, how do you navigate? >> Yeah, I think this has been something happening for a while. I mean, back in the early OpenStack days, 2010, for instance, Rackspace Open Sourcing, OpenStack and ANSU Labs and so forth, and then trying, having all these companies forming in creating startups around this. I started at a company called Cloudccaling back in late 2010, and we had some competitors such as Piston and so forth where a lot of the ANSUL Labs people went. But then, the real winners, I think from OpenStack ended up being the enterprises that jumped in. We had Red Hat in particular, as well as HP and IBM jumping in and investing in OpenStack, and really proving out a lot of... not that it was the first time, but this is when we started seeing billions of dollars pouring into Open Source projects and Open Source Foundations, such as the OpenStack Foundation, which proceeded a lot of the things that we now see with the Linux Foundation, which was then created a little bit later. And at the same time, I'm also reflecting a little bit what Brian said because there are projects that don't get funded, that don't get the same attention, but they're also getting used quite significantly. Things like Log4j really bringing this to the spotlight in terms of projects that are used everywhere by everything with significant outsized impacts on the industry that are not getting funded, that aren't flashy enough, that aren't exciting enough because it's just logging, but a vulnerability in it brings every everything and everybody down and has possibly billions of dollars of impact to our industry because nobody wanted to fund this project. >> I think that brings up the commercialization point about maybe bringing a venture capital model in saying, "Hey, that boring little logging thing could be a key ingredient for say solving some observability problems so I think let's put some cash." Again then we'd never seen that before. Now you're starting to see that kind of a real smart investment thesis going into Open Source projects. I mean, Promethease, Crafter, these are projects that turned off companies. This is turning up companies. >> A decade ago, there was no money in Dev tools that I think that's been fully debunked now. They used to be a concept that the venture community believed, but there's just too much evidence to the contrary, the companies like Cash Court, Datadog, the list goes on and on. I think the challenge for the Open Source (indistinct) comes back to foundations and working (indistinct) these developers make this code safe and secure. >> Casey, what's your reaction to all of this? You've got, so a project has gained some traction, got some momentum. There's a lot of mission critical. I won't say white spaces, but the opportunities in the big cloud game happening. And there's a lot of, I won't say too many entrepreneurial, but there's a lot of community action happening that's precommercialization that's getting traction. How does this all develop naturally and then vector in quickly when it hits? >> Yeah, I want to go back to the Log4j topic real quick. I think that it's a great example of an area that we need to do better at. And there was a cool article that Rob Pike wrote describing how to quantify the criticality. I think that's sort of quantifying criticality was the article he wrote on how to use metrics, to determine how valuable, how important a piece of Open Source is to the community. And we really need to highlight that more. We need a way to make it more clear how important this software is, how many people depend on it and how many people are contributing to it. And because right now we all do that. Like if I'm going to evaluate an Open Source software, sure, I'll look at how many stars it has and how many contributors it has. But I got to go through and do all that work myself and come up with. It would be really great if we had an agreed upon method for ranking the criticality of software, but then also the risk, hey, that this is used by a ton of people, but nobody's contributing to it anymore. That's a concern. And that would be great to potential users of that to signal whether or not it makes sense. The Open Source Security Foundation, just getting off the ground, they're doing some work in this space, and I'm really excited to see where they go with that looking at ways to stop score critically. >> Well, this brings up a good point while we've got everyone here, let's take a plug and plug a project you think that's not getting the visibility it needs. Let's go through each of you, point out a project that you think people should be looking at and talking about that might get some free visibility here. Anyone want to highlight projects they think should be focused more on, or that needs a little bit of love? >> I think, I mean, particularly if we're talking about these sort of vulnerability issues, there's a ton of work going on, like in the Secure Software Foundation, other foundations, I think there's work going on in Apache somewhere as well around the bill of material, the software bill of materials, the Secure Software supply chain security, even enumerating your dependencies is not trivial today. So I think there's going to be a ton of people doing really good work on that, as well as the criticality aspect. It's all like that. There's a really great xkcd cartoon with your software project and some really big monolithic lumps. And then, this tiny little piece in a very important point that's maintained by somebody in his bedroom in Montana or something and if you called it out. >> Yeah, you just opened where the next lightening and a bottle comes from. And this is I think the beauty of Open Source is that you get a little collaboration, you get three feet in a cloud of dust going and you get some momentum, and if it's relevant, it rises to the top. I think that's the collective intelligence of Open Source. The question I want to ask that the panel here is when you go into an enterprise, and now that the game is changing with a much more collaborative and involved, what's the story if they say, hey, what's in it for me, how do I manage the Open Source? What's the current best practice? Because there's no doubt I can't ignore it. It's in everything we do. How do I organize around it? How do I build around it to be more efficient and more productive and reduce the risk on vulnerabilities to managing staff, making sure the right teams in place, the right agility and all those things? >> You called it, they got to get skin in the game. They need to be active and involved and donating to a sustainable Open Source project is a great way to start. But if you really want to be active, then you should be committing. You should have a goal for your organization to be contributing back to that project. Maybe not committing code, it could be committing resources into the darks or in the tests, or even tweeting about an Open Source project is contributing to it. And I think a lot of these enterprises could benefit a lot from getting more active with the Open Source Foundations that are out there. >> Liz, you've been actively involved. I know we've talked personally when the CNCF started, which had a great commercial uptake from companies. What do you think the current state-of-the-art kind of equation is has it changed a little bit? Or is it the game still the same? >> Yeah, and in the early days of the CNCF, it was very much dominated by vendors behind the project. And now we're seeing more and more membership from end-user companies, the kind of enterprises that are building their businesses on Cloud Native, but their business is not in itself. That's not there. The infrastructure is not their business. And I think seeing those companies, putting money in, putting time in, as Brian says contributing resources quite often, there's enough money, but finding the talent to do the work and finding people who are prepared to actually chop the wood and carry the water, >> Exactly. >> that it's hard. >> And if enterprises can find peoples to spend time on Open Source projects, help with those chores, it's hugely valuable. And it's one of those the rising tide floats all the boats. We can raise security, we can reduce the amount of dependency on maintain projects collectively. >> I think the business models there, I think one of the things I'll react to and then get your guys' comments is remember which CubeCon it was, it was one of the early ones. And I remember seeing Apple having a booth, but nobody was manning. It was just an Apple booth. They weren't doing anything, but they were recruiting. And I think you saw the transition of a business model where the worry about a big vendor taking over a project and having undue influence over it goes away because I think this idea of participation is also talent, but also committing that talent back into the communities as a model, as a business model, like, okay, hire some great people, but listen, don't screw up the Open Source piece of it 'cause that's a critical. >> Also hire a channel, right? They can use those contributions to source that talent and build the reputation in the communities that they depend on. And so there's really a lot of benefit to the larger organizations that can do this. They'll have a huge pipeline of really qualified engineers right out the gate without having to resort to cheesy whiteboard interviews, which is pretty great. >> Yeah, I agree with a lot of this. One of my concerns is that a lot of these corporations tend to focus very narrowly on certain projects, which they feel that they depend greatly, they'll invest in OpenStack, they'll invest in Docker, they'll invest in some of the CNCF projects. And then these other projects get ignored. Something that I've been a proponent of for a little bit for a while is observability of your dependencies. And I don't think there's quite enough projects and solutions to this. And it sounds maybe from lists, there are some projects that I don't know about, but I also know that there's some startups like Snyk and so forth that help with a little bit of this problem, but I think we need more focus on some of these edges. And I think companies need to do better, both in providing, having some sort of solution for observability of the dependencies, as well as understanding those dependencies and managing them. I've seen companies for instance, depending on software that they actively don't want to use based on a certain criteria that they already set projects, like they'll set a requirement that any project that they use has a code of conduct, but they'll then use projects that don't have codes of conduct. And if they don't have a code of conduct, then employees are prohibited from working on those projects. So you've locked yourself into a place where you're depending on software that you have instructed, your employees are not allowed to contribute to, for certain legal and other reasons. So you need to draw a line in the sand and then recognize that those projects are ones that you don't want to consume, and then not use them, and have observability around these things. >> That's a great point. I think we have 10 minutes left. I want to just shift to a topic that I think is relevant. And that is as Open Source software, software, people develop software, you see under the hood kind of software, SREs developing very quickly in the CloudScale, but also you've got your classic software developers who were writing code. So you have supply chain, software supply chain challenges. You mentioned developer experience around how to code. You have now automation in place. So you've got the development of all these things that are happening. Like I just want to write software. Some people want to get and do infrastructure as code so DevSecOps is here. So how does that look like going forward? How has the future of Open Source going to make the developers just want to code quickly? And the folks who want to tweak the infrastructure a bit more efficient, any views on that? >> At Gaggle, we're using AWS' CDK, exclusively for our infrastructure as code. And it's a great transition for developers instead of writing Yammel or Jason, or even HCL for their infrastructure code, now they're writing code in the language that they're used to Python or JavaScript, and what that's providing is an easier transition for developers into that Infrastructure as code at Gaggle here, but it's also providing an opportunity to provide reusable constructs that some Devs can build on. So if we've got a very opinionated way to deploy a serverless app in a database and do auto-scaling behind and all stuff, we can present that to a developer as a library, and they can just consume it as it is. Maybe that's as deep as they want to go and they're happy with that. But then they want to go deeper into it, they can either use some of the lower level constructs or create PRs to the platform team to have those constructs changed to fit their needs. So it provides a nice on-ramp developers to use the tools and languages they're used to, and then also go deeper as they need. >> That's awesome. Does that mean they're not full stack developers anymore that they're half stack developers they're taking care of for them? >> I don't know either. >> We'll in. >> No, only kidding. Anyway, any other reactions to this whole? I just want to code, make it easy for me, and some people want to get down and dirty under the hood. >> So I think that for me, Docker was always a key part of this. I don't know when DevSecOps was coined exactly, but I was talking with people about it back in 2012. And when I joined Docker, it was a part of that vision for me, was that Docker was applying these security principles by default for your application. It wasn't, I mean, yes, everybody adopted because of the portability and the acceleration of development, but it was for me, the fact that it was limiting what you could do from a security angle by default, and then giving you these tuna balls that you can control it further. You asked about a project that may not get enough recognition is something called DockerSlim, which is designed to optimize your containers and will make them smaller, but it also constraints the security footprint, and we'll remove capabilities from the container. It will help you build security profiles for app armor and the Red Hat one. SELinux. >> SELinux. >> Yeah, and this is something that I think a lot of developers, it's kind of outside of the realm of things that they're really thinking about. So the more that we can automate those processes and make it easier out of the box for users or for... when I say users, I mean, developers, so that it's straightforward and automatic and also giving them the capability of refining it and tuning it as needed, or simply choosing platforms like serverless offerings, which have these security constraints built in out of the box and sometimes maybe less tuneable, but very strong by default. And I think that's a good place for us to be is where we just enforced these things and make you do things in a secure way. >> Yeah, I'm a huge fan of Kubernetes, but it's not the right hammer for every nail. And there are absolutely tons of applications that are better served by something like Lambda where a lot more of that security surface is taken care of for the developer. And I think we will see better tooling around security profiling and making it easier to shrink wrap your applications that there are plenty of products out there that can help you with this in a cloud native environment. But I think for the smaller developer let's say, or an earlier stage company, yeah, it needs to be so much more straightforward. Really does. >> Really an interesting time, 10 years ago, when I was working at Adobe, we used to requisition all these analysts to tell us how many developers there were for the market. And we thought there was about 20 million developers. If GitHub's to be believed, we think there is now around 80 million developers. So both these groups are probably wrong in their numbers, but the takeaway here for me is that we've got a lot of new developers and a lot of these new developers are really struck by a paradox of choice. And they're typically starting on the front end. And so there's a lot of movement in the stack moved towards the front end. We saw that at re:Invent when Amazon was really pushing Amplify 'cause they're seeing this too. It's interesting because this is where folks start. And so a lot of the obstructions are moving in that direction, but maybe not always necessarily totally appropriate. And so finding the right balance for folks is still a work in progress. Like Lambda is a great example. It lets me focus totally on just business logic. I don't have to think about infrastructure pretty much at all. And if I'm newer to the industry, that makes a lot of sense to me. As use cases expand, all of a sudden, reality intervenes, and it might not be appropriate for everything. And so figuring out what those edges are, is still the challenge, I think. >> All right, thank you very much for coming on the CUBE here panel. AWS Heroes, thanks everyone for coming. I really appreciate it, thank you. >> Thank you. >> Thank you. >> Okay. >> Thanks for having me. >> Okay, that's a wrap here back to the program and the awesome startups. Thanks for watching. (upbeat music)

>>Hi, everyone. Welcome to the cubes presentation of the eight of us startup showcase open cloud innovations. This is season two episode one of the ongoing series covering the exciting startups from ABC ecosystems today. Uh, episode one, steam is the open source community and open cloud innovations. I'm Sean for your host got two great guests, Webb brown CEO of coop costs and as Thielen, head of business development, coop quest, gentlemen, thanks for coming on the cube for the showcase 80, but startups. >>Thanks for having a Sean. Great to be back, uh, really excited for the discussion we have here. >>I keep alumni from many, many coupons go. You guys are in a hot area right now, monitoring and reducing the Kubernetes spend. Okay. So first of all, we know one thing for sure. Kubernetes is the hottest thing going on because of all the benefits. So take us through you guys. Macro view of this market. Kubernetes is growing, what's going on with the company. What is your company's role? >>Yeah, so we've definitely seen this growth firsthand with our customers in addition to the broader market. Um, you know, and I think we believe that that's really indicative of the value that Kubernetes provides, right? And a lot of that is just faster time to market more scalability, improved agility for developer teams and, you know, there's even more there, but it's a really exciting time for our company and also for the broader cloud native community. Um, so what that means for our company is, you know, we're, we're scaling up quickly to meet our users and support our users, every, you know, metric that our company's grown about four X over the last year, including our team. Um, and the reason that one's the most important is just because, you know, the, the more folks and the larger that our company is, the better that we can support our users and help them monitor and reduce those costs, which ultimately makes Kubernetes easier to use for customers and users out there on the market. >>Okay. So I want to get into why Kubernetes is costing so much. Obviously the growth is there, but before we get there, what is the background? What's the origination story? Where did coop costs come from? Obviously you guys have a great name costs. Qube you guys probably reduced costs and Kubernetes great name, but what's the origination story. How'd you guys get here? What HR you scratching? What problem are you solving? >>So yeah, John, you, you guessed it, uh, you know, oftentimes the, the name is a dead giveaway there where we're cost monitoring cost management solutions for Kubernetes and cloud native. Um, and backstory here is our founding team was at Google before starting the company. Um, we were working on infrastructure monitoring, um, both on internal infrastructure, as well as Google cloud. Um, we had a handful of our teammates join the Kubernetes effort, you know, early days. And, uh, we saw a lot of teams, you know, struggling with the problems we're solving. We were solving internally at Google and we're we're solving today. Um, and to speak to those problems a little bit, uh, you know, you, you, you touched on how just scale alone is making this come to the forefront, right. You know, there's now many billions of dollars being spent on CU, um, that is bringing this issue, uh, to make it a business critical questions that is being asked in lots of organizations. Um, you know, that combined with, you know, the dynamic nature and complexity of Kubernetes, um, makes it really hard to manage, um, you know, costs, uh, when you scale across a very large organization. Um, so teams turned to coop costs today, you know, thousands of them do, uh, to get monitoring in place, you know, including alerts, recurring reports and like dynamic management insights or automation. >>Yeah. I know we talked to CubeCon before Webb and I want to come back to the problem statement because when you have these emerging growth areas that are really relevant and enabling technologies, um, you move to the next point of failure. And so, so you scaling these abstraction layers. Now services are being turned on more and more keeping it as clusters are out there. So I have to ask you, what is the main cost driver problem that's happening in the cube space that you guys are addressing? Is it just sheer volume? Is it different classes of services? Is it like different things are kind of working together, different monitoring tools? Is it not a platform and take us through the, the problem area? What do you guys see this? >>Yeah, the number one problem area is still actually what, uh, the CNCF fin ops survey highlighted earlier this year, um, which is that approximately two thirds of companies still don't have kind of baseline to visibility into spend when they moved to Kubernetes. Um, so, you know, even if you had a really complex, you know, chargeback program in place, when you're building all your applications on BMS, you move to Kubernetes and most teams again, can't answer these really simple questions. Um, so we're able to give them that visibility in real time, so they can start breaking these problems down. Right. They can start to see that, okay, it's these, you know, the deployments are staple sets that are driving our costs or no, it's actually, you know, these workloads that are talking to, you know, S3 buckets and, you know, really driving, you know, egress costs. Um, so it's really about first and foremost, just getting the visibility, getting the eyes and ears. We're able to give that to teams in real time at the largest scale Kubernetes clusters in the world. Um, and again, most teams, when they first start working with us, don't have that visibility, not having that visibility can have a whole bunch of downstream impacts, um, including kind of not getting, you know, costs right. You know, performance, right. Et cetera. >>Well, let's get into that downstream benefit, uh, um, problems and or situations. But the first question I have just throw naysayer comment at you would be like, oh, wait, I have all this cost monitoring stuff already. What's different about Kubernetes. Why what's what's the problem I can are my other tool is going to work for me. How do you answer that one? >>Yeah. So, you know, I think first and foremost containers are very dynamic right there. They're often complex, often transient and consume variable cluster resources. And so as much as this enables teams to contract construct powerful solutions, um, the associated costs and actually tracking those, those different variables can be really difficult. And so that's why we see why a solution like food costs. That's purpose built for developers using Kubernetes is really necessary because some of those older, you know, traditional cloud cost optimization tools are just not as fit for, for this space specifically. >>Yeah. I think that's exactly right, Alex. And I would add to that just the way that software is being architected deployed and managed is fundamentally changing with Kubernetes, right? It is deeply impacting every part of scifi software delivery process. And through that, you know, decisions are getting made and, you know, engineers are ultimately being empowered, um, to make more, you know, costs impacting decisions. Um, and so we've seen, you know, organizations that get real time kind of built for Kubernetes are built for cloud native, um, benefit from that massively throughout their, their culture, um, you know, cost performance, et cetera. >>Uh, well, can you just give a quick example because I think that's a great point. The architectures are shifting, they're changing there's new things coming in, so it's not like you can use an old tool and just retrofit it. That's sometimes that's awkward. What specific things you see changing with Kubernetes that's that environments are leveraging that's good. >>Yeah. Yeah. Um, one would be all these Kubernetes primitives are concepts that didn't exist before. Right. So, um, you know, I'm not, you know, managing just a generic workload, I'm managing a staple set and, or, you know, three replica sets. Right. And so having a language that is very much tailored towards all of these Kubernetes concepts and abstractions, et cetera. Um, but then secondly, it was like, you know, we're seeing this very obvious, you know, push towards microservices where, you know, typically again, you're shipping faster, um, you know, teams are making more distributed or decentralized decisions, uh, where there's not one single point where you can kind of gate check everything. Um, and that's a great thing for innovation, right? We can move much faster. Um, but for some teams, um, you know, not using a tool like coop costs, that means sacrificing having a safety net in place, right. >>Or guard rails in place to really help manage and monitor this. And I would just say, lastly, you know, uh, a solution like coop costs because it's built for Kubernetes sits in your infrastructure, um, it can be deployed with a single helmet stall. You don't have to share any data remotely. Um, but because it's listening to your infrastructure, it can give you data in real time. Right. And so we're moving from this world where you can make real time automated decisions or manual decisions as opposed to waiting for a bill, you know, a day, two days or a week later, um, when it may be already too late, you know, to avoid, >>Or he got the extra costs and you know what, he wants that. And he got to fight for a refund. Oh yeah. I threw a switch or wasn't paying attention or human error or code because a lot of automation is going on. So I could see that as a benefit. I gotta, I gotta ask the question on, um, developer uptake, because develop, you mentioned a good point. There that's another key modern dynamic developers are in, in the moment making decisions on security, on policy, um, things to do in the CIC D pipeline. So if I'm a developer, how do I engage with Qube cost? Do I have to, can I just download something? Is it easy? How's the onboarding process for your customers? >>Yeah. Great, great question. Um, so, you know, first and foremost, I think this gets to the roots of our company and the roots of coop costs, which is, you know, born in open-source, everything we do is built on top of open source. Uh, so the answer is, you know, you can go out and install it in minutes. Like, you know, thousands of other teams have, um, it is, you know, the, the recommended route or preferred route on our side is, you know, a helm installed. Um, again, you don't have to share any data remotely. You can truly not lock down, you know, namespace eat grass, for example, on the coop cost namespace. Um, and yeah, and in minutes you'll have this visibility and can start to see, you know, really interesting metrics that, again, most teams, when we started working with them, either didn't have them in place at all, or they had a really rough estimate based on maybe even a coop cost Scruff on a dashboard that they installed. >>How does cube cost provide the visibility across the environment? How do you guys actually make it work? >>Yeah, so we, you know, sit in your infrastructure. Um, we have integrations with, um, for on-prem like custom pricing sheets, uh, with card providers will integrate with your actual billing data, um, so that we can, uh, listen for events in your infrastructure, say like a nude node coming up, or a new pod being scheduled, et cetera. Um, we take that information, join with your billing data, whether it's on-prem or in one of the big three cloud providers. And then again, we can, in real time tell you the cost of, you know, any dimension of your infrastructure, whether it's one of the backing, you know, virtual assets you're using, or one of the application dimensions like a label or annotation namespace, you know, pod container, you name it >>Awesome. Alex, what's your take on the landscape with, with the customers as they look the cost reductions. I mean, everyone loves cost reductions as a, certainly I love the safety net comment that Webb made, but at the end of the day, Kubernetes is not so much a cost driver. It's more of a, I want the modern apps faster. Right? So, so, so people who are buying Kubernetes usually aren't price sensitive, but they also don't want to get gouged either on mistakes. Where is the customer path here around Kubernetes cost management and reduction and a scale? >>Yeah. So I think one thing that we're looking forward to hearing this upcoming year, just like we did last year is continuing to work with the various tools that customers are already using and, you know, meeting those customers where they are. So some examples of that are, you know, working with like CICT tools out there. Like we have a great integration with armoring Spinnaker to help customers actually take the insights from coop costs and deploy those, um, in a more efficient manner. Um, we're also working with a lot of partners, like, you know, for fauna to help customers visualize our data and, you know, integrate with or rancher, which are management platforms for Kubernetes. And all of that I think is just to make cost come more to the forefront of the conversation when folks are using Kubernetes and provide that, that data to customers and all the various tools that they're using across the ecosystem. Um, so I think we really want to surface this and make costs more of a first-class citizen across, you know, the, the ecosystem and then the community partners. >>What's your strategy of the biz dev side. As you guys look at a growing ecosystem with CubeCon CNCF, you mentioned that earlier, um, the community is growing. It's always been growing fast. You know, the number of people entering in are amazing, but now that we start going, you know, the S curves kicking in, um, integration and interoperability and openness is always a key part of company success. What's Qube costs is vision on how you're going to do biz dev going forward. >>Absolutely. So, you know, our products opensource that is deeply important to our company, we're always going to continue to drive innovation on our open source product. Um, as Webb mentioned, you know, we have thousands of teams that are, that are using our product. And most of that is actually on the free, but something that we want to make sure continues to be available for the community and continue to bring that development for the community. And so I think a part of that is making sure that we're working with folks not just on the commercial side, but also those open source, um, types of products, right? So, you know, for Fanta is open source Spinnaker's are open source. I think a lot of the biz dev strategies just sticking to our roots and make sure that we continue to drive it a strong open source presence and product for, for our community of users, keep that >>And a, an open source and commercial and keep it stable. Well, I got to ask you, obviously, the wave is here. I always joke, uh, going back. I remember when the word Kubernetes was just kicked around pre uh, the OpenStack days many, many years ago. It's the luxury of being a old cube guy that I am 11 years doing the cube, um, all fun. But if we remember talking to him in the early days, is that with Kubernetes was, if, if it worked, the, the phrase was rising, tide floats all boats, I would say right now, the tides rising pretty well right now, you guys are in a good spot with the cube costs. Are there areas that you see coming where cost monitoring, um, is going to expand more? Where do you see the Kubernetes? Um, what's the aperture, if you will, of the, of the cost monitoring space at your end that you think you can address. >>Yeah, John, I think you're exactly right. This, uh, tide has risen and it just keeps riding rising, right? Like, um, you know, the, the sheer number of organizations we use C using Kubernetes at massive scale is just mind blowing at this point. Um, you know, what we see is this really natural pattern for teams to start using a solution like coop costs, uh, start with, again, either limited or no visibility, get that visibility in place, and then really develop an action plan from there. And that could again be, you know, different governance solutions like alerts or, you know, management reports or, you know, engineering team reports, et cetera. Um, but it's really about, you know, phase two of taking that information and really starting to do something with it. Right. Um, we, we are seeing and expect to see more teams turn to an increasing amount of, of automation to do that. Um, but ultimately that is, uh, very much after you get this baseline highly accurate, uh, visibility that you feel very comfortable making, potentially critical, very critical related to reliability, performance decisions within your infrastructure. >>Yeah. I think getting it right key, you mentioned baseline. Let me ask you a quick follow-up on that. How fast can companies get there when you say baseline, there's probably levels of baseline. Obviously all environments are different now. Not all one's the same, but what's just anecdotally you see, as that baseline, how fast we will get there, is there a certain minimum viable configuration or architecture? Just take us through your thoughts on that. >>Yeah. Great question. It definitely depends on organizational complexity and, you know, can depend on applicational application complexity as well. But I would say most importantly is, um, you know, the, the array of cost centers, departments, you know, complexity across the org as opposed to, you know, technological. Um, so I would say for, you know, less complex organizations, we've seen it happen in, you know, hours or, you know, a day less, et cetera. Um, because that's, you know, one or two or a smaller engineering games, they can share that visibility really quickly. And, um, you know, they may be familiar with Kubernetes and they just get it right away. Um, for larger organizations, we've seen it take kind of up 90 days where it's really about infusing this kind of into their DNA. When again, there may not have been a visibility or transparency here before. Um, again, I think the, the, the bulk of the time there is really about kind of the cultural element, um, and kind of awareness building, um, and just buy in throughout the organization. >>Awesome. Well, guys got a great product. Congratulations, final question for both of you, it's early days in Kubernetes, even though the tide is rising, keeps rising, more boats are coming in. Harbor is getting bigger, whatever, whatever metaphor you want to use, it's really going great. You guys are seeing customer adoption. We're seeing cloud native. I was told that my friends at dock or the container side is going crazy as well. Everything's going great in cloud native. What's the vision on the innovation? How do you guys continue to push the envelope on value in open source and in the commercial area? What's the vision? >>Yeah, I think there's, there's many areas here and I know Alex will have more to add here. Um, but you know, one area that I know is relevant to his world is just more, really interesting integrations, right? So he mentioned coop costs, insights, powering decisions, and say Spinnaker, right? I think more and more of this tool chain really coming together and really seeing the benefits of all this interoperability. Right. Um, so that I think combined with, uh, just more and more intelligence and automation being deployed again, that's only after the fact that teams are really comfortable with his decisions and the information and the decisions that are being made. Um, but I think that increasingly we see the community again, being ready to leverage this information and really powerful ways. Um, just because, you know, as teams scale, there's just a lot to manage. And so a team, you know, leveraging automation can, you know, supercharge them and in really impactful ways. >>Awesome, great integration integrations, Alex, expand on that. A whole different kind of set of business development integrations. When you have lots of tool chains, lots of platforms and tools kind of coming together, sharing data, working together, automating together. >>Well. Yeah, we, so I think it's going to be super important to keep a pulse on the new tools. Right. Make sure that we're on the forefront of what customers are using and just continuing to meet them where they are. And a lot of that honestly, is working with AWS too, right? Like they have great services and EKS and managed Prometheus's. Um, so we want to make sure that we continue to work with that team and support their services as that launched as well. >>Great stuff. I got a couple of minutes left. I felt I'll throw one more question in there since I got two great experts here. Um, just, you know, a little bit change of pace, more of an industry question. That's really no wrong answer, but I'd love to get your reaction to, um, the SAS conversation cloud has changed what used to be SAS. SAS was, oh yeah. Software as a service. Now that you have all these kinds of new kinds of you have automation, horizontally, scalable cloud and edge, you now have vertical machine learning. Data-driven insights. A lot of things in the stack are changing. So the question is what's the new SAS look like it's the same as the old SAS? Or is it a new kind of refactoring of what SAS is? What's your take on this? >>Yeah. Um, there's a web, please jump in here wherever. But in, in my view, um, it's a spectrum, right? There's there's customers that are on both ends of this. Some customers just want a fully hosted, fully managed product that wouldn't benefit from the luxury of not having to do any, any sort of infrastructure management or patching or anything like that. And they just want to consume a great product. Um, on the other hand, there's other customers that have more highly regulated industries or security requirements, and they're going to need things to deploy in their environment. Um, right now QP cost is, is self hosted. But I think in the future, we want to make sure that, you know, we, we have versions of our product available for customers across that entire spectrum. Um, so that, you know, if somebody wants the benefit of just not having to manage anything, they can use a fully self hosted sat or a fully multitenant managed SAS, or, you know, other customers can use a self hosted product. And then there's going to be customers that are in the middle, right, where there's certain components that are okay to be a SAS or hosted elsewhere. But then there's going to be components that are really important to keep in their own environment. So I think, uh, it's really across the board and it's going to depend on customer and customer, but it's important to make sure we have options for all of them. >>Great guys, we have SAS, same as the old SAS. What's the SAS playbook. Now >>I think it is such a deep and interesting question and one that, um, it's going to touch so many aspects of software and on our lives, I predict that we'll continue to see this, um, you know, tension or real trade-off across on the one hand convenience. And now on the other hand, security, privacy and control. Um, and I think, you know, like Alex mentioned, you know, different organizations are going to make different decisions here based on kind of their relative trade-offs. Um, I think it's going to be of epic proportions. I think, you know, we'll look back on this period and just say that, you know, this was one of the foundational questions of how to get this right. We ultimately view it as like, again, we want to offer choice, um, and make, uh, make every choice be great, but let our users, uh, pick the right one, given their profile on those, on those streets. >>I think, I think it's a great comment choice. And also you got now dimensions of implementations, right? Multitenant, custom regulated, secure. I want have all these controls. Um, it's great. No one, no one SaaS rules the world, so to speak. So it's again, great, great dynamic. But ultimately, if you want to leverage the data, is it horizontally addressable? MultiTech and again, this is a whole nother ball game we're watching this closely and you guys are in the middle of it with cube costs, as you guys are creating that baseline for customers. Uh, congratulations. Uh, great to see you where thanks for coming on. Appreciate it. Thank you so much for having us again. Okay. Great. Conservation aiders startup showcase open cloud innovators here. Open source is driving a lot of value as it goes. Commercial, going to the next generation. This is season two episode, one of the AWS startup series with the cube. Thanks for watching.

(bright music) >> Hi, everyone. Welcome to the CUBE's presentation of the AWS Startup Showcase around open cloud innovations. It's the season two episode one of the ongoing series covering exciting startups from the AWS ecosystem and talking about open source and innovation. I'm John Furrier, your host. Today, we're joined by two great guests. Dan Garfield, chief open source officer and co-founder of Codefresh IO, and Raziel Tabib, CEO and co-founder. Two co-founders in the middle of all the innovation. Gentlemen thanks for coming on. >> Thank you. >> So you guys have a great platform and as cloud native goes mainstream in the enterprise and for developers, the big topic is unification, end-to-end, horizontally scalable, leveraging data. All these things around agile that I call agile cloud next level. This is kind of what we're seeing. The CNCF is growing. You've seen KubeCon every year is more about these kinds of things. Words like orchestration, Kubernetes, container, security. All of those complexities are now at the center of making things easier for developers. This is a key value proposition and you guys at Codefresh are offering really the first enterprise delivery solution powered by Argo, which is an open source project. Again, open source driving really big changes. So let's get into it. And first of all, congratulations, and thanks for working on this project. What's so special about- >> Thank you for that. >> Argo the project, and why have you guys decided to build a platform on it, and where is this coming together? Take us through why this is so important. >> I think Argo has been a very fast growing open source project for multiple reasons. A, it has been built for the new way of building and deploying an application. It's cloud native. You mentioned Kubernetes becoming kind of the de facto way of running application. It's the de facto way to run automation and pipeline. But also Argo has been built from the ground up to the latest practices of how we deploy software. We deploy software now differently. We deploy it using a GitOps practice. We're deploying it using canary blue-green progressive deployment. And Argo has been built around these practices, around these technologies, and has been very much widely adopted by the community. In the past, the KubeCon you've mentioned, Argo was all over the place. And we were very glad to be working with the community to talk about what the next steps with Argo. >> Yeah, it's a really good point. I would like to just follow up on that because you see this being talked about. It always comes up, where is open source really outside of a pure contributors matter? And when you have corporations contributing, you seeing this has been the trend. You saw it with Lyft, with Envoy, companies doing more and more open source. This is part of a big collaboration. And again, this comes back down to this whole why it's relevant and why it's so special with Argo. Continue to talk about relationship because it's not just you guys, it's now community. >> Yeah, I can speak to that. The Argo project is something that we maintain in partnership with several other companies and really our relationship with it is that this is something that we're actively contributing to. This is something that we're helping build the roadmap on and planning the events around and all those kinds of things. And we're doing that because we really believe in this technology and we've built our platform on it. So when you deploy Codefresh, you're deploying technology that's built directly on Argo and is designed specifically to solve that problem that you spoke to at the top of the hour. We all want to deliver software faster. We all want to have fewer regressions. We want to have fewer breaking changes. We want software to be super reliable. We want to be comfortable with what we're doing. That's really why we picked Argo because that technology that we have it is to Raziel's point delivered in this new way. It's delivered using GitOps. And that's a whole revolution and change in the way that people build and deploy software. And bringing cohesion into that experience is so critical to building the confidence that lets you actually deploy often and frequently and more. >> Dan, if you don't mind just expanding on that one point about the problem you solve, because to me, this has been kind of that evolution. It's almost like, yeah, there's been problems, plural, and opportunities that you saw with those in growing markets like this with DevOps and DevSecOps and now cloud native. What is the catalyst behind all of this? What was the epiphany behind it? How did it get so much momentum? What was it really doing under the covers? >> Well, it's a very simple and easy to use set of tools. And that's one of the big things is that if you look at the ideas of GitOps and there's actually a foundation around this that were part of called open GitOps to GitOps working group under the CNCF. And those principles of, I want to, yes, do my software defined as code. I want to do my infrastructure defined as code and I need something monitoring by production run times and making sure that the declared desired state is always matching the actual state. Those principles have actually been around for a number of years. And with Kubernetes, we really unlocked an API that allowed us to start doing GitOps and this is why we bring in Argo and you see the rise of Argo CD and other workflows and what we've been doing is really because that technology has been unlocked now. So the ability to define how your software is supposed to run and now your entire software delivery stack should run, all defined and then monitored and then kept in check using the GitOps operator. That critical unlock is what's really driving the massive adoption. And like Raziel said, Argo is the fastest growing and most popular open source project for delivering software. And it's not even close. >> Yeah, this is really great point. And I want to get into that 'cause I want to know why, what you guys do on your platform versus the open source and get that relationship settled? Before we get there, though, I want to get your reaction to some of the commentary in the industry 'cause GitOps trend has been exploding into new directions. I mean, it used to be a term about 10 years ago called big data. And at the beginning where data was all big data. Now it was DevOps revolution around data as well. But now you're hearing people talk about big code. Like, I mean, the code bases are becoming so huge. So as a developer, you're leveraging large open source code. This idea of the software delivery with existing code and new code just adds to more code. There's more code being developed every day. >> There is more code delivered every day. And I think that organization realize today, almost in every industry that they have to pace up how fast and how frequent they update their software delivery. We're living in a world in which every aspect of our life has been disrupted by software and organization realize that they have to keep up and figure out how to deploy software more frequent and more lively. And I think, you mentioned that really Kubernetes, the cloud native became the de facto way of running application. I think most of organization has made that decision to move into cloud native. The second question is after, is okay, now we have all applications running, how fast and how more frequent we can deploy applications to the cloud native? And that's the stage in which we're super excited about Argo and our up platform because that's basically streamline the building application for these cloud native, deploying applications for the cloud native, and so on. >> Yeah, and I think that highlights the business value. You getting a lot of the conversations with businesses that say they want the modern application on the cloud scale. And at the end of the day, it comes down to speed and security. So how fast can I get the app out? How well does it work? Does it run performance? And does it have security? And I don't want a slow. >> Exactly. Exactly. It kind of oversimplifies it, but that's kind of the net net. So when you look at Argo open source, what's that's done and kind of where you guys are taking it. Can you talk about the differences between your enterprise version and the open source version and the interplay there, the relationship, the business model health customers can play on both sides or understand the difference? >> Sure. >> Go ahead. >> Go ahead, Raziel. Okay, so I think Argo, as you mentioned, is probably the most advanced technology today to both run pipelines. They're like events to trigger pipelines and Argo work for the one that pipelines, the Argo CD for GitOps and Rollout, for Canary blue-green strategies. And the adoption is really exploding. Just as an Advocate that we had in December, we have worked with the community and organized ArgoCon events in which we had initially kind of thought about 500 attendees. And so we have more than 4,000 registrants and majority of them are coming from enterprise. Now as we have talked to the community during this conference and figure out, okay, so what are the things that you're still missing? And that will help you take the benefit that you get from Argo to the next level. The few things that came up. One is Argo is a great technology. However, Argo now is fragmented into four projects. There is an advance. There is workflow. There is Argo CD. And there is Argo Rollout. And there is a need to bring them all together into a solid platform, solid one run time that can be easily installed, monitor all of these in a single UI, in a single control plane. That's one aspect. The second is the scalability. Really being able to manage it centrally across multiple clusters, not in one cluster. And what we bring in with the new one, we're so excited about this platform, is we're bringing that big. The first to get all of these four projects in one runtime, and one control plane, but also allow the community to run it across multiple cluster from one place getting into the solution, not just as a technology. >> If I may add to that, the value of bringing these projects together, it provides so many insights. So when you're trying to figure out, there's some breaking change that has been made, but you don't necessarily know where it is because you have a lot of microservices that are out there. You have a lot of teams working on it. By bringing all of these things together, we're able to look at all of the commits, all of the deployments, all of the Jira issues. All of these components combined together, so you really get a single view where you can see everything that's going on. And this is another element where when you're trying to deploy software at scale, you're trying to deliver it faster. People are getting a little bit overwhelmed because there are so many updates and so many different services and so many teams working that they're starting to miss that visibility. So this is what we want to bring into the ecosystem is we really want them that visibility to be super clear. And by bringing all of the Argo components, the Argo tools together, we're able to do that in a single dashboard. >> Yeah, so if I get this right, let me just double click on that because it sounds like, yeah, Argo's great. It's been organically growing, a lot of different components to it, but when you start getting into pushing code in an organization, you have, I call the old-school version control kind of vibe going on where it's like you don't know what's out there and how that affects the system as it's a distributed system, which cloud is. There are consequences when stuff breaks. So we all know that. Is that kind of where you guys are getting at? The challenge is actually the opportunity at the same time where it's all goodness, but then when you start looking at scale and the system impact, is that kind of where the open source and you guys pick up, is that right? >> This is one aspect. I think the second one is that again, when you look at each individual component of Argo, each provide a lot of value by itself. But when you sum it, the value of the sum is greater than the value of the individual. So when you're taking, really the events and workflow, Argo CD and Argo Rollout, and you bring them all together into single runtime. The value of its time is really automation all the way from code to cloud. It's not breaking into, there is like an automation for CI, there's an automation for CD, there's information for progressive delivery. It's actually automated all the way from the Git commit through the GitOps through the deployment strategy, and so on. And being able to monitor it and scale it in the enterprise scale. So, of course, it's helping enterprise and make Argo to some level more crucial for enterprise, if I may say, but second is really bringing all of these components together and get the outcome be greater than the individual parts. >> Yeah, that's a good point. Yeah, make it make a commercial grade, if you will, for enterprise who wants to have support and consistency and whatnot. What other problems are you solving? Dan, can you chime in on the whole, how you guys resolve some of these challenges for the enterprise? Because, again, some stability is key as well, but also the business benefit has got to be there for the development teams. >> Yeah. So there's several. One aspect is that the way that most people operate today is they essentially do a bunch of commands and engage with systems. And then hopefully at the end, they write those things to Git. And this is a little bit backwards if you think about it because there's a situation where you can end up with things in production that were never checked in, or maybe somebody is operating and they're making a change. If we look at most of the downtime that's occurred over the last two years, it's because people have flubbed a key when they were typing in a command or something like that. The way that this system works is that we provide an interface, both the CLI and the GUI, where those operations interactions actually end with a Git commit. So rather than doing an operation and then hopefully committing to Git, most of the operations are actually done first in Git, or if there is something that can't be done first in Git, it's maybe bootstrapped and then committed to Git as part of a single command. So this means you have end-to-end traceability. It also means your auditability is way better. And then the second, the other component that we're adding is that security and scale layer. So we are securing these things, we're building in single sign-on, and all those robust security things you would expect to have across all these instances. So many organizations, when they're building their software delivery tools, they have to deploy instances in many locations. And so this is how you end up with companies that have 5,000 instances that are all out of date and insecure. Well with Codefresh, if you need to deploy a component onto this end cluster or something like that, you may have thousands of them. All of those are monitored and taken care of in a centralized way, so I can do all of my updates at once. I can make sure they're all up to date. I'm not running with a bunch of known CVEs or something like that and it's clear. The components are also designed in an architectural way. So that only the information that is needed is ever passed out. So I can have a cluster that is remotely managed, that checks out code, that the control plane never has access to. So this hybrid model has been really popular with our customers. We have customers in healthcare, we have customers in defense and in financial services, all these regulated industries. The flow of information is really critical. So this hybrid model allows you to deploy something that has the ease of a SaaS solution, but has the security of an on-prem solution while being centrally managed and easy to take care of. >> Yeah, it's a platform. It's what it is. It's not a tool. It's not a tool anymore. It's a platform. >> Exactly. >> I think the foundational aspect of this is critical. And you mentioned automation before. If you're going to go end-to-end automation, you have some stuff in the system that whether it hasn't been checked in yet. I mean, we know what this leads to. Disaster or a lot of troubleshooting and disruption. That's what it seems to solve. Am I getting that right? Is that right? >> Yeah. >> Go ahead. >> Yeah, it helps automate the whole process. But as you say, it's really like identify what needs not to be going all the way to production and really kind of avoid vulnerabilities or any flaws in the software. So it automates everything, but in a way that the automation can identify issues and avoid them from coming into the production. >> Well, great stuff here. I've got to ask you guys now that you've got that settled. It's really, I see the value there, how you guys are letting it grow organically and with Argo and then building that platform for businesses and developers. It's really cool. And I see the foundational value there. It just only gets better. How you guys contributing back to open source and helping the wider GitOps and Argo communities? Because this is, again, the rising tide that's bringing all the boats into the harbor, so to speak. So this is a good trend and people will acknowledge that. So how's this going to work as you guys work back into the open source community? >> So we work closely with both myself and the other maintainers worked closely with the community on the roadmap and making sure that we're addressing issues. I think if you look in the last quarter, we probably have upwards of 40 or 50 different issues that we've solved in terms of fixing a bug or adding features or things like that. So making sure that these tools, which are really the undergirding components of our platform, they have to be really robust. They have to be really strong. And so we're contributing those things back. And then when it comes to the scalability side, these are things that we can build into the platform. So the value should be really clear. I can deploy this, I can manage it myself, I can build tools on top of it. And if I want to start doing it at scale, maybe I want support. That's when I really am going to go to Codefresh and start saying, let's get the enterprise little platform. >> Awesome. GitOps, a lot of people like some naysayers may say, Hey, it's the latest fad. Is it here to stay? We were talking about big code earlier. GitOps, obviously seeing open source. Just every year, just get better and better and growth. I mean, I remember when I was breaking into the business, you have to sell under the table. Now it's all free and open and getting better every year. Just the growth of code. Is GitOps a fad? How do you talk to people who say that? I mean, besides slapping around saying wake up. I mean, how do you guys address that when people say it's just the latest fad? >> So if I may comment here and Dan feel free to chime in, I think that the GitOps is a continuation of a trend that everything is a source code. As a developer, many years ago myself and still writing code, always both code and code was the source of tool that's where we write the code. But now code actually is also describing how our application is running in production. And we've already seen kind of where it's get next. We also hear about infrastructure as a code. So now actually we storing the code the way the infrastructure should be. And I think that the benefit of storing all this configuration in a source code, which has been built to track changes, to be enabled to roll back, that is just going to be here to stay. And I think that's the new way of doing things. >> All right, gentlemen, great. Closing statements. Please share an update on the company. What it's all about? What event you got coming? I know you got a big launch. Can you take us through? Take us home. >> Join on February 1st, we're going to be launching the Codefresh software delivery platform. Raziel and I will be hosting the event. We've got a number of customers, a number of members of the community who are going to be joining us to show off that platform. So you're going to be able to see it in action, see how the features work, and understand the value of it. And you'll see how it works with GitOps. You'll see how it helps you deliver software at scale. That's February 1st. You can get information at codefresh.io. >> Raziel, Dan, thanks for coming on. >> Thank you. >> Pretty good showcase. Thanks for sharing. Congratulations. Great venture. Loved the approach. Love the growth in cloud native and you guys sure on the cutting edge. Fresh code, people love fresh code, codefresh.io. Thanks for coming on. >> Thank you. Thank you. >> Okay, this is the AWS Startup Showcase Open Cloud Innovations. Cloud scale, software, data. That's the future of modern applications being developed, changing the game to the next level. This is the CUBE's coverage season two episode one of the ongoing AWS Startup series here in theCUBE.

>>Hello everyone. And welcome to the cubes presentation of the AWS startup showcase open cloud innovations. This is season two episode one of our showcase ongoing series. We're covering very exciting startups from the AWS ecosystem. And we're going to be talking about the open source community. I'm your host, Lisa Martin. And today I'm excited to be joined by Robbie, Myra, the head of product and partner marketing at sneak. Robbie's here to talk with me about developer security for your digital transformation. Robbie, it's great to have you on the cube. >>Thanks Lisa. Nice to be here. >>So talk to me about what's going on in developer land. They're under a lot of pressure. A lot of them are building apps with open source, but what does sneak seeing from the developers lens >>From the developer's lens? There's a lot of pressure to build fast and that's probably the biggest challenge, right? We're in a world of digital transformation where everybody's trying to compete no matter what industry you're in, right on the technology and on the quality of your software or the capabilities of your software, which puts a lot of pressure on developers to build fast. That causes them to do a few things. One, it causes them to build, to develop in a way where they're doing constant iteration and so models that would have enabled a security check to come in at the end, aren't working anymore because they don't have time for those security checks. And it also causes them to do a good thing, which is to leverage other people's code when they can like open source. So they can just focus on, on their own functionality. And that's true, whether they're building new functionality or modernizing legacy applications by moving them to the cloud. >>So it's a high percentage of, of app code 80 to 90% is open source. Then that opens up. Talk to me about w where the vulnerabilities are and how you guys help customers and developers address that. >>Yeah, the vulnerabilities can be anywhere, but the key is that that point, right? If you're using open source in a typical application, 80 to 90 plus percent of the lines of code in that application are going to be open source code, their code. Somebody else wrote that you don't have a direct relationship with, and yet you own the risk that whatever they may have, whatever vulnerabilities may be in their code, you now own that risk. So what we're trying to do with sneakers, trying to do is enable developers to leverage open source, but do that securely. And then we also help them with the 10% that they rent as well, and, and do that all in one really easy environment for a developer that fits into their workflow and into their daily life. >>So security should shift left. I've had the chance to talk with a couple of, do you call them sneakers sneakers? Oh, you do a couple of sneakers recently. We've talked about security shifting lab. That's not a new concept, but I'd love to dig in more to how sneak and AWS do that. And I'm also curious if what you're doing helps. We've talked about the cybersecurity skills got for a long time. Now, just what you guys do, help address that >>It does because it's really leveraging a resource that, that is there, right? There's the number of developers worldwide is growing from, depending on who you believe for these numbers and their estimated numbers, right? But 25 million to 50 million over roughly a five-year period that's already started. So we're somewhere in the 30 now, right? Meanwhile, the security jobs, there's something like 9 million cyber security people in the world, and that's all cyber security roles. It's a much shorter, a smaller chunk that are application security folks. And there's three and a half million unfilled cybersecurity roles. So you can't get cyber security people and keep using the current model you're using. But just scale it linearly, you have to change things. And sneaks belief is the way you change things is you have the developers be part of your security solution, which means they need to have the ability to not only develop, but to develop securely. And that's our concept of developer security. We build tools and a platform that enables developers to be the first part of the security solution and enable security teams rather than individually auditing and fixing things to develop a process, govern the process, guide the development teams, but let the developers own that first step of security. And that's really how you solve that scale problem. >>When you're talking with customers, is this kind of a better together scenario, developers and security folks? Are you helping them align culturally because this is a change? >>Absolutely. I think one of the biggest misconceptions out there is that there's a tension between security and development. And I think that's because organizationally there might be right. Security is responsible for risk and developers responsible for speed of innovation and the faster you innovate, potentially there's more risk. So there might be some organizational tension, but at the human level, people understand each other, they understand the pressures that the other one's going through. They just don't have an easy way to work together. And if you can help them get that, then they, it really takes off it. The relationships form they'll build human to human programs like security champion programs and things to, to integrate the teams because they're both going after the same goal, both sides want to build awesome technology and grow in whatever market they're in. >>Right. And of course, with the need to do that at today's markets speed and scale is a great thing that you guys are doing to facilitate that collaboration. And of course the security let's kind of take a double-click now into the different integrations that sneek has with AWS services. I know there's quite a few, >>There's quite a few. The biggest one, probably the easiest one for the integrations is the native integration that we have with code pipeline. So it makes it easy for developers as they're finishing their builds and deploying to have an automatic security check that comes in, understands if there's things that need to be fixed before this really should be released, and then they can fix it and go forward. But we integrate across with our API across a lot of other services, ECR EKS code builder, so that wherever the developer is working, there's a way for us to integrate with them as they're building across their AWS development process. >>Okay. So giving them plenty of opportunity, let's dig into the platform. Talk to me about the platform, how it's really aimed at developers. You alluded to this a little bit, but I'd like to kind of take a double-click into the technology. >>Sure. That the platform, it, part of it is that idea of it we've wrapped it all as a developer tool. But the thing that makes sneak unique in this is not only we have the idea that we wanted to shift left in time, but we wanted to shift left in ownership. So the developers are primary user and we built a tool that is a developer tool that happens to do security. And we've extended that tool into a platform by enabling it to connect into the developers tools, sharing information, across different elements of what it securing. So for example, the open source that we're scanning for you and testing to find for vulnerabilities, we're also looking at the vulnerabilities in your code and where they may overlap or intersect. We can adjust priorities so that you might not need to fix something. Let's say you're using an open source, vulnerable, a package that has a vulnerability, but your code is never going to access that you don't need to fix it. >>So you can prioritize that one lower, right? Same thing with Kubernetes and containers. You may have a container vulnerability, but the way you're going to leverage the container that won't be used so we can adjust the priority to make it easy for the developer. And that's the other big thing that's different about a developer security platform than a typical security tool. A typical security tool is an audit tool it's designed to output. Here are all the things you have a problem with a developer security tool is a fixing tool. It's just defined as a, here are the problems you have developed with here's how you fix it and go back to building on that. That prioritization is a big part of that, because you can say, here's what you don't need to worry about. And then you can focus the rest of your energy on helping developers fix the problem either by giving them really good advice or automating it for them and saying, Hey, here's a button click that will generate a pull request. And your problem is this fixed. >>It must go a long way to improving developer productivity, one facilitating that speed and the agility with which they need to work, but also from a developer kind of crowd sourcing, crowd swell perspective. I imagine, talk to me about what some of the voices are, the developers that are in your community. What are some of the things that they're saying in terms of how much faster they're able to work, they're able to get those priorities established with automation so much faster? >>Well, that's the biggest thing. Is there a, the productivity gain happens because of the benefit of shift left, right? You're testing earlier. You're finding it at an earlier time when it's easier to fix, but that's because they're the ones doing it, right. If they're waiting to hand off to an auto report and then it comes back, even if somebody is, is giving them them audit faster, it's still after they've moved on. And the other way people try to solve it as well. They'll say, well, I'll take a security tool then to hand it to the developer and they can run it. But so developers are not security experts. So the tool needs to understand what they know and what they don't know, and, and working in an upload. And that's what developers generally say to us because sneak makes it easy to work, but also focuses on the fix and helps them guide them to that, to that answer. Then they're able to go much faster when we're evaluated by companies who are looking for a security solution. If the developers get involved in that evaluation, they'll choose sneak. >>So I'm curious a little bit about as, as the head of product marketing, I'm thinking customer advisory boards, things like that. What's the collaboration like between sneak and the developers to really tune and push the technology forward. I imagine it's quite collaborative, >>Quite collaborative and it's across a lot of, of spectrum. So we do have a customer advisory board and that's generally leaders, right? That's either security leaders or development leaders or operations leaders who are in that advisory board. And they're giving us input on things they need for program-wide governance or program wide adoption. We also have a developer community where we're talking directly to developers and that's where we get a lot of, Hey, here's how I could use this better as a developer. And that guides where we focus features that help developers work better, whether it's integrations with our IDs or whether it's the way we present information, help them prioritize. And then the third part is we have a lot of people using the tool because it has a free model, right? We're as a developer tool, we have a freemium model. There's a level of sneak that developers can use that they don't need to pay for. That's not a temporary trial, it's forever. If you want to use it at that level and we can observe what they're doing. So that observability gives us another insight into where folks get challenged run into, to struggles. And then we can look to address those in our roadmap as well. So, so all of that together really helps us drive the product forward. >>What is the perspective from the analyst view? You talked a little bit about the perspective from the customer. We'll get into a customer story in a bit, but I'd love to know what are the gardeners saying? >>Well, Gardner especially put us, we debuted in their magic quadrant for application security last year. And we did David as a visionary and sort of the highest part of the visionary quadrant you could get in before you crossed over into leader, which is kind of unheard of for a first time into the, into the quadrant. And the main reason for that is that they have built the way those, those magic quadrants are built is they have key capabilities and then they score companies against key capabilities and they weight those capabilities, you know, by order of importance. And Gardner has started to put some of this notion of developer security and cross cloud native application security into those key capabilities. And those tend to align really well with what sneakers. So they have a, for example, a software composition, which is sort of open source security analysis, where first, w w w where the top ranking in that, where the top ranking and container security, where the top ranking and developer enablement. So that's pulling us, they are so-so Gardner and the analyst community is seeing this same demand coming from their customers. And that's really aligning to where our vision is. >>And in terms of kind of propelling that vision forward, the voice of the customer, the voice of the analyst, aligning with what you guys are doing to kind of lead the vision going forward. I want to get into some of the intelligence before we kind of break into a customer example. Talk to me a little bit about snakes security intelligence, what the key capabilities are, and some customers that are leveraging it. Sure. >>The biggest thing is with all the developer tool wrapping that needs to be in this product than it is a developer tool. It's got a developers heart, but it has to have a security brain because it still is a security tool. There are some developer tools. We try to have little check the box capabilities of security and they'll crowdsource for vulnerabilities potentially. But if you're doing this, you need to make sure that all the vulnerabilities that could be found are in the database to be able to be found that the database is comprehensive, that it's timely. They get in very quickly that it's accurate. You don't waste time on false positives because that will turn developers off faster than anything. And that it's actionable. So when it does find something, it helps you go forward with it. And that's where sneaks really focused on. So we collect data from multiple public sources. >>We also have a fairly large proprietary research team that curates that information determines what needs to go in. Sometimes we'll adjust priorities. And we also get a lot of contributions from other sources like community contributions. Again, that big free user base of ours is giving us input academia. Open source groups are also in their social media trends. So if we see something trending on Twitter, then that'll not only get it into the database, but it'll drive prioritization. And that's a big part of what's in sneak Intel, which is the name we use for our vulnerability database. We also have a machine learning algorithm. That's constantly looking at all the code in public, in public applications and repositories. And we use that to train for our own proprietary code testing tool, but it also just gets a lot of it finds things there as well. So it brings a really good source of information that helps people make sure you're finding the vulnerabilities, you're prioritizing them correctly and fixing them. And so Amazon's one who is the, you know, one of the folks that using that tool where one of the primary sources of, of Amazon inspector for open source vulnerabilities, as well as a bunch of other security companies like rapid seven tenable and, and others. >>One of the things I was reading from, I'm always kind of looking at the differentiators and I'm sure you are as the head of product marketing and partner marketing, but it sounds like the database can, is, is a key differentiator finding vulnerabilities up to what is it? 46 days faster than competitors. >>Yeah. I mean, faster than especially public sources, which are the easier ones to, to know how you're doing against, but that's a big part of us. So when I talked about those categories, that's really what we measure ourselves against. How are we doing in terms of comprehensive? Do we have the vulnerabilities that we should have? So we have over four times the number of vulnerabilities as the next largest publicly available database, we find them faster, so timely. So that's at 46 days getting it in faster or faster than other public sources, they get into our solution and then accuracy. Again, we, it's not a stat we can test because you can't test it just from the database. You have to run the tools of our, of others in this space. And we don't have those, but making sure that you're not hitting a lot of false positives is a big part of it as well. >>Got it. Okay. And we only have a couple minutes left, but there's two more areas that I want to dig into with you just crack crack. The surface one is log four, shallow was reading. Snake says this. We were the perfect solution at the perfect time. Unpack that for me in the next minute or so. >>Yeah. And that's a bit, and it kind of wraps back to what we were talking about earlier. Everybody's using open source. If you're in the Java world, a lot of folks had logged for shell and we're using lock for shell for logging as a part of their, as a part of their applications. And so a lot of our customers, I think it was over 30%, 36% of our paying customers had the vulnerability. And you would only have the vulnerability of your Java. So it's a very large percentage of our Java using my customers had the vulnerability, but because they were using sneak, they were able, once we put it in the database, which we did the day, it was disclosed, they were able to find it and fix it very quickly. So 91% of our customers fixed that vulnerability in just two days, 98%, because this was a rolling thunder event, right. There was a vulnerability. And then there was a second vulnerability in the, in the fix. And then there was a vulnerability, even in the fix of that. So the second vulnerability that came out because everybody had been ready for it from the first time 98% picks within two days. Whereas the median number of days to generally fix a vulnerability is over two months. So really fast addressing the solution. >>So those are really impressive. And speaking of stats, I wanted to get into just really quickly a case study that really shows that lasting is one of your customer. One of your many customers, big developer community there about 3,500 developers. Give me some kind of the high level of business outcomes that at Lasagne is, is, is achieving thanks to sneaky. >>Yeah. I mean the biggest one is that almost 99% of their applications are deployed in containers. So being able to have the containers tested for vulnerabilities as they're being deployed before they're being deployed is huge for them to reduce the risk of a vulnerability. They, they had a 65% reduction in high severity container volumes a few months after using sneak across all those developers, which really reduces your, your risk profile of your, of your cloud native applications. They're obviously a big AWS user as well. So, so for them, that was the big thing. And again, it goes to that scale, right? They've got 3 3500 developers, more than 3,500 developers. If you try to go through the security team and have the security team fixing all those things, you'll just never catch up. >>Got it. Last question. Where can I get this available through the AWS market prays marketplace? You mentioned the freemium model, give folks kind of a direction on where to go. >>Yeah. So I would say if you are a, if you're someone in the security team, if you're a buyer, the AWS marketplace is a great place to go because you can probably leverage your existing spend commits with AWS. It's easy to purchase, easy billing, et cetera. If you're a developer, then there is this free version where you might go and just start using it and get comfort for it. And if you are a buyer, talk to your developers because there's a pretty good chance. Someone in your company, that's a developer is already using. Sneak will be comfortable with it. These solutions are only successful. If the developers actually use it, you can't shift left unless the developers pick it up and use it. So using the one that developers are already using is probably a good idea. >>Awesome. Robbie, this has been a great conversation, so much momentum at snake. You're the third sneaker I'd gotten to speak to you in the last month and I have, it's pretty exciting, but thanks for walking us through the technology, the capabilities, the differentiators, the voice of the customer, the voice of the analyst, we appreciate your insights and your time. And we look forward to next time we talk to you. >>Terrific. Lisa, I look forward to it as well, but there's a lot more Smith sneakers to go through before you get back to me again. I guess >>I look forward to adding to my repertoire of sneaker interviews, Ravi. Thanks so much. Thank you for Ravi Myra. I'm Lisa Martin. You're watching this cube interview as part of the AWS startup showcase. Stick around more great content coming up next.

>>Welcoming into the cubes presentation of AWS startup showcase open cloud innovations. This is season two episode one of the ongoing series covering exciting hot startups from the AWS ecosystem. Today's episode. One of season two theme is open source community and the open cloud innovations. I'm your host, John farrier of the cube. And today we're excited to be joined by Loris Dajani who is the C T O chief technology officer and founder of cystic found that in his backyard with some wine and beer. Great to see you. We're here to talk about Falco finding cloud threats in real time. Thank you for joining us, Laura. Thanks. Good to see you >>Love that your company was founded in your backyard. Classic startup story. You have been growing very, very fast. And the key point of the showcase is to talk about the startups that are making a difference and, and that are winning and doing well. You guys have done extremely well with your business. Congratulations, but thank you. The big theme is security and as organizations have moved their business critical applications to the cloud, the attackers have followed. This is Billy important in the industry. You guys are in the middle of this. What's your view on this? What's your take? What's your reaction? >>Yeah. As we, as a end ecosystem are moving to the cloud as more and more, we are developing cloud native applications. We relying on CACD. We are relying on orchestrations in containers. Security is becoming more and more important. And I would say more and more complex. I mean, we're reading every day in the news about attacks about data leaks and so on. There's rarely a day when there's nothing major happening and that we can see the press from this point of view. And definitely things are evolving. Things are changing in the cloud. In for example, Cisco just released a cloud native security and usage report a few days ago. And the mundane things that we found among our user base, for example, 60, 66% of containers are running as rude. So still many organizations adopting a relatively relaxed way to deploy their applications. Not because they like doing it, but because it tends to be, you know, easier and a little bit with a little bit less ration. >>We also found that that 27% of users unnecessary route access in the 73% of the cloud accounts, public has three buckets. This is all stuff that is all good, but can generate consequences when you make a mistake, like typically, you know, your data leaks, no, because of super sophisticated attacks, but because somebody in your organization forgets maybe some data on it on a public history bucket, or because some credentials that are not restrictive enough, maybe are leaked to another team member or, or, or a Gita, you know, repository or something like that. So is infrastructures and the software becomes a let's a more sophisticated and more automated. There's also at the same time, more risks and opportunities for misconfigurations that then tend to be, you know, very often the sewers of, of issues in the cloud. >>Yeah, those self-inflicted wounds definitely come up. We've seen people leaving S3 buckets open, you know, it's user error, but, you know, w w those are small little things that get taken care of pretty quickly. That's just hygiene. It's just discipline. You know, most of the sophisticated enterprises are moving way past that, but now they're adopting more cloud native, right. And as they get into the critical apps, securing them has been challenging. We've talked to many CEOs and CSOs, and they say that to us. Yeah. It's very challenging, but we're on it. I have to ask you, what should people worry about when secure in the cloud, because they know is challenging, then they'll have the opportunity on the other side, what are they worried about? What do you see people scared of or addressing, or what should I be worried about when securing the cloud? >>Yeah, definitely. Sometimes when I'm talking about the security, I like to compare, you know, the old data center in that the old monolithic applications to a castle, you know, in middle aged castle. So what, what did you do to protect your castle? You used to build very thick walls around it, and then a small entrance and be very careful about the entrance, you know, protect the entrance very well. So what we used to doing that, that data center was protect everything, you know, the, the whole perimeter in a very aggressive way with firewalls and making sure that there was only a very narrow entrance to our data center. And, you know, as much as possible, like active security there, like firewalls or this kind of stuff. Now we're in the cloud. Now, it's everything. Everything is much more diffused, right? Our users, our customers are coming from all over the planet, every country, every geography, every time, but also our internal team is coming from everywhere because they're all accessing a cloud environment. >>You know, they often from home for different offices, again, from every different geography, every different country. So in this configuration, the metaphor data that they like to use is an amusement park, right? You have a big area with many important things inside in the users and operators that are coming from different dangerous is that you cannot really block, you know, you need to let everything come in and in operate together in these kinds of environment, the traditional protection is not really effective. It's overwhelming. And it doesn't really serve the purpose that we need. We cannot build a giant water under our amusement park. We need people to come in. So what we're finding is that understanding, getting visibility and doing, if you Rheodyne is much more important. So it's more like we need to replace the big walls with a granular network of security cameras that allow us to see what's happening in the, in the different areas of our amusement park. And we need to be able to do that in a way that is real time and allows us to react in a smart way as things happen because in the modern world of cloud five minutes of delay in understanding that something is wrong, mean that you're ready being, you know, attacked and your data's already being >>Well. I also love the analogy of the amusement park. And of course, certain rides, you need to be a certain height to ride the rollercoaster that I guess, that's it credentials or security credentials, as we say, but in all seriousness, the perimeter is dead. We all know that also moats were relied upon as well in the old days, you know, you secure the firewall, nothing comes in, goes out, and then once you're in, you don't know what's going on. Now that's flipped. There's no walls, there's no moats everyone's in. And so you're saying this kind of security camera kind of model is key. So again, this topic here is securing real time. Yeah. How do you do that? Because it's happening so fast. It's moving. There's a lot of movement. It's not at rest there's data moving around fast. What's the secret sauce to making real identifying real-time threats in an enterprise. >>Yeah. And in, in our opinion, there are some key ingredients. One is a granularity, right? You cannot really understand the threats in your amusement park. If you're just watching these from, from a satellite picture. So you need to be there. You need to be granular. You need to be located in the, in the areas where stuff happens. This means, for example, in, in security for the clowning in runtime, security is important to whoever your sensors that are distributed, that are able to observe every single end point. Not only that, but you also need to look at the infrastructure, right? From this point of view, cloud providers like Amazon, for example, offer nice facilities. Like for example, there's CloudTrail in AWS that collects in a nice opinionated consistent way, the data that is coming from multiple cloud services. So it's important from one point of view, to go deep into, into the endpoint, into the processes, into what's executing, but also collect his information like the cultural information and being able to correlate it to there's no full security without covering all of the basics. >>So a security is a matter of both granularity and being able to go deep and understanding what every single item does, but also being able to go abroad and collect the right data, the right data sources and correlated. And then the real time is really critical. So decisions need to be taken as the data comes in. So the streaming nature of security engines is becoming more and more important. So the step one of course, security, especially cost security, posture management was very much let's ball. Once in a while, let's, let's involve the API and see what's happening. This is still important. Of course, you know, you need to have the basics covered, but more and more, the paradigm needs to change to, okay, the data is coming in second by second, instead of asking for the data manually, once in a while, second by second, there's the moment it arrives. You need to be able to detect, correlate, take decisions. And so, you know, machine learning is very important. Automation is very important. The rules that are coming from the community on a daily basis are, are very important. >>Let me ask you a question, cause I love this topic because it's a data problem at the same time. There's some network action going on. I love this idea of no perimeter. You're going to be monitoring anything, but there's been trade offs in the past, overhead involved, whether you're monitoring or putting probes in the network or the different, there's all kinds of different approaches. How does the new technology with cloud and machine learning change the dynamics of the kinds of approaches? Because it's kind of not old tech, but you the same similar concepts to network management, other things, what what's going on now that's different and what makes this possible today? >>Yeah, I think from the friction point of view, which is one very important topic here. So this needs to be deployed efficiently and easily in this transparency, transparent as possible, everywhere, everywhere to avoid blind spots and making sure that everything is scheduled in front. His point of view, it's very important to integrate with the orchestration is very important to make use of all of the facilities that Amazon provides in the it's very important to have a system that is deployed automatically and not manually. That is in particular, the only to avoid blind spots because it's manual deployment is employed. Somebody would forget, you know, to deploy where somewhere where it's important. And then from the performance point of view, very much, for example, with Falco, you know, our open source front-end security engine, we really took key design decisions at the beginning to make sure that the engine would be able to support in Paris, millions of events per second, with minimal overhead. >>You know, they're barely measure measurable overhead. When you want to design something like that, you know, that you need to accept some kind of trade-offs. You need to know that you need to maybe limit a little bit this expressiveness, you know, or what can be done, but ease of deployment and performance were more important goals here. And you know, it's not uncommon for us is Dave to have users of Farco or commercial customers that they have tens of thousands, hundreds of thousands of machines. You know, I said two machines and sometimes millions of containers. And in these environments, lightweight is key. You want death, but you want overhead to be really meaningful and >>Okay, so a amusement park, a lot of diverse applications. So integration, I get that orchestration brings back the Kubernetes angle a little bit and Falco and per overhead and performance cloud scale. So all these things are working in favor. If I get that right, is that, am I getting that right? You get the cloud scale, you get the integration and open. >>Yeah, exactly. Any like ingredients over SEP, you know, and that, and with these ingredients, it's possible to bake a, a recipe to, to have a plate better, can be more usable, more effective and more efficient. That may be the place that we're doing in the previous direction. >>Oh, so I've got to ask you about Falco because it's come up a lot. We talked about it on our cube conversations already on the internet. Check that out. And a great conversation there. You guys have close to 40 million plus million downloads of, of this. You have also 80 was far gate integration, so six, some significant traction. What does this mean? I mean, what is it telling us? Why is this successful? What are people doing with Falco? I see this as a leading indicator, and I know you guys were sponsoring the project, so congratulations and propelled your business, but there's something going on here. What does this as a leading indicator of? >>Yeah. And for, for the audience, Falco is the runtime security tool of the cloud native generation such. And so when we, the Falco, we were inspired by previous generation, for example, network intrusion detection, system tools, and a post protection tools and so on. But we created essentially a unique tool that would really be designed for the modern paradigm of containers, cloud CIC, and salt and Falco essentially is able to collect a bunch of brainer information from your applications that are running in the cloud and is a religion that is based on policies that are driven by the community, essentially that allow you to detect misconfigurations attacks and normals conditions in your cloud, in your cloud applications. Recently, we announced that the extension of Falco to support a cloud infrastructure and time security by parsing cloud logs, like cloud trail and so on. So now Falba can be used at the same time to protect the workloads that are running in virtual machines or containers. >>And also the cloud infrastructure to give the audience a couple of examples, focused, able to detect if somebody is running a shelf in a radius container, or if somebody is downloading a sensitive by, from an S3 bucket, all of these in real time with Falco, we decided to go really with CR study. This is Degas was one of the team members that started it, but we decided to go to the community right away, because this is one other ingredient. We are talking about the ingredients before, and there's not a successful modern security tool without being able to leverage the community and empower the community to contribute to it, to use it, to validate and so on. And that's also why we contributed Falco to the cloud native computing foundation. So that Falco is a CNCF tool and is blessed by many organizations. We are also partnering with many companies, including Amazon. Last year, we released that far gate support for Falco. And that was done is a project that was done in cooperation with Amazon, so that we could have strong runtime security for the containers that are running in. >>Well, I've got to say, first of all, congratulations. And I think that's a bold move to donate or not donate contribute to the open source community because you're enabling a lot of people to do great things. And some people might be scared. They think they might be foreclosing and beneficial in the future, but in the reality, that is the new business model open source. So I think that's worth calling out and congratulations. This is the new commercial open source paradigm. And it kind of leads into my last question, which is why is security well-positioned to benefit from open source besides the fact that the new model of getting people enabled and getting scale and getting standards like you're doing, makes everybody win. And again, that's a community model. That's not a proprietary approach. So again, source again, big part of this. Why was security benefit from opensource? >>I am a strong believer. I mean, we are in a better, we could say we are in a war, right? The good guys versus the bad guys. The internet is full of bad guys. And these bad guys are coordinated, are motivated, are sometimes we'll find it. And we'll equip. We win only if we fight this war as a community. So the old paradigm of vendors building their own Eva towers, you know, their own self-contained ecosystems and that the us as users as, as, as customers, every many different, you know, environments that don't communicate with each other, just doesn't take advantage of our capabilities. Our strength is as a community. So we are much stronger against the big guys and we have a much better chance doing when this war, if we adopt a paradigm that allows us to work together. Think only about for example, I don't know, companies any to train, you know, the workforce on the security best practices on the security tools. >>It's much better to standardize on something, build the stack that is accepted by everybody and tell it can focus on learning the stack and becoming a master of the steak rounded rather than every single organization naming the different tool. And, and then B it's very hard to attract talent and to have the right, you know, people that can help you with, with your issues in, in, in, in, in, with your goals. So the future of security is going to be open source. I'm a strong believer in that, and we'll see more and more examples like Falco of initiatives that really start with, with the community and for the community. >>Like we always say an open, open winds, always turn the lights on, put the code out there. And I think, I think the community model is winning. Congratulations, Loris Dajani CTO and founder of SIS dig congratulatory success. And thank you for coming on the cube for the ADB startup showcase open cloud innovations. Thanks for coming on. Okay. Is the cube stay with us all day long every day with the cube, check us out the cube.net. I'm John furrier. Thanks for watching.

(upbeat music) >> Welcome to the AWS start up showcase, theCUBE's premiere platform and show. This is our second season, episode one of this program. I'm Lisa Martin, your host here with two guests here to talk about open source. Please welcome Andrew Backes, the VP of engineering at Armory, and one of our alumni, Ian Delahorne, the staff site, reliability engineer at Patreon. Guys, it's great to have you on the program. >> Thank you. >> Good to be back. >> We're going to dig into a whole bunch of stuff here in the next fast paced, 15 minutes. But Andrew, let's go ahead and start with you. Give the audience an overview of Armory, who you guys are, what you do. >> I'd love to. So Armory was founded in 2016 with the vision to help companies unlock innovation through software. And what we're focusing on right now is, helping those companies and make software delivery, continuous, collaborative, scalable, and safe. >> Got it, those are all very important things. Ian help the audience, if anyone isn't familiar with Patreon, it's a very cool platform. Talk to us a little bit about that Ian. >> Absolutely, Patreon is a membership platform for creators to be able to connect with their fans and for fans to be able to subscribe to their favorite creators and help creators get paid and have them earn a living with, just by being connected straight to their audience. >> Very cool, creators like podcasters, even journalists video content writers. >> Absolutely. There's so many, there's everything from like you said, journalists, YouTubers, photographers, 3D modelers. We have a nightclub that's on there, there's several theater groups on there. There's a lot of different creators. I keep discovering new ones every day. >> I like that, I got to check that out, very cool. So Andrew, let's go to your, we talk about enterprise scale and I'm using air quotes here. 'Cause it's a phrase that we use in every conversation in the tech industry, right? Scalability is key. Talk to us about what enterprise scale actually means from Armory's perspective. Why is it so critical? And how do you help enterprises to actually achieve it? >> Yeah, so the, I think a lot of the times when companies think about enterprise scale, they think about the volume of infrastructure, or volume of software that's running at any given time. There's also a few more things that go into that just beyond how many EC2 instances you're running or containers you're running. Also velocity, count how much time does it take you to get features out to your customers and then stability and reliability. Then of course, in enterprises, it isn't as simple as everyone deploying to the same targets. It isn't always just EC2, a lot of the time it's going to be multiple targets, EC2, it's going to be ECS, Lambda. All of these workloads are out there running. And how does a central platform team or a tooling team at a site enable that for users, enable deployment capabilities to those targets? Then of course, on top of that, there's going to be site specific technologies. And how do, how does your deployment tooling integrate with those site specific technologies? >> Is, Andrew is enterprise scale now even more important given the very transformative events, we've seen the last two years? We've seen such acceleration, cloud adoption, digital transformation, really becoming a necessity for businesses to stay alive. Do you think that, that skill now is even more important? >> Definitely, definitely. The, what we see, we've went through a wave of the, the first set of digital transformations, where companies are moving to the cloud and we know that's accelerating quite a bit. So that scale is all moving to the cloud and the amount of multiple targets that are being deployed to at any given moment, they just keep increasing. So that is a concern that companies need to address. >> Let's talk about the value, but we're going to just Spinnaker here in the deployment. But also let's start Andrew with the value that, Armory delivers on top of Spinnaker. What makes this a best of breed solution? >> Yeah, so on top of open-source Spinnaker, there are a lot of other building blocks that you're going to need to deploy at scale. So you're going to need to be able to provide modules or some way of giving your users a reusable building block that is catered to your site. So that is one of the big areas that Armory focuses on, is how can we provide building blocks on top of open source Spinnaker that sites can use to tailor the solution to their needs. >> Got it, tailor it to their needs. Ian let's bring you back into the conversation. Now, talk to us about the business seeds, the compelling event that led Patreon to choose Spinnaker on top of Armory. >> Absolutely. Almost three years ago, we had an outage which resulted in our payment processing slowed down. And that's something we definitely don't want to have happen because this would hinder creator's ability to get paid on time for them to be able to pay their employees, pay their rent, hold that hole, like everything that, everyone that depends on them. And there were many factors that went into this outage and one of them we identified is that it was very hard for us to, with our custom belt deploy tooling, to be able to easily deploy fast and to roll back if things went wrong. So I had used Spinnaker before to previous employer early on, and I knew that, that would be a tool that we could use to solve our problem. The problem was that the SRE team at Patreon at that time was only two people. So Spinnaker is a very complex product. I didn't have the engineering bandwidth to be able to, set up, deploy, manage it on my own. And I had happened to heard of Armory just that week before and was like, "This is the company that could probably help me solve my problems." So I engaged early on with Andrew and the team. And we migrated our customers deployed to, into Spinnaker and help stabilize our deploys and speed them up. >> So you were saying that the deployments were taking way too long before. And of course, as you mentioned from a payment processing perspective, that's people's livelihoods. So that's a pretty serious issue there. You found Armory a week into searching this seems like stuff went pretty quickly. >> And the week before the incident, they had randomly, the, one of the co-founders randomly reached out to me and was like, "We're doing this thing with Armory. You might be interested in this, we're doing this thing with Spinnaker, it's called Armory." And I kind of filed it away. And then they came fortuitous that we were able to use them, like just reach out to them like a week later. >> That is fortuitous, my goodness, what a good outreach and good timing there on Armory's part. And sticking with you a little bit, talk to us about what it is that the business challenges that Armory helps you to resolve? What is it about it that, that just makes you know this is the exact right solution for us? Obviously you talked about not going direct with Spinnaker as a very lean IT team. But what are some of the key business needs that it's solving? >> Yeah, there's several business things that we've been able to leverage Armory for. One of them as I mentioned, they, having a deployment platform that we know will give us, able deploys has been very important. There's been, they have a policy engine module that we use for making sure that certain environments can only be deployed to by certain individuals for compliance issues. We definitely, we use their pipelines as code module for being able to use, build, to build reusable deploy pipelines so that software engineers can easily integrate Spinnaker into their builds. Without having to know a lot about Spinnaker. There's like here, take these, take this pipeline module and add your variables into it, and you'll be off to the races deploying. So those are some of the value adds that Armory has been able to add on top of Spinnaker. On top of that, we use their managed products. So they have a team that's managing our Spinnaker installation, helping us with upgrades, helping up the issues, all that stuff that unlocks us to be able to focus on building our creators. Instead of focusing on operating Spinnaker. >> Andrew, back to you. Talk to me a little bit about as the VP of engineering, the partnership, the relationship that Armory has with Patreon and how symbiotic is it? How much are they helping you to develop the product that Armory is delivering to its customers? >> Yeah, one of the main things we want to make sure we do is help Patreon be successful. So that's, there are going to be some site specific needs there that we want to make sure that we are in tune with and that we're helping with, but really we view it as a partnership. So, Patreon has worked with us. Well, I can't believe it's been three years or kind of a little bit more now. But it's, it, we have had a lot of inner, a lot of feedback sessions, a lot of going back and forth on how we can improve our product to meet the needs of Patreon better. And then of course the wider market. So one thing that is neat about seeing a smaller team, SRE team that Ian is on, is they can depend on us more. They have less bandwidth with themselves to invest into their tooling. So that's the opportunity for us to provide those more mature building blocks to them. So that they can combine those in a way that makes them, that meets their needs and their business needs. >> And Ian, back to you, talk to me about how has the partnership with Armory? You said it's been almost three years now. How has that helped you do your job better as an SRE? What are some of the advantages of that, to that role? >> Yeah, absolutely. Armory has been a great partner to work with. We've used their expertise in helping to bring new features into the open-source Spinnaker. Especially when we decided that we wanted to not only deploy to EC2 instances, but we wanted to play to elastic container service and Lambdas to shift from our normal instance based deploys into the containerization. There were several warrants around the existing elastic container service deploy, and Lambda deploys that we were able to work with Armory and have them champion some changes inside open-source as well as their custom modules to help us be able to shift our displays to those targets. >> Got it. Andrew back over to you, talk to me, I want to walk through, you talked about from an enterprise scale perspective, some of the absolute critical components there. But I want to talk about what Armory has done to help customers like Patreon to address things like speed to market, customer satisfaction as Ian was talking about, the compelling event was payment processing. A lot of content creators could have been in trouble there. Talk to, walk me through how you're actually solving those key challenges that not just Patreon is facing, but enterprises across industries. >> Yeah, of course, so the, talking to specifically to what brought Ian in was, a problem that they needed to fix inside of their system. So when you are rolling out a change like that, you want it to be fast. You want to get that chain, change out very quickly, but you also want to make sure that the deployment system itself is stable and reliable. So the last thing you're going to want is any sort of hiccup with the tool that you're using to fix your product, to roll out changes to your customers. So that is a key focus area for us in everything that we do is we make sure that whenever we're building features that are going to expand capabilities, deployment capabilities. That we're, we are focusing firstly on stability and reliability of the deployment system itself. So those are a few features, a few focus areas that we continually build into the product. And you can, I mean, I'm sure a lot of enterprises know that as soon as you start doing things at massive scale, sometimes the stability and reliability, can, you'll be jeopardized a little bit. Or you start hitting against those limits or what are the, what walls do you encounter? So one of the key things we're doing is building ahead of that, making sure that our features are enabling users to hit deployment scales they've never seen or imagined before. So that's a big part of what Armory is. >> Ian, can you add a number to that in terms of the before Armory and the after in terms of that velocity? >> Absolutely, before Armory our deploys would take some times, somewhere around 45 minutes. And we cut that in half, if not more to down to like the like 16 to 20 minute ranges where we are currently deploying to a few hundred hosts. So, and that is the previous deployment strategy would take longer. If we scaled up the number of instances for big events, like our payment processing we do the first of the month currently. So being able to have that and know that our deploys will take about the same amount of time each time, it will be faster. That helps us bring features to create some fans a lot faster. And the stability aspect has also been very important, knowing that we have a secure way to roll back if needed, which you didn't have previously in case something goes wrong, that's been extremely useful. >> And I can imagine, Ian that velocity is critical because I mean more and more and more these days, there are content creators everywhere in so many different categories that we've talked about. Even nightclubs, that to be able to deliver that velocity through a part, a technology like Armory is table-stakes for against business. >> Absolutely, yeah. >> Andrew, back over to you. I want to kind of finish out here with, in the last couple of years where things have been dynamic. Have you seen any leading indices? I know you guys work with enterprises across organizations and Fortune 500s. But have you seen any industries in particular that are really leaning on Armory to help them achieve that velocity that we've been talking about? >> We have a pretty good spread across the market, but since we are focused on cloud, to deploy to cloud technologies, that's one of the main value props for Armory. So that's going to be enabling deployments to AWS in similar clouds. So the companies that we work with are really ones that have either already gone through that transformation or are on their journey. Then of course, now Kubernetes is a force, it's kind of taken over. So we're getting pulled into even more companies that are embracing Kubernetes. So I wouldn't say that there's an overall trend, but we have customers all across the Fortune 500, all across mid-market to Fortune 500. So there's depending on the complexity of the corporation itself or the enterprise itself we're able to do. I think Ian mentioned our policy engine and a few other features that are really tailored to companies that have restricted environments and moving into the cloud. >> Got it, and that's absolutely critical these days to help organizations pivot multiple times and to get that speed to market. 'Cause that's, of course as consumers, whether we're on the business side or the commercial side, we have an expectation that we're going to be able to get whatever we want A-S-A-P. And especially if that's payments processing, that's pretty critical. Guys, thank you for joining me today, talking about Armory, built on Spinnaker, what it's doing for customers like Patreon. We appreciate your time and your insights. >> Thank you so much. >> Thank you. Thank you so much. >> For my guests, I'm Lisa Martin. You're watching theCUBE's, AWS startup showcase, season two, episode one. (upbeat music)

>>Welcome everyone. I'm Dave Nicholson with the cube. This is a special Q conversation. That is part of the AWS startup showcase. Season two. Got a very interesting conversation on deck with Steve Francis who joins us from Instaclustr. Steve is the chief revenue officer and executive vice president for go-to-market operations for Insta cluster. Steve, welcome to the cube. >>Thank you, Dave. Good to be here. >>It looks like you're on a, uh, you're you're you're coming to us from an exotic locale. Or do you just like to have a nautical theme in your office? >>No, I'm actually on my boat. I have lots of kids at home and, uh, it can be very noisy. So, uh, we call this our apartment in the city and sometimes when we need a quiet place, this, this does nicely >>Well, fantastic. Well, let's, let's talk about Instaclustr. Um, first give us, give us a primmer on Instaclustr and, uh, and what you guys do. And then let's double click on that and go into some of the details. >>Sure. So in sip cluster, we offer a SAS platform for data layer, open source technologies. And what those technologies have in common is they scale massively. We re curate technologies that are capable of massive scale. So people use them to solve big problems typically. And so in addition to SAS offerings for those open source projects where people can provision themselves clusters in minutes, um, we also offer support for all of the technologies that we offer on our SAS platform. We offer our customer support contracts as well. And then we have a consulting team, a global consulting team who are expert in all of those open source projects that can help with implementations that can help with design health checks, uh, you name it. So most of what they do is kind of short term expert engagements, but we've also done longer-term projects with them as well. >>So your business model is to be a SAS provider as opposed to an alternative, which would be to, uh, provide what's referred to as, uh, open core software. Is that, is that right? >>Yeah, that's exactly right. So you, so when, when our customers have an interest in using community open source, we're the right partner for them. And so, you know, really what that means is if they, whether it's our SAS platform, if, if they want the flexibility to say, we want to take that workload off of your SAS platform, maybe at some point operated ourselves because we're not throwing a bunch of PROPRICER proprietary stuff in there. They have the flexibility to do that. So they always have an exit ramp without being locked in and with our support customers, of course, it's very easy. What we support is both the open source project. And if there's a gap in that open source project, what we'll do is rather than create a proprietary piece of software to close the gap, we'll source something from the community and we'll support that. Or if it, or if something does not exist in the community, in many cases, we'll write it ourselves and open source it and then, and then support it. >>Yeah, it's interesting. Uh, supposedly Henry Ford made a comment once that if you ask customers what they want, they'll tell you they want a faster horse, uh, but he was inventing the automobile and some people have, have likened open core to sort of the faster mechanical horse version of open source where you're essentially substituting an old school legacy vendor for a new school vendor. That's wrapping their own proprietary stuff around a delicious core of open source, but it sort of diminishes the value proposition of open source. It sounds like that's, that's the philosophy that you have adopted at this point. That's >>I love that story. I haven't heard that before. One that I like, uh, you know, matching metaphor for metaphor, uh, is, uh, the, um, is the Luddites, right? You know, the Luddites didn't want to lose their weaving jobs. And so they would smash weeding looms and, um, you know, to, to protect their reading jobs. And I think it's the same thing with the open core model they're protecting, uh, you know, they're creating fear, uncertainty and doubt about open, open sourcing. Oh, it isn't secure. And, you know, the, those, those arguments have been used for 15 years or 20 years. And, you know, maybe 15 years ago there were some truth to it. But when you look at who is using open source community open source now for huge projects, you know, if you just do a search for Apache coffee users and go to the Apache Apache website, you know, it's kind of the who's who in big business, and these are people using community open source. And so, um, a lot of the fear and uncertainty and doubt is still used, and it's just, you know, it's just kind of hanging on to a business model that isn't really it's for the benefit of the, of the vendor and not the benefit of the customer. >>Well, so I can imagine being a customer and realizing several years into an open core journey that I basically painted myself into a similar corner that I was in before. Um, and so I can see where that, you know, that can be something that is a realization that, that creeps up over time from a customer perspective, but from your business model perspective, um, if I'm understanding correctly, your, when you scale, you're scaling the ability to, um, take over operations for our customer, uh, that, that some level, I'm sure you've got automation involved in this. Uh, but at some level you've got to scale in terms of really smart people, um, has that limited your ability to scale. So first talk about what have the results been. You guys we've been covering you since 2018. What have your results been over time and has that sort of limited that that limit to your scalability, uh, been an issue at all. >>It's hard to find people, uh, it's hard, it's hard for our customers to find people and it's hard for us to find people. So we have an advantage for two reasons. Number one, we have a really good process for hiring people, hiring graduates, recent computer science graduates typically, and then getting them trained up and productive on our platform and within a pretty short timeframe of three or four months. And, um, you know, so we we've, we've, uh, we have a really well-proven process to do that. And then the other thing that you've already alluded to is automation, right? There's a ton of automation built into our platform. So we have a big cost advantage over our customers. So, you know, our, our customers, you know, if they want to go hire a seasoned, you know, Kafka person or PostGrest personal work, a person, these people are incredibly expensive in the market, but for us, we can get those people for relatively less expensive. And then with the automation that we have built into our platform to do all the operational tasks and handle all the operational burdens on those different open source projects, it's a lot of it's automated. And so, uh, you know, where one of our experts can use, you know, the number of workloads that they can operate is usually, you know, many times more than what someone could do without all of the operational capability or all the automated capabilities that we have. >>So what has your, what is your plan for scaling the business look like into the future? Is it a additional investment in those core operators? Uh, are you looking at, uh, uh, expansion, geographically acquisition? What, what can you share with us? >>We've done some acquisition. We added a Postgres capability. We recently added a last, further Alaska search capability and really buttressed our capabilities there. I think we'll do more of that. And, um, we, we will continue to add technologies that we find interesting and, and federal model, usually what we look for technologies that are pretty popular. They're used to solve big problems and they're complicated to manage, right? If something's easy to manage, people are less likely to perceive our value to be that great. So we look for things that, um, you know, are we kind of take the biggest areas, gnarliest, um, open-source projects for people to manage, and we handle the heavy lifting. >>Well, can you give me an example of something like that? You don't have to, you don't have to share a customer name if you don't, if it's not appropriate, but give us a, give us an example of, of Instaclustr inaction pretend I'm the customer. And, uh, and, uh, you know, you mentioned elastic search. Let's say that, let's say that that is absolutely something that's involved. And I have a choice between some open, open core solution and throwing my people at it to manage it, uh, and, and, and operate at the data layer, uh, versus what you would do. What does that interaction look like? How do, how does the process, >>Um, so one thing that we hear from elastic search customers a lot is, uh, their customers, some of them are unhappy. And what they'll tell us is look, when we get an operational problem with Alaska search, we go to Alaska search. And the answer we get from them is we gotta buy, you know, you gotta buy more stuff, you got to add more nodes, and they're in the business of, uh, you know, that's, that's our business. And, uh, you know, they do have a SAS offering, but, um, you know, they're, they're also in the business of selling software. And so when those customers, those same customers come to us, our answer is often, well, Hey, we can help you optimize your environment. And, you know, a lot of times when we onboard people into our platform, they'll achieve cost savings because maybe they weren't on the cloud. Maybe they weren't completely optimized there. And, um, you know, we want to make sure that they get a good operational experience and that's how we felt lock customers in, right. We don't lock them in with code. We make sure that they have a positive experience that we take a lot of that operational stuff off their hands. And so there's just a good natural alignment between what we want to provide that customer and what they ultimately want to consume. Uh, you know, that, that alignment I think is, is uniquely high within our business. >>Well, so how, how have things changed just in the last several years? Obviously, I mean, you know, the, the pandemic has, has affected everything in, in one way or another, but, but in terms of things that live at the data layer being important, um, I mean, just in the last three or four years, the talk of various messaging interfaces and databases has shifted to a degree. Um, what do you see on the horizon? What's, what's, what's, what's getting buzz that maybe didn't get buzz a year ago. What, what, what are you looking for as well? If you're out looking for people with skill sets right now, what are those skill sets you're hiring to? >>I don't hire engineers, right. I run the go to market organization. I hire marketers, salespeople, consultants, but, uh, so it's probably different. I'm maybe not the best person to ask from an engineering standpoint, but, uh, your question about the data layer, um, and how, you know, that's evolving trends that we see it's becoming increasingly strategic. You know, every, there's a couple of buzzwords out there that, you know, for years now, people have been talking about, um, modernization, digital transformation, stuff like that, but, you know, there's, there's a lot to it like digital, you know, every business kind of needs to become a digital business. And as that happens, the amount of data that's produced is, is just as mushrooming, right. You know, the amount of data on the planet doubles about every two years. And so for a lot of applications for a lot of enterprise mission-critical applications, data is the most expensive layer of the application. >>You know, much more expensive than delivering a front end, much more expensive than delivering a military when you just, when you factor in storage, um, uh, just the kind of moving data in and out, you know, data transfer fees, the cost of engineering resources that it's, it's incredibly expensive. So data layers are becoming strategic because organizations are looking at it and realizing, you know, the amount that they're spending on this is eye-popping. And so that's why it's becoming strategic. It's on the radar, just due to the, uh, the size of bills that organizations are looking at. Um, and we could drive those bills down. You know, our value proposition is really simpler. It's a better, faster, cheaper, and we eliminate the license fees. We can, you know, we are operational experts, so we can get people architected in the cloud more efficiently, and probably about a third of the time we save our customers cloud fees. Um, so it's, you know, it's a pretty simple model that some of those things that are strategically more, or are there, sorry, traditionally more tactical or becoming strategic, just because of the scope and scale of them. >>We, uh, we're having this conversation as part of the AWS startup showcase, which basically means that AWS said, Hey, Silicon angle, have your cube guys go talk to these people because we think they're cool. So, um, so why, why, why do they think you're cool? Are you a wholly owned subsidiary of AWS? Did you, did you and your family, uh, uh, exceed the 300 order, uh, Amazon threshold last year? Y what's your relationship with Amazon? >>I bought an elf on the shelf from, I don't know, I don't know why. Um, you know, we're, we're growing fast and we're, we're growing north of 50% last year in 21 and closer to 60%. Um, you know, we certainly, I think, uh, when our customers sign up for our services, you know, Amazon gets more workloads. That's, that's probably a positive thing for Amazon. Um, we're certainly not, you know, there's much, much, much bigger vendors and partners than us that they have, but, uh, but you know, they're, I think they're aware that there's, there's some, some of the smaller vendors like us will grow up to be, you know, the, you know, the bigger vendors of tomorrow. Um, but they've kind of, they've been a great partner. You know, we, we support multiple, we do support multiple clouds, and Amazon's cool with that. You know, we support GCP, we support Azure and kind of give our customers the choice of what clouds they want to run on. Uh, most of our customers do run an Amazon that seems to be sort of a defacto standard, but, um, they haven't been a great partner, >>But, but AWS, it's not a dependency. Uh, if you're, if you're working within the cluster, it doesn't mean that you must be in AWS. >>Nope. We can support customers. Uh, that's a great question. So we can support customers and multiple clouds, and we even support them on prem, right? If they, if organizations that have their own data center, we actually have an on-premise managed service offering. And if that's not a fit, we even have, um, we can offer support contracts, like if they want to do it themselves and do a lot of the heavy lifting and just need sort of a red phone for emergency situations. Uh, we offer 24 by 7, 365 support with 20 minutes service levels for urgent issues. >>So your chief revenue officer, that means that you write the code that runs operations in your system. I'm not smiling, but I'm at, but I'm, but I am actually joking. So that's what the dry sense of humor. Uh, but, but, but seriously, let's talk about the business end of this, right? We have, uh, we have a lot of folks who, uh, who tuned into the queue because of the technology aspect of it, but let's talk about your, your growth trajectory over time. Um, uh, this isn't a drill down. I'm not asking for your, your pipeline, Steve, but, uh, but, but, you know, give us an idea of what that trajectory has looked like. Um, what's going on. >>Yeah. I mean the most recent year, you know, we're, we're getting, uh, to be, um, I, I don't know what I'm permitted to share expect, but I, you know, we've, we've had a lot of growth, you know, if we've won a couple, a couple of hundred percent, our revenue has in the amount of time that I've been here, which is three years, and we're the point now, or pretty good size. Uh, and that gives us, uh, it's cool. It's exciting. You know, we're, we're noticing in the market is people who traded two years ago. People, no one knew who we were. And now we're beginning to talk to some partners, some resellers, some customers, and they will say things like, oh yeah, we've heard of you. We didn't know what you did, but we've heard of you. And, you know, that's, that's fun. That's a great place to be. Uh, you know, it becomes a little bit self-sustaining at that point. And, um, we, you know, we are about to launch, I, it's not a secret because this isn't public preview. So I think >>Was there, I noticed the pause where you're like, can I say this or not? Go ahead and say, go ahead and say, >>Really we, uh, I was trying to think, wait, am I revealing anything here? I shouldn't. But, uh, we did just go public preview, uh, probably a month ago with a project called Aiden's, uh, cadence workflow. Uh, you can actually, um, go to the Instaclustr website and look up cadence. Um, it's run their homepage, or you can, if you want to go to the open source project itself, you can go to cadence, workflow.io. Uh, this is a project that's trending pretty highly on Google. It's got a lot of important movers in the technology business that are using it and having a lot of success with it. Uh, and we're going to be first to market globally with a SAS offering for cadence, port flop. And, um, it's an incredibly exciting project. And it's exciting for us to specifically, because it's a little different, right? It's not, it's a middle tier project that is targeted at developers to increase developer productivity and developer velocity. >>Um, you joked about my being a CRO writing code, but I actually used to be a coder long time ago. I was not very good at it, but what I did enough of it to remember that a lot of what I did as a coder was right. Plumbing code, you know, rather than writing that code that makes the business application function a huge amount of my time as a developer was spent writing, you know, just the plumbing code to make things work and to make it secure and to make a transactional and just all that, you know, kind of nitty gritty code that you gotta do in a nutshell, cadence makes writing that code way easier. So especially for distributed applications that have workflow like capabilities requirements, uh, it's a massive productivity and PR increaser. So it's cool. Exciting for us is now we can, rather than just target data operators, we can actually target developers and engage, not just at the data layer, but kind of at that middle tier as well, and begin to, uh, identify and, um, uh, synergies between the different services that we have and, and our customers will obviously benefit from that. >>So that's a big part of our growth strategy. >>Yeah. So more, more on from a business perspective and a go to market perspective. Um, what is your, what is your go to market strategy or, uh, do you have, do you have a channel strategy? Are you working with partners? >>He is pretty nascent. You know, our go to market strategy for the most part has been, you know, we, uh, pay the Google gods and, and lots of people come to our website and say, they want to talk to us. You know, we talked to them and we get them signed up with, uh, uh, on our, our, our SAS platform or with a support contract or with our consulting team. Um, we also do outbound, you know, we do, we have an inside sales team that does outbound prospecting and we have, um, and we also have some self-service. We have some, some self service customers as well that just, you know, anyone can go to our website, swipe a credit card, sign up for one of our SAS offering and begin, literally get fired up in minutes and PR and using the platform. Uh, so, you know, it's a bit of a mix of high touch, low touch, I think are, you know, we have tons of big logos. >>We know lots and lots of our customers are household name, really big organizations solving big problems. And, um, that's kind of where the bulk of our businesses. And so I think we've been a little more focused there and go to market than we have sort of a know startup selling to startups and the people that just from super developer focused, wanting low touch. So, but I think we need to do better at that part of the market. And we are investing some resources there so that, you know, we're not so lopsided at the high end of the market. We want kind of a, more of a balanced approach because, you know, some of those, some of those, um, younger companies are going to grow up to be big massively successful companies. We've had that, you know, door dash is a tough class, has been a customer of ours for years, and they were not nearly, you know, we, there were a prepayment, there were custom bars, pre pandemic, and we all know what happened to them, uh, during the pandemic. And so, you know, we know there's other door dashes out there. >>Yeah. Yeah. Uh, uh, final question, geography, uh, you guys global. I, uh, I know you're in north America, but, um, what, what, what does that look like for you? Where are you at? >>We're super global. So, you know, in my go-to-market organization, we have sellers in, um, uh, AsiaPac and Europe, you know, multiple in Asia, multiple in Europe, uh, you know, lots of lots in the, in the states, uh, same with marketing, uh, same with engineering, same with our tech ops delivery team. We have most of them, uh, in Australia, which is where we were founded. Uh, but we also have a pretty good sized team, uh, out of Boston and, um, kind of a nascent team, uh, in India as well, to help to tell it, to help them out. So yeah, very much global and, um, you know, getting close to 300 employees, um, you know, when I started, I think we're about 85 to 90, >>That's it, that's an exciting growth trajectory. And, uh, I'm just going to assume, because it just feels awesome to assume it that since you're on a boat and since you were founded in Australia, that that's how you go back and forth to, uh, to visit the most. >>Yeah. Yeah. It takes a while. It takes a while. >>So with that, Steve, I want to say a smooth sailing and, uh, and, uh, thanks for joining us here on the cube. I'm Dave Nicholson. Uh, this has been part of the AWS startup showcase my conversation with Steve Francis of Instaclustr again. Thanks Steve. Stay tuned. >>Thanks very much to you, >>Your source for hybrid tech coverage.

>>Welcome everyone to the cubes presentation of the AWS startup showcase open cloud innovations. This is season two episode one of the ongoing series and we're covering exciting and innovative startups from the AWS ecosystem. Today. We're going to focus on the open source community. I'm your host, Dave Vellante. And right now we're going to talk about open source security and mitigating risk in light of a recent discovery of a zero day flaw in log for J a Java logging utility and a related white house executive order that points to the FTC pursuing companies that don't properly secure consumer data as a result of this vulnerability and with me to discuss this critical issue and how to more broadly address software supply chain risk is Don Fisher. Who's the CEO of tide lift. Thank you for coming on the program, Donald. >>Thanks for having me excited to be here. Yeah, pleasure. >>So look, there's a lot of buzz. You open the news, you go to your favorite news site and you see this, you know, a log for J this is an, a project otherwise known as logged for shell. It's this logging tool. My understanding is it's, it's both ubiquitous and very easy to exploit. Maybe you could explain that in a little bit more detail. And how do you think this vulnerability is going to affect things this year? >>Yeah, happy to, happy to dig in a little bit in orient around this. So, you know, just a little definitions to start with. So log for J is a very widely used course component that's been around for quite a while. It's actually an amazing piece of technology log for J is used in practically every serious enterprise Java application over the last 10 going on 20 years. So it's, you know, log for J itself is fantastic. The challenge that organization organizations have been facing relate to a specific security vulnerability that was discovered in log for J and that has been given this sort of brand's name as it happens these days. Folks may remember Heartbleed around the openness to sell vulnerability some years back. This one has been dubbed logged for shell. And the reason why it was given that name is that this is a form of security vulnerability that actually allows attackers. >>You know, if a system is found that hasn't been patched to remediate it, it allows hackers to get full control of a, of a system of a server that has the software running on it, or includes this log for J component. And that means that they can do anything. They can access, you know, private customer data on that system, or really do anything and so-called shell level access. So, you know, that's the sort of definitions of what it is, but the reason why it's important is in the, in the small, you know, this is a open door, right? It's a, if, if organizations haven't patched this, they need to respond to it. But one of the things that's kind of, you know, I think important to recognize here is that this log for J is just one of literally thousands of independently created open source components that flow into the applications that almost every organization built and all of them all software is going to have security vulnerabilities. And so I think that log for J is, has been a catalyst for organizations to say, okay, we've got to solve this specific problem, but we all also have to think ahead about how is this all gonna work. If our software supply chain originates with independent creators across thousands of projects across the internet, how are we going to put a better plan in place to think ahead to the next log for J log for shell style incident? And for sure there will be more >>Okay. So you see this incident as a catalyst to maybe more broadly thinking about how to secure the, the digital supply chain. >>Absolutely. Yeah, it's a, this is proving a point that, you know, a variety of folks have been making for a number of years. Hey, we depend, I mean, honestly these days more than 70% of most applications, most custom applications are comprised of this third party open source code. Project's very similar in origin and governance to log for J that's just reality. It's actually great. That's an amazing thing that the humans collaborating on the internet have caused to be possible that we have this rich comments of open source software to build with, but we also have to be practical about it and say, Hey, how are we going to work together to make sure that that software as much as possible is vetted to ensure that it meets commercial standards, enterprise standards ahead of time. And then when the inevitable issues arise like this incident around the log for J library, that we have a great plan in place to respond to it and to, you know, close the close the door on vulnerabilities when they, when they show up. >>I mean, you know, when you listen to the high level narrative, it's easy to point fingers at organizations, Hey, you're not doing enough now. Of course the U S government has definitely made attempts to emphasize this and, and shore up in, in, in, in, in push people to shore up the software supply chain, they've released an executive order last may, but, but specifically, I mean, it's just a complicated situation. So what steps should organizations really take to make sure that they don't fall prey to these future supply chain attacks, which, you know, are, as you pointed out are inevitable. >>Yeah. I mean, it's, it's a great point that you make that the us federal government has taken proactive steps starting last year, 2021 in the fallout of the solar winds breach, you know, about 12 months ago from the time that we're talking, talking here, the U S government actually was a bit ahead of the game, both in flagging the severity of this, you know, area of concern and also directing organizations on how to respond to it. So the, in May, 2021, the white house issued an executive order on cybersecurity and it S directed federal agencies to undertake a whole bunch of new measures to ensure the security of different aspects of their technology and software supply chain specifically called out open source software as an area where they put, you know, hard requirements around federal agencies when they're acquiring technology. And one of the things that the federal government that the white house cybersecurity executive order directed was that organizations need to start with creating a list of the third-party open source. >>That's flowing into their applications, just that even have a table of contents or an index to start working with. And that's, that's called a, a software bill of materials or S bomb is how some people pronounce that acronym. So th the federal government basically requires federal agencies to now create Nessbaum for their applications to demand a software bill of materials from vendors that are doing business with the government and the strategy there has been to expressly use the purchasing power of the us government to level up industry as a whole, and create the necessary incentives for organizations to, to take this seriously. >>You know, I, I feel like the solar winds hack that you mentioned, of course it was widely affected the government. So we kind of woke them up, but I feel like it was almost like a stuck set Stuxnet moment. Donald were very sophisticated. I mean, for the first time patches that were supposed to be helping us protect, now we have to be careful with them. And you mentioned the, the bill of its software, bill of materials. We have to really inspect that. And so let's get to what you guys do. How do you help organizations deal with this problem and secure their open source software supply chain? >>Yeah, absolutely happy to tell you about, about tide lift and, and how we're looking to help. So, you know, the company, I co-founded the company with a couple of colleagues, all of whom are long-term open source folks. You know, I've been working in around commercializing open source for the last 20 years that companies like red hat and, and a number of others as have my co-founders the opportunity that we saw is that, you know, while there have been vendors for some of the traditional systems level, open source components and stacks like Linux, you know, of course there's red hat and other vendors for Linux, or for Kubernetes, or for some of the databases, you know, there's standalone companies for these logs, for shell style projects, there just hasn't been a vendor for them. And part of it is there's a challenge to cover a really vast territory, a typical enterprise that we inspect has, you know, upwards of 10,000 log for shell log for J like components flowing into their application. >>So how do they get a hand around their hands around that challenge of managing that and ensuring it needs, you know, reasonable commercial standards. That's what tide lifts sets out to do. And we do it through a combination of two elements, both of which are fairly unique in the market. The first of those is a purpose-built software solution that we've created that keeps track of the third-party open source, flowing into your applications, inserts itself into your DevSecOps tool chain, your developer tooling, your application development process. And you can kind of think of it as next to the point in your release process, where you run your unit test to ensure the business logic in the code that your team is writing is accurate and sort of passes tests. We do a inspection to look at the state of the third-party open source packages like Apache log for J that are flowing into your, into your application. >>So there's a software element to it. That's a multi-tenant SAS service. We're excited to be partnered with, with AWS. And one of the reasons why we're here in this venue, talking about how we are making that available jointly with AWS to, to drink customers deploying on AWS platforms. Now, the other piece of the, of our solution is really, really unique. And that's the set of relationships that Tyler has built directly with these independent open source maintainers, the folks behind these open source packages that organizations rely on. And, you know, this is where we sort of have this idea. Somebody is making that software in the first place, right? And so would those folks be interested? Could we create a set of aligned incentives to encourage them, to make sure that that software meets a bunch of enterprise standards and areas around security, like, you know, relating to the log for J vulnerability, but also other complicated parts of open source consumption like licensing and open source license, accuracy, and compatibility, and also maintenance. >>Like if somebody looking after the software going forward. So just trying to basically invite open source creators, to partner with us, to level up their packages through those relationships, we get really, really clean, clear first party data from the folks who create, maintain the software. And we can flow that through the tools that I described so that end organizations can know that they're building with open source components that have been vetted to meet these standards, by the way, there's a really cool side effect of this business model, which is that we pay these open source maintainers to do this work with us. And so now we're creating a new income stream around what previously had been primarily a volunteer activity done for impact in this universe of open source software. We're helping these open source maintainers kind of GoPro on an aspect of what they do around open source. And that means they can spend more time applying more process and tools and methodology to making that open source software even better. And that's good for our customers. And it's good for everyone who relies on open source software, which is really everyone in society these days. That's interesting. I >>Was going to ask you what's their incentive other than doing the right thing. Can you give us an example of, of maybe a example of an open source maintainer that you're working with? >>Yeah. I mean, w we're working with hundreds of open source maintainers and a few of the key open source foundations in different areas across JavaScript, Java PHP, Ruby python.net, and, you know, like examples of categories of projects that we're working with, just to be clear, are things like, you know, web frameworks or parser libraries or logging libraries, like a, you know, log for J and all the other languages, right? Or, you know, time and date manipulation libraries. I mean, they, these are sort of the, you know, kind of core building blocks of applications and individually, they, you know, they may seem like, you know, maybe a minor, a minor thing, but when you multiply them across how many applications these get used in and log for J is a really, really clarifying case for folks to understand this, you know, what can seemingly a small part of your overall application estate can have disproportionate impact on, on your operations? As we saw with many organizations that spent, you know, a weekend or a week, or a large part of the holidays, scrambling to patch and remediate this, a single vulnerability in one of those thousands of packages in that case log. >>Okay, got it. So you have this two, two headed, two vectors that I'm going to call it, your ecosystem, your relationship with these open source maintainers is kind of a, that just didn't happen overnight, and it develop those relationships. And now you get first party data. You monetize that with a software service that is purpose built as the monitor of the probe that actually tracks that third, third party activity. So >>Exactly right. Got it. >>Okay. So a lot of companies, Donald, I mean, this is, like I said before, it's a complicated situation. You know, a lot of people don't have the skillsets to deal with this. And so many companies just kind of stick their head in the sand and, you know, hope for the best, but that's not a great strategy. What are the implications for organizations if they don't really put the tools and processes into place to manage their open source, digital supply chain. >>Yeah. Ignoring the problem is not a viable strategy anymore, you know, and it's just become increasingly clear as these big headline incidents that happened like Heartbleed and solar winds. And now this logged for shell vulnerability. So you can, you can bet on that. Continuing into the future and organizations I think are, are realizing the ones that haven't gotten ahead of this problem are realizing this is a critical issue that they need to address, but they have help, right. You know, the federal government, another action beyond that cybersecurity executive order that was directed at federal agencies early last year, just in the last week or so, the FTC of the U S federal trade commission has made a much more direct warning to private companies and industry saying that, you know, issues like this log for J vulnerability risk exposing private, you know, consumer data. That is one of the express mandates of the FTC is to avoid that the FTC has said that this is, you know, bears on both the federal trade commission act, as well as the Gramm-Leach-Bliley act, which relates to consumer data privacy. >>And the FTC just came right out and said it, they said they cited the $700 million settlements that Equifax was subject to for their data breach that also related to open source component, by the way, that that had not been patched by, by Equifax. And they said the FTC intents to use its full legal authority to pursue companies that failed to take reasonable steps, to protect consumer data from exposure as a result of log for J or similar known vulnerabilities in the future. So the FTC is saying, you know, this is a critical issue for consumer privacy and consumer data. We are going to enforce against companies that do not take reasonable precautions. What are reasonable precautions? I think it's kind of a mosaic of solutions, but I'm glad to say tide lift is contributing a really different and novel solution to the mix that we hope will help organizations contend with this and avoid that kind of enforcement action from FTC or other regulators. >>Well, and the good news is that you can tap a tooling like tide lift in the cloud as a service and you know, much easier today than it was 10 or 15 years ago to, to resolve, or at least begin to demonstrate that you're taking action against this problem. >>Absolutely. There's new challenges. Now I'm moving into a world where we build on a foundation of independently created open source. We need new solutions and new ideas, and that's a, you know, that's part of what we're, we're, we're showing up with from the tide lift angle, but there's many other elements that are going to be necessary to provide the full solution around securing the open source supply chain going forward. >>Well, Donald Fisher of tide lift, thanks so much for coming to the cube and best of luck to your organization. Thanks for the good work that you guys do. >>Thanks, Dave. Really appreciate your partnership on this, getting the word out and yeah, thanks so much for today. >>Very welcome. And you are watching the AWS startup showcase open cloud innovations. Keep it right there for more action on the cube, your leader in enterprise tech coverage.

>> From theCUBE studios in Palo Alto in Boston, bringing you data-driven insights from theCUBE in ETR. This is "Breaking Analysis" with Dave Vellante. >> Despite all the talk about repatriation, hybrid and multi-Cloud opportunities, and Cloud is an increasingly expensive option for customers, the data continues to show the importance of public Cloud to the digital economy. Moreover, the two leaders, AWS and Azure, are showing signs of accelerated momentum that point to those two giants pulling away from the pack in the years ahead, with each firm's showing broad based momentum across their respective product lines. It's unclear if anything, other than government intervention or self-inflicted wounds will slow these two companies down this decade. Despite their commanding lead, a winning strategy for companies that don't run their own Cloud continues to be innovating on top of their massive CapEx investments. The most notable example here being Snowflake. Hello, everyone. Welcome to this week's Wikibon CUBE insights powered by ETR. In this breaking analysis, we provide our quarterly market share update for the big four hyperscale Cloud providers. And we'll share some new ETR data from their most recent survey. And we'll drill into some of the reasons for the momentum of these two companies and drill further into the database and data warehouse sector to see what, if anything, has changed in that space. First, let's look at some of the noteworthy comments from AWS and Microsoft in their recent earnings updates. We heard from Amazon, the following, "AWS has seen a reacceleration of revenue growth as customers have expanded their commitment to the Cloud and selected AWS as their Cloud partner." Notably, AWS revenues increased 39% in Q3 2021. That's a thousand basis point increase in growth relative to Q3 2020. That's an astounding milestone for a company that we expect to surpass $60 billion in revenue this year. Further, AWS touted the adoption of its custom silicon, and specifically its Graviton2 processors. AWS is fond of emphasizing Graviton's 40% price performance improvements relative to x86 processors, something we've reported on quite extensively. AWS is investing in custom silicon, encouraging ISVs to port their code to the platform so that customers will experience little or no code changes when they migrate. Again, we believe this is a secret weapon for AWS as its cost structure will continue to improve at a rate faster than competitors that don't have the resources or the skills or the stomach to develop such capabilities. Microsoft, for its part, also saw astoundingly good growth of 48% this past quarter for Azure. This is a company that we forecast will approach $40 billion in IaaS and PaaS public Cloud revenue this year. Microsoft's CEO, Satya Nadella, on its earnings call, emphasized the changing nature of Cloud expanding in a distributed fashion to the edge. He referenced Azure as the world's computer. Building on his statements last year that Microsoft is building out a powerful, ubiquitous, intelligent, sensing and predictive Cloud. Yes, folks, it does feel like we're entering the so-called Metaverse, doesn't it? Okay, to underscore the momentum of these two companies, let's take a look at the ETR breakdown of Net score, which measures spending momentum. This chart will be familiar to our listeners. It shows the breakdown of net score for AWS, with the lime green showing new adoptions. That's 11%. The forest green is spending more than 6% relative to the first half of this year. That's a very robust 53%. The gray is flat spending. That's 30% on a very, very large base. And the pink is spending declines of minus 6% or worse. That's 4%. And the bright red is defections i.e those leaving AWS. That's 1%. That's virtually non-existent. You subtract the reds from the greens and you get a net score of 59. Remember, anything over 40, we can still consider to be elevated. Let's look at that same data for Microsoft again. You have some new ads that lime green, that's 7%. The forest green is at 46% of customers spending more, which is an incredible figure for a company with revenues that will in the near term surpass $200 billion. And the red is in the low single digits. Buffered by its enormous PC software profits over the years, Microsoft is powered through its Window's Dogma and transitioned into a Cloud powerhouse. Let's now share some of our latest numbers for the big four hyperscale players, AWS, Azure, Alibaba and Google. Here, we show data for these companies from 2018 and our estimates for 2021. This data includes our final figures for AWS, Azure and GCP for Q3 with Alibaba yet to report. Remember, only AWS and Alibaba report IaaS revenue cleanly with Microsoft and Google, they give us a little breadcrumb nuggets that allow us to triangulate with our survey data and other intelligence. But it's our attempt to do an apples to apples comparison for those four companies using AWS and it's reporting as a baseline. In Q3, AWS reported more than $16 billion in revenue. We estimate Azure at 10 billion, Alibaba, we expect to come in at just under 3 billion, and GCP at 2.5 billion for the quarter. With three quarters of data in, with the exception of Alibaba, we're forecasting AWS to capture 51% of the big four revenue, the hyperscale revenue. And really we believe these are the only four hyperscalers. AWS will surpass 60 billion with Azure just under 40 billion, Alibaba approaching 11 billion, and Google coming in just under 10 billion for the year is our expectation. We forecast these four will account for $120 billion this year. That's a 41% increase over 2020 and the same collective growth rate as 2020 relative to 2019. We expect Azure to be 63% of the size of AWS revenue. So it is gaining share. Both of those companies, however, saw accelerated growth this past quarter with Alibaba and GCP's growth rates decelerating relative to last year. Now, let's take a closer look at those growth rates. This chart shows the quarterly growth rates for each of the four going back to the beginning of 2019. Both GCP and Alibaba are showing dramatic declines in growth rates, whereas, this past quarter Azure saw accelerated growth and AWS has now seen an increased rate of growth for the past two quarters. In fact, AWS' growth is about where it was in 2019 when it was around half of its current revenue size. And in 2019 growth was decelerating through the quarters as you can see where today that trend has reversed. It's quite amazing. All right, let's take a look at the broader Cloud landscape and bring back some ETR data. This chart that we're showing here, it shows net score or spending momentum on the vertical axis and market share or presence in the dataset on the horizontal axis. Note that red dotted line, anything above that we can still consider elevated and impressive. As when we've previously shared this data, AWS and Microsoft Azure are up and to the right. Now remember, this chart is not just counting IaaS and PaaS as we showed you earlier, it's however the customers views whatever they think Cloud is. And so they're likely including Microsoft SaaS in this picture. Which is why Microsoft shows larger than AWS despite what we showed you earlier. Nonetheless, these two are well ahead of the pack and the growth rates indicate that they're pulling away. But we've added some of the other players, most notably VMware Cloud on AWS. It's showing momentum as is VMware Cloud, which is VMware Cloud foundation and other on-prem Cloud offerings, even though it's below the red line for the on-prem piece, it's very respectable. The VMware Cloud on AWS has been consistently up above that red line. Has popped beneath it in some quarters, but it's very, very strong. As is, you know, Red Hat OpenShift, it's a little bit below the line, but it is respectable. We've superimposed this by the way. Red Hat OpenShift in the ETR platform is under the container orchestration taxonomy, but we'd like to put it in next to the Cloud players for context. That's how Red Hat sort of thinks about this as well. They think about OpenShift as Cloud. And then you can see the other players. Alibaba has got a small sample in the ETR dataset. Just does not enough presence in China. But Dell and HPE have started to show up in the Cloud taxonomy. So buyers are associating their private Clouds with Cloud. So Dell's Apex, HPE's GreenLake. So that's a positive. And you can see Oracle, which of course is OCI, Oracle Cloud infrastructure. And then IBM with its public Cloud. So, it's a positive that these on-prem players are showing up in this data, but the reality is the hyperscalers are growing collectively at 40% annually and the on-prem players are growing in the low single digits. So, and if you carve out the IaaS business of AWS and Azure, they're larger than most of the on-premises infrastructure players. And all the on-prem players are moving toward an as a service model, as I just alluded to. So, undoubtedly, hybrid multicloud edge are going to present opportunities for the likes of Dell, HPE, Cisco, VMware, IBM, Red Hat, et cetera. But they also present opportunities for the public Cloud players who have vibrant ecosystems and marketplaces much more diverse and deep than the traditional vendors. You know, we have a clearer picture of Microsoft's sort of hybrid and edge strategy because the company has such an enormous legacy business, it really had to think about that much more deeply. It wasn't a blank sheet of paper like AWS. It's going to be interesting at reinvent this year if new CEO, Adam Selipsky, will talk about this. And it will be good to hear how he's thinking about the next decade, how AWS thinks about hybrid and edge, I guarantee that with their developer affinity and custom Silicon capabilities, they're thinking about it differently than traditional enterprise players. And as we've stressed in this segment, they have across the board momentum. Now to quantify that, let's take a look at AWS as portfolio in the spending momentum within its product segments. This chart shows AWS's net scores or spending momentum in the areas where AWS participates in the ETR taxonomy. Again, note that red line. Anything above 40% is considered an elevated watermark. We're showing data from last October, this past July and the latest October 21 survey. That yellow line or a bar. What's notable is the yellow versus the gray bars up across the board for the most part, other than chime... And by the way, other than chime, everything is above the 40% mark as well. Now, we've highlighted database because we feel it's one of the most strategic sectors in a real battleground. So we want to drill into that a bit. Here's our familiar X Y graph showing Net score on the Y axis, remember, that's, again, spending momentum and market share or pervasiveness in the survey on the horizontal axis. This data, by the way, includes on-prem and Cloud database data warehouse. So keep that in mind. Let's start with one of our favorite topics; Snowflake. We've reported again and again and again, that we've never seen anything like this. The company's net score has moderated ever so slightly this quarter, but it's still just below 80%. Very highly elevated. Well, above that 40% mark. It's Snowflake's presence continues to grow as a gain share in the market. Snowflake is growing revenue in the triple digits. It's an insane pace, hence its current $115 billion market cap as of this episode. Now that said, all three US-based Cloud players there are above the 40% line with AWS and Microsoft having significant presence on the horizontal axis. You see Cockroach Labs, Redis, Couchbase, they're all elevated or highly elevated. Couchbase just went public this summer. So that may help with its presence. MongoDB, they're killing it. They have a $37 billion market cap as of this episode. The stock has been on a tear. You see MariaDB was also in the mix. And then of course you have Oracle, the database leader. Look, they continue to invest in making the Oracle database and other software like MySQL, the best solution for mission critical workloads, and they're investing in their Cloud. But you can see overall, they just don't have the momentum from a spending standpoint that the others do because the declines in their legacy business. And they've been around a long time. Those declines are not fully offset by the growth in Cloud database and Cloud migration. But look, Oracle is a financial powerhouse with a $250 billion plus market cap. And the stock has done very well this past year. Up over 60%. Cloudera is going private. So it can hide the pain of the transitions that it's undergoing between the legacy install bases of Cloudera and Hortonworks. It's just a tough situation. When the companies came together, Cloudera essentially had a dead end. Each of those respective platforms and migrate their customers to a more modern stack as part of its Cloud strategy. Ironic that it's name is Cloudera. You know, that's always a difficult thing to do. So as a private company, Cloudera can maybe get off that 90 day shot clock and buy some time to invest without getting hammered by the street. And you know, Teradata consistently has not shown up well in the ETR dataset. It's transitioned to Cloud and cross-Cloud still hasn't shown momentum in the surveys. So, look right now, it's looking like the rich get richer. So just to quantify that a little bit, let's line up some of the database players and look a little bit more closely at net score. This chart shows the spending momentum or lack thereof with the net score or spending velocity granularity that we described before. Remember, green is spending more, red is spending less, bright red is leaving the platform, bright green is adding the platform. You take red, subtract red from the green, and that gives you a net score. Snowflake, as we said, tops the list. You can see the granularity there. You can compare the performance. In a little different view to understand how these scores are derived, look, the ideal profile is a solid lime green, a big forest green, a not too large gray and ideally little or no bright red AKA defections. And you can see the green funnel in the gray increasing prominence as the vendor momentum declines. Interestingly, with the exception of Cloudera and Teradata, defections are all in the single digits or nonexistent. In the case of Snowflake, Redis, red is no red at all, but small sample, Couchbase has no defections and very little defection for the giant Microsoft. Incredibly impressive. This speaks to how hard it is to migrate off of a database no matter how disgruntled you are. The more common scenario is to isolate the database and build new functionality on modern platforms. Okay, so what to watch out for. Well, reinvent this coming up next month. Oh this month. It's the first time someone other than Andy Jassy will be keynoting as CEO. 15 years of Cloud, this is the 10th re-invent, which is always a market for the direction of the industry. I've said many times that the last decade was largely about IT transformation powered by the Cloud. I believe we're entering a new era of business transformation where the Cloud is going to play a significant role. But the Cloud is evolving from a set of remote services out there in the Cloud to an omnipresent platform on top of which many customers and technology companies can innovate. And virtually every industry will be impacted by Cloud. However it evolves in the coming decade. The question will be, how fast can you go? And how will players like AWS and Microsoft and many others that are building on top of these platforms make it easier for you to go fast? That's what I'll be watching for at re-invent and beyond. Okay, that's a wrap for today. Remember, these episodes, they're all available as podcasts, wherever you listen. All you got to do is search Breaking Analysis podcasts. Check out ETR's website at etr.plus. We also publish a full report every week on wikibon.com and siliconangle.com. You can get in touch with me, david.vellante@siliconangle.com. You can DM me @dvellante or comment on our LinkedIn posts. This is Dave Vellante for theCUBE insights powered by ETR. Have a great week, everybody. Stay safe, be well. And we'll see you next time. We'll see you at re-invent. (soft upbeat music)

from the cube studios in palo alto in boston bringing you data-driven insights from the cube and etr this is breaking analysis with dave vellante despite all the chatter about cloud repatriation and the exorbitant cost of cloud computing customer spending momentum continues to accelerate in the post-isolation economy if the pandemic was good for the cloud it seems that the benefits of cloud migration remain lasting in the late stages of covid and beyond and we believe this stickiness is going to continue for quite some time we expect i asked revenue for the big four hyperscalers to surpass 115 billion dollars in 2021 moreover the strength of aws specifically as well as microsoft azure remain notable such large organizations showing elevated spending momentum as shown in the etr survey results is perhaps unprecedented in the technology sector hello everyone and welcome to this week's wikibon cube insights powered by etr in this breaking analysis we'll share some some fresh july survey data that indicates accelerating momentum for the largest cloud computing firms importantly not only is the momentum broad-based but it's also notable in key strategic sectors namely ai and database there seems to be no stopping the cloud momentum there's certainly plenty of buzz about the cloud tax so-called cloud tax but other than wildly assumptive valuation models and some pockets of anecdotal evidence you don't really see the supposed backlash impacting cloud momentum our forecast calls for the big four hyperscalers aws azure alibaba and gcp to surpass 115 billion as we said in is revenue this year the latest etr survey results show that aws lambda has retaken the lead among all major cloud services tracked in the data set as measured in spending momentum this is the service with the most elevated scores azure overall azure functions vmware cloud on aws and aws overall also demonstrate very highly elevated performance all above that of gcp now impressively aws momentum in the all-important fortune 500 where it has always showed strength is also accelerating one concern in the most recent survey data is that the on-prem clouds and so-called hybrid platforms which we had previously reported as showing an upward spending trajectory seem to have cooled off a bit but the data is mixed and it's a little bit too early to draw firm conclusions nonetheless while hyperscalers are holding steady the spending data appears to be somewhat tepid for the on-prem players you know particularly for their cloud we'll study that further after etr drops its full results on july 23rd now turning our attention back to aws the aws cloud is showing strength across its entire portfolio and we're going to show you that shortly in particular we see notable strength relative to others in analytics ai and the all-important database category aurora and redshift are particularly strong but several other aws database services are showing elevated spending velocity which we'll quantify in a moment all that said snowflake continues to lead all database suppliers in spending momentum by a wide margin which again will quantify in this episode but before we dig into the survey let's take a look at our latest projections for the big four hyperscalers in is as you know we track quarterly revenues for the hyperscalers remember aws and alibaba ias data is pretty clean and reported in their respective earnings reports azure and gcp we have to extrapolate and strip out all a lot of the the apps and other certain revenue to make an apples-to-apples comparison with aws and alibaba and as you can see we have the 2021 market exceeding 115 billion dollars worldwide that's a torrid 35 growth rate on top of 41 in 2020 relative to 2019. aggressive yes but the data continues to point us in this direction until we see some clearer headwinds for the cloud players this is the call we're making aws is perhaps losing a sharepoint or so but it's also is so large that its annual incremental revenue is comparable to alibaba's and google's respective cloud business in total is business in total the big three u.s cloud companies all report at the end of july while alibaba is mid mid-august so we'll update these figures at that time okay let's move on and dig into the survey data we don't have the data yet on alibaba and we're limited as to what we can share until etr drops its research update on on the 23rd but here's a look at the net score timeline in the fortune 500 specifically so we filter the fortune 500 for cloud computing you got azure and the yellow aws and the black and gcp in blue so two points here stand out first is that aws and microsoft are converging and remember the customers who respond to the survey they probably include a fair amount of application software spending in their cloud answers so it favors microsoft in that respect and gcp second point is showing notable deceleration relative to the two leaders and the green call out is because this cut is from an aws point of view so in other words gcp declines are a positive for aws so that's how it should be interpreted now let's take a moment to better understand the idea of net score this is one of the fundamental metrics of the etr methodology here's the data for aws so we use that as a as a reference point net score is calculated by asking customers if they're adding a platform new that's the lime green bar that you see here in the current survey they're asking are you spending six percent or more in the second half relative to the first half of the year that's the forest green they're also asking is spending flat that's the gray or are you spending less that's the pink or are you replacing the platform i.e repatriating so not much spending going on in replacements now in fairness one percent of aws is half a billion dollars so i can see where some folks would get excited about that but in the grand scheme of things it's a sliver so again we don't see repatriation in the numbers okay back to net score subtract the reds from the greens and you get net score which in the case of aws is 61 now just for reference my personal subjective elevated net score level is 40 so anything above that is really impressive based on my experience and to have a company of this size be so elevated is meaningful same for microsoft by the way which is consistently well above the 50 mark in net score in the etr surveys so that's you can think about it that's even more impressive perhaps than aws because it's triple the revenue okay let's stay with aws and take a look at the portfolio and the strength across the board this chart shows net score for the past three surveys serverless is on fire by the way not just aws but azure and gcp functions as well but look at the aws portfolio every category is well above the 40 percent elevated red line the only exception is chime and even chime is showing an uptick and chime is meh if you've ever used chime every other category is well above 50 percent next net score very very strong for aws now as we've frequently reported ai is one of the four biggest focus areas from a spending standpoint along with cloud containers and rpa so it stands to reason that the company with the best ai and ml and the greatest momentum in that space has an advantage because ai is being embedded into apps data processes machines everywhere this chart compares the ai players on two dimensions net score on the vertical axis and market share or presence in the data set on the horizontal axis for companies with more than 15 citations in the survey aws has the highest net score and what's notable is the presence on the horizontal axis databricks is a company where high on also shows elevated scores above both google and microsoft who are showing strength in their own right and then you can see data iq data robot anaconda and salesforce with einstein all above that 40 percent mark and then below you can see the position of sap with leonardo ibm watson and oracle which is well below the 40 line all right let's look at at the all-important database category for a moment and we'll first take a look at the aws database portfolio this chart shows the database services in aws's arsenal and breaks down the net score components with the total net score superimposed on top of the bars point one is aurora is highly elevated with a net score above 70 percent that's due to heavy new adoptions redshift is also very strong as are virtually all aws database offerings with the exception of neptune which is the graph database rds dynamodb elastic document db time stream and quantum ledger database all show momentum above that all important 40 line so while a lot of people criticize the fragmentation of the aws data portfolio and their right tool for the right job approach the spending spending metrics tell a story and that that the strategy is working now let's take a look at the microsoft database portfolio there's a story here similar similar to that of aws azure sql and cosmos db microsoft's nosql distributed database are both very highly elevated as are azure database for mysql and mariadb azure cash for redis and azure for cassandra also microsoft is giving look at microsoft's giving customers a lot of options which is kind of interesting you know we've often said that oracle's strategy because we think about oracle they're building the oracle database cloud we've said oracle strategy should be to not just be the cloud for oracle databases but be the cloud for all databases i mean oracle's got a lot of specialty capability there but it looks like microsoft is beating oracle to that punch not that oracle is necessarily going there but we think it should to expand the appeal of its cloud okay last data chart that we'll show and then and then this one looks at database disruption the chart shows how the cloud database companies are doing in ibm oracle teradata in cloudera accounts the bars show the net score granularity as we described earlier and the etr callouts are interesting so first remember this is an aws this is in an aws context so with 47 responses etr rightly indicates that aws is very well positioned in these accounts with the 68 net score but look at snowflake it has an 81 percent net score which is just incredible and you can see google database is also very strong and the high 50 percent range while microsoft even though it's above the 40 percent mark is noticeably lower than the others as is mongodb with presumably atlas which is surprisingly low frankly but back to snowflake so the etr callout stresses that snowflake doesn't have a strong as strong a presence in the legacy database vendor accounts yet now i'm not sure i would put cloudair in the legacy database category but okay whatever cloudera they're positioning cdp is a hybrid platform as are all the on-prem players with their respective products and platforms but it's going to be interesting to see because snowflake has flat out said it's not straddling the cloud and on-prem rather it's all in on cloud but there is a big opportunity to connect on-prem to the cloud and across clouds which snowflake is pursuing that that ladder the cross-cloud the multi-cloud and snowflake is betting on incremental use cases that involve data sharing and federated governance while traditional players they're protecting their turf at the same time trying to compete in cloud native and of course across cloud i think there's room for both but clearly as we've shown cloud has the spending velocity and a tailwind at its back and aws along with microsoft seem to be getting stronger especially in the all-important categories related to machine intelligence ai and database now to be an essential infrastructure technology player in the data era it would seem obvious that you have to have database and or data management intellectual property in your portfolio or you're going to be less valuable to customers and investors okay we're going to leave it there for today remember these episodes they're all available as podcasts wherever you listen all you do is search breaking analysis podcast and please subscribe to the series check out etr's website at etr dot plus plus etr plus we also publish a full report every week on wikibon.com and siliconangle.com you can get in touch with me david.velante at siliconangle.com you can dm me at d vallante or you can hit hit me up on our linkedin post this is dave vellante for the cube insights powered by etr have a great week stay safe be well and we'll see you next time you

>> From theCUBE studios in Palo Alto and Boston, bringing you data-driven insights from theCUBE and ETR. This is braking analysis with Dave Vellante. >> A new era of data is upon us, and we're in a state of transition. You know, even our language reflects that. We rarely use the phrase big data anymore, rather we talk about digital transformation or digital business, or data-driven companies. Many have come to the realization that data is a not the new oil, because unlike oil, the same data can be used over and over for different purposes. We still use terms like data as an asset. However, that same narrative, when it's put forth by the vendor and practitioner communities, includes further discussions about democratizing and sharing data. Let me ask you this, when was the last time you wanted to share your financial assets with your coworkers or your partners or your customers? Hello everyone, and welcome to this week's Wikibon Cube Insights powered by ETR. In this breaking analysis, we want to share our assessment of the state of the data business. We'll do so by looking at the data mesh concept and how a leading financial institution, JP Morgan Chase is practically applying these relatively new ideas to transform its data architecture. Let's start by looking at what is the data mesh. As we've previously reported many times, data mesh is a concept and set of principles that was introduced in 2018 by Zhamak Deghani who's director of technology at ThoughtWorks, it's a global consultancy and software development company. And she created this movement because her clients, who were some of the leading firms in the world had invested heavily in predominantly monolithic data architectures that had failed to deliver desired outcomes in ROI. So her work went deep into trying to understand that problem. And her main conclusion that came out of this effort was the world of data is distributed and shoving all the data into a single monolithic architecture is an approach that fundamentally limits agility and scale. Now a profound concept of data mesh is the idea that data architectures should be organized around business lines with domain context. That the highly technical and hyper specialized roles of a centralized cross functional team are a key blocker to achieving our data aspirations. This is the first of four high level principles of data mesh. So first again, that the business domain should own the data end-to-end, rather than have it go through a centralized big data technical team. Second, a self-service platform is fundamental to a successful architectural approach where data is discoverable and shareable across an organization and an ecosystem. Third, product thinking is central to the idea of data mesh. In other words, data products will power the next era of data success. And fourth data products must be built with governance and compliance that is automated and federated. Now there's lot more to this concept and there are tons of resources on the web to learn more, including an entire community that is formed around data mesh. But this should give you a basic idea. Now, the other point is that, in observing Zhamak Deghani's work, she is deliberately avoided discussions around specific tooling, which I think has frustrated some folks because we all like to have references that tie to products and tools and companies. So this has been a two-edged sword in that, on the one hand it's good, because data mesh is designed to be tool agnostic and technology agnostic. On the other hand, it's led some folks to take liberties with the term data mesh and claim mission accomplished when their solution, you know, maybe more marketing than reality. So let's look at JP Morgan Chase in their data mesh journey. Is why I got really excited when I saw this past week, a team from JPMC held a meet up to discuss what they called, data lake strategy via data mesh architecture. I saw that title, I thought, well, that's a weird title. And I wondered, are they just taking their legacy data lakes and claiming they're now transformed into a data mesh? But in listening to the presentation, which was over an hour long, the answer is a definitive no, not at all in my opinion. A gentleman named Scott Hollerman organized the session that comprised these three speakers here, James Reid, who's a divisional CIO at JPMC, Arup Nanda who is a technologist and architect and Serita Bakst who is an information architect, again, all from JPMC. This was the most detailed and practical discussion that I've seen to date about implementing a data mesh. And this is JP Morgan's their approach, and we know they're extremely savvy and technically sound. And they've invested, it has to be billions in the past decade on data architecture across their massive company. And rather than dwell on the downsides of their big data past, I was really pleased to see how they're evolving their approach and embracing new thinking around data mesh. So today, we're going to share some of the slides that they use and comment on how it dovetails into the concept of data mesh that Zhamak Deghani has been promoting, and at least as we understand it. And dig a bit into some of the tooling that is being used by JP Morgan, particularly around it's AWS cloud. So the first point is it's all about business value, JPMC, they're in the money business, and in that world, business value is everything. So Jr Reid, the CIO showed this slide and talked about their overall goals, which centered on a cloud first strategy to modernize the JPMC platform. I think it's simple and sensible, but there's three factors on which he focused, cut costs always short, you got to do that. Number two was about unlocking new opportunities, or accelerating time to value. But I was really happy to see number three, data reuse. That's a fundamental value ingredient in the slide that he's presenting here. And his commentary was all about aligning with the domains and maximizing data reuse, i.e. data is not like oil and making sure there's appropriate governance around that. Now don't get caught up in the term data lake, I think it's just how JP Morgan communicates internally. It's invested in the data lake concept, so they use water analogies. They use things like data puddles, for example, which are single project data marts or data ponds, which comprise multiple data puddles. And these can feed in to data lakes. And as we'll see, JPMC doesn't strive to have a single version of the truth from a data standpoint that resides in a monolithic data lake, rather it enables the business lines to create and own their own data lakes that comprise fit for purpose data products. And they do have a single truth of metadata. Okay, we'll get to that. But generally speaking, each of the domains will own end-to-end their own data and be responsible for those data products, we'll talk about that more. Now the genesis of this was sort of a cloud first platform, JPMC is leaning into public cloud, which is ironic since the early days, in the early days of cloud, all the financial institutions were like never. Anyway, JPMC is going hard after it, they're adopting agile methods and microservices architectures, and it sees cloud as a fundamental enabler, but it recognizes that on-prem data must be part of the data mesh equation. Here's a slide that starts to get into some of that generic tooling, and then we'll go deeper. And I want to make a couple of points here that tie back to Zhamak Deghani's original concept. The first is that unlike many data architectures, this puts data as products right in the fat middle of the chart. The data products live in the business domains and are at the heart of the architecture. The databases, the Hadoop clusters, the files and APIs on the left-hand side, they serve the data product builders. The specialized roles on the right hand side, the DBA's, the data engineers, the data scientists, the data analysts, we could have put in quality engineers, et cetera, they serve the data products. Because the data products are owned by the business, they inherently have the context that is the middle of this diagram. And you can see at the bottom of the slide, the key principles include domain thinking, an end-to-end ownership of the data products. They build it, they own it, they run it, they manage it. At the same time, the goal is to democratize data with a self-service as a platform. One of the biggest points of contention of data mesh is governance. And as Serita Bakst said on the Meetup, metadata is your friend, and she kind of made a joke, she said, "This sounds kind of geeky, but it's important to have a metadata catalog to understand where data resides and the data lineage in overall change management. So to me, this really past the data mesh stink test pretty well. Let's look at data as products. CIO Reid said the most difficult thing for JPMC was getting their heads around data product, and they spent a lot of time getting this concept to work. Here's the slide they use to describe their data products as it related to their specific industry. They set a common language and taxonomy is very important, and you can imagine how difficult that was. He said, for example, it took a lot of discussion and debate to define what a transaction was. But you can see at a high level, these three product groups around wholesale, credit risk, party, and trade and position data as products, and each of these can have sub products, like, party, we'll have to know your customer, KYC for example. So a key for JPMC was to start at a high level and iterate to get more granular over time. So lots of decisions had to be made around who owns the products and the sub-products. The product owners interestingly had to defend why that product should even exist, what boundaries should be in place and what data sets do and don't belong in the various products. And this was a collaborative discussion, I'm sure there was contention around that between the lines of business. And which sub products should be part of these circles? They didn't say this, but tying it back to data mesh, each of these products, whether in a data lake or a data hub or a data pond or data warehouse, data puddle, each of these is a node in the global data mesh that is discoverable and governed. And supporting this notion, Serita said that, "This should not be infrastructure-bound, logically, any of these data products, whether on-prem or in the cloud can connect via the data mesh." So again, I felt like this really stayed true to the data mesh concept. Well, let's look at some of the key technical considerations that JPM discussed in quite some detail. This chart here shows a diagram of how JP Morgan thinks about the problem, and some of the challenges they had to consider were how to write to various data stores, can you and how can you move data from one data store to another? How can data be transformed? Where's the data located? Can the data be trusted? How can it be easily accessed? Who has the right to access that data? These are all problems that technology can help solve. And to address these issues, Arup Nanda explained that the heart of this slide is the data in ingestor instead of ETL. All data producers and contributors, they send their data to the ingestor and the ingestor then registers the data so it's in the data catalog. It does a data quality check and it tracks the lineage. Then, data is sent to the router, which persists the data in the data store based on the best destination as informed by the registration. This is designed to be a flexible system. In other words, the data store for a data product is not fixed, it's determined at the point of inventory, and that allows changes to be easily made in one place. The router simply reads that optimal location and sends it to the appropriate data store. Nowadays you see the schema infer there is used when there is no clear schema on right. In this case, the data product is not allowed to be consumed until the schema is inferred, and then the data goes into a raw area, and the inferer determines the schema and then updates the inventory system so that the data can be routed to the proper location and properly tracked. So that's some of the detail of how the sausage factory works in this particular use case, it was very interesting and informative. Now let's take a look at the specific implementation on AWS and dig into some of the tooling. As described in some detail by Arup Nanda, this diagram shows the reference architecture used by this group within JP Morgan, and it shows all the various AWS services and components that support their data mesh approach. So start with the authorization block right there underneath Kinesis. The lake formation is the single point of entitlement and has a number of buckets including, you can see there the raw area that we just talked about, a trusted bucket, a refined bucket, et cetera. Depending on the data characteristics at the data catalog registration block where you see the glue catalog, that determines in which bucket the router puts the data. And you can see the many AWS services in use here, identity, the EMR, the elastic MapReduce cluster from the legacy Hadoop work done over the years, the Redshift Spectrum and Athena, JPMC uses Athena for single threaded workloads and Redshift Spectrum for nested types so they can be queried independent of each other. Now remember very importantly, in this use case, there is not a single lake formation, rather than multiple lines of business will be authorized to create their own lakes, and that creates a challenge. So how can that be done in a flexible and automated manner? And that's where the data mesh comes into play. So JPMC came up with this federated lake formation accounts idea, and each line of business can create as many data producer or consumer accounts as they desire and roll them up into their master line of business lake formation account. And they cross-connect these data products in a federated model. And these all roll up into a master glue catalog so that any authorized user can find out where a specific data element is located. So this is like a super set catalog that comprises multiple sources and syncs up across the data mesh. So again to me, this was a very well thought out and practical application of database. Yes, it includes some notion of centralized management, but much of that responsibility has been passed down to the lines of business. It does roll up to a master catalog, but that's a metadata management effort that seems compulsory to ensure federated and automated governance. As well at JPMC, the office of the chief data officer is responsible for ensuring governance and compliance throughout the federation. All right, so let's take a look at some of the suspects in this world of data mesh and bring in the ETR data. Now, of course, ETR doesn't have a data mesh category, there's no such thing as that data mesh vendor, you build a data mesh, you don't buy it. So, what we did is we use the ETR dataset to select and filter on some of the culprits that we thought might contribute to the data mesh to see how they're performing. This chart depicts a popular view that we often like to share. It's a two dimensional graphic with net score or spending momentum on the vertical axis and market share or pervasiveness in the data set on the horizontal axis. And we filtered the data on sectors such as analytics, data warehouse, and the adjacencies to things that might fit into data mesh. And we think that these pretty well reflect participation that data mesh is certainly not all compassing. And it's a subset obviously, of all the vendors who could play in the space. Let's make a few observations. Now as is often the case, Azure and AWS, they're almost literally off the charts with very high spending velocity and large presence in the market. Oracle you can see also stands out because much of the world's data lives inside of Oracle databases. It doesn't have the spending momentum or growth, but the company remains prominent. And you can see Google Cloud doesn't have nearly the presence in the dataset, but it's momentum is highly elevated. Remember that red dotted line there, that 40% line, anything over that indicates elevated spending momentum. Let's go to Snowflake. Snowflake is consistently shown to be the gold standard in net score in the ETR dataset. It continues to maintain highly elevated spending velocity in the data. And in many ways, Snowflake with its data marketplace and its data cloud vision and data sharing approach, fit nicely into the data mesh concept. Now, a caution, Snowflake has used the term data mesh in it's marketing, but in our view, it lacks clarity, and we feel like they're still trying to figure out how to communicate what that really is. But is really, we think a lot of potential there to that vision. Databricks is also interesting because the firm has momentum and we expect further elevated levels in the vertical axis in upcoming surveys, especially as it readies for its IPO. The firm has a strong product and managed service, and is really one to watch. Now we included a number of other database companies for obvious reasons like Redis and Mongo, MariaDB, Couchbase and Terradata. SAP as well is in there, but that's not all database, but SAP is prominent so we included them. As is IBM more of a database, traditional database player also with the big presence. Cloudera includes Hortonworks and HPE Ezmeral comprises the MapR business that HPE acquired. So these guys got the big data movement started, between Cloudera, Hortonworks which is born out of Yahoo, which was the early big data, sorry early Hadoop innovator, kind of MapR when it's kind of owned course, and now that's all kind of come together in various forms. And of course, we've got Talend and Informatica are there, they are two data integration companies that are worth noting. We also included some of the AI and ML specialists and data science players in the mix like DataRobot who just did a monster $250 million round. Dataiku, H2O.ai and ThoughtSpot, which is all about democratizing data and injecting AI, and I think fits well into the data mesh concept. And you know we put VMware Cloud in there for reference because it really is the predominant on-prem infrastructure platform. All right, let's wrap with some final thoughts here, first, thanks a lot to the JP Morgan team for sharing this data. I really want to encourage practitioners and technologists, go to watch the YouTube of that meetup, we'll include it in the link of this session. And thank you to Zhamak Deghani and the entire data mesh community for the outstanding work that you're doing, challenging the established conventions of monolithic data architectures. The JPM presentation, it gives you real credibility, it takes Data Mesh well beyond concept, it demonstrates how it can be and is being done. And you know, this is not a perfect world, you're going to start somewhere and there's going to be some failures, the key is to recognize that shoving everything into a monolithic data architecture won't support massive scale and agility that you're after. It's maybe fine for smaller use cases in smaller firms, but if you're building a global platform in a data business, it's time to rethink data architecture. Now much of this is enabled by the cloud, but cloud first doesn't mean cloud only, doesn't mean you'll leave your on-prem data behind, on the contrary, you have to include non-public cloud data in your Data Mesh vision just as JPMC has done. You've got to get some quick wins, that's crucial so you can gain credibility within the organization and grow. And one of the key takeaways from the JP Morgan team is, there is a place for dogma, like organizing around data products and domains and getting that right. On the other hand, you have to remain flexible because technologies is going to come, technology is going to go, so you got to be flexible in that regard. And look, if you're going to embrace the metaphor of water like puddles and ponds and lakes, we suggest maybe a little tongue in cheek, but still we believe in this, that you expand your scope to include data ocean, something John Furry and I have talked about and laughed about extensively in theCUBE. Data oceans, it's huge. It's the new data lake, go transcend data lake, think oceans. And think about this, just as we're evolving our language, we should be evolving our metrics. Much the last the decade of big data was around just getting the stuff to work, getting it up and running, standing up infrastructure and managing massive, how much data you got? Massive amounts of data. And there were many KPIs built around, again, standing up that infrastructure, ingesting data, a lot of technical KPIs. This decade is not just about enabling better insights, it's a more than that. Data mesh points us to a new era of data value, and that requires the new metrics around monetizing data products, like how long does it take to go from data product conception to monetization? And how does that compare to what it is today? And what is the time to quality if the business owns the data, and the business has the context? the quality that comes out of them, out of the shoot should be at a basic level, pretty good, and at a higher mark than out of a big data team with no business context. Automation, AI, and very importantly, organizational restructuring of our data teams will heavily contribute to success in the coming years. So we encourage you, learn, lean in and create your data future. Okay, that's it for now, remember these episodes, they're all available as podcasts wherever you listen, all you got to do is search, breaking analysis podcast, and please subscribe. Check out ETR's website at etr.plus for all the data and all the survey information. We publish a full report every week on wikibon.com and siliconangle.com. And you can get in touch with us, email me david.vellante@siliconangle.com, you can DM me @dvellante, or you can comment on my LinkedIn posts. This is Dave Vellante for theCUBE insights powered by ETR. Have a great week everybody, stay safe, be well, and we'll see you next time. (upbeat music)

(upbeat music) >> Welcome back to "theCube's" coverage of Mobile World Congress 2021. We're here in person and remote. This is a physical and virtual. It's a hybrid event, and "theCube's" got wall-to-wall coverage. I'm John Furrier, your host of "theCube." We've got a great guest here, Adolfo Hernandez, Vice-President, Global Telco Business Unit for Amazon Web Services, AWS. Adolfo, thank you for coming on remotely for this virtual hybrid Mobile World Congress. >> Thanks for having me, John, exciting. >> You have an impressive background in telecom industry. Over the years the technology industry has been great innovation. We've seen, I mean, how many Gs have been we've gone through, but I remember the days when wifi wasn't even around. So (laughing) You got a complete change in the past couple decades. This year, more than ever with the pandemic coming through this, you're starting to see some clear visibility on the trends, and also, this is the first Mobile World Congress in person since 2019, so a lot has changed. What is your view on the marketplace, and what is your message you're telling the telecom industry from Amazon's and your perspective? What do you see? >> Yeah, you're absolutely right, John. This is a fascinating time to be on the cloud, to be at Mobile World Congress. I remember Mobile World Congress 2020 was the first event that actually got canceled. So that was the beginning of the pandemic. And now, here we are, a year and a bit later, working with the leading telecommunications operators with the leading telecommunication sides based on solution providers and what better place that would be in doing that with AWS in this very transformational time in this space. We are supporting telecom operators around the world, as they reinvent communications in many different ways. This is not just one more G, we are definitely transforming the industry. Like any industry, we see telecom operators having to get simplification on their operations and transforming the IT side of the house. So they've go the internal IT, that needs a big transformation, they also got the network IT, everything related with OSS and BSS, and they need to migrate that to the cloud. And we've got a lot of experience by doing that with telcos around the world, to really help them accelerate that journey to the cloud. And we can help them with data center consolidation, migrations and a number of things. So we've got examples like GiffGaff, which is one of the largest MVNOs, and one of the first ones in Europe to go all in on the AWS cloud and they move all the data and the heart of the business there. So once you're sort of dealing with the network, the IT transformation, then you've got to go and look at how do you reinvent and accelerate the delivery of 5G connectivity? Well, that's very current as we're doing now. And we really want to help them because when they accelerate to the cloud, they get more flexibility, they get more agility, they get more cost effectiveness. And if you think about how traditional telco networks were built, where you have to provision a lot of systems you have to provision a lot on the base stations, and then you needed to provision a lot of systems on the Ram side, and then you needed to put aggregation centers, traffic centers, and then you would have the headquarters, and then you would have all the network functions, going from the radio all the way into the center. All of the systems needed to be provision for peak capacity. They sort of famous Mother's Day moment. As you move to the cloud, you can provision on the different parts of the cloud, you can provision on the AWS Outpost, you can provision on locals phone, you can provision on regions, and you leverage right away the experience that we've got on all of our infrastructure, reducing costs, getting a lot of flexibility and being able to embark, just and consume what you need. And, an example of that, it's been a Telefonica Vivo in Brazil. We talked about that a couple of weeks ago, and they've accelerated their move by deploying a 5G standalone cloud native platform. And that gives them a lot of automation capabilities. It gives them faster CI/CD/CT. So really cool stuff that you couldn't do in the old ways of building networks- >> It's interesting you mentioned CI/CD pipeline and developers. To me that's what comes to my mind when I think of AWS, the enablement of developers, now the enterprise. Now you've got the telco cloud and Amazon is not known for being a 5G player, but you guys are enabling a lot of 5G. Could you address that question? How is Amazon web services enabling 5G? What's your answer to that? >> So first of all, I have to say that 5G is an absolutely great example that this is a lot about moving to the cloud. 5G is cloud native, it's cloud friendly. You can virtualize pretty much every function. You can separate every function from the hardware and the software move everything to the cloud. And that is really lending itself to move to a cloud delivery model. As we were talking about earlier, we are enabling people to go and take the AWS infrastructure like AWS Outpost and bringing all the AWS infrastructure, all the services, all the APIs and all the tools that you have on AWS, virtually to any single location. And that allows you to really deploy themes like thousands of cell sites across a run, you couldn't do that before. On the AWS local zones, you can take everything that compute storage databases and a lot of different services. And those are perfect for large metro areas where you need to do a lot of network traffic aggregation, and this makes them really good to deploy in parts of the network core. Again, that's another re-innovation. And then you can look at then the regions and the regions have everything that you need from a compute storage and services perspective. And that those are really well suited for BSS for OSS to keeping the network running and to do all of that. And you can do that today, leveraging existing infrastructure. You don't have to acquire that, you don't have to provision, that you don't have to provision for the peak capacity and then you don't have to install and manage, and I think that's a serious breakthrough for the industry. >> Okay, so let me just capture that, 'cause I heard a bunch of things that I really like, cloud native 5G. What does cloud native 5G mean for the telco industry specifically? >> Well, I think if I had to put it down to one thing, it's just about making it really easy to roll out. And it's about being able to deploy easily to automate easily, so you can free up investment and you can free up resources and you can free up overhead. You can really start taking advantage of all that flexibility and scalability and automation that you get with the cloud and you apply that to a network, and that is the very first time we're able to do that in wireless. And it's just going to give you a lot of advantages. Look at Dish. We made this announcement with Dish that they are moving with one of the industry first 5G cloud native networks out there. Look at the example I talked about earlier, Telefonica Vivo, we're doing that 5G standalone solution. So you're going to be seeing, this is just the beginning, but this is going to be not the end because there's a lot of interest in getting these benefits. >> I saw the Dave Brown announcement with Dish a while back just recently. So I want to ask you, does Graviton processors play a role on the Dish deal? Do you mind answering that? If you comment on that? >> Yeah, I think you might remember Dave Brown being very proud of everything that Graviton2 processors can do in terms of increase in the price performance, helping telco operators, not only with the price performance factor, but also with the energy equation. So it's just really exciting to have that differentiation and being able to deliver that innovation and that value to telco operators in a cloud native 5G network. >> I got to ask you about some of the open source and cloud scale things coming together. That's a big trend I'm seeing here at Mobile World Congress. Openness, multi-vendor, scaling up quickly, provisioning stuff fast and easy, leveraging existing technologies and of course, developer friendly. So with that, I got to ask you, what's all the big deal about with this Open RAN. Obviously radios are key and wireless. What does Open RAN mean? Can you take us through, what's the importance of this? >> Yeah, Open RAN is an industry wide or mostly industry-wide initiative to look into effectively trying to apply some of these open and sharing models to the RAN. You've got vendors and you've got telco operators participating. But what we do and you know as well John, 'cause you've been working with AWS for a while, you know, that we're very customer focused, and 90% of what we do is what we hear that they are trying to solve because it's the things that matter to them. So what we engage with them, what we engage with somebody like Dish, and they tell us that they are interested in Open RAN, we will go and partner with the right partners who can provide the right solution to deliver on that Open RAN. And you've seen we signed agreements with the likes of Nokia to do research and solutions on cloud RAN. You also saw a couple of weeks ago, we did another collaboration announcement with Mavenir, to deliver not only cloud run, but I said of 5G solutions like IMS, the 4G 5G converge packet, or messaging and others. So we are engaging with the complete ecosystem on our customer's behalf to deliver whatever thereafter, and Open RAN is one of these topics and that we're delivering to operators like Deutsche and others in the market. >> Do you think that this new shift with cloud is going to increase the surface area? 'Cause that to me is the big theme I'm seeing what this new shift, as we look at, even telco cloud and the Edge, it's the classic surface area. And this is well known in the security world, but the there's no perimeter anymore. The surface area for security is everywhere. So things have changed. But telco just seems like the edge is expanding, you got satellite, you got space, you got more 5G, more commercial, so much more surface area. What's the impact going to be to the industry and to applications? >> Well, I think what we're seeing is 5G comes out there because there is a need for more data, more bandwidth obviously increased security, new standards, but there is also about latency, latency reduction. And I think that's really going to change the paradigm as we inject these increased responsiveness, these low latency, closer to the edge, and we bring the applications and we bring the compute and we bring storage as we do with wavelength right through to the edge as we are doing with Verizon, Vodafone, KDDI, SK Telecom and operators around the world. This is going to enable a number of transformational use cases for society, whether they are in virtual reality, whether they are with autonomous driving, whether it's about automating and getting more intelligence into manufacturing processes, there is just so much potential to transform society. And it all comes back with these sort of new 5G and some of the themes that enables moving closer to the edge. So as I said, really interesting times. >> Adolfo Hernandez, Vice President of Global Telco Business Unit with Amazon Web Services. Thanks for the great insight here on "theCube" for our Mobile World Congress coverage. Really, really great insight. Thanks so much. >> Thanks, John, delighted to be here. >> If you don't mind, I'd like to just quickly shift gears to something while I got you here on the industry. Adolfo you're very well known in the industry for someone who knows how to turn things around. You've done that in the past. You've been part of growth companies, you've been part of companies that have refocused. Telco has been a big change over people looking at this new opportunity as a growth opportunity. And people are looking at divesting some non-critical divisions and looking at acquisitions. I mean the private equity's on fire right now, and you're starting to see a lot more formation because there's more visibility into territory to take, there's more opportunities to be had. So there's more potential revenue than there is you can do on the cost cutting side. So everyone I talked to who's been in the industry has got their eyes are really popping out of their head, they're saying there's more opportunities if we can reconfigure our resources to take advantage of cloud. You're an expert in this area. For the folks out there who are in the boardrooms, cranking away thinking through how to organize for the cloud scale, what would be your advice to those teams? >> Well, I mean, there's a lot of insight to be had from the experience that AWS we've gained through the years, of doing this IT. And you definitely have to get a top down vision. Obviously it's really got to start at the C-suite, is moving to the cloud for what it bring. Either faster pace of innovation, the cost reduction, the agility. And that's you've got to be thinking about going to the cloud top down. Then the next thing you've got to go and say, "Okay, what are the parts of my operation "that I can go after with cloud? "Where do I start? "Do I start with the IT applications? "Do I start with some new go-to market initiatives? "Do I start by infusing some machine learning capabilities "into existing operations? "Do I start by building a data links "that I can go and monetize, "or I can go on and use to generate "best at customer service, "or I can go and fundamentally transform my networks?" Now, every telco's going to start in in different place, but I would say is you've got to start looking at that agility, that faster innovation, that better use of resources that cloud brings to telco for the very first time in a time in, in decades. And then if you're going to do that, I would strongly recommend people to talk to the provider that's got the capabilities, the broader set of services, the deepest set of services, and the most relevant experience to do that, 'cause we've been doing that in IT, and we've been working on telcos now for five plus years. And we've got pretty much every relationship. And as you know, John, this is really important. In telco you depend on collaborations on ISBs on software vendors, and every vendor out there, every software company out there will develop certainly on AWS. So we would be delighted to engage with them and help them move forward. >> Yeah, and Andy Jassy the CEO of AWS last year at re:Invent really made that the hallmark of his keynote around get those teams together, the executives top-down be a builder, think like a builder. McKinsey just put out a report, trillion dollar opportunities that no one sees yet that's coming. So a lot of emphasis on revenue, new revenue opportunities that are coming. And certainly this has been something that telcos been looking for for a long time. So great opportunity and thank you for sharing your insight. Appreciate it. >> Thanks, John. >> Okay this is "theCube's" coverage of ABS Mobile World Congress, 2021, I'm John Furrier, your host. Thanks for watching.