>>from the bellagio Hotel >>in Las Vegas. >>It's the >>cube covering >>Ui Path forward. >>Four brought to >>you by Ui Path. >>Welcome back to Las Vegas. The cube is here. We've been here for two days covering Ui Path Forward for lisa martin here with David Monty. We've talked about automation and many industries. Now this segment is going to focus on automation and healthcare. We've got two guests joining us Jim Petrosea Cto of Blue Cross, Blue Shield and Gadget. Dhaliwal. The global C. I. O. Industry lead at you. I pass guys welcome to the program. Thank you. So let's start unpacking from the CTO level and the ceo level the agenda for automation. Jim let's start with you. What does that look like >>for us. It's actually pretty strategic and part of as we think about digital and what digital transformation means, it actually plays a pretty key role. Um There are a lot of processes that can be very manual within a big organization like Blue cross and Blue shield and to be able to streamline that and take away kind of what I would call the mundane work. Right? The the you know, going through a spreadsheet and then typing it into the screen, there are a lot of processes like that that are legacy. But what if you could take that away um and actually create a better work experience for the people that work there right? And and focus on higher value type uh type things and it's really key. And it really It goes down to our our business folks right? There are a lot of things we can drive with automation. We started a program um in 2019. Um that's been quite successful. We now have 250 box, we measure what we call annualized efficiency gains. So how much efficiency are we getting by these bots? So the bots are doing um this repetitive work that people would do. Um And what we're finding is, you know, we've got about $11 million in any wise efficiency gain through the process and we're just getting started. Um But we're all we're not stopping there too though, we're enabling citizen developers. So we're saying, hey business, if you want to automate, you know, parts of your job, we're gonna help you do that. So we've got about 60 people that were training. Um We run bad Ethan's where they come together and they actually create bots uh And it's really really creating some some impact and buzz in our business >>anywhere from your lens, where does automation fit within the C. I. O. S. Agenda? And how do you work together in unison with the C. T. O. To help roll this out across the enterprise? >>Yeah, no, definitely. And in fact as a part of introduction, I can actually share that. How I'm wearing a Ceo had within your path since I'm just joining join path and I'm actually now helping a client ceos in their automation strategy but I was a deputy ceo in my prior role at L. A. County where actually I ran the automation strategy. So if we look at from our organization perspective B complex as L. A County which is such a Federated organization. From a Ceo perspective, the way we look at the strategy is it's always driven by the business goals of the city or a county and we typically drive into three different areas. One is how we can transform our operational processes so that we can save the tax dollars. It's all about doing more with the less dollars. And then second is about how we can transform our residents experience because end of the day it is all about how we can improve the quality of life for our residents. So we've got 10 million people for L. A. County, the largest populous county in us. So it was an uphill task to serve that such a diverse population need and that the third area is about how to transform the new business models because as we are moving away from a government centric approach to the residents centric approach, you really need to come up with a new digital solutions. And Ceo is in the center of all these three elements when you look at it. So it's a very appear to us to keep keep improving your efficiency and then at a time keep adding the new digital solutions and that's where automation strategy is kind of a horizontal strategy which enables all these components. So what I hear from >>that is alignment with the business. Yeah. Right. Change management. Absolutely. That's like really fundamental and then see IOS this this agent of transformation uh you can see or she has a horizontal purview across the organization now now jim the cto role is the automation at blue cross blue shield lead by you or you there to make sure the technology plugs into your enterprise architecture. What's your shoulder? >>You know? Uh my my role is really to drive uh what I'll call technology enabled business change. Right. So I actually uh started our our automation journey uh at hc sc and I did that by partnering with our business. Um There was actually a lot of buzz around automation and there were actually some small pockets of it, none of it was enterprise scale. Um Right. And we really wanted to go big in this and and working with the business sponsors, they saw value in it. Um and we've you know, we've generated um a lot of uh efficiency, better quality of work because of it but but I very closely had a partner with our business, we have a committee that is lead of business folks that I facilitate. So I view my role as an enabler, um we have to communicate the change management pieces is huge. Uh the education just having a common vernacular on what is automation mean, Right, because everybody interpreted it differently um and then being able to do it at an enterprise scale is quite challenging. Um You know, I I really enjoyed um one of the key notes, I don't know if you had a chance to see shankar by Duncan from the hidden brain, right? But he talked a lot about the brain aspect and how do you get people to change? And and that's a large part of it. There's a lot about technology, but there's really a lot about being a change agent um and and really working very closely with your business, >>how does one measure? I'm hearing a lot time saved. Our saved. How does one measure that and quantify the dollar impact, which by the way, I'm on record as saying the soft dollars are way bigger. And but when you're talking to the, you know, the bottom line CFO and it's all about, you know, the cash flow, whatever is, how do you measure that? >>I can take it. So we, what we do is as we define these use cases right? We we go through an actual structure product process where we we gather them. Um we then rate them and we actually prioritize them based on those that are going to have the greatest impact. Um and we can tell based on, you know, what is the manual effort today. So we understand there are X number of people that do this X number of days and we think this body can take that some load off of them. Right? Um So we we go in with the business case. Um And then the Ui Path platform actually allows us to measure well, how much is that pot running? Right. So we can actually sit there and say, well we wanted that thing to run 10 hours a day and it did and it's generated this kind of efficiency because otherwise the human would have had to do that work. >>So the business case is kind of redeploying >>human. It really is is really maximizing human capital and make and and you know really using because the bots do repetitive stuff really well. They don't do higher level thinking and and we don't view it as replacing people, we view it as augmenting and actually making them more efficient and more effective at what, how do you get the dollars out of that? Well, a couple of ways. Right. And so one of the things we've we've done is we we create and measure the efficiency our business users and financed by the way is one of our bigger ones. And the CFO is one of the sponsors of the program, um can decide how to reinvest it in a lot of cases it is actually cost avoidance as we grow, literally being able to grow without adding staff. I mean that's very measurable. Um in some cases it is actually taking, you know cost out um in in certain cases, but a lot of times that's just through attrition, right? You don't back fill positions, you let it happen naturally. Um and and then there's just things that happen to your business that you have to respond to give you a great example, state of texas, um passes what's the equivalent of the no surprise attack. But they did it there before the federal government did it. Um but it requires a lot of processes to be put in place, because now you have providers and payers having to deal with disputes, right? It actually generates a boatload of work. And we thought there might be, you know, 5000 of these in the first year, where there were 21,000 in the first year. And so far this year we're doubling that amount, right. We were able to use automation to respond to that without having to add a bunch of stuff. If we had to add staff for that, it would have literally been, you know, maybe hundreds of people, right? And but now, you know, there's, you can clearly put a value on it and it's millions of dollars a year, that we would have otherwise had to expect. >>The reason I'm harping on this lease is because I've been through a lot of cycles, as you know, and after the dot com boom, the the cost avoidance meant not writing the check to the software company, right? And that's what nick Carr wrote this, i. T matter. And then, and then, you know, post the financial crisis, we've entered uh a decade plus of awareness on the impact of technology. And I wonder if it's, I think this, I think this the cycle is changing I think. And I wonder if you have an opinion here where people, I think organizations are going to look at Technology completely different than they did like in the early 2000s when it was just easy to cut. >>No, I think the other point I will add to it. I agree with the gym. So we typically look at our away but it doesn't always have to be the cost. Right? If you look from the outcomes of the value, there are other measures also right? If you look at the how automation was able to help in the Covid generate. It was never about costs at that time. It was about a human lives. So you always may not be able to quantify it what you look at. Okay. What how are we maximizing the value or what kind of situations where we are and where we may not even have a human power to do that work. And we are running against the time. It could be the compliance needs. I'll give example of our covid use case which was pretty big success uh within L. A. County we deployed bots for the covid contact tracing program. So we were actually interviewing all the people who were testing positive so that we actually can keep track of them and then bring back that data within our HR so that our criminologists actually can look at the trends and see how we are doing as a county as compared to other counties and nationally. And we were in the peak, we were interviewing about 5000 people a day And we had to process that data manually into our nature and we deployed 15 members to do that. And they were doing like about 600 interviews a day. So every day we had a backlog of 2500 interviews. So it is not about a cost saving or a dollar value here because nobody planned for these unplanned events and now we don't have a time and money to find more data entry operators and parts were able to actually clear up all the backlog. So the value which we were able to bring it is way beyond the cost element. >>I I believe that 100% and I've been fighting this battle for a long time and it's easier to fight now because we're in this economic cycle even despite the pandemic, but I think it can be quantified. I honestly believe it can be tied to the income statement or in the case of a public sector, it could be tied to the budget and the mission how that budget supports the mission of the company. But I really believe it. And and I've always said that those soft factors are dwarf the cost savings, but sometimes, you know, sometimes the CFO doesn't listen, you know, because he or she has to cut. I think automation could change that >>for public sector. We look at how we can do more about it. So it's because we don't look at bottom line, it's about the tax dollars, we have limited dollars, but how we can maximize the value which we are giving to residents, it is not about a profit for us. We look at the different lens when it comes to the commercial >>Side, it's similar for us. So as a as a health care pair, because we're a mutual right? Our members and we have 17 million of them are really the folks that own the company and we're very purpose driven. Our our purpose is to do everything in our power to stand by members in sickness and in health. So how do you get the highest quality, cost effective health care for them? So if automation allows you to be more effective and actually keep that cost down, that means you can cover more people and provide higher quality care to our members. So that's really the driver for mission driven, >>I was gonna ask you as a member as one of your 17 million members, what are some of the ways in which automation is benefiting me? >>Um you know, a number of different ways. First off, you know, um it lowers our administrative costs, right? So that means we can actually lower our rights as as we go out and and and work with folks? That's probably the the the the bottom line impact, but we're also automating processes uh to to make it easier for the member. Right? Uh the example I used earlier was the equivalent of no surprises. Right. How do we take the member out of the middle of this dispute between, you know, out of network providers and the payer and just make it go away. Right, and we take care of it. Um but that that creates potentially administrative burden on our side, but we want to keep their costs down and we do it efficiently using it. So there's a number of use cases that we've we've done across, you know, different parts of our business. We automate a lot of our customer service, right? When you call um there's bots in the background that are helping that that agent do their job. And what that means is you're on the show, you're on the phone a lot shorter of a period of time. And that agent can be more concise and more accurate in answering your question. >>So your employee experience is dramatically improved, as is the member experience? >>Yes, they go hand in hand. They do go hand, unhappy members means unhappy employees, 100% >>mentioned scale before, you said you can't scale in this particular, the departmental pockets. Talk about scale a little bit. I'm curious as to how important cloud is to scale. Is it not matter. Can you scale without cloud? What are the other dimensions of scale? >>Well, you know, especially with my CTO had, we're we're pushing very heavily to cloud. We view ourselves as a cloud first. We want to do things in a cloud versus our own data centers, partially because of the scale that it gives us. But because we're healthcare, we have to do it very securely. So. We are very meticulous about guarding our data, how we encrypt information um, not only in our data center but in the cloud and controlling the keys and having all the controls in place. You know, the C. So and I are probably the best friends right now in the company because we have to do it together and you have to take that that security mind set up front. Right cloud first. Put security first with it. Um, so we're moving what we can to the cloud because we think it's just going to give us better scale as we grow and better economics overall, >>Any thoughts on that? I think a similar thoughts but if we look from L. A. county because of the sheer volume itself because the data which we are talking about. We had 40 departments within the county. Each department is serving a different business purpose for the resident beit voting or B justice or being social services and all and the amount of data which we are generating for 10 million residents and the amount of duplicate asi which it comes out because it's a very government centering model. You have a different systems and they may not be talking to each other. The amount of diplomacy and identity delicacy which we are creating and as we are enabling the interoperability between these functions to give us seamless experience keeping security in mind so fully agree on that because the end of the day we have to ensure that customer guarantee but it's a sheer volume that as and when we are adding these data sets and the patient's data as well as the residents data and now we have started adding a machine data because we have deployed so many IOT solutions so the data which is coming from those machines, the logs and all its exponential so that's where the scale comes into picture and how we can ensure that we are future ready for the upscale which we need and that's where cloud ability definitely helps a lot. >>What do you mean by future ready? >>So if you look at from a future smart city or a smart community perspective, imagine when machines are everywhere machines and IOT solutions are deployed, beat even healthcare, your bad information, you're even patient information, everything is interconnected and amount of data which is getting generated in that your automobile they're going to start talking to entertainment or we have to potentially track a single resident might be going same person going to the justice or maybe same person might be having a mental health issues, A same person might be looking for a social services, how we're going to connect those dots and what all systems they are touching. So all that interconnections needs to happen. So that exponential increase of data is a future readiness, which I'm talking about. Are we future ready from a technology perspective? Are we future ready from the other ecosystem perspective and how and how we're gonna manage those situations? Uh, so those are the things which we >>look at it and it's a it's a multiplier to, right? We all have this influx of information and you need to figure out what to do with it. Right. This is where artificial intelligence, machine learning is so important. But you also have interoperability standards that are coming. So now we're we have this massive data that each of our organizations have. But now you have interoperability which is a good thing for the member saying now I need to be able to share that data. Yeah, I wanted to ask you about >>that because a lot of changes in health care, um, are meaningful use. You have to show that to get paid but the standards weren't mature. Right? And so now that's changing what role does automation play in facilitating those standards. >>So, you know, we're big, big supporters of the fire standard that's out there um to in order to be able to support the standards and and create a P. I. S. And and pull together the information. What what will happen sometimes in the background is there's actually um artificial intelligence, machine learning models that create algorithms right? The output of that though often has to be active. Now a person can do something with that information or a vodka. Right? So when you start taking the ideal of artificial intelligence and now you have a robotic process that can use that to pull together the information and assimilated in a way to make it higher quality. But now it's available. It's kind of in the background. You don't see it but it's there helping. >>What are some of the things that you see? I know we're out of time but I just have a couple more questions. Some of the things that you see here we are you I path forward for we're in person. This is a bold company that's growing very quickly. Some of the announcements that were made, what are what are some of your reaction to that? And how do you see it helping move blue crush blue shield forward even >>faster. Well you know a lot of the announcements in terms of some of the features that that they've added around their robotics processing are great right? The fact that they're in the cloud and and some of the capabilities and and and better ability to to support that the process mining is key. Right. In order for abouts to be effective, you have to understand your process and you just don't want to necessarily automate the bad practices. Right? So you want to take a look at those processes to figure out how you can automate things smartly. Um and some of their capabilities around that are very interesting. We're going to explore that quite a bit but but I think they're the ambition here is beyond robotics. Right. It's actually creating um you know, applications that actually are using bots in the background which is very intriguing and has a lot of potential potentially to drive even more digital transformation. This can really affect all of our workers and allow us to take digital solutions out to the market a lot faster >>and to see what was going to ask you, you are here for four weeks at UI Path, you got to meet a lot of your colleagues, which is great. But what about this company attracted you to leave your former role and come over here to the technology vendor side. >>Well, I think I was able to achieve the similar role within L. A. County, able to establish the automation practice and achieve the maturity, able to stand up things and I feel that this is the same practitioner activity which I can actually take it back to the other clients ceos because of one thing which I really like about your hypothesis. RP is just a small component of it. I really want to change that mindset that we have to start looking ui path as an end to end full automation enterprise solution and it is not only the business automation, it's the idea automation and it's a plus combination and whether we are developing a new industry solutions with our partners to help the different industry segments and we actually helping Ceo in the center of it because Ceo is the one who is driving the automation, enabling the business automation and actually managing the automation ceo and the governess. So CEO is in left and center of it and my role is to ensure that I actually help those Ceos to make successful and get that maturity and you will path as a platform is giving that ability of length and breath and that's what is really fascinating me and I'm really looking forward that how that spectrum is changing that we are getting matured in a process mining area and how we are expanding our horizons to look at the whole automation suit, not just the R. P. Product and that's something which I'm really looking forward and seeing that how we're going to continue expanding other magic quadrants and we're actually going to give the seamless experience so the client doesn't have to worry about okay for this, I have to pick this and further, I have to pick something else >>that's seamless experience is absolutely table stakes these days. Guys, we're out of time. But thank you so much for joining. David me, talking about automation and health care. Your recommendations for best practices, how to go about doing that and and the change management piece. That's a critical piece. We appreciate your time. >>Thanks for having. Thank >>you. Our pleasure for day Volonte. I'm lisa martin live in las Vegas. The cubes coverage of you a path forward for continues next. Mhm. Mhm mm.

>> From theCube studios in Paloalto and Boston, connecting with thought leaders all around the world, this is a Cube conversation. >> Hi, I'm Stu Miniman, and welcome to this special Cube conversation. I'm coming to you from our Boston area studio, and theCube is really mostly about people, about network, and so we're going to have a focus in, we're going to talk about some technology, we're also going to talk a little bit about careers. I want to welcome to the program, I've got two first-time guests on the program. First, Mark Zbikowski. Probably butchered that badly, Mark, sorry, technical advisor, and Blue Gaston. Uh, Gaston. Boy, I'm doing horrible with names here. Software engineer, you're both with Polyverse. But, you know, my last name's Miniman, it has been butchered a million times. But Mark, and Blue, thank you so much for joining us. >> You're welcome. Our pleasure. >> Yes. >> All right. So one of you I've read a lot about online and the other one is Mark, go to the Wikipedia page, stuff like that. So we'll get to that too. So, Blue, maybe start with you, give us a little bit about your background. >> Yeah, so I work at Polyverse now, a cybersecurity startup. But actually I got my undergraduate degree in Philosophy, and from there, kind of just like, what am I going to do with a philosophy degree? And it just weirdly was like a natural transition. I was like, oh, computer science. And kind of the logical, like the technical version of philosophy. So got my master's in philosophy and now, or not philosophy, in computer science, and now have been working at Polyverse. I started as an intern and they hired me on, I think after a month, they were like, no, we want you full-time. So that was cool and I've loved it. So I'm starting off my story, that's kind of where my kick-off point is. >> Awesome. So, and Mark, first of all, you have to give us the connection between yourself and Blue, and a little bit surprising that she waited so long to go into the computer business. >> Uh, okay, I'm her stepfather. It's not surprising that she, you know, wanted to go into computer science. She's got lots of aptitude for it. She was just on a career path and an education path that was primarily logic, analysis, which is basically what we do in computer science. >> All right. So Mark, if you could just give our audience a little bit of a thumbnail sketch as to your background in the tech industry, and it's a storied one. >> Uh, okay. I was, I think, employee number 55 at Microsoft, when I started back in 1981. The first task that they gave me was to work on something that ended up becoming MS-DOS. I worked on MS-DOS for a long time, about five and a half years, worked on a number of other operating systems at Microsoft, ending up with being one of the initial development managers and architects for Windows. I was responsible for all file storage. And I was there for about 26 years. >> Yeah, you know, interesting, you know, when you look on the Wikipedia page, you were the third employee that reached the 25-year milestone. Some guy, Bill Gates, and Steve Balmer, were the first two to reach that milestone. So, you know, quite impressive. I think back, back when I learned computers, it was programming, and you know, today it's coding, and things are quite different there. But, Mark, you were also, you're noted as one of the early hackers there, so what does that mean to you, how have you seen that's been changing? Polyverse is in the cybersecurity realm, so would love your kind of viewpoint on just hacking in general. >> Oh, the early days, well my hacking started pretty much when I was in eighth or ninth grade back in Detroit. We had access to an academic operating system called MTS by way of Wayne State University. I grew up in, just in the suburbs of Detroit. And we had access to it, and for me Excuse me. Hacking at the time was all about trying to understand and learn stuff that was arcane and hidden and mysterious. Figuring out how, for example, password encryption algorithms worked, figuring out how operating systems worked, because at the time, there were very few organized textbooks about how to construct operating systems. Even though operating systems had been around for 20 years. So my early, earliest stuff was in basically, finding holes in security at MTS, and that's how I started, in what they would say "hacking", but it was very innocent, it was very, let's see what we can do! As opposed to, let's extract information, let's go and ransom people's data for bitcoin, which is, you know, I think, a wrong direction to go. >> Yeah. I'm curious your thoughts as the decades have progressed, you know, hacking today, what's your take on, you know, there's the white hats and the black hats, and everything in between. >> Uh, it's kind of an arms race. (laughs) Everything that the white hats will throw up, the black hats will eventually attack to some degree. Social engineering is sort of the ultimate way that people have been getting around, you know, software protections. I think it's unfortunate that there is such a financial reward to the black hat side of things, as counter to one's ethics. I think there's a lot of slippery slopes involved, in terms of, you know, boy, these companies shouldn't be making money, so I deserve my bit. I think that it's much better that, you know, people should come at this from an intellectual, you know, exploration standpoint, rather than an exploitative. But that's the nature of the world. >> Yeah, well, Blue, maybe we can help connect the dots towards what you both do at Polyverse. You mentioned you started as an intern, and I loved the article that talked about this. Well, you know, you're going to be an intern. Can you fix the internet for us? And you did some things to help, you know, help stop some of that malicious hacking. >> Yeah, I, that was crazy. I was very intimidated when I heard that, you're going to be fixing the internet. What I've been working at the company, which is different from our flagship product, but kind of in the same vein, is to stop malicious php javascript code execution. So that's what they came in, that's how they prefaced that problem to me. It was, you're going to go fix the internet. Um, and it was crazy. It was really cool and surprisingly, a lot of philosophy that goes into the way we look at our problem-solving at Polyverse, and how we tackle problems, but of course, I have my Jedi master Mark over here, and I was constantly, "What do you think about this? Isn't this crazy? "Like, look at how Polyverse is attacking this." And I think finally I broke him down, and I was like, come join. Come jump in, and you be the foresight, and you tell us what we're going to do in a year or two. And I convinced him, and now, he's, he's with us too. >> Excellent. So, Mark, tell us a little bit about, you know, more about Polyverse, your role there. In the industry there's a lot of talk about, you know, lots of money obviously gets spent on cybersecurity, but it's still a major challenge in the industry. So what's your role there and how's Polyverse helping to attack that? >> Well, my title is Technology Advisor, and I'm one of a small collection of people who have pretty wide-ranging expertise across operating systems, networks, compilers, languages, development tools, all of that. And our goal is, you know, my role, as well the other Jedi masters, is to take a look at what Polyverse is doing at present, try to figure out where we need to go, try to figure out what the next set of challenges are, use our broad experience and knowledge of the computing milieu, and try to figure out what are the tough issues we need to face? We make some progress on those tough issues, and then turn everything over for the mainline Polyverse development staff to bring it to reality. We're not like researchers, we're much more into the product planning side of things, but product planning in, I hate to use this word, but in a visionary sense. (Blue laughs) >> Yeah, no, it's-- >> We look for the vision. We're not visionaries. We look for the vision. >> You're a visionary, Mark. Admit it. >> Excellent. Well, I do love the, you know, Jedi analogy there. When you look at, I'm curious to your thoughts, both of you, you know, some of the real challenges and opportunities facing the cybersecurity industry. It's a large financial industry company, they'll spend a billion dollars and, you know, does that make them secure? Well, at least they've done what they can and they're pushing enough pieces. But, you know, fundamentally, we understand that this is such a huge issue. >> I think-- >> Blue? >> Well, (laughs) I can try to answer. I think Polyverse recognizes that as well. So we're trying to create new solutions, that instead of just being compliant and checking the boxes, we're actually trying to create systems and products that will stop attacks from actually working. Rather than being reactive and being responsive, we're trying to build these systems out where the attacks just don't work as they're currently designed. And I think we, you know, and to do so in an easy-to-deploy, time-saving kind of way is definitely our goal. Rather than the status quo and, you know, we're fighting inertia, we're trying to, to change that narrative in a really meaningful way. >> Thanks, Blue. Mark, do you have some comments you can add to that? >> Once we started taking individual computers and hooking them up to the internet, where they can communicate fairly freely with each other, and by intent communicate fairly freely with each other, by design, by intent, all of a sudden that opened us to just a wide range of malicious behavior, from being DoS'd, to leaking passwords, et cetera. There are, there's layers and layers that one can do to mitigate these problems. From IT operational manuals to buzz-testing your API, to best practices, it's a, there's a long list. And every bit, every piece of it is important. You need to secure your passwords before you can do anything else. You need to make sure that there's a firewall in your system be fore you go and start, before you even start thinking about doing things like, like what's goin on with what we're doing at Polyverse. It's a, like I said, there's a wide range of tools that people need, that people use, that people spend money on today. Polyverse has got a very unique perspective on how to go and extend this. We, it's a, it's very pragmatic, you know, the realization is that these attackers are going to keep attacking, and they're going to exploit certain features that, despite everyone's best intentions, aren't covered, and we have found a rather unique and novel way to prevent people from doing it. Is it going to solve everything? No. There's still, there's all these other early layers that need to be taken care of first, before the more sophisticated tools that, for example, that Polyverse has or that other companies have. >> Great. Well, Blue, you talked a little bit about it, but, you know, love your, what you've found, you know, working together as a family dynamic here. You know, specifically. >> Um, (laughs) I think it's really cool. What's the best, I'll say this, is when, I always like asking Mark his opinion, because why wouldn't I? The brain that guy has, and just the experience, he can add so much. Every once in a while, I'll go, and I'll say, you know, oh, this is what I'm working on, and here's what I'm kind of thinking, and he'll say, oh, yeah, well what about this? And I'll actually get to explain something to him. And I got to tell you, that feels really good. Is when I get to say, oh, well, actually it looks like this, and this was my plan, and he's like, oh yeah, definitely. And I get that validation, which is really cool. And I can, you know, drive to his house and bug him whenever I want to. I know where he lives, so if I'm really stuck, or just want to bounce ideas off of him, it's really cool. It's really cool, and I, you know, strong-armed, not strong-armed, I enticed him to come and join Polyverse just by the cool things that we're doing, and I think that's cool too. To now be able to work on something together. >> Yeah, and Mark, sounds like you're learning some things from Blue. Give us your side of that relationship. >> Well, it's a great relationship. Blue, um, Blue never hesitates to challenge. (Blue laughs) >> Blue: Okay. And that, I'm saying that in a very positive sense. Um, you know, she'll come up, every so often I'll get a text from her that says, "Help!" >> Oh my god! (laughing) >> Yes. Sorry. At least I'm not showing it. (laughs) But it's great. And we get together and we talk about stuff, and she says, you know, here's the problem I'm facing, and I'll ask her about it and she gets to go and teach me about what her problem is. I'm a big fan of teaching. I think one of the frustrations that Blue has is I almost never give her the answer when she asks a question. (laughs) >> Not even when I was in school, >> Yeah, not even when you were in school. I was always asking the questions and leading her to the answer rather than just giving it to her. >> Or saying, well why don't we sit down and I'll teach you how to implement knowledge. Just like, oh my god. What are you doing? >> Yeah. So, yeah, I'm a big fan of teaching and learning by way of teaching. One of the things I do is I'm an affiliate with the University of Washington, and I teach every year one quarter of their Operating Systems class. And I love teaching, I love seeing the light go on. But every year, when I'm teaching a class that I know pretty well, I learn something new. By a question the student asks, or by reading a paper that I'm asking the students to read, I learn something new just about every year. And so having Blue teach me is a way that I get to learn, but I think in the process Blue also gets to learn as well. You know, in the process of teaching me. >> Yeah, well, that's such a great point. All right, want to give you both the final word on what's exciting you, what draws you to working in the cybersecurity industry. >> Um, I'll start. (laughs) So when I started at Polyverse, I actually got to, as an intern, own my own product. And in, I think, less than a month now, we're actually officially releasing that product, polyscripting. Officially, like Marketing is coming up with materials for it, and that was right out of school is when I started on this project, so it's kind of like a big deal for me. You know, I've owned the project, I'd say like 90% of it, over the last year or two, and now I get to see it come into fruition. So that's really exciting to me. Um, you know, that's exciting. So I'm excited about that, I'm excited about what Polyverse is doing in general. So, yeah. >> And Mark? >> Yeah. It's great working in a startup, it's great working with a bunch of very, very bright, energetic people. For me, contributing to that environment is extremely valuable. Helping Polyverse out, they're, you know, cybersecurity is problem. Trying to come up with good, effective solutions that are really pragmatic in terms of, you know, we're not going to solve every problem, but here's a great little space that we're going to solve all the problems in. That's, there's a huge appeal to that for me. >> Well, Mark and Blue, thank you so much for joining. Appreciate you sharing some of the personal as well as the professional journeys that you've both been on. Thanks so much. >> Yeah, thank you >> Yeah, you're welcome. >> All right. Thank you for watching theCube. I'm Stu Miniman. Thanks for watching. (soothing music)

(upbeat music) >> Announcer: Live from New Orleans, Louisiana, It's theCUBE, covering .NEXT Conference 2018. Brought to you by Nutanix. >> Welcome back. We're here in New Orleans, Louisiana. I'm Stu Miniman with my co-host Keith Townsend. And we're thrilled to welcome to the program, two N users here at the show. We have Sharon Haris, who is the CTO of Assulta Medical Centers out of Israel. I also have Paul Stallings, he's the Vice President of IT infrastructure services, Guidewell with Florida Blue. Gentlemen, thanks so much for joining us. >> Thanks for having us. >> Alright, Paul let's start with you. Just give us a little bit about your role and your organization. >> Sure, I work for Guidewell. We're a health solutions company. We started out as an insurance company, primarily. Now we've moved to a solutions. So, we are the provider side and the payer side. I run IT infrastructure services, which is the shared services among five different companies under the Guidewell brand. >> Great and Sharon? >> Assulta Medical Centers is the largest chain of private hospitals in Israel. We have four hospitals and four clinics spreading across the country from North to South. We are connecting about one million radiology tests and examinations per year, and about 15% of the in-house surgeries in Israel. >> Yeah, well luckily both of you, in your industries, my usual joke is, nothing's changing. You have huge budgets. (laughing) Unlimited staff. And no challenges. >> Sharon: At all. >> Paul, before we get into the Nutanix solutions of course you're using, tell us about some of the drivers for change in your business, your work. You know, some of the challenges and opportunities you're facing. >> Yeah, sure. We are really in a growth mode in our organization. In the last six years, we've actually grown to these five companies. We went from an eight billion dollar company to a $16 billion company. We're in a huge trajectory and transformation is the key. And we have to have high availability. We have to be able to meet our customer's needs. We have to be able to scale and be agile. And that's thrown at me every day. >> Stu: Sharon? >> Yeah, now we're in the healthcare industry. We have both ends. On one end, we have to maintain stability and performance and redundancy. Because we are working 24-7, 365 days a year. And on the other end, we must be innovative in innovation, and make everything for our user and customers very available, very approachable, because users don't want to come to our clinics and hospitals. They want to do everything from home. So, as much as we can, we are giving them the opportunity to do it. >> Stu: Yeah, digitization. >> So, Paul that's amazing growth, eight billion to 16 billion. Whether it's organic, inorganic. That's a major shift in capability. What have been some of the primary challenges from a technology perspective as you guys have gone through that major growth period. >> Yeah, I think the velocity is one of the biggest challenges for us. Being able to grow, we really need solutions that we can really want to modually grow, want pay to grow and scale better. It's really hard when you have that much growth to do the legacy where you think about, in the next three years I need this much capacity, because it's unpredictable because the growth is so fast. If that makes sense. >> Yeah, it's impossible to forecast. >> Right, absolutely. >> It's impossible. >> I had a CIO that tells me the data costs are getting out of control. I say, you know what? As long as the data is growing, that means that the business is growing. >> Paul: Absolutely. >> So, hard drives are definitely the thing that you want to buy. So, as you both deal with growth, stability, capability challenges, What appeals about the Nutanix story to you? >> I think one of the things that I just mentioned. That pay to grow opportunity is huge for us. The simplicity is huge. The availability and really trying to get to automation. I really have to do more with less. We're growing so fast, I can't even onboard folks fast enough. So, I think that simplicity, that automation and that pay to grow model is great for us. >> So, we're in the digital era. So we need to supply our users once again, as I said before, digital application. And to be able to execute those needs very quickly. And we're looking towards the cloud. And you can't really have public cloud readiness in services, unless you have private cloud readiness in services. So, Nutanix for me is the best solution for automation, as Paul said. And to begin the process to achieve the collection between private and public cloud. >> That's an interesting point. Could you expand on that? What do you mean by, what does private cloud mean to you? And most customers you hear, oh, we're doing some development. We're trying some new products in the public cloud. You flipped that some. >> Yeah, I spoke here yesterday in one of the session. And I ask the audience, how much time it takes to fire up a ritual machine from a template? And the answer was like between half and hour and one hour. I thought, one hour, that's cool. And how much time it takes for you to take this machine and join it to the CRM or the SharePoint or the Epic or the SAP farm? And the answer was about a week. So, where did seven days go? Why is the gap so huge between one hour and a week? And the answer is because the lack of automation. For me, the public cloud is exactly like, sorry, private cloud is exactly like public cloud. The same services, the same abilities to execute and generate services level. Not server level, because server level would be Dell. Like if you, 10 or 15 years ago, we are already there. Services level is the same ability that we have in the public level. >> Paul, I would love to hear your comments on how Cloud fits into your environment. >> Yeah, absolutely. 'Cause we're in the health industry, private cloud is paramount. But we really need the hybrid because we want to be able to burst and scale and have that agility. But to a lot of things that Sharon said, I do need that automation, I do need the scaleability, but I definitely need some commonality on my stacks. I have a shared services. I have to build a scale. I have to be able to have best prices. I need to be able to compete and collaborate with the private and public sectors. >> So, let's talk about some of the services that Nutanix offers. First let's start in the private cloud. A lot of great announcements. One of the things that, I have actually from Nutanix, I've heard about them is basically what they're delivering in AFF. I'm sorry, AFS, a foul services solution. Are you guys using any of those foul or type solutions within your own environment? >> No yet, we are not using the foul solution in biomechanics, but we're using the other services such as the big data verification with the Cloud data, because we are using, actually, a built environment for our new research development company that we signed in, big data, cloud data, dupe and in line, and we did it very quickly, and stability-wise and performance-wise, and file services-wise, because it's big data, you know? It's a different kind of perception over there, and Nutanix gives us very quickly a deployment and services that we needed for this project. >> Could you just expand on that? When you say it was a fast deployment, you know, days? >> Yeah, our CEO signed the contract with this company and said, okay, I want it to be ready in like, two weeks from now. And then I thought, okay I can do it traditionally, and it would probably take me a month, or even more, and I can do it with Nutanix, and Nutanix wasn't ready in this time, with Cloud Data verification. Nutanix promised me that they would support me 100%, I got a letter from the VP of R&D of Nutanix, that they would support me, and they would get the certification. Now, most of the vendors that want to sell you something they say, "yeah, we'll get it, no worries", and they deliver. First of all, they give us full support, in the duration of the implementation of the environment. And, they did get the certification a few months later. So, performance-wise, we did the test, so I know that it works. We've duplicated the Cloud there, by the way, when there was performance issues, it was, Cloud Data fine-tuned what we need to do. It wasn't Nutanix' at all. Really, I really like this product, but they really deliver, so, performance-wise, execution-wise, and stability. >> We met the deadline that your-- >> I met the deadline, the medical staff is behind schedule, but I did my part. >> So Paul, what are any, is there any particular service that you use within the Nutanix Private Cloud that you want to talk about? >> Well, we're pretty new to the Nutanix suite of services, but one thing that's unique about our organization is we're one of the first to not do x86, but do power systems as well. So, we wanted that one pane of glass, one cloud management system that we can actually do all of our workloads. So we really just, we started x86 but we just recently got our power infrastructure up and running, about 100 nodes, and that's working well as well. And we're happy to have both sides of the fence, and really look at all our workload through that single pane of glass. >> Great, can you tell me what workload are you running on that, and do you have any AIX that you might look to put on that, now that that's going to be supported? >> Yeah, so we're really now starting to look at things with Kubernetes, then we've started putting our open enrollment applications on, because that's really our season now, right? It's kind of our busiest timeframe, when I have the highest availability, I have to be able to scale, and want to have zero downtimes. So, that one click, we love those kind of capabilities, and that's really helping us with our new applications for open enrollment. >> So, let's talk about Nutanix' vision. You both are cloud-forward thinking organizations, as you look at Zy, as you look at integration of calm with the major cloud providers, what are your initial thoughts? >> I think that, you know, I think that Zy's really interesting, where I can have those recovery options. You know, I really think we really got to move infrastructure to resiliency, and make sure it's resilient, but it's always nice to have that backup and be able to click over very quickly, as opposed to traditional recovery model where you back it up and you have to restore it. We don't want to restore. We want to be able to bring that back up and have that high availability. So I'm really interested in the Zy piece. >> Yeah, and we got the budget for the DR this year. And, we needed to take into consideration the best DR module for Assulta. Now, to be honest with you, if a regulation would allow us, I wouldn't think twice. But this is a variable that I need to check with my legal department, but technology-wise Zy is a amazing solution. In terms of cloud as a centerfold, I believe that there is no other option. There's no other option but to build your private and move it towards public cloud services. By the way, the main barrier for me is the human barrier. Because we need to train our personnel, we need to change the way they think, we need to combine between system guys and networking, and security guys, because now it's one box. So it's quite the challenge, but Nutanix makes a difference. >> Alright, it's the first time for both of you attending this show, Paul, start with you, if you can tell us what brought you to the show, what you're hoping to accomplish, what you've learned so far, general experiences here. >> Yeah, so you know, Nutanix is really helping us build out our private cloud. We definitely know that even though healthcare has a lot of regulatory requirements, we don't want to do full public, we know we're going to have to start moving more and more into the cloudspace. So, we know there's different cloud players out there, but we want to have that mobility of our workloads and move them in and out, and move them back to our environment, and move them from cloud provider to cloud provider and I've definitely started hearing about a lot of the services that Nutanix provides, that it enables those kind of solutions, and I want to learn more about those. >> For me, Nutanix is bringing to the table new ideas, new perception, and the most important thing that they gave us, giving us things that we need. And you talked about Zy, you talked about Com, there's been a new concept and they are always moving ahead and they bring the market to chase them. If I could say this way. And for me, the most important thing is that everything is posted in one box, and able to do it very simple by automation processes. >> So one question around people, you're growing at, doubling the organization, as you go out and look for staff to augment your existing staff, and innovate the change, how does Nutanix help or hinder in the hiring process? Like, onboarding new employees, you said onboarding is a challenge, onboarding and training, commentary around that? >> Yeah, so, you know, people are our most precious assets, right? And, when you hire new, you want to get the best people you can get, right? So, I think that we definitely tried to identify folks that have the type of aptitude we need. We're not always able to find the folks that are skilled with all the solutions we need, because cloud is so diverse, and converge is so diverse with the stacks, but we actually are doing a better job with finding the right talent, or training the ones that we have up, and to prepare and give the training to the new folk that are coming through the door. But our onboarding is definitely an opportunity for us, and I think we'll be able to scale a little bit better with onboarding as we look at automation, automation is going to be the key to getting folks onboarded faster. >> So Sharon, what about you? How has Nutanix helped with your, not necessarily onboarding, because growth is not necessarily changed, but people change. >> Yeah, people change. And the market has changed as well. And people must understand, that they should embrace the change. Even I change each and every day. I learn new things, I implement new things, I dare and I challenge my organization, and I have to convince my finance and my CIO and my CEO that this technology, whether Nutanix or other technology, is the right technology for our organization. Now, Nutanix is helping us in terms of innovation because of the fact that we're beginning to sign contracts with startups. And, we have to build them labs, and combine them with our production environment but do it very smartly, in a sophisticated way. So, Nutanix with the microsegmentation and other features that they are having is very helpful for us in this area, as well. >> Last thing I wanted to ask: lessons learned. You're relatively new in this space, but always things that you look back and say, "What could I have done better", "What I wish I knew a little better", Paul, start with you as to talking with your peers, what would you recommend to them, and what changes might they make? >> You know, I think we're so new into it, we don't have a lot of lessons learned yet, because we're just really going into production with a lot of the systems that we have, especially on the AIXI and the power side, but I do think that we are doing a debrief, probably coming up in the next 30 days to really identify if there are opportunities that we could probably do differently. Now, I will say that I do want to look at the whole private cloud to public cloud opportunities and really understand what those challenges are, because I think from an application perspective, that we don't always build applications that we plan to bring back. So, I need to really partner with my development shops, that when they build applications, how do we make sure that we can bring those workloads back, and I want to understand some of those cost models. >> That's awesome. >> I would say choosing the right use case and to prepare for the implementation, plan as much as you can, because those things will make or break if you're a beginner. If you're already accustomed to things, you know what to do. But if you're a beginner, those things are very important and combined with a good or very good integrator because, once again, if you want to succeed in this project, because it's not a project, it's not that service that we install. If you go with this method, then you didn't learn anything. So, if you want to get the best out of Nutanix, and thanks, to offer a lot of services we discussed, you should do it. >> Alright, Sharon and Paul, thank you so much for sharing your stories. For Keith Townsend and Stu Miniman, we always love to talk to all the users here, and I'm glad to be able to bring them to you, thanks so much for watching theCUBE. (upbeat music)

>> Announcer: Live from Las Vegas, it's theCUBE. Covering VMworld 2017, brought to you by VMware and its ecosystem partners. (techno music) >> Good morning, welcome to day three of VMworld 2017. This is theCUBE's continuing coverage of this big event in Las Vegas. I am Lisa Martin with my co-host, Stu Miniman, and we're very excited to be joined by a couple of gals in tech. We have Phoummala Schmitt, you are the infrastructure lead for Independence Blue Cross, and Theresa Miller, the founder of the 24x7 IT Connection. Welcome. >> Thank you. >> Thank you for having us. >> So, Phoummala, let's start with you. You are a very leading female in the technology and software space. Tell us about yourself. What do you do, what inspires you as a female leader in technology? >> I'm currently in infrastructure lead at Independence Blue Cross. I manage unified communications applications, Exchange, Skype for Business. What excites me is the ability to show young women that you can do anything. When I was younger, I was told that I didn't understand math very well, so I couldn't be in IT, well, look at me here. So, it's inspiring. I feel inspired when little girls tell me, I want to do something technical. >> That's awesome, Theresa, what about you? What's your journey been like? >> My journey started over 20 years ago by accident, while I was studying at the University of Wisconsin-Whitewater. There was an opportunity to study IT. It made sense to me, and I dropped my accounting major just like that as soon as IT came to the forefront. I've been doing technology ever since, and today, now, I have 24x7 IT Connection. We do writing, we do webinars, and we also do IT consulting. >> So, you guys work together with the 24x7 IT Connection. Tell us a little bit more about that. I know that, Phoummala, you mentioned Microsoft, and here we are at VMworld. Tell us about what kind of topics you cover on that 24x7 IT Connection. >> We cover a broad range of topics. I usually cover the Microsoft, Exchange, Skype world. I actually blog for Theresa, but we do a podcast together, the Current Status, and we talk about all sorts of technology, storage, networking, and just the current trends. And we actually do it on video, through YouTube, and we have a glass of wine. We make it so it's like a casual conversation with your friends, you know, you're just chattin' and talkin' tech, like here at the conference. >> Uh-- >> Just to add to that, so, from the blogging and like the approach we use, it really is about what's relevant to us. So, like she said, we're covering end-user computing, it might be Microsoft, it might be Linux. It just depends. We have several female writers and one male, and it's really about what's relevant, what's going on in their world, because then you know it's going on in someone else's. >> Yeah, Phoummala, you've been in the center of a really interesting transition we've been seeing in the marketplace. You know, I think about my career in tech, you know, deploying servers for email, and that whole push. Microsoft, huge push to get everybody onto Office 365. >> Phoummala: Yes. >> You know, where that lives, we talk about, you know, software's eating the world. You know, so, give us that journey of applications for you. How's that change your role, some of the dynamics? Sounds like you might need a glass of wine after talking through some of these topics, yeah. >> Yeah, I actually started in the server world, server and infrastructure. I was racking and stacking servers, deploying VMs, and then, at the same time, I was also managing Exchange, but as my career progressed, I kind of left that storage and server background and decided, you know what, applications. I wanted to focus a little bit more and really embrace the application world. Since I had that server background, that was my job, it just seems I could actually deploy these applications a lot better, because I understand the underlying foundations behind it, Exchange, and the cloud, so, right now, you know the push is to be in the cloud. Where I work, and a lot of organizations like ourselves, we don't go to the cloud yet. We're just not there. So, there is a very strong push. Eventually, I suspect we'll all be in the cloud. I mean, that's just, it's not if, it's when. >> Yeah, so, but I want to dig down just a tiny bit more, because, you know, most people in the VMware community know Microsoft pretty well. The relationship with Microsoft and their applications with virtualization, and now with cloud, is a really interest dynamic, so you've gone against some of what Microsoft said in the past, kind of do what's best for your organization, why don't you explain some of that to our audience, yeah. >> Yeah, so, Exchange. The preferred architecture for Exchange is, or Exchange 2016, 2013, is to be physical servers, with DAS, direct-attached storage, which is, you know, not what most people are. I mean, it's a virtualized world now. I don't know any company that isn't virtualized. So, I've taken the approach, what is the best situation or deployment for your organization. Yes, there is the preferred architecture, but it's not, I don't look at it as the Holy Grail, or the Bible. I look at what is best for the organization. What are your requirements? So, if the requirement is to reduce data center cost, reduce some rack space, and you can't go to the cloud yet, due to other requirements, let's look at alternative solutions that still follow some of the guidance. So, you know, yes, I break away from it, but it's what's best for your business, because not everybody can deploy physical. >> Yeah, Theresa, I have to imagine you cover a lot of this. You know, what's really happening with customers versus, you know, no offense to our friends on the vendor side, but, you know, they always think its what's right, as opposed to the person doing it, knows what is right for their environment. That's one of the challenges of IT, right? There is no one way to do things, so. >> Every organization is going to take a different path and journey, and that might be to the cloud, that might not be yet. That might be a combination, that could be hybrid IT, I think is another term that we keep hearing where, maybe I have some applications in the cloud, and some that will always remain on prem, but it has to match the culture and the fit of the business, or you won't be successful with any IT project. >> So, ladies, we're at VMworld 2017, given both of your thoughts in terms of, we need to do what's best for the business, Phoummala, let me start with you. What are some of the things that you're hearing, are you hearing other peers of yours echo the same feelings and sentiments? >> Yes, when we're out in the field, you know, I'm talkin' to people, and it's, yeah, it's we're not there yet, we want to go there, yeah, but we can't do it, we don't have the infrastructure, we don't have the resources. And oftentimes, you know, our vendors, they, they forget that budgets, there's constraints, you know, resourcing. So, you know, my word to them is be patient with us. We want to go there, we like your products, but there's so many other factors in play, especially when you work for a large enterprise. You know, there's politics, and large enterprises just take time to do things, especially certain industries, healthcare, financial sectors. You have certain regulations that you have to follow, and in order to get to the cloud, or whatever, you know, the latest trend is, we may have to modify certain policies that are in place and then there's a downward effect, because let's say we want to go to the cloud, then you have to go to, you know, your security department. What regulations or what retention policies do you have to change? And that may, you know, that may take time. So, it's not like it's going to' happen today. >> Theresa, same question, but I guess, maybe, no, maybe a different question. In terms of your podcast, have you heard anything here that's inspired the next conversation that you guys want to have with your glass of wine? >> So, I really think, it's probably going to revolve around cloud again, and in terms of, the other thing I keep seeing is analytics. Everybody's talking about analytics. >> Lisa: Yes. >> And I think that's a really interesting conversation, 'cause it means so many different things. The depth, what are you going to analyze? How do you manage that data? So I could see it being a combination of those topics, and even maybe separate. >> Yeah, yeah, Phoummala, you and I were talking before the interview. Think about this community here. It used to be, you know, it was like hypervisor, virtualizing, we were all in this journey to virtualize. Now, it's a little bit fragmented because there's so many different areas. Analytics, absolutely huge people. Security, lots of people going there. This whole cloud discussion, on all the different apps. What are you seeing in the community? What are the topic areas? Is that, you know, is that a challenge to the community? VMware, the VMworld community was a pretty tight-knit community, and now it feels, you know, while there's great connections and great people, it's broken into a few different pieces. What's your reaction to that? >> I mean, I do feel there's sort of a, not a disconnect, but there's so many different aspects, and I think that's just the evolution of IT. We've evolved to the point where it's beyond IT, it's beyond the technical approaches. It is, um, it's almost like it's, IT's just another business department. We're a business. We provide services to the other business units, and it's just that evolution of, we're service providers, all of us. Whether we are in the data center, or we are an apps develop, we are providing a service to somebody, and we have customers. >> Do you find that that's an advantage? We were talking to some guests earlier this week that, I think it was an analyst from ESG that was saying, you know, you can show that certain problems with storage, certain costs, aren't IT's problem, it's a business problem. Is that an advantage what you just kind of talked about, Phoummala, in terms of getting eyes and ears of the business to provide, okay, this is a business challenge, we need to provide the right expertise, the right funding, to support these services that are needed? >> I definitely think so. I mean, just from my own experience. Understanding what the business wants and needs is huge. And then just puttin' yourself in their shoes. What do they need, what can we do to make their jobs better? So that person, you know, clicking the button of submitting our payroll, or, you know, putting a purchase order in, what can we do to make that better? So, you know, it's one of the things I always do when I'm looking at projects. What value is this going to bring for our business? And, I think, that's just the way IT has evolved to. We're not the programmers in the basement anymore, you know, with the lights turned off and just coding away. We're all business analysts now. Because, at the end of the day, it's our paycheck, too. So, these products that we're hearing about, at the end of the day, it affects us, it affects our business, and the bottom line. >> And what is the website of 24x7 IT Connection that people can see and hear the value that you bring to the community? >> It's 24x7, so that's the 24 by 7, and then itconnection.com. And so, like I said, we share a lot of really great stuff. We have something new every week, so it's definitely worth checking out. >> Well, ladies, thank you so much for joining Stu and myself this morning and sharing your journeys into IT, as well as your insights, what you've learned from the show, what excites you, and where people can go to find more information about the expertise that you bring to the community. We want to thank you for watching again. We are theCUBE live from day three of VMworld 2017. I am Lisa Martin, for my esteemed co-host, Stu Miniman, thanks for watching. We'll be right back. (techno music)

>>When Oracle acquired my SQL via the Sun acquisition, nobody really thought the company would put much effort into the platform preferring to focus all the wood behind its leading Oracle database, Arrow pun intended. But two years ago, Oracle surprised many folks by announcing my SQL Heatwave a new database as a service with a massively parallel hybrid Columbia in Mary Mary architecture that brings together transactional and analytic data in a single platform. Welcome to our latest database, power panel on the cube. My name is Dave Ante, and today we're gonna discuss Oracle's MySQL Heat Wave with a who's who of cloud database industry analysts. Holgar Mueller is with Constellation Research. Mark Stammer is the Dragon Slayer and Wikibon contributor. And Ron Westfall is with Fu Chim Research. Gentlemen, welcome back to the Cube. Always a pleasure to have you on. Thanks for having us. Great to be here. >>So we've had a number of of deep dive interviews on the Cube with Nip and Aggarwal. You guys know him? He's a senior vice president of MySQL, Heatwave Development at Oracle. I think you just saw him at Oracle Cloud World and he's come on to describe this is gonna, I'll call it a shock and awe feature additions to to heatwave. You know, the company's clearly putting r and d into the platform and I think at at cloud world we saw like the fifth major release since 2020 when they first announced MySQL heat wave. So just listing a few, they, they got, they taken, brought in analytics machine learning, they got autopilot for machine learning, which is automation onto the basic o l TP functionality of the database. And it's been interesting to watch Oracle's converge database strategy. We've contrasted that amongst ourselves. Love to get your thoughts on Amazon's get the right tool for the right job approach. >>Are they gonna have to change that? You know, Amazon's got the specialized databases, it's just, you know, the both companies are doing well. It just shows there are a lot of ways to, to skin a cat cuz you see some traction in the market in, in both approaches. So today we're gonna focus on the latest heat wave announcements and we're gonna talk about multi-cloud with a native MySQL heat wave implementation, which is available on aws MySQL heat wave for Azure via the Oracle Microsoft interconnect. This kind of cool hybrid action that they got going. Sometimes we call it super cloud. And then we're gonna dive into my SQL Heatwave Lake house, which allows users to process and query data across MyQ databases as heatwave databases, as well as object stores. So, and then we've got, heatwave has been announced on AWS and, and, and Azure, they're available now and Lake House I believe is in beta and I think it's coming out the second half of next year. So again, all of our guests are fresh off of Oracle Cloud world in Las Vegas. So they got the latest scoop. Guys, I'm done talking. Let's get into it. Mark, maybe you could start us off, what's your opinion of my SQL Heatwaves competitive position? When you think about what AWS is doing, you know, Google is, you know, we heard Google Cloud next recently, we heard about all their data innovations. You got, obviously Azure's got a big portfolio, snowflakes doing well in the market. What's your take? >>Well, first let's look at it from the point of view that AWS is the market leader in cloud and cloud services. They own somewhere between 30 to 50% depending on who you read of the market. And then you have Azure as number two and after that it falls off. There's gcp, Google Cloud platform, which is further way down the list and then Oracle and IBM and Alibaba. So when you look at AWS and you and Azure saying, hey, these are the market leaders in the cloud, then you start looking at it and saying, if I am going to provide a service that competes with the service they have, if I can make it available in their cloud, it means that I can be more competitive. And if I'm compelling and compelling means at least twice the performance or functionality or both at half the price, I should be able to gain market share. >>And that's what Oracle's done. They've taken a superior product in my SQL heat wave, which is faster, lower cost does more for a lot less at the end of the day and they make it available to the users of those clouds. You avoid this little thing called egress fees, you avoid the issue of having to migrate from one cloud to another and suddenly you have a very compelling offer. So I look at what Oracle's doing with MyQ and it feels like, I'm gonna use a word term, a flanking maneuver to their competition. They're offering a better service on their platforms. >>All right, so thank you for that. Holger, we've seen this sort of cadence, I sort of referenced it up front a little bit and they sat on MySQL for a decade, then all of a sudden we see this rush of announcements. Why did it take so long? And and more importantly is Oracle, are they developing the right features that cloud database customers are looking for in your view? >>Yeah, great question, but first of all, in your interview you said it's the edit analytics, right? Analytics is kind of like a marketing buzzword. Reports can be analytics, right? The interesting thing, which they did, the first thing they, they, they crossed the chasm between OTP and all up, right? In the same database, right? So major engineering feed very much what customers want and it's all about creating Bellevue for customers, which, which I think is the part why they go into the multi-cloud and why they add these capabilities. And they certainly with the AI capabilities, it's kind of like getting it into an autonomous field, self-driving field now with the lake cost capabilities and meeting customers where they are, like Mark has talked about the e risk costs in the cloud. So that that's a significant advantage, creating value for customers and that's what at the end of the day matters. >>And I believe strongly that long term it's gonna be ones who create better value for customers who will get more of their money From that perspective, why then take them so long? I think it's a great question. I think largely he mentioned the gentleman Nial, it's largely to who leads a product. I used to build products too, so maybe I'm a little fooling myself here, but that made the difference in my view, right? So since he's been charged, he's been building things faster than the rest of the competition, than my SQL space, which in hindsight we thought was a hot and smoking innovation phase. It kind of like was a little self complacent when it comes to the traditional borders of where, where people think, where things are separated between OTP and ola or as an example of adjacent support, right? Structured documents, whereas unstructured documents or databases and all of that has been collapsed and brought together for building a more powerful database for customers. >>So I mean it's certainly, you know, when, when Oracle talks about the competitors, you know, the competitors are in the, I always say they're, if the Oracle talks about you and knows you're doing well, so they talk a lot about aws, talk a little bit about Snowflake, you know, sort of Google, they have partnerships with Azure, but, but in, so I'm presuming that the response in MySQL heatwave was really in, in response to what they were seeing from those big competitors. But then you had Maria DB coming out, you know, the day that that Oracle acquired Sun and, and launching and going after the MySQL base. So it's, I'm, I'm interested and we'll talk about this later and what you guys think AWS and Google and Azure and Snowflake and how they're gonna respond. But, but before I do that, Ron, I want to ask you, you, you, you can get, you know, pretty technical and you've probably seen the benchmarks. >>I know you have Oracle makes a big deal out of it, publishes its benchmarks, makes some transparent on on GI GitHub. Larry Ellison talked about this in his keynote at Cloud World. What are the benchmarks show in general? I mean, when you, when you're new to the market, you gotta have a story like Mark was saying, you gotta be two x you know, the performance at half the cost or you better be or you're not gonna get any market share. So, and, and you know, oftentimes companies don't publish market benchmarks when they're leading. They do it when they, they need to gain share. So what do you make of the benchmarks? Have their, any results that were surprising to you? Have, you know, they been challenged by the competitors. Is it just a bunch of kind of desperate bench marketing to make some noise in the market or you know, are they real? What's your view? >>Well, from my perspective, I think they have the validity. And to your point, I believe that when it comes to competitor responses, that has not really happened. Nobody has like pulled down the information that's on GitHub and said, Oh, here are our price performance results. And they counter oracles. In fact, I think part of the reason why that hasn't happened is that there's the risk if Oracle's coming out and saying, Hey, we can deliver 17 times better query performance using our capabilities versus say, Snowflake when it comes to, you know, the Lakehouse platform and Snowflake turns around and says it's actually only 15 times better during performance, that's not exactly an effective maneuver. And so I think this is really to oracle's credit and I think it's refreshing because these differentiators are significant. We're not talking, you know, like 1.2% differences. We're talking 17 fold differences, we're talking six fold differences depending on, you know, where the spotlight is being shined and so forth. >>And so I think this is actually something that is actually too good to believe initially at first blush. If I'm a cloud database decision maker, I really have to prioritize this. I really would know, pay a lot more attention to this. And that's why I posed the question to Oracle and others like, okay, if these differentiators are so significant, why isn't the needle moving a bit more? And it's for, you know, some of the usual reasons. One is really deep discounting coming from, you know, the other players that's really kind of, you know, marketing 1 0 1, this is something you need to do when there's a real competitive threat to keep, you know, a customer in your own customer base. Plus there is the usual fear and uncertainty about moving from one platform to another. But I think, you know, the traction, the momentum is, is shifting an Oracle's favor. I think we saw that in the Q1 efforts, for example, where Oracle cloud grew 44% and that it generated, you know, 4.8 billion and revenue if I recall correctly. And so, so all these are demonstrating that's Oracle is making, I think many of the right moves, publishing these figures for anybody to look at from their own perspective is something that is, I think, good for the market and I think it's just gonna continue to pay dividends for Oracle down the horizon as you know, competition intens plots. So if I were in, >>Dave, can I, Dave, can I interject something and, and what Ron just said there? Yeah, please go ahead. A couple things here, one discounting, which is a common practice when you have a real threat, as Ron pointed out, isn't going to help much in this situation simply because you can't discount to the point where you improve your performance and the performance is a huge differentiator. You may be able to get your price down, but the problem that most of them have is they don't have an integrated product service. They don't have an integrated O L T P O L A P M L N data lake. Even if you cut out two of them, they don't have any of them integrated. They have multiple services that are required separate integration and that can't be overcome with discounting. And the, they, you have to pay for each one of these. And oh, by the way, as you grow, the discounts go away. So that's a, it's a minor important detail. >>So, so that's a TCO question mark, right? And I know you look at this a lot, if I had that kind of price performance advantage, I would be pounding tco, especially if I need two separate databases to do the job. That one can do, that's gonna be, the TCO numbers are gonna be off the chart or maybe down the chart, which you want. Have you looked at this and how does it compare with, you know, the big cloud guys, for example, >>I've looked at it in depth, in fact, I'm working on another TCO on this arena, but you can find it on Wiki bod in which I compared TCO for MySEQ Heat wave versus Aurora plus Redshift plus ML plus Blue. I've compared it against gcps services, Azure services, Snowflake with other services. And there's just no comparison. The, the TCO differences are huge. More importantly, thefor, the, the TCO per performance is huge. We're talking in some cases multiple orders of magnitude, but at least an order of magnitude difference. So discounting isn't gonna help you much at the end of the day, it's only going to lower your cost a little, but it doesn't improve the automation, it doesn't improve the performance, it doesn't improve the time to insight, it doesn't improve all those things that you want out of a database or multiple databases because you >>Can't discount yourself to a higher value proposition. >>So what about, I wonder ho if you could chime in on the developer angle. You, you followed that, that market. How do these innovations from heatwave, I think you used the term developer velocity. I've heard you used that before. Yeah, I mean, look, Oracle owns Java, okay, so it, it's, you know, most popular, you know, programming language in the world, blah, blah blah. But it does it have the, the minds and hearts of, of developers and does, where does heatwave fit into that equation? >>I think heatwave is gaining quickly mindshare on the developer side, right? It's not the traditional no sequel database which grew up, there's a traditional mistrust of oracles to developers to what was happening to open source when gets acquired. Like in the case of Oracle versus Java and where my sql, right? And, but we know it's not a good competitive strategy to, to bank on Oracle screwing up because it hasn't worked not on Java known my sequel, right? And for developers, it's, once you get to know a technology product and you can do more, it becomes kind of like a Swiss army knife and you can build more use case, you can build more powerful applications. That's super, super important because you don't have to get certified in multiple databases. You, you are fast at getting things done, you achieve fire, develop velocity, and the managers are happy because they don't have to license more things, send you to more trainings, have more risk of something not being delivered, right? >>So it's really the, we see the suite where this best of breed play happening here, which in general was happening before already with Oracle's flagship database. Whereas those Amazon as an example, right? And now the interesting thing is every step away Oracle was always a one database company that can be only one and they're now generally talking about heat web and that two database company with different market spaces, but same value proposition of integrating more things very, very quickly to have a universal database that I call, they call the converge database for all the needs of an enterprise to run certain application use cases. And that's what's attractive to developers. >>It's, it's ironic isn't it? I mean I, you know, the rumor was the TK Thomas Curian left Oracle cuz he wanted to put Oracle database on other clouds and other places. And maybe that was the rift. Maybe there was, I'm sure there was other things, but, but Oracle clearly is now trying to expand its Tam Ron with, with heatwave into aws, into Azure. How do you think Oracle's gonna do, you were at a cloud world, what was the sentiment from customers and the independent analyst? Is this just Oracle trying to screw with the competition, create a little diversion? Or is this, you know, serious business for Oracle? What do you think? >>No, I think it has lakes. I think it's definitely, again, attriting to Oracle's overall ability to differentiate not only my SQL heat wave, but its overall portfolio. And I think the fact that they do have the alliance with the Azure in place, that this is definitely demonstrating their commitment to meeting the multi-cloud needs of its customers as well as what we pointed to in terms of the fact that they're now offering, you know, MySQL capabilities within AWS natively and that it can now perform AWS's own offering. And I think this is all demonstrating that Oracle is, you know, not letting up, they're not resting on its laurels. That's clearly we are living in a multi-cloud world, so why not just make it more easy for customers to be able to use cloud databases according to their own specific, specific needs. And I think, you know, to holder's point, I think that definitely lines with being able to bring on more application developers to leverage these capabilities. >>I think one important announcement that's related to all this was the JSON relational duality capabilities where now it's a lot easier for application developers to use a language that they're very familiar with a JS O and not have to worry about going into relational databases to store their J S O N application coding. So this is, I think an example of the innovation that's enhancing the overall Oracle portfolio and certainly all the work with machine learning is definitely paying dividends as well. And as a result, I see Oracle continue to make these inroads that we pointed to. But I agree with Mark, you know, the short term discounting is just a stall tag. This is not denying the fact that Oracle is being able to not only deliver price performance differentiators that are dramatic, but also meeting a wide range of needs for customers out there that aren't just limited device performance consideration. >>Being able to support multi-cloud according to customer needs. Being able to reach out to the application developer community and address a very specific challenge that has plagued them for many years now. So bring it all together. Yeah, I see this as just enabling Oracles who ring true with customers. That the customers that were there were basically all of them, even though not all of them are going to be saying the same things, they're all basically saying positive feedback. And likewise, I think the analyst community is seeing this. It's always refreshing to be able to talk to customers directly and at Oracle cloud there was a litany of them and so this is just a difference maker as well as being able to talk to strategic partners. The nvidia, I think partnerships also testament to Oracle's ongoing ability to, you know, make the ecosystem more user friendly for the customers out there. >>Yeah, it's interesting when you get these all in one tools, you know, the Swiss Army knife, you expect that it's not able to be best of breed. That's the kind of surprising thing that I'm hearing about, about heatwave. I want to, I want to talk about Lake House because when I think of Lake House, I think data bricks, and to my knowledge data bricks hasn't been in the sites of Oracle yet. Maybe they're next, but, but Oracle claims that MySQL, heatwave, Lakehouse is a breakthrough in terms of capacity and performance. Mark, what are your thoughts on that? Can you double click on, on Lakehouse Oracle's claims for things like query performance and data loading? What does it mean for the market? Is Oracle really leading in, in the lake house competitive landscape? What are your thoughts? >>Well, but name in the game is what are the problems you're solving for the customer? More importantly, are those problems urgent or important? If they're urgent, customers wanna solve 'em. Now if they're important, they might get around to them. So you look at what they're doing with Lake House or previous to that machine learning or previous to that automation or previous to that O L A with O ltp and they're merging all this capability together. If you look at Snowflake or data bricks, they're tacking one problem. You look at MyQ heat wave, they're tacking multiple problems. So when you say, yeah, their queries are much better against the lake house in combination with other analytics in combination with O ltp and the fact that there are no ETLs. So you're getting all this done in real time. So it's, it's doing the query cross, cross everything in real time. >>You're solving multiple user and developer problems, you're increasing their ability to get insight faster, you're having shorter response times. So yeah, they really are solving urgent problems for customers. And by putting it where the customer lives, this is the brilliance of actually being multicloud. And I know I'm backing up here a second, but by making it work in AWS and Azure where people already live, where they already have applications, what they're saying is, we're bringing it to you. You don't have to come to us to get these, these benefits, this value overall, I think it's a brilliant strategy. I give Nip and Argo wallet a huge, huge kudos for what he's doing there. So yes, what they're doing with the lake house is going to put notice on data bricks and Snowflake and everyone else for that matter. Well >>Those are guys that whole ago you, you and I have talked about this. Those are, those are the guys that are doing sort of the best of breed. You know, they're really focused and they, you know, tend to do well at least out of the gate. Now you got Oracle's converged philosophy, obviously with Oracle database. We've seen that now it's kicking in gear with, with heatwave, you know, this whole thing of sweets versus best of breed. I mean the long term, you know, customers tend to migrate towards suite, but the new shiny toy tends to get the growth. How do you think this is gonna play out in cloud database? >>Well, it's the forever never ending story, right? And in software right suite, whereas best of breed and so far in the long run suites have always won, right? So, and sometimes they struggle again because the inherent problem of sweets is you build something larger, it has more complexity and that means your cycles to get everything working together to integrate the test that roll it out, certify whatever it is, takes you longer, right? And that's not the case. It's a fascinating part of what the effort around my SQL heat wave is that the team is out executing the previous best of breed data, bringing us something together. Now if they can maintain that pace, that's something to to, to be seen. But it, the strategy, like what Mark was saying, bring the software to the data is of course interesting and unique and totally an Oracle issue in the past, right? >>Yeah. But it had to be in your database on oci. And but at, that's an interesting part. The interesting thing on the Lake health side is, right, there's three key benefits of a lakehouse. The first one is better reporting analytics, bring more rich information together, like make the, the, the case for silicon angle, right? We want to see engagements for this video, we want to know what's happening. That's a mixed transactional video media use case, right? Typical Lakehouse use case. The next one is to build more rich applications, transactional applications which have video and these elements in there, which are the engaging one. And the third one, and that's where I'm a little critical and concerned, is it's really the base platform for artificial intelligence, right? To run deep learning to run things automatically because they have all the data in one place can create in one way. >>And that's where Oracle, I know that Ron talked about Invidia for a moment, but that's where Oracle doesn't have the strongest best story. Nonetheless, the two other main use cases of the lake house are very strong, very well only concern is four 50 terabyte sounds long. It's an arbitrary limitation. Yeah, sounds as big. So for the start, and it's the first word, they can make that bigger. You don't want your lake house to be limited and the terabyte sizes or any even petabyte size because you want to have the certainty. I can put everything in there that I think it might be relevant without knowing what questions to ask and query those questions. >>Yeah. And you know, in the early days of no schema on right, it just became a mess. But now technology has evolved to allow us to actually get more value out of that data. Data lake. Data swamp is, you know, not much more, more, more, more logical. But, and I want to get in, in a moment, I want to come back to how you think the competitors are gonna respond. Are they gonna have to sort of do a more of a converged approach? AWS in particular? But before I do, Ron, I want to ask you a question about autopilot because I heard Larry Ellison's keynote and he was talking about how, you know, most security issues are human errors with autonomy and autonomous database and things like autopilot. We take care of that. It's like autonomous vehicles, they're gonna be safer. And I went, well maybe, maybe someday. So Oracle really tries to emphasize this, that every time you see an announcement from Oracle, they talk about new, you know, autonomous capabilities. It, how legit is it? Do people care? What about, you know, what's new for heatwave Lakehouse? How much of a differentiator, Ron, do you really think autopilot is in this cloud database space? >>Yeah, I think it will definitely enhance the overall proposition. I don't think people are gonna buy, you know, lake house exclusively cause of autopilot capabilities, but when they look at the overall picture, I think it will be an added capability bonus to Oracle's benefit. And yeah, I think it's kind of one of these age old questions, how much do you automate and what is the bounce to strike? And I think we all understand with the automatic car, autonomous car analogy that there are limitations to being able to use that. However, I think it's a tool that basically every organization out there needs to at least have or at least evaluate because it goes to the point of it helps with ease of use, it helps make automation more balanced in terms of, you know, being able to test, all right, let's automate this process and see if it works well, then we can go on and switch on on autopilot for other processes. >>And then, you know, that allows, for example, the specialists to spend more time on business use cases versus, you know, manual maintenance of, of the cloud database and so forth. So I think that actually is a, a legitimate value proposition. I think it's just gonna be a case by case basis. Some organizations are gonna be more aggressive with putting automation throughout their processes throughout their organization. Others are gonna be more cautious. But it's gonna be, again, something that will help the overall Oracle proposition. And something that I think will be used with caution by many organizations, but other organizations are gonna like, hey, great, this is something that is really answering a real problem. And that is just easing the use of these databases, but also being able to better handle the automation capabilities and benefits that come with it without having, you know, a major screwup happened and the process of transitioning to more automated capabilities. >>Now, I didn't attend cloud world, it's just too many red eyes, you know, recently, so I passed. But one of the things I like to do at those events is talk to customers, you know, in the spirit of the truth, you know, they, you know, you'd have the hallway, you know, track and to talk to customers and they say, Hey, you know, here's the good, the bad and the ugly. So did you guys, did you talk to any customers my SQL Heatwave customers at, at cloud world? And and what did you learn? I don't know, Mark, did you, did you have any luck and, and having some, some private conversations? >>Yeah, I had quite a few private conversations. The one thing before I get to that, I want disagree with one point Ron made, I do believe there are customers out there buying the heat wave service, the MySEQ heat wave server service because of autopilot. Because autopilot is really revolutionary in many ways in the sense for the MySEQ developer in that it, it auto provisions, it auto parallel loads, IT auto data places it auto shape predictions. It can tell you what machine learning models are going to tell you, gonna give you your best results. And, and candidly, I've yet to meet a DBA who didn't wanna give up pedantic tasks that are pain in the kahoo, which they'd rather not do and if it's long as it was done right for them. So yes, I do think people are buying it because of autopilot and that's based on some of the conversations I had with customers at Oracle Cloud World. >>In fact, it was like, yeah, that's great, yeah, we get fantastic performance, but this really makes my life easier and I've yet to meet a DBA who didn't want to make their life easier. And it does. So yeah, I've talked to a few of them. They were excited. I asked them if they ran into any bugs, were there any difficulties in moving to it? And the answer was no. In both cases, it's interesting to note, my sequel is the most popular database on the planet. Well, some will argue that it's neck and neck with SQL Server, but if you add in Mariah DB and ProCon db, which are forks of MySQL, then yeah, by far and away it's the most popular. And as a result of that, everybody for the most part has typically a my sequel database somewhere in their organization. So this is a brilliant situation for anybody going after MyQ, but especially for heat wave. And the customers I talk to love it. I didn't find anybody complaining about it. And >>What about the migration? We talked about TCO earlier. Did your t does your TCO analysis include the migration cost or do you kind of conveniently leave that out or what? >>Well, when you look at migration costs, there are different kinds of migration costs. By the way, the worst job in the data center is the data migration manager. Forget it, no other job is as bad as that one. You get no attaboys for doing it. Right? And then when you screw up, oh boy. So in real terms, anything that can limit data migration is a good thing. And when you look at Data Lake, that limits data migration. So if you're already a MySEQ user, this is a pure MySQL as far as you're concerned. It's just a, a simple transition from one to the other. You may wanna make sure nothing broke and every you, all your tables are correct and your schema's, okay, but it's all the same. So it's a simple migration. So it's pretty much a non-event, right? When you migrate data from an O LTP to an O L A P, that's an ETL and that's gonna take time. >>But you don't have to do that with my SQL heat wave. So that's gone when you start talking about machine learning, again, you may have an etl, you may not, depending on the circumstances, but again, with my SQL heat wave, you don't, and you don't have duplicate storage, you don't have to copy it from one storage container to another to be able to be used in a different database, which by the way, ultimately adds much more cost than just the other service. So yeah, I looked at the migration and again, the users I talked to said it was a non-event. It was literally moving from one physical machine to another. If they had a new version of MySEQ running on something else and just wanted to migrate it over or just hook it up or just connect it to the data, it worked just fine. >>Okay, so every day it sounds like you guys feel, and we've certainly heard this, my colleague David Foyer, the semi-retired David Foyer was always very high on heatwave. So I think you knows got some real legitimacy here coming from a standing start, but I wanna talk about the competition, how they're likely to respond. I mean, if your AWS and you got heatwave is now in your cloud, so there's some good aspects of that. The database guys might not like that, but the infrastructure guys probably love it. Hey, more ways to sell, you know, EC two and graviton, but you're gonna, the database guys in AWS are gonna respond. They're gonna say, Hey, we got Redshift, we got aqua. What's your thoughts on, on not only how that's gonna resonate with customers, but I'm interested in what you guys think will a, I never say never about aws, you know, and are they gonna try to build, in your view a converged Oola and o LTP database? You know, Snowflake is taking an ecosystem approach. They've added in transactional capabilities to the portfolio so they're not standing still. What do you guys see in the competitive landscape in that regard going forward? Maybe Holger, you could start us off and anybody else who wants to can chime in, >>Happy to, you mentioned Snowflake last, we'll start there. I think Snowflake is imitating that strategy, right? That building out original data warehouse and the clouds tasking project to really proposition to have other data available there because AI is relevant for everybody. Ultimately people keep data in the cloud for ultimately running ai. So you see the same suite kind of like level strategy, it's gonna be a little harder because of the original positioning. How much would people know that you're doing other stuff? And I just, as a former developer manager of developers, I just don't see the speed at the moment happening at Snowflake to become really competitive to Oracle. On the flip side, putting my Oracle hat on for a moment back to you, Mark and Iran, right? What could Oracle still add? Because the, the big big things, right? The traditional chasms in the database world, they have built everything, right? >>So I, I really scratched my hat and gave Nipon a hard time at Cloud world say like, what could you be building? Destiny was very conservative. Let's get the Lakehouse thing done, it's gonna spring next year, right? And the AWS is really hard because AWS value proposition is these small innovation teams, right? That they build two pizza teams, which can be fit by two pizzas, not large teams, right? And you need suites to large teams to build these suites with lots of functionalities to make sure they work together. They're consistent, they have the same UX on the administration side, they can consume the same way, they have the same API registry, can't even stop going where the synergy comes to play over suite. So, so it's gonna be really, really hard for them to change that. But AWS super pragmatic. They're always by themselves that they'll listen to customers if they learn from customers suite as a proposition. I would not be surprised if AWS trying to bring things closer together, being morely together. >>Yeah. Well how about, can we talk about multicloud if, if, again, Oracle is very on on Oracle as you said before, but let's look forward, you know, half a year or a year. What do you think about Oracle's moves in, in multicloud in terms of what kind of penetration they're gonna have in the marketplace? You saw a lot of presentations at at cloud world, you know, we've looked pretty closely at the, the Microsoft Azure deal. I think that's really interesting. I've, I've called it a little bit of early days of a super cloud. What impact do you think this is gonna have on, on the marketplace? But, but both. And think about it within Oracle's customer base, I have no doubt they'll do great there. But what about beyond its existing install base? What do you guys think? >>Ryan, do you wanna jump on that? Go ahead. Go ahead Ryan. No, no, no, >>That's an excellent point. I think it aligns with what we've been talking about in terms of Lakehouse. I think Lake House will enable Oracle to pull more customers, more bicycle customers onto the Oracle platforms. And I think we're seeing all the signs pointing toward Oracle being able to make more inroads into the overall market. And that includes garnishing customers from the leaders in, in other words, because they are, you know, coming in as a innovator, a an alternative to, you know, the AWS proposition, the Google cloud proposition that they have less to lose and there's a result they can really drive the multi-cloud messaging to resonate with not only their existing customers, but also to be able to, to that question, Dave's posing actually garnish customers onto their platform. And, and that includes naturally my sequel but also OCI and so forth. So that's how I'm seeing this playing out. I think, you know, again, Oracle's reporting is indicating that, and I think what we saw, Oracle Cloud world is definitely validating the idea that Oracle can make more waves in the overall market in this regard. >>You know, I, I've floated this idea of Super cloud, it's kind of tongue in cheek, but, but there, I think there is some merit to it in terms of building on top of hyperscale infrastructure and abstracting some of the, that complexity. And one of the things that I'm most interested in is industry clouds and an Oracle acquisition of Cerner. I was struck by Larry Ellison's keynote, it was like, I don't know, an hour and a half and an hour and 15 minutes was focused on healthcare transformation. Well, >>So vertical, >>Right? And so, yeah, so you got Oracle's, you know, got some industry chops and you, and then you think about what they're building with, with not only oci, but then you got, you know, MyQ, you can now run in dedicated regions. You got ADB on on Exadata cloud to customer, you can put that OnPrem in in your data center and you look at what the other hyperscalers are, are doing. I I say other hyperscalers, I've always said Oracle's not really a hyperscaler, but they got a cloud so they're in the game. But you can't get, you know, big query OnPrem, you look at outposts, it's very limited in terms of, you know, the database support and again, that that will will evolve. But now you got Oracle's got, they announced Alloy, we can white label their cloud. So I'm interested in what you guys think about these moves, especially the industry cloud. We see, you know, Walmart is doing sort of their own cloud. You got Goldman Sachs doing a cloud. Do you, you guys, what do you think about that and what role does Oracle play? Any thoughts? >>Yeah, let me lemme jump on that for a moment. Now, especially with the MyQ, by making that available in multiple clouds, what they're doing is this follows the philosophy they've had the past with doing cloud, a customer taking the application and the data and putting it where the customer lives. If it's on premise, it's on premise. If it's in the cloud, it's in the cloud. By making the mice equal heat wave, essentially a plug compatible with any other mice equal as far as your, your database is concern and then giving you that integration with O L A P and ML and Data Lake and everything else, then what you've got is a compelling offering. You're making it easier for the customer to use. So I look the difference between MyQ and the Oracle database, MyQ is going to capture market more market share for them. >>You're not gonna find a lot of new users for the Oracle debate database. Yeah, there are always gonna be new users, don't get me wrong, but it's not gonna be a huge growth. Whereas my SQL heatwave is probably gonna be a major growth engine for Oracle going forward. Not just in their own cloud, but in AWS and in Azure and on premise over time that eventually it'll get there. It's not there now, but it will, they're doing the right thing on that basis. They're taking the services and when you talk about multicloud and making them available where the customer wants them, not forcing them to go where you want them, if that makes sense. And as far as where they're going in the future, I think they're gonna take a page outta what they've done with the Oracle database. They'll add things like JSON and XML and time series and spatial over time they'll make it a, a complete converged database like they did with the Oracle database. The difference being Oracle database will scale bigger and will have more transactions and be somewhat faster. And my SQL will be, for anyone who's not on the Oracle database, they're, they're not stupid, that's for sure. >>They've done Jason already. Right. But I give you that they could add graph and time series, right. Since eat with, Right, Right. Yeah, that's something absolutely right. That's, that's >>A sort of a logical move, right? >>Right. But that's, that's some kid ourselves, right? I mean has worked in Oracle's favor, right? 10 x 20 x, the amount of r and d, which is in the MyQ space, has been poured at trying to snatch workloads away from Oracle by starting with IBM 30 years ago, 20 years ago, Microsoft and, and, and, and didn't work, right? Database applications are extremely sticky when they run, you don't want to touch SIM and grow them, right? So that doesn't mean that heat phase is not an attractive offering, but it will be net new things, right? And what works in my SQL heat wave heat phases favor a little bit is it's not the massive enterprise applications which have like we the nails like, like you might be only running 30% or Oracle, but the connections and the interfaces into that is, is like 70, 80% of your enterprise. >>You take it out and it's like the spaghetti ball where you say, ah, no I really don't, don't want to do all that. Right? You don't, don't have that massive part with the equals heat phase sequel kind of like database which are more smaller tactical in comparison, but still I, I don't see them taking so much share. They will be growing because of a attractive value proposition quickly on the, the multi-cloud, right? I think it's not really multi-cloud. If you give people the chance to run your offering on different clouds, right? You can run it there. The multi-cloud advantages when the Uber offering comes out, which allows you to do things across those installations, right? I can migrate data, I can create data across something like Google has done with B query Omni, I can run predictive models or even make iron models in different place and distribute them, right? And Oracle is paving the road for that, but being available on these clouds. But the multi-cloud capability of database which knows I'm running on different clouds that is still yet to be built there. >>Yeah. And >>That the problem with >>That, that's the super cloud concept that I flowed and I I've always said kinda snowflake with a single global instance is sort of, you know, headed in that direction and maybe has a league. What's the issue with that mark? >>Yeah, the problem with the, with that version, the multi-cloud is clouds to charge egress fees. As long as they charge egress fees to move data between clouds, it's gonna make it very difficult to do a real multi-cloud implementation. Even Snowflake, which runs multi-cloud, has to pass out on the egress fees of their customer when data moves between clouds. And that's really expensive. I mean there, there is one customer I talked to who is beta testing for them, the MySQL heatwave and aws. The only reason they didn't want to do that until it was running on AWS is the egress fees were so great to move it to OCI that they couldn't afford it. Yeah. Egress fees are the big issue but, >>But Mark the, the point might be you might wanna root query and only get the results set back, right was much more tinier, which been the answer before for low latency between the class A problem, which we sometimes still have but mostly don't have. Right? And I think in general this with fees coming down based on the Oracle general E with fee move and it's very hard to justify those, right? But, but it's, it's not about moving data as a multi-cloud high value use case. It's about doing intelligent things with that data, right? Putting into other places, replicating it, what I'm saying the same thing what you said before, running remote queries on that, analyzing it, running AI on it, running AI models on that. That's the interesting thing. Cross administered in the same way. Taking things out, making sure compliance happens. Making sure when Ron says I don't want to be American anymore, I want to be in the European cloud that is gets migrated, right? So tho those are the interesting value use case which are really, really hard for enterprise to program hand by hand by developers and they would love to have out of the box and that's yet the innovation to come to, we have to come to see. But the first step to get there is that your software runs in multiple clouds and that's what Oracle's doing so well with my SQL >>Guys. Amazing. >>Go ahead. Yeah. >>Yeah. >>For example, >>Amazing amount of data knowledge and, and brain power in this market. Guys, I really want to thank you for coming on to the cube. Ron Holger. Mark, always a pleasure to have you on. Really appreciate your time. >>Well all the last names we're very happy for Romanic last and moderator. Thanks Dave for moderating us. All right, >>We'll see. We'll see you guys around. Safe travels to all and thank you for watching this power panel, The Truth About My SQL Heat Wave on the cube. Your leader in enterprise and emerging tech coverage.

>>The transformation of Dell into Dell emc. And now Dell Technologies has been one of the most remarkable stories in the history of the enterprise technology industry. The company has gone from a Wall Street darling rocket ship PC company to a Midling enterprise player, forced to go private to a debt laden powerhouse that controlled one of the most valuable assets in enterprise tech i e VMware, and now is a hundred billion dollar giant with a low margin business. A strong balance sheet in the broadest hardware portfolio in the industry and financial magic that Dell went through would make anyone's head spin. The last lever of Dell EMC of the Dell EMC deal was detailed in Michael Dell's book Play Nice But Win in a captivating chapter called Harry You and the Bolt from the Blue Michael Dell described how he and his colleagues came up with the final straw of how to finance the deal. >>If you haven't read it, you should. And of course, after years of successfully integrating EMC and becoming VMware's number one distribution channel, all of this culminated in the spin out of VMware from Dell and a massive wealth creation milestone pending, of course the Broadcom acquisition of VMware. So where's that leave Dell and what does the future look like for this technology powerhouse? Hello and welcome to the Cube's exclusive coverage of Dell Technology Summit 2022. My name is Dave Ante and I'll be hosting the program. Now today in conjunction with the Dell Tech Summit, we're gonna hear from four of Dell's senior executives, Tom Sweet, who's the CFO of Dell Technologies. He's gonna share his views on the company's position and opportunities going forward. He's gonna answer the question, why is Dell a good long-term investment? Then we'll hear from Jeff Boudreau, who's the president of Dell's ISG business. >>That unit is the largest profit driver of Dell. He's gonna talk about the product angle and specifically how Dell is thinking about solving the multi-cloud challenge. And then Sam Groot, who is the senior vice president of marketing, will come on the program and give us the update on Apex, which is Dell's as a service offering, and then the new Edge platform called Project Frontier. Now it's also cyber security Awareness month that we're gonna see if Sam has, you know, anything to say about that. Then finally, for a company that's nearly 40 years old, Dell actually has some pretty forward thinking philosophies when it comes to its culture and workforce. And we're gonna speak with Jen Vera, who's Dell's chief Human Resource Resource Officer about hybrid work and how Dell is thinking about the future of work. However, before we get into all this, I wanna share our independent perspectives on the company and some research that we'll introduce to frame the program. >>Now, as you know, we love data here at the cube and one of our partners, ETR has what we believe is the best spending intentions data for enterprise tech. So here's a graphic that shows ET R'S proprietary net score methodology in the vertical access. That's a measure of spending velocity. And on the X axis, his overlap of pervasiveness in the data sample, this is a cut for just the server, the storage, and the client sectors within the ETR taxonomy. So you can see Dell CSG products, laptops in particular are dominant on both the X and the Y dimensions. CSG is the client solutions group and accounts for nearly 60% of Dell's revenue and about half of its operating income. And then the arrow signifies that dot, that represents Dell's ISG business that we're gonna talk to Jeff Boudro about. That's the infrastructure solutions group. Now, ISG accounts for the bulk of of the remainder of Dell's business, and it is, it's, as I said, it's most profitable from a margin standpoint. >>It comprises the EMC storage business as well as the Dell server business and Dell's networking portfolio. And as a note, we didn't include networking in that cut had we done. So Cisco would've dominated the graphic. And frankly, Dell's networking business isn't industry leading in the same way that PCs, servers and storage are. And as you can see, the data confirms the leadership position Dell has in its client side, its server and its storage sectors. But the nuance is look at that red dotted line at 40% on the vertical axis that represents a highly elevated net score, and every company in the sector is below that line. Now we should mention that we also filtered the data for those companies with more than a hundred mentions in the survey, but the point remains the same. This is a mature business that generally is lower margin storage is the exception, but cloud has put pressure on margins even in that business in addition to the server space. >>The last point on this graphic is we put a box around VMware and it's prominently present on both the X and Y dimensions. VMware participates with purely software defined high margin offerings in this, in these spaces, and it gives you a sense of what might have been had Dell chosen to hold onto that asset or spin it into the company. But let's face it, the alternatives from Michael Dell were just too attractive and it's unlikely that a spin in would've unlocked the value in the way a spinout did, at least not in the near future. So let's take a look at the snapshot of Dell's financials. To give you a sense of where the company stands today, Dell is a company with over a hundred billion in revenue. Last quarter, it did more than 26 billion in revenue and grew at a quite amazing 9% rate for a company that size. >>But because it's a hardware company, primarily its margins are low with operating income, 10% of revenue, and at 21% gross margin with VMware on Dell's income statement before the spin, its gross margins. Were in the low thirties. Now, Dell only spends about 2% of revenue on r and d because because it's so big, it's still a lot of money. And you can see it is cash flow positive. Dell's free cash flow over the trailing 12 month period is 3.7 billion, but that's only 3.5% of trailing 12 month revenue. Dell's Apex, and of course it's hardware maintenance business is recurring revenue and that is only about 5 billion in revenue and it's growing at 8% annually. Now having said that, it's the equivalent of service now's total revenue. Of course, service now is 23% operating margin and 16% free cash flow margin and more than 5 billion in cash on the balance sheet and an 85 billion market cap. >>That's what software will do for you. Now Dell, like most companies, is staring at a challenging macro environment with FX headwinds, inflation, et cetera. You've heard the story and hence it's conservative and contracting revenue guidance. But the balance sheet transformation has been quite amazing. Thanks to VMware's cash flow, Michael Dell and his partners from Silver Lake at all, they put up around $4 billion of their own cash to buy EMC for 67 billion, and of course got VMware in the process. Most of that financing was debt that Dell put on its balance sheet to do the transaction to the tune of 46 billion. It added to the, to the balance sheet debt. Now Dell's debt, the core debt net of its financing operation is now down to 16 billion and it has 7 billion in cash in the balance sheet. So dramatic delta from just a few years ago. So pretty good picture. >>But Dell a hundred billion company is still only valued at 28 billion or around 26 cents on the revenue dollar H HP's revenue multiple is around 60 cents on the revenue dollar. HP Inc. Dell's, you know, laptop and PC competitor is around 45 cents. IBM's revenue multiple is almost two times. By the way, IBM has more than 50 billion in debt thanks to the Red Hat acquisition. And Cisco has a revenue multiple, it's over three x, about 3.3 x currently. So is Dell undervalued? Well, based on these comparisons with its peers, I'd say yes and no. Dell's performance relative to its peers in the market is very strong. It's winning and has an extremely adept go to market machine, but it's lack of software content and it's margin profile leads. One to believe that if it can continue to pull some valuation levers while entering new markets, it can get its valuation well above where it is today. >>So what are some of those levers and what might that look like going forward? Despite the fact that Dell doesn't have a huge software revenue component since spinning out VMware and it doesn't own a cloud, it plays in virtually every part of the hardware market and it can provide infrastructure for pr pretty much any application in any use case and pretty much any industry and pretty much any geography in the world and it can serve those customers. So its size is an advantage. However, the history for hardware heavy companies that try to get bigger has some notable failures, namely hp, which had to split into two businesses, HP Inc. And hp E and ibm, which has had in abysmal decade from a performance standpoint and has had to shrink to grow again and obviously do a massive 34 billion acquisition of Red Hat. So why will Dell do any better than these two? >>Well, it has a fantastic supply chain. It's a founder led company, which makes a cultural difference in our view, and it's actually comfortable with a low margin software, light business model. Most certainly, IBM wasn't comfortable with that and didn't have these characteristics, and HP was kind of just incomprehensible at the end. So Dell in my opinion, is a much better chance of doing well at a hundred billion or over, but we'll see how it navigates through the current headwinds as it's guiding down. Apex is essentially Dell's version of the cloud. Now remember, Dell got started late. HPE is further along from a model standpoint with GreenLake, but Dell has a larger portfolio, so they're gonna try to play on that advantage. But at the end of the day, these as a service offerings are simply ways to bring a utility model to existing customers and generate recurring revenue. >>And that's a good thing because customers will be loyal to an incumbent if it can deliver as a service and reduce risk for for customers. But the real opportunity lies ahead, specifically Dell is embracing the cloud model. It took a while, but they're on board as Matt Baker Dell's senior vice president of corporate strategy likes to say it's not a zero sum game. What it means by that is just because Dell doesn't own its own cloud, it doesn't mean Dell can't build value on top of hyperscale clouds, what we call super cloud. And that's Dell's strategy to take advantage of public cloud CapEx and connect on-prem to the cloud, create a unified experience across clouds and out to the edge that's ambitious and technically it's non-trivial. But listen to Dell's vice chairman and Coco, Jeff Clark, explain this vision, please play the clip. >>You said also technology and business models are tied together and enabler. That's if, if you believe that, then you have to believe that it's a business operating system that they want, They want to leverage whatever they can, and at the end of the day there's, they have to differentiate what they do. Well that, that's >>Exactly right. If I take that and what, what Dave was saying and and I, and I summarize it the following way, if we can take these cloud assets and capabilities, combine them in an orchestrated way to delivery a distributed platform, game over, >>Eh, pretty interesting, right? John Freer called it a business operating system. Essentially, I think of it sometimes as a cloud operating system or cloud operating environment to drive new business value on top of the hyperscale CapEx. Now, is it really game over? As Jeff Clark said, if Dell can do that, I'd say if it had that today, it might be game over for the competition, but this vision will take years to play out. And of course it's gotta be funded and now it's gonna take time. And in this industry it tends to move. Companies tend to move in lockstep. So as often as the case, it's gonna come down to execution and Dell's ability to enter new markets that are ideally, at least from my perspective, higher margin data management, extending data protection into cyber security as an adjacency and of course edge at telco slash 5G opportunities. >>All there for the taking. I mean, look, even if Dell doesn't go after more higher margin software content, it can thrive with a lower margin model just by penetrating new markets and throwing off cash from those markets. But by keeping close to customers and maybe through Tuck in acquisitions, it might be able to find the next nugget beyond today's cloud and on-prem models. And the last thing I'll call out is ecosystem. I say here ecosystem, ecosystem, ecosystem. Because a defining characteristic of a cloud player is ecosystem, and if Apex is Dell's cloud, it has the opportunity to expand that ecosystem dramatically. This is one of the company's biggest opportunities and challenges. At the same time, in my view, it's just scratching the surface on its partner ecosystem. And it's ecosystem today is is both reseller heavy and tech partner heavy. And that's not a bad thing, but in a, but it's starting to evolve more rapidly. >>The snowflake deal is an example of up to stack evolution, but I'd like to see much more out of that snowflake relationship and more relationships like that. Specifically I'd like to see more momentum with data and database. And if we live at a data heavy world, which we do, where the data and the database and data management offerings, you know, coexist and are super important to customers, like to see that inside of Apex, like to see that data play beyond storage, which is really where it is today and it's early days. The point is with Dell's go to market advantage, which which company wouldn't treat Dell like the on-prem hybrid edge super cloud player that I wanna partner with to drive more business. You'd be crazy not to, but Dell has a lot on its plate and we'd like to see some serious acceleration on the ecosystem front. In other words, Dell as both a selling partner and a business enabler with its platform, its programmable infrastructure as a service. And that is a moving target that will rapidly involve. And of course we'll be here watching and reporting. So thanks for watching this preview of Dell Technology Summit 2022. I'm Dave Vte. We hope you enjoy the rest of the program.

(upbeat music) >> The transformation of Dell into Dell EMC, and now Dell Technologies, has been one of the most remarkable stories in the history of the enterprise technology industry. The company has gone from a Wall Street darling rocketship PC company, to a middling enterprise player, forced to go private, to a debt-laden powerhouse that controlled one of the most valuable assets in enterprise tech, i.e., VMware. And now is a $100 billion dollar giant with a low-margin business, a strong balance sheet, and the broadest hardware portfolio in the industry. The financial magic that Dell went through would make anyone's head spin. The last lever of the Dell EMC deal was detailed in Michael Dell's book "Play Nice But Win," in a captivating chapter called "Harry You and the Bolt from the Blue." Michael Dell described how he and his colleagues came up with the final straw of how to finance the deal. If you haven't read it, you should. And of course, after years of successfully integrating EMC and becoming VMware's number-one distribution channel, all of this culminated in the spin-out of VMware from Dell, and a massive wealth-creation milestone, pending, of course, the Broadcom acquisition of VMware. So where's that leave Dell, and what does the future look like for this technology powerhouse? Hello, and welcome to theCUBE's exclusive coverage of Dell Technologies Summit 2022. My name is Dave Vellante, and I'll be hosting the program. Now, today in conjunction with the Dell Tech Summit, we're going to hear from four of Dell's senior executives. Tom Sweet, who's the CFO of Dell Technologies. He's going to share his views on the company's position and opportunities going forward. He's going to answer the question, why is Dell a good long-term investment? Then we'll hear from Jeff Boudreau, who's the President of Dell's ISG business. That unit is the largest profit driver of Dell. He's going to talk about the product angle, and specifically, how Dell is thinking about solving the multi-cloud challenge. And then Sam Grocott, who's the Senior Vice President of Marketing, will come on the program and give us the update on APEX, which is Dell's as-a-Service offering, and then the new edge platform called Project Frontier. Now, it's also Cybersecurity Awareness Month, that we're going to see if Sam has, you know, anything to say about that. Then finally, for a company that's nearly 40 years old, Dell actually has some pretty forward-thinking philosophies when it comes to its culture and workforce. And we're going to speak with Jenn Saavedra, who's Dell's Chief Human Resource Officer, about hybrid work, and how Dell is thinking about the future of work. However, before we get into all this, I want to share our independent perspectives on the company, and some research that we'll introduce to frame the program. Now, as you know, we love data here at theCUBE, and one of our partners, ETR, has what we believe is the best spending intentions data for enterprise tech. So here's a graphic that shows ETR's proprietary Net Score methodology on the vertical axis, that's a measure of spending velocity, and on the x-axis is overlap or pervasiveness in the data sample. This is a cut for just the server, the storage, and the client sectors within the ETR taxonomy. So you can see Dell's CSG products, laptops in particular, are dominant on both the x and the y dimensions. CSG is the Client Solutions Group, and accounts for nearly 60% of Dell's revenue, and about half of its operating income. And then the arrow signifies that dot that represents Dell's ISG business, that we're going to talk to Jeff Boudreau about. That's the Infrastructure Solutions Group. Now, ISG accounts for the bulk of the remainder of Dell's business, and it is its, as I said, its most profitable from a margin standpoint. It comprises the EMC storage business, as well as the Dell server business, and Dell's networking portfolio. And as a note, we didn't include networking in that cut. Had we done so, Cisco would've dominated the graphic. And frankly, Dell's networking business isn't industry leading in the same way that PCs, servers, and storage are. And as you can see, the data confirms the leadership position Dell has in its client side, its server, and its storage sectors. But the nuance is, look at that red dotted line at 40% on the vertical axis. That represents a highly elevated Net Score, and every company in the sector is below that line. Now, we should mention that we also filtered the data for those companies with more than a hundred mentions in the survey, but the point remains the same. This is a mature business that generally is lower margin. Storage is the exception, but cloud has put pressure on margins even in that business, in addition to the server space. The last point on this graphic is, we put a box around VMware, and it's prominently present on both the x and y dimensions. VMware participates with purely software-defined high-margin offerings in these spaces, and it gives you a sense of what might have been, had Dell chosen to hold onto that asset or spin it into the company. But let's face it, the alternatives for Michael Dell were just too attractive, and it's unlikely that a spin-in would've unlocked the value in the way a spin-out did, at least not in the near future. So let's take a look at the snapshot of Dell's financials, to give you a sense of where the company stands today. Dell is a company with over $100 billion dollars in revenue. Last quarter, it did more than 26 billion in revenue, and grew at a quite amazing 9% rate, for a company that size. But because it's a hardware company, primarily, its margins are low, with operating income 10% of revenue, and at 21% gross margin. With VMware on Dell's income statement before the spin, its gross margins were in the low 30s. Now, Dell only spends about 2% of revenue on R&D, but because it's so big, it's still a lot of money. And you can see it is cash-flow positive. Dell's free cash flow over the trailing 12-month period is 3.7 billion, but that's only 3.5% of trailing 12-month revenue. Dell's APEX, and of course its hardware maintenance business, is recurring revenue, and that is only about 5 billion in revenue, and it's growing at 8% annually. Now, having said that, it's the equivalent of ServiceNow's total revenue. Of course, ServiceNow has 23% operating margin and 16% free cash-flow margin, and more than $5 billion in cash on the balance sheet, and an $85 billion market cap. That's what software will do for you. Now Dell, like most companies, is staring at a challenging macro environment, with FX headwinds, inflation, et cetera. You've heard the story. And hence it's conservative, and contracting revenue guidance. But the balance sheet transformation has been quite amazing, thanks to VMware's cash flow. Michael Dell and his partners from Silver Lake et al., they put up around $4 billion of their own cash to buy EMC for 67 billion, and of course got VMware in the process. Most of that financing was debt that Dell put on its balance sheet to do the transaction, to the tune of $46 billion it added to the balance sheet debt. Now, Dell's debt, the core debt, net of its financing operation, is now down to 16 billion, and it has $7 billion in cash on the balance sheet. So a dramatic delta from just a few years ago. So, pretty good picture. But Dell, a $100 billion company, is still only valued at 28 billion, or around 26 cents on the revenue dollar. HPE's revenue multiple is around 60 cents on the revenue dollar. HP Inc., Dell's laptop and PC competitor, is around 45 cents. IBM's revenue multiple is almost two times. By the way, IBM has more than $50 billion in debt thanks to the Red Hat acquisition. And Cisco has a revenue multiple that's over 3x, about 3.3x currently. So is Dell undervalued? Well, based on these comparisons with its peers, I'd say yes, and no. Dell's performance, relative to its peers in the market, is very strong. It's winning, and has an extremely adept go-to-market machine, but its lack of software content and its margin profile leads one to believe that if it can continue to pull some valuation levers while entering new markets, it can get its valuation well above where it is today. So what are some of those levers, and what might that look like, going forward? Despite the fact that Dell doesn't have a huge software revenue component since spinning out VMware, and it doesn't own a cloud, it plays in virtually every part of the hardware market. And it can provide infrastructure for pretty much any application in any use case, in pretty much any industry, in pretty much any geography in the world. And it can serve those customers. So its size is an advantage. However, the history for hardware-heavy companies that try to get bigger has some notable failures, namely HP, which had to split into two businesses, HP Inc. and HPE, and IBM, which has had an abysmal decade from a performance standpoint, and has had to shrink to grow again, and obviously do a massive $34 billion acquisition of Red Hat. So why will Dell do any better than these two? Well, it has a fantastic supply chain. It's a founder-led company, which makes a cultural difference, in our view. And it's actually comfortable with a low-margin software-light business model. Most certainly, IBM wasn't comfortable with that, and didn't have these characteristics, and HP was kind of just incomprehensible at the end. So Dell in my opinion, has a much better chance of doing well at 100 billion or over, but we'll see how it navigates through the current headwinds as it's guiding down. APEX is essentially Dell's version of the cloud. Now, remember, Dell got started late. HPE is further along from a model standpoint with GreenLake, but Dell has a larger portfolio, so they're going to try to play on that advantage. But at the end of the day, these as-a-Service offerings are simply ways to bring a utility model to existing customers, and generate recurring revenue. And that's a good thing, because customers will be loyal to an incumbent if it can deliver as-a-Service and reduce risk for customers. But the real opportunity lies ahead. Specifically, Dell is embracing the cloud model. It took a while, but they're on board. As Matt Baker, Dell's Senior Vice President of Corporate Strategy, likes to say, it's not a zero-sum game. What he means by that is, just because Dell doesn't own its own cloud, it doesn't mean Dell can't build value on top of hyperscale clouds. What we call supercloud. And that's Dell's strategy, to take advantage of public cloud capex, and connect on-prem to the cloud, create a unified experience across clouds, and out to the edge. That's ambitious, and technically it's nontrivial. But listen to Dell's Vice Chairman and Co-COO, Jeff Clarke, explain this vision. Please play the clip. >> You said also, technology and business models are tied together, and an enabler. >> That's right. >> If you believe that, then you have to believe that it's a business operating system that they want. They want to leverage whatever they can, and at the end of the day, they have to differentiate what they do. >> Well, that's exactly right. If I take that and what Dave was saying, and I summarize it the following way: if we can take these cloud assets and capabilities, combine them in an orchestrated way to deliver a distributed platform, game over. >> Eh, pretty interesting, right? John Furrier called it a "business operating system." Essentially, I think of it sometimes as a cloud operating system, or cloud operating environment, to drive new business value on top of the hyperscale capex. Now, is it really game over, as Jeff Clarke said, if Dell can do that? Uh, (sucks in breath) I'd say if it had that today, it might be game over for the competition, but this vision will take years to play out. And of course, it's got to be funded. And that's going to take time, and in this industry, it tends to move, companies tend to move in lockstep. So, as often is the case, it's going to come down to execution and Dell's ability to enter new markets that are ideally, at least from my perspective, higher margin. Data management, extending data protection into cybersecurity as an adjacency, and of course, edge and telco/5G opportunities. All there for the taking. I mean, look, even if Dell doesn't go after more higher-margin software content, it can thrive with a lower-margin model just by penetrating new markets and throwing off cash from those markets. But by keeping close to customers, and maybe through tuck-in acquisitions, it might be able to find the next nugget beyond today's cloud and on-prem models. And the last thing I'll call out is ecosystem. I say here, "Ecosystem, ecosystem, ecosystem," because a defining characteristic of a cloud player is ecosystem, and if APEX is Dell's cloud, it has the opportunity to expand that ecosystem dramatically. This is one of the company's biggest opportunities and challenges at the same time, in my view. It's just scratching the surface on its partner ecosystem. And its ecosystem today is both reseller heavy and tech partner heavy. And that's not a bad thing, but it's starting to evolve more rapidly. The Snowflake deal is an example of up-the-stack evolution, but I'd like to see much more out of that Snowflake relationship, and more relationships like that. Specifically, I'd like to see more momentum with data and database. And if we live in a data-heavy world, which we do, where the data and the database and data management offerings, you know, coexist and are super important to customers, I'd like to see that inside of APEX. I'd like to see that data play beyond storage, which is really where it is today, in its early days. The point is, with Dell's go-to-market advantage, which company wouldn't treat Dell like the on-prem, hybrid, edge, supercloud player that I want to partner with to drive more business? You'd be crazy not to. But Dell has a lot on its plate, and we'd like to see some serious acceleration on the ecosystem front. In other words, Dell as both a selling partner and a business enabler with its platform, its programmable Infrastructure-as-a-Service. And that is a moving target that will rapidly evolve. And of course, we'll be here watching and reporting. So thanks for watching this preview of Dell Technologies Summit 2022. I'm Dave Vellante, we hope you enjoy the rest of the program. (upbeat music)

>>Hey everyone. Welcome back to Miami, Miami Beach. Specifically, not a bad location to have a conference. Lisa Martin here with the Cube live at IFS Unleashed. We're gonna be having a great conversation next about Ization moments of Service Rules. Royces here, as is the C of IFS for aerospace and defense. Scott Camani. Nick Ward joins us as well, the VP of Digital Systems at Roll Royce. Guys, excited to have you on the program and welcome back. >>Thank you very much. Nice to be back. It's >>Been three years since the last IFS show. I love How's Scott? I was talking with Darren Roots earlier today and I said, Well, didn't it used to be IFS world? And he said, Yes. And I said, I love the name. I would love to, to unpack that with your cheek marketing officer because it, there's a lot of, of, of power behind Unleash. A lot of companies do such and such world or accelerate, but we're talking about unleashing the power of the technology to help customers deliver those moments of service. Yes. Love it. So Scott, start us off here. Talk about ization. That's a relatively new term to me. Sure. Help me understand what it means, because IFS is a pioneer in this sense. >>We are. So one of the things that IFS is always trying to do is to try to find a way to help our customers to realize a moment of service. And that moment of service is really when they found the ability to delight their customers. And when we look at the way in which we're trying to drive those business outcomes for our customers, ization seems to be at the core of it. So whether it's the ability for a company to use a product, a service, or an outcome, they're driving ization in a way where they're shaping their business. They're orchestrating their customers and their people and their assets behind a val value chain that helps them to provide a delightful experience for their customers. And with IFS being focused on Lifecycle asset management, we no longer have customers that have to choose from best of suite or best of breed. They can actually have both with ifs. And that's something we're really excited to provide to our customers and more excited for our customers to realize that value with their customers, their partners. Along the way. >>You, you mentioned customer delight and it's a term that we, we all use it, right? But there's so much power and, and capabilities and metrics behind that phrase, customer delight, which will unpack Nick bringing you into the conversation. Talk to us a little bit about what your role is at Rolls Royce. My first thought when I saw you was, oh, the fancy cars, but we're talking about aerospace and the fence, so give us a little bit of a history. >>Okay. So yes, we don't make cars is the first point. So we are, we are power, we do power as a service. So we are most well known, I guess for large aircraft airliners. You know, if you've, if you've flown here to Miami, there's probably a 50 50 chance you've flown on a Rod Roy powered aircraft. Our market segment is what we call wide bodied aircraft where you go on, there's two aisles. So the larger section of the market, and we, we provide power, so we provide the engines, but more importantly, we've been a ization company, a service company for at least two decades. We, we have a, a service relationship we call total care. And the whole idea of total care is, yes, I have my engine, it's on my aircraft, but I take care of it. I make sure it's available to fly when you need to fly it. And all of the things that have to come together to make that happen, it's a service company. >>Service company. Talk to me a little bit about, and I wanna get got your perspective as well, but the relationship that Roll Royce and IFS have this is a little bit unique. >>Well, I can start, but I I think Nick's gonna be better served to tell us about that as our customer. Nick and I actually started this journey about four years ago, and what we did was, is we were working closely with our perspective customer Rolls-Royce identified what they were looking for as a desired business outcome. And then we found a way through the technology and the software that we provide to all of our enterprise customers globally to find a solution that actually helped to provide a, an outcome not only to Rolls-Royce, but also to our collective downstream customers, commercial operators around the globe. So that's where we started the journey and we're continuing our discussions around other solutions, but that's how we started and it's been an incredible partnership. We're so happy and proud to have Nick as a customer and a advocate of all things ifs and I'll let him kind of continue from his point of view how he sees the partnership in the relationship. >>No, thank you Scott. I think we've, we've always, we've valued the kind of relationship that we have because I think IFS has always got Rolls Royce in terms of strategic direction. What do we try to do? I said, we're a service company. You know, we, we are, we have to have a service relationship with our, our customers, our airlines. To have a service relationship, you have to be able to connect to your service customer. And ifs is a big part of how we connect for data. That's how do we understand what the airline is doing with the engines, but it's also how we return data back into the airline. So we are, we're get a very close integrated relation between us, our airlines, through a bridge that, that ifs create through the maintenance product. Got it. So it works really well. >>I I think I'd make one other point. One of the things that we've always focused on is quantifiable business value. The only way a partnership like this could possibly work is if we have a desired business outcome, but if we're providing value, So the value work that we did in conjunction with Rolls Royce and really identifying that helped to support the business case that allowed this partnership to really begin and flourish. So I I, I'd be remiss if I didn't mention that business value element that's really core to everything we do and all the, the conversations that Nick and I have. >>Well, it's all about outcomes. Absolutely. It's all about outcomes. It >>Is, it has to be about, it's about moments of service, right? That's why we're here, right? So perhaps a moment of service for Robs Royce is every time you're a passenger, you're going through the terminal. You expect your aircraft to be there, ready, waiting for you to get on and depart on time. And our moment of service is every aircraft takes off on time, every time we live. When we die by the quality of that statement, how well we live up to that statement, I think I checked this morning, there's something alike, 600 aircraft in the sky right now with Rolls Royce power carrying passengers. All of those passengers have relied on that moment. Service happening regularly like clockwork. Every single time you don't get any forgiveness for a delay, you get very little forgiveness for a cancellation that has to happen. And then so many things have to come together for that to happen. >>Those 600 aircraft, that's maybe 200,000 people right now in the sky, Wow. Those 200,000 people are trying to connect, They're trying to connect with friends, they're trying to connect with loved ones, family, colleagues, whatever the purpose is of that trip. It's really important to them. And we just have to make sure that that happens for us. We've had something like a million flights so far this year, 300 million people relying on that moment of so is happening. So I really resonate with, with the language that Scott users about the importance of sort of that focal point on when does it all come together? It comes together when as a passenger, I get on the plane and it goes and I get no issues. >>Right. Well people don't tolerate fragmented experiences anymore. No, no. I think one of the things that was in short supply during the pandemic was patience and tolerance. Sure. Not sure how much of that's gonna come back, right? But those integrated connected experiences, as you described so eloquently, Nick, those are table stakes for the customers, but also the brands behind them because of customers are unhappy, the churn rates go way up. And you see that reflected in obviously the success of the business and what you guys are doing together is seems to be quite powerful. Now then when you were on the cube with us three years ago in Boston at IFS back then you first introduced the intelligent engine and the Blue Data thread. Let's talk about the intelligent engine. Just give our audience a refresher of what that actually entails. >>So perhaps if we just step one one step back for that, just to understand how this fits in. So Roro is a service organization. We talked about that. What that means is we take a lot of the, the risk and the uncertainty away from our airline customers on the availability, the costs and maintenance effort associated with having a, having a chat engine. These are incredibly complicated and complex and sophisticated pieces of equipment. The most expensive, most sophisticated pieces of an aircraft. Managing that is, is difficult. And every airline does not want to have to focus on that. They wanna focus on being able to get the passenger on the air after, fly it, look after the airframe. So our role in that is to take that risk away, is to manage those engines, look after their health, look after their life, make sure they're available to fly whenever they need to fly. >>So for us to understand that, we then have to have data, we have to understand the state of every engine, where it is, the health of the engine, the life of that engine, what do we need to do next to that engine? And we can't do that unless we have data and that data flows into a digital platform. The intelligent engine, which is our cloud based ai, big data, all of the iot, all of the big buzzwords are there, right? So the data flows into that, that lets us run the models. It lets us understand, I can see something maybe it's a, it's a small issue, but if I leave it alone, it become a bigger issue. And maybe that will cause disruption further down the line. So we need to understand that we need to preempt it. So preemptive predictive maintenance is a, is a big part of the intelligent engine, but it's more than just that. >>It's also, we can understand how that engine is being flown. We can understand is it having a really intense flight? Is it having a more benign, gentle flight? Wow. That change time after the flight, typically after the flight. But what that means is we can then understand, actually we can keep that engine on the wing longer then you might otherwise have to do, If you have no data, you have to be conservative, safety rules, everything. Sure. So data allows you to say, actually I'm being overly conservative in this space. I can get more flying bios, flying hours from my product by extending the interval between maintenance and the intelligent engine has a large part to play in us justifying that we're able to do that. And then the final part that it does is eventually the engine is gonna have to come off from maintenance. >>These things fly 5 million miles between overhauls. You imagine you try to do that in your family car. It's, it doesn't happen. It's incredibly sophisticated thing can fly 5 million miles and then we take it off for a major overhaul. But there are thousands of these engines in the fleet. We have to understand which engine is going to come off when for what reason, and prepare our maintenance network to then receive the engine and deal with it and get it back to the customer. So the intelligent engine has a massive part to play in understanding the maintenance demand that the flying fleet is then creating. >>Wow, that's fascinating. And so you talked about that three years ago. What's next for that? I imagine there's only more evolution that's gonna happen. >>It keeps growing. It keeps growing. It's driven by the data. The more data we have, the more that we can do with that. I think as well that, you know, one of the big places that we've we've gone is you can do as much predictive analytics as you, like, there's a lot of people we'll talk about doing predictive analytics, but if you don't do the hard yards of turning predictive analytics into outcome Yeah. Then what did you get? You, you got a bit of smart advice. So we, we take that maintenance demand, we then have to understand how that drives the orchestration and the management of all the parts, the people, the work scope definition, the allocating an engine into a maintenance slot, exactly when it's gonna go. And what are we gonna do to, how do we control and manage our inventory to make sure that engine is gonna go through. >>How do we then actually execute the work inside our, our our overall shops? How do we get that engine back and and integrate our logistics process. So the intelligent engine is, if you like, the shiny front end of a process, it's all the buzzwords, but actually the hard yards behind the scene is just as if not more important to get right. And again, this is why I really like the moment of service concept. Because without that, the moment of service doesn't happen. The engine's not there, the part wasn't there. The field service maintenance guy wasn't there to go fix it. >>And brands are affected >>An, an aircraft on the ground earns no revenue for anybody. No. It's, it's a cost. It's it's a big sink of cost. It >>Is, it is. Absolutely. >>And you're helping aircraft only earn engines only earn when they fly. Yeah, >>Yeah. Absolutely. And what a fascinating, the intelligent engine. Scott, talk a little bit about, we talking about power, we can't not talk about sustainability. Yes, I understand that IFS has a new inaugural awards program that Rolls Roys was a recipient of the Change for Good sustainability awards. Congratulations. Thank you very much. And to Scott, talk to me a little bit about the Change for Good program sustainability program. What types of organizations across the industries of expertise are you looking for and why does Rules ROY really highlight what a winner embodies? >>So since Darren has joined IFS as the ceo, he's had a lot of intentional areas that we focused on. And sustainability has been one that's at the top of the list. IFS has a US ambassador Lewis Pew, who's our Chief Sustainability officer, and he helps us to provide worldwide coverage of the efforts around sustainability. So it's not just about ifss ability to become a more sustainable organization, but it's the solutions that IFS is putting together in the five verticals that we focus on that can help those organizations achieve a level of sustainability for their, for their downstream customers, their partners, and for their enterprises themselves. So when we look at, you know, the social ability for us to be more conscientious about leaving the world a better place or trying to do our best to leave the world not as bad as we came into it, sustainability is a real focus for us. And, you know, the way in which we can support an organization like Rolls Royce and Nickel obviously share those areas of focus from Rolls Royce. It's a perfect fit. And congratulations again for the award. Thank you. We're, we're, we're so excited to, to have shared that with you. We have some other customers that have achieved it across different categories, but it's an area of current and continuous focus for ifs. >>Nick, talk to us, take us out here as our last question is the, the focus on sustainability at Rolls Royce. Talk to us a little bit about that and what some of the major efforts are that you've got underway. >>I think, you know, very similar as, as, as Scott taught there, the focus within Rolls Royce as a strategic group level is really high aviation particularly, I mean we're a, we're an engineering company. We're a power company. Power inherently consumes natural resources. It tends to generate climate affecting outcomes. But at the same time, we are an innovative organization and if anybody's gonna help solve climate challenges, it's gonna be organizations like Rolls Royce who are able to bring different technologies into the market. So we have a responsibility to manage and, and optimize the behavior of our, our existing product suite. But we also have a, a vested interest in trying to move aviation on into the next, the next phase. We talk about sustainable aviation. Aviation has to earn the right to exist. People have choices. We've come out of covid, people are used to doing zoom and not flying. >>People are used to doing things when they don't necessarily get on an aircraft and do something. The aviation business always has to earn the right from the public to exist. And increasingly people will make choices about how they fly when they fly, how far they fly based on the sustainability footprint. So it's really important to us to help both our customers operate the aircraft in as sustainable and climate friendly way as we can. It's really important to find those, those balance points between the cost of an operation and it's the impact of an operation. If you go all over and say, I am going to be net, well, not even net to, but zero carbon by almost inference, that means I'm not gonna operate. You have to operate to get to an outcome. But how do I do that? Why I manage my cost, I manage the, the profitability, the organization doing it, right? >>So it has to be financially sustainable, it has to be sustainable for the people operating within it. It has to be sustainable for the planet, right? So we do that in lots of different ways in small places and, and in big places. So small things we do is we help the operator understand if you change your flight profile, you'll generate fewer emissions. You may avoid controls if you flying a different way, maybe you create trails, you'll lose, you'll lose less fuel while you're doing that. So it's cost effective for you. There was always a balance point there between the wear and tear on the engine versus the, the, the environmental impact. And you find that optimum place. One of the first things we started doing with, with Scott is we have a, a way that we life our engine components. And one of the very simple outcomes of that is using that data, the blue data for connection to the customer. >>If we can see, effectively see inside the engine about how well it's wearing and we can extend those maintenance intervals as we talked about, what that eventually does is it reduces the need to take the engine off, ship it around the world. Probably on a great big 7, 4 7 or maybe year or two ago on an Anson off four big engines flying a long distance trek, shipping our engine to an overhaul facility. We're avoiding something like 200 of those shop visit overhauls a year. So every year that's 200 flights there and back again, which don't happen, right? Collectively that's around about 15,000 automobile equivalent emissions just don't happen. So simple things we can do just starts to have accumulative effect, >>Right? Simple things that you're doing that, that have a huge impact. We could talk for so much longer on stability, I'm sure we're out of time, but I can see why Roll Royce was, was the winner of the Inocular award. Congratulations. Well deserved. Well >>Deserved. I well >>Deserved. So interesting to hear about the intelligent engine. So you're gonna have to come back. Hopefully we'll be here next year and we can hear more of the evolution. Cuz I have a feeling there's never a dual moment in what you're doing. >>It's never a dull moment. There's never an end point. >>No. >>Okay, >>Going Scott, Nick, thank you so much for joining me on the program today. Thank you, Lisa. It's great to have you talk through what's going on at ifx and the partnership with Rolls Royce. We >>Appreciate, and again, Nick, Nick, thank you for your continued support in the partnership. >>I thank you, Scott. We appreciate it. Likewise, thank >>You. Kudos all around. All right, for my guests, I'm Lisa Martin, you're watching a Cube live from Miami. We're at IFS unleashed. We'll be back shortly after a break with our next guests. So stick around.

(upbeat music) >> The transformation of Dell into Dell EMC and now Dell Technologies has been one of the most remarkable stories in the history of the enterprise technology industry. The company has gone from a Wall Street darling rocket ship PC company, to a middling enterprise player forced to go private, to a debt-laden powerhouse that controlled one of the most valuable assets in enterprise tech i.e VMware. And now is a 100 billion dollar giant with a low margin business, a strong balance sheet, and the broadest hardware portfolio in the industry. Financial magic that Dell went through would make anyone's head spin. The last lever of Dell EMC, of the Dell EMC deal was detailed in Michael Dell's book, "Play Nice But Win." In a captivating chapter called Harry You and the Bolt from the Blue, Michael Dell described how he and his colleagues came up with the final straw of how to finance the deal. If you haven't read it, you should. And, of course, after years of successfully integrating EMC and becoming VMware's number one distribution channel, all of this culminated in the spin out of VMware from Dell in a massive wealth creation milestone. Pending, of course, the Broadcom acquisition of VMware. So where's that leave Dell and what does the future look like for this technology powerhouse? Hello, and welcome to theCUBE's exclusive coverage of Dell Technology Summit 2022. My name is Dave Vellante and I'll be hosting the program. Now, today in conjunction with the Dell Tech Summit, we're going to hear from four of Dell's senior executives Tom Sweet, who's the CFO of Dell Technologies. He's going to share his views on the company's position and opportunities going forward. He's going to answer the question, why is Dell a good long-term investment? Then we'll hear from Jeff Boudreau who's the president of Dell's ISG business. That unit is the largest profit driver of Dell. He's going to talk about the product angle and specifically, how Dell is thinking about solving the multi-cloud challenge. And then Sam Grocott who is the senior vice president of marketing will come on the program and give us the update on Apex, which is Dell's as-a-service offering, and then the new edge platform called Project Frontier. Now, it's also Cyber Security Awareness month that we're going to see if Sam has anything to say about that. Then finally, for a company that's nearly 40 years old, Dell actually has some pretty forward-thinking philosophies when it comes to its culture and workforce. And we're going to speak with Jennifer Saavedra who's Dell's chief human resource officer about hybrid work and how Dell is thinking about the future of work. However, before we get into all this, I want to share our independent perspectives on the company and some research that will introduce to frame the program. Now, as you know, we love data here at theCUBE and one of our partners, ETR has what we believe is the best spending intentions data for enterprise tech. So here's a graphic that shows ETR's proprietary net score methodology in the vertical axis. That's a measure of spending velocity. And on the x-axis is overlap of pervasiveness in the data sample. This is a cut for just the server, the storage, and the client sectors within the ETR taxonomy. So you can see Dell CSG products, laptops in particular are dominant on both the X and the Y dimensions. CSG is the client solutions group and accounts for nearly 60% of Dell's revenue and about half of its operating income. And then the arrow signifies that dot that represents Dell's ISG business that we're going to talk to Jeff Boudreau about. That's the infrastructure solutions group. Now, ISG accounts for the bulk of the remainder of Dell's business and it is, as I said, it's most profitable from a margin standpoint. It comprises the EMC storage business as well as the Dell server business and Dell's networking portfolio. And as a note, we didn't include networking in that cut. Had we done so, SISCO would've dominated the graphic. And frankly, Dell's networking business is an industry-leading in the same way that PCs, servers, and storage are. And as you can see, the data confirms the leadership position Dell has in its client side, its server and its storage sectors. But the nuance is look at that red dotted line at 40% on the vertical axis. That represents a highly elevated net score and every company in the sector is below that line. Now, we should mention that we also filtered the data for those companies with more than a 100 mentions in the survey, but the point remains the same. This is a mature business that generally is lower margin. Storage is the exception but cloud has put pressure on margins even in that business in addition to the server space. The last point on this graphic is we put a box around VMware and it's prominently present on both the X and Y dimensions. VMware participates with purely software-defined high margin offerings in these spaces, and it gives you a sense of what might have been had Dell chosen to hold onto that asset or spin it into the company. But let's face it, the alternatives from Michael Dell were just too attractive and it's unlikely that a spin in would've unlocked the value in the way a spin-out did, at least not in the near future. So let's take a look at the snapshot of Dell's financials to give you a sense of where the company stands today. Dell is a company with over a 100 billion dollars in revenue. Last quarter, it did more than 26 billion in revenue and grew at a quite amazing 9% rate for a company that size. But because it's a hardware company primarily, its margins are low with operating income 10% of revenue and at 21% gross margin. With VMware on Dell's income statement, before the spin its gross margins were in the low 30s. Now, Dell only spends about 2% of revenue on R&D because because it's so big, it's still a lot of money. And you can see it is cash flow positive, Dell's free cash flow over the trailing 12-month period is 3.7 billion but that's only 3.5% of trailing 12-month revenue. Dell's Apex and of course it's hardware maintenance business is recurring revenue and that is only about 5 billion in revenue and it's growing at 8% annually. Now having said that, it's the equivalent of Service now's total revenue. Of course, Service now has 23% operating margin and 16% free cash flow margin and more than $5 billion in cash on the balance sheet and an 85 billion dollar market cap. That's what software will do for you. Now, Dell, like most companies, is staring at a challenging macro environment with FX headwinds, inflation, et cetera. You've heard the story, and hence it's conservative and contracting revenue guidance. But the balance sheet transformation has been quite amazing thanks to VMware's cash flow. Michael Dell and his partners from Silver Lake et al, they put up around $4 billion of their own cash to buy EMC for $67 billion and of course got VMware in the process. Most of that financing was debt that Dell put on its balance sheet to do the transaction to the tune of $46 billion it added to the balance sheet debt. Now, Dell's debt, the core debt, net of its financing operation is now down to 16 billion and it has 7 billion in cash in the balance sheet. So dramatic delta from just a few years ago. So pretty good picture. But Dell, a 100 billion company, is still only valued at 28 billion or around 26 cents on the revenue dollar. HPE's revenue multiple is around 60 cents on the revenue dollar. HP Inc, Dell's laptop and PC competitor, is around 45 cents. IBM's revenue multiple is almost two times. By the way, IBM has more than $50 billion in debt thanks to the Red Hat acquisition. And Cisco has a revenue multiple, it's over 3X, about 3.3X currently. So is Dell undervalued? Well, based on these comparisons with its peers, I'd say yes and no. Dell's performance relative to its peers in the market is very strong. It's winning and has an extremely adept go to market machine. But it's lack of software content and it's margin profile leads one to believe that if it can continue to pull some valuation levers while entering new markets, it can get its valuation well above where it is today. So what are some of those levers and what might that look like going forward? Despite the fact that Dell doesn't have a huge software revenue component, since spinning out VMware, and it doesn't own a cloud, it plays in virtually every part of the hardware market. And it can provide infrastructure for pretty much any application, in any use case, in pretty much any industry, in pretty much any geography in the world and it can serve those customers. So its size is an advantage. However, the history for hardware-heavy companies that try to get bigger has some notable failures. Namely HP which had to split into two businesses, HP Inc and HPE, and IBM which has had in abysmal decade from a performance standpoint and has had to shrink to grow again and obviously do a massive $34 billion acquisition of Red Hat. So why will Dell do any better than these two? Well, it has a fantastic supply chain. It's a founder-led company which makes a cultural difference, in our view, and it's actually comfortable with a low margin software light business model. Most certainly, IBM wasn't comfortable with that and didn't have these characteristics and HP was kind of just incomprehensible at the end. So Dell in my opinion is a much better chance of doing well at a 100 billion or over, but we'll see how it navigates through the current headwinds as it's guiding down. Apex is essentially Dell's version of the cloud. Now remember, Dell got started late. HPE is further along from a model standpoint with GreenLake. But Dell has a larger portfolio so they're going to try to play on that advantage. But at the end of the day, these as-a-service offerings are simply ways to bring a utility model to existing customers and generate recurring revenue. And that's a good thing because customers will be loyal to an incumbent if it can deliver as-a-service and reduce risk for customers. But the real opportunity lies ahead, specifically Dell is embracing the cloud model. It took a while, but they're on board. As Matt Baker, Dell's senior vice president of corporate strategy likes to say, it's not a zero sum game. What he means by that is just because Dell doesn't own its own cloud, it doesn't mean Dell can't build value on top of hyperscale clouds, what we call super cloud. And that's Dell's strategy to take advantage of public cloud CapEx and connect on-prem to the cloud, create a unified experience across clouds and out to the edge. That's ambitious and technically it's non-trivial. But listen to Dell's vice chairman and co-COO Jeff Clarke explain this vision. Please play the clip. >> You said also technology and business models are tied together and enabler. If you believe that, then you have to believe that it's a business operating system that they want. They want to leverage whatever they can and at the end of the day, they have to differentiate what they do. >> No, that's exactly right. If I take that and what Dave was saying and I summarize it the following way. If we can take these cloud assets and capabilities, combine them in an orchestrated way to deliver a distributed platform, game over. >> Yeah, pretty interesting, right? John Freer called it a business operating system. Essentially, I think of it sometimes as a cloud operating system or cloud operating environment to drive new business value on top of the hyperscale CapEx. Now, is it really game over as Jeff Clarke said, if Dell can do that? I'd say if it had that today, it might be game over for the competition but this vision will take years to play out, and of course it's got to be funded. And now it's going to take time and in this industry, it tends to move, companies tend to move in lockstep. So as often as the case, it's going to come down to execution and Dell's ability to enter new markets that are ideally, at least from my perspective, higher margin. Data management, extending data protection into cyber security as an adjacency and, of course, edge at Telco slash 5G opportunities. All there for the taking. I mean, look, even if Dell doesn't go after more higher margin software content, it can thrive with a lower margin model just by penetrating new markets and throwing off cash from those markets. But by keeping close to customers and maybe through tuck in acquisitions, it might be able to find the next nugget beyond today's cloud and on-prem models. And the last thing I'll call out is ecosystem. I say here ecosystem, ecosystem, ecosystem. Because a defining characteristic of a cloud player is ecosystem and if Apex is Dell's cloud, it has the opportunity to expand that ecosystem dramatically. This is one of the company's biggest opportunities and challenges at the same time, in my view. It's just scratching the surface on its partner ecosystem. And it's ecosystem today is is both reseller heavy and tech partner heavy. And that's not a bad thing, but it's starting to evolve more rapidly. The snowflake deal is an example of up to stack evolution. But I'd like to see much more out of that Snowflake relationship and more relationships like that. Specifically, I'd like to see more momentum with data and database. And if we live at a data heavy world, which we do, where the data and the database and data management offerings coexist and are super important to customers, I'd like to see that inside of Apex. I'd like to see that data play beyond storage which is really where it is today and it's early days. The point is, with Dell's go to market advantage, which company wouldn't treat Dell like the on-prem, hybrid, edge, super cloud player, that I want to partner with to drive more business? You'd be crazy not to. But Dell has a lot on its plate and we'd like to see some serious acceleration on the ecosystem front. In other words, Dell as both a selling partner and a business enabler with its platform. Its programmable infrastructure as-a-service. And that is a moving target that will rapidly involve. And, of course, we'll be here watching and reporting. So thanks for watching this preview of Dell Technology Summit 2022. I'm Dave Vellante, we hope you enjoy the rest of the program. (upbeat music)

>> From every ISV to solve the problems. You want there to be tools in place that you can use, either open source tools or whatever it is that help you build it. And slowly over time, that building will become easier and easier. So my question to you was, where do you see you playing? Do you see yourself playing to ISVs as a set of tools, which will make their life a lot easier and provide that work? >> Absolutely. >> If they don't have, so they don't have to do it. Or you're providing this for the end users? Or both? >> So it's a progression. If you go to the ISVs first, you're doomed to starved before you have time for that other option. >> Yeah. >> Right? So it's a question of phase, the phasing of it. And also if you go directly to end users, you can demonstrate the power of it and get the attention of the ISVs. I believe that the ISVs, especially those with the biggest footprints and the most, you know, coveted estates, they have already made massive investments at trying to solve decentralization of their software stack. And I believe that they have used it as a hook to try to move to a software as a service model and rope people into leasing their infrastructure. So if you look at the clouds that have been propped up by Autodesk or by Adobe, or you name the company, they are building proprietary makeshift solutions for decentralizing or hybrid clouding. Or maybe they're not even doing that at all and all they're is saying hey, if you want to get location agnosticness, then what you should just, is just move into our cloud. >> Right. >> And then they try to solve on the background how to decentralize it between different regions so they can have decent offerings in each region. But those who are more advanced have already made larger investments and will be more averse to, you know, throwing that stuff away, all of their makeshift machinery away, and using a platform that gives them high performance parallel, low level file system access, while at the same time having metadata-driven, you know, policy-based, intent-based orchestration to manage the diffusion of data across a decentralized infrastructure. They are not going to be as open because they've made such an investment and they're going to look at how do they monetize it. So what we have found with like the movie studios who are using us already, many of the app they're using, many of those software offerings, the ISVs have their own cloud that offers that software for the cloud. But what we got when I asked about this, 'cause I was dealt specifically into this question because I'm very interested to know how we're going to make that leap from end user upstream into the ISVs where I believe we need to, and they said, look, we cannot use these software ISV-specific SAS clouds for two reasons. Number one is we lose control of the data. We're giving it to them. That's security and other issues. And here you're talking about we're doing work for Disney, we're doing work for Netflix, and they're not going to let us put our data on those software clouds, on those SAS clouds. Secondly, in any reasonable pipeline, the data is shared by many different applications. We need to be agnostic as to the application. 'Cause the inputs to one application, you know, the output for one application provides the input to the next, and it's not necessarily from the same vendor. So they need to have a data platform that lets them, you know, go from one software stack, and you know, to run it on another. Because they might do the rendering with this and yet, they do the editing with that, and you know, et cetera, et cetera. So I think the further you go up the stack in the structured data and dedicated applications for specific functions in specific verticals, the further up the stack you go, the harder it is to justify a SAS offering where you're basically telling the end users you need to park all your data with us and then you can run your application in our cloud and get this. That ultimately is a dead end path versus having the data be open and available to many applications across this supercloud layer. >> Okay, so-- >> Is that making any sense? >> Yes, so if I could just ask a clarifying question. So, if I had to take Snowflake as an example, I think they're doing exactly what you're saying is a dead end, put everything into our proprietary system and then we'll figure out how to distribute it. >> Yeah. >> And and I think if you're familiar with Zhamak Dehghaniis' data mesh concept. Are you? >> A little bit, yeah. >> But in her model, Snowflake, a Snowflake warehouse is just a node on the mesh and that mesh is-- >> That's right. >> Ultimately the supercloud and you're an enabler of that is what I'm hearing. >> That's right. What they're doing up at the structured level and what they're talking about at the structured level we're doing at the underlying, unstructured level, which by the way has implications for how you implement those distributed database things. In other words, implementing a Snowflake on top of Hammerspace would have made building stuff like in the first place easier. It would allow you to easily shift and run the database engine anywhere. You still have to solve how to shard and distribute at the transaction layer above, so I'm not saying we're a substitute for what you need to do at the app layer. By the way, there is another example of that and that's Microsoft Office, right? It's one thing to share that, to have a file share where you can share all the docs. It's something else to have Word and PowerPoint, Excel know how to allow people to be simultaneously editing the same doc. That's always going to happen in the app layer. But not all applications need that level of, you know, in-app decentralization. You know, many of them, many workflows are pipelined, especially the ones that are very data intensive where you're doing drug discovery or you're doing rendering, or you're doing machine learning training. These things are human in the loop with large stages of processing across tens of thousands of cores. And I think that kind of data processing pipeline is what we're focusing on first. Not so much the Microsoft Office or the Snowflake, you know, parking a relational database because that takes a lot of application layer stuff and that's what they're good at. >> Right. >> But I think... >> Go ahead, sorry. >> Later entrance in these markets will find Hammerspace as a way to accelerate their work so they can focus more narrowly on just the stuff that's app-specific, higher level sharing in the app. >> Yes, Snowflake founders-- >> I think it might be worth mentioning also, just keep this confidential guys, but one of our customers is Blue Origin. And one of the things that we have found is kind of the point of what you're talking about with our customers. They're needing to build this and since it's not commercially available or they don't know where to look for it to be commercially available, they're all building themselves. So this layer is needed. And Blue is just one of the examples of quite a few we're now talking to. And like manufacturing, HPC, research where they're out trying to solve this problem with their own scripting tools and things like that. And I just, I don't know if there's anything you want to add, David, but you know, but there's definitely a demand here and customers are trying to figure out how to solve it beyond what Hammerspace is doing. Like the need is so great that they're just putting developers on trying to do it themselves. >> Well, and you know, Snowflake founders, they didn't have a Hammerspace to lean on. But, one of the things that's interesting about supercloud is we feel as though industry clouds will emerge, that as part of company's digital transformations, they will, you know, every company's a software company, they'll begin to build their own clouds and they will be able to use a Hammerspace to do that. >> A super pass layer. >> Yes. It's really, I don't know if David's speaking, I don't want to speak over him, but we can't hear you. May be going through a bad... >> Well, a regional, regional talks that make that possible. And so they're doing these render farms and editing farms, and it's a cloud-specific to the types of workflows in the median entertainment world. Or clouds specifically to workflows in the chip design world or in the drug and bio and life sciences exploration world. There are large organizations that are kind of a blend of end users, like the Broad, which has their own kind of cloud where they're asking collaborators to come in and work with them. So it starts to even blur who's an end user versus an ISV. >> Yes. >> Right? When you start talking about the massive data is the main gravity is to having lots of people participate. >> Yep, and that's where the value is. And that's where the value is. And this is a megatrend that we see. And so it's really important for us to get to the point of what is and what is not a supercloud and, you know, that's where we're trying to evolve. >> Let's talk about this for a second 'cause I want to, I want to challenge you on something and it's something that I got challenged on and it has led me to thinking differently than I did at first, which Molly can attest to. Okay? So, we have been looking for a way to talk about the concept of cloud of utility computing, run anything anywhere that isn't addressed in today's realization of cloud. 'Cause today's cloud is not run anything anywhere, it's quite the opposite. You park your data in AWS and that's where you run stuff. And you pretty much have to. Same with with Azure. They're using data gravity to keep you captive there, just like the old infrastructure guys did. But now it's even worse because it's coupled back with the software to some degree, as well. And you have to use their storage, networking, and compute. It's not, I mean it fell back to the mainframe era. Anyhow, so I love the concept of supercloud. By the way, I was going to suggest that a better term might be hyper cloud since hyper speaks to the multidimensionality of it and the ability to be in a, you know, be in a different dimension, a different plane of existence kind of thing like hyperspace. But super and hyper are somewhat synonyms. I mean, you have hyper cars and you have super cars and blah, blah, blah. I happen to like hyper maybe also because it ties into the whole Hammerspace notion of a hyper-dimensional, you know, reality, having your data centers connected by a wormhole that is Hammerspace. But regardless, what I got challenged on is calling it something different at all versus simply saying, this is what cloud has always meant to be. This is the true cloud, this is real cloud, this is cloud. And I think back to what happened, you'll remember, at Fusion IO we talked about IO memory and we did that because people had a conceptualization of what an SSD was. And an SSD back then was low capacity, low endurance, made to go military, aerospace where things needed to be rugged but was completely useless in the data center. And we needed people to imagine this thing as being able to displace entire SAND, with the kind of capacity density, performance density, endurance. And so we talked IO memory, we could have said enterprise SSD, and that's what the industry now refers to for that concept. What will people be saying five and 10 years from now? Will they simply say, well this is cloud as it was always meant to be where you are truly able to run anything anywhere and have not only the same APIs, but you're same data available with high performance access, all forms of access, block file and object everywhere. So yeah. And I wonder, and this is just me throwing it out there, I wonder if, well, there's trade offs, right? Giving it a new moniker, supercloud, versus simply talking about how cloud is always intended to be and what it was meant to be, you know, the real cloud or true cloud, there are trade-offs. By putting a name on it and branding it, that lets people talk about it and understand they're talking about something different. But it also is that an affront to people who thought that that's what they already had. >> What's different, what's new? Yes, and so we've given a lot of thought to this. >> Right, it's like you. >> And it's because we've been asked that why does the industry need a new term, and we've tried to address some of that. But some of the inside baseball that we haven't shared is, you remember the Web 2.0, back then? >> Yep. >> Web 2.0 was the same thing. And I remember Tim Burners Lee saying, "Why do we need Web 2.0? "This is what the Web was always supposed to be." But the truth is-- >> I know, that was another perfect-- >> But the truth is it wasn't, number one. Number two, everybody hated the Web 2.0 term. John Furrier was actually in the middle of it all. And then it created this groundswell. So one of the things we wrote about is that supercloud is an evocative term that catalyzes debate and conversation, which is what we like, of course. And maybe that's self-serving. But yeah, HyperCloud, Metacloud, super, meaning, it's funny because super came from Latin supra, above, it was never the superlative. But the superlative was a convenient byproduct that caused a lot of friction and flack, which again, in the media business is like a perfect storm brewing. >> The bad thing to have to, and I think you do need to shake people out of their, the complacency of the limitations that they're used to. And I'll tell you what, the fact that you even have the terms hybrid cloud, multi-cloud, private cloud, edge computing, those are all just referring to the different boundaries that isolate the silo that is the current limited cloud. >> Right. >> So if I heard correctly, what just, in terms of us defining what is and what isn't in supercloud, you would say traditional applications which have to run in a certain place, in a certain cloud can't run anywhere else, would be the stuff that you would not put in as being addressed by supercloud. And over time, you would want to be able to run the data where you want to and in any of those concepts. >> Or even modern apps, right? Or even modern apps that are siloed in SAS within an individual cloud, right? >> So yeah, I guess it's twofold. Number one, if you're going at the high application layers, there's lots of ways that you can give the appearance of anything running anywhere. The ISV, the SAS vendor can engineer stuff to have the ability to serve with low enough latency to different geographies, right? So if you go too high up the stack, it kind of loses its meaning because there's lots of different ways to make due and give the appearance of omni-presence of the service. Okay? As you come down more towards the platform layer, it gets harder and harder to mask the fact that supercloud is something entirely different than just a good regionally-distributed SAS service. So I don't think you, I don't think you can distinguish supercloud if you go too high up the stack because it's just SAS, it's just a good SAS service where the SAS vendor has done the hard work to give you low latency access from different geographic regions. >> Yeah, so this is one of the hardest things, David. >> Common among them. >> Yeah, this is really an important point. This is one of the things I've had the most trouble with is why is this not just SAS? >> So you dilute your message when you go up to the SAS layer. If you were to focus most of this around the super pass layer, the how can you host applications and run them anywhere and not host this, not run a service, not have a service available everywhere. So how can you take any application, even applications that are written, you know, in a traditional legacy data center fashion and be able to run them anywhere and have them have their binaries and their datasets and the runtime environment and the infrastructure to start them and stop them? You know, the jobs, the, what the Kubernetes, the job scheduler? What we're really talking about here, what I think we're really talking about here is building the operating system for a decentralized cloud. What is the operating system, the operating environment for a decentralized cloud? Where you can, and that the main two functions of an operating system or an operating environment are the process scheduler, the thing that's scheduling what is running where and when and so forth, and the file system, right? The thing that's supplying a common view and access to data. So when we talk about this, I think that the strongest argument for supercloud is made when you go down to the platform layer and talk of it, talk about it as an operating environment on which you can run all forms of applications. >> Would you exclude--? >> Not a specific application that's been engineered as a SAS. (audio distortion) >> He'll come back. >> Are you there? >> Yeah, yeah, you just cut out for a minute. >> I lost your last statement when you broke up. >> We heard you, you said that not the specific application. So would you exclude Snowflake from supercloud? >> Frankly, I would. I would. Because, well, and this is kind of hard to do because Snowflake doesn't like to, Frank doesn't like to talk about Snowflake as a SAS service. It has a negative connotation. >> But it is. >> I know, we all know it is. We all know it is and because it is, yes, I would exclude them. >> I think I actually have him on camera. >> There's nothing in common. >> I think I have him on camera or maybe Benoit as saying, "Well, we are a SAS." I think it's Slootman. I think I said to Slootman, "I know you don't like to say you're a SAS." And I think he said, "Well, we are a SAS." >> Because again, if you go to the top of the application stack, there's any number of ways you can give it location agnostic function or you know, regional, local stuff. It's like let's solve the location problem by having me be your one location. How can it be decentralized if you're centralizing on (audio distortion)? >> Well, it's more decentralized than if it's all in one cloud. So let me actually, so the spectrum. So again, in the spirit of what is and what isn't, I think it's safe to say Hammerspace is supercloud. I think there's no debate there, right? Certainly among this crowd. And I think we can all agree that Dell, Dell Storage is not supercloud. Where it gets fuzzy is this Snowflake example or even, how about a, how about a Cohesity that instantiates its stack in different cloud regions in different clouds, and synchronizes, however magic sauce it does that. Is that a supercloud? I mean, so I'm cautious about having too strict of a definition 'cause then only-- >> Fair enough, fair enough. >> But I could use your help and thoughts on that. >> So I think we're talking about two different spectrums here. One is the spectrum of platform to application-specific. As you go up the application stack and it becomes this specific thing. Or you go up to the more and more structured where it's serving a specific application function where it's more of a SAS thing. I think it's harder to call a SAS service a supercloud. And I would argue that the reason there, and what you're lacking in the definition is to talk about it as general purpose. Okay? Now, that said, a data warehouse is general purpose at the structured data level. So you could make the argument for why Snowflake is a supercloud by saying that it is a general purpose platform for doing lots of different things. It's just one at a higher level up at the structured data level. So one spectrum is the high level going from platform to, you know, unstructured data to structured data to very application-specific, right? Like a specific, you know, CAD/CAM mechanical design cloud, like an Autodesk would want to give you their cloud for running, you know, and sharing CAD/CAM designs, doing your CAD/CAM anywhere stuff. Well, the other spectrum is how well does the purported supercloud technology actually live up to allowing you to run anything anywhere with not just the same APIs but with the local presence of data with the exact same runtime environment everywhere, and to be able to correctly manage how to get that runtime environment anywhere. So a Cohesity has some means of running things in different places and some means of coordinating what's where and of serving diff, you know, things in different places. I would argue that it is a very poor approximation of what Hammerspace does in providing the exact same file system with local high performance access everywhere with metadata ability to control where the data is actually instantiated so that you don't have to wait for it to get orchestrated. But even then when you do have to wait for it, it happens automatically and so it's still only a matter of, well, how quick is it? And on the other end of the spectrum is you could look at NetApp with Flexcache and say, "Is that supercloud?" And I would argue, well kind of because it allows you to run things in different places because it's a cache. But you know, it really isn't because it presumes some central silo from which you're cacheing stuff. So, you know, is it or isn't it? Well, it's on a spectrum of exactly how fully is it decoupling a runtime environment from specific locality? And I think a cache doesn't, it stretches a specific silo and makes it have some semblance of similar access in other places. But there's still a very big difference to the central silo, right? You can't turn off that central silo, for example. >> So it comes down to how specific you make the definition. And this is where it gets kind of really interesting. It's like cloud. Does IBM have a cloud? >> Exactly. >> I would say yes. Does it have the kind of quality that you would expect from a hyper-scale cloud? No. Or see if you could say the same thing about-- >> But that's a problem with choosing a name. That's the problem with choosing a name supercloud versus talking about the concept of cloud and how true up you are to that concept. >> For sure. >> Right? Because without getting a name, you don't have to draw, yeah. >> I'd like to explore one particular or bring them together. You made a very interesting observation that from a enterprise point of view, they want to safeguard their store, their data, and they want to make sure that they can have that data running in their own workflows, as well as, as other service providers providing services to them for that data. So, and in in particular, if you go back to, you go back to Snowflake. If Snowflake could provide the ability for you to have your data where you wanted, you were in charge of that, would that make Snowflake a supercloud? >> I'll tell you, in my mind, they would be closer to my conceptualization of supercloud if you can instantiate Snowflake as software on your own infrastructure, and pump your own data to Snowflake that's instantiated on your own infrastructure. The fact that it has to be on their infrastructure or that it's on their, that it's on their account in the cloud, that you're giving them the data and they're, that fundamentally goes against it to me. If they, you know, they would be a pure, a pure plate if they were a software defined thing where you could instantiate Snowflake machinery on the infrastructure of your choice and then put your data into that machinery and get all the benefits of Snowflake. >> So did you see--? >> In other words, if they were not a SAS service, but offered all of the similar benefits of being, you know, if it were a service that you could run on your own infrastructure. >> So did you see what they announced, that--? >> I hope that's making sense. >> It does, did you see what they announced at Dell? They basically announced the ability to take non-native Snowflake data, read it in from an object store on-prem, like a Dell object store. They do the same thing with Pure, read it in, running it in the cloud, and then push it back out. And I was saying to Dell, look, that's fine. Okay, that's interesting. You're taking a materialized view or an extended table, whatever you're doing, wouldn't it be more interesting if you could actually run the query locally with your compute? That would be an extension that would actually get my attention and extend that. >> That is what I'm talking about. That's what I'm talking about. And that's why I'm saying I think Hammerspace is more progressive on that front because with our technology, anybody who can instantiate a service, can make a service. And so I, so MSPs can use Hammerspace as a way to build a super pass layer and host their clients on their infrastructure in a cloud-like fashion. And their clients can have their own private data centers and the MSP or the public clouds, and Hammerspace can be instantiated, get this, by different parties in these different pieces of infrastructure and yet linked together to make a common file system across all of it. >> But this is data mesh. If I were HPE and Dell it's exactly what I'd be doing. I'd be working with Hammerspace to create my own data. I'd work with Databricks, Snowflake, and any other-- >> Data mesh is a good way to put it. Data mesh is a good way to put it. And this is at the lowest level of, you know, the underlying file system that's mountable by the operating system, consumed as a real file system. You can't get lower level than that. That's why this is the foundation for all of the other apps and structured data systems because you need to have a data mesh that can at least mesh the binary blob. >> Okay. >> That hold the binaries and that hold the datasets that those applications are running. >> So David, in the third week of January, we're doing supercloud 2 and I'm trying to convince John Furrier to make it a data slash data mesh edition. I'm slowly getting him to the knothole. I would very much, I mean you're in the Bay Area, I'd very much like you to be one of the headlines. As Zhamak Dehghaniis going to speak, she's the creator of Data Mesh, >> Sure. >> I'd love to have you come into our studio as well, for the live session. If you can't make it, we can pre-record. But you're right there, so I'll get you the dates. >> We'd love to, yeah. No, you can count on it. No, definitely. And you know, we don't typically talk about what we do as Data Mesh. We've been, you know, using global data environment. But, you know, under the covers, that's what the thing is. And so yeah, I think we can frame the discussion like that to line up with other, you know, with the other discussions. >> Yeah, and Data Mesh, of course, is one of those evocative names, but she has come up with some very well defined principles around decentralized data, data as products, self-serve infrastructure, automated governance, and and so forth, which I think your vision plugs right into. And she's brilliant. You'll love meeting her. >> Well, you know, and I think.. Oh, go ahead. Go ahead, Peter. >> Just like to work one other interface which I think is important. How do you see yourself and the open source? You talked about having an operating system. Obviously, Linux is the operating system at one level. How are you imagining that you would interface with cost community as part of this development? >> Well, it's funny you ask 'cause my CTO is the kernel maintainer of the storage networking stack. So how the Linux operating system perceives and consumes networked data at the file system level, the network file system stack is his purview. He owns that, he wrote most of it over the last decade that he's been the maintainer, but he's the gatekeeper of what goes in. And we have leveraged his abilities to enhance Linux to be able to use this decentralized data, in particular with decoupling the control plane driven by metadata from the data access path and the many storage systems on which the data gets accessed. So this factoring, this splitting of control plane from data path, metadata from data, was absolutely necessary to create a data mesh like we're talking about. And to be able to build this supercloud concept. And the highways on which the data runs and the client which knows how to talk to it is all open source. And we have, we've driven the NFS 4.2 spec. The newest NFS spec came from my team. And it was specifically the enhancements needed to be able to build a spanning file system, a data mesh at a file system level. Now that said, our file system itself and our server, our file server, our data orchestration, our data management stuff, that's all closed source, proprietary Hammerspace tech. But the highways on which the mesh connects are actually all open source and the client that knows how to consume it. So we would, honestly, I would welcome competitors using those same highways. They would be at a major disadvantage because we kind of built them, but it would still be very validating and I think only increase the potential adoption rate by more than whatever they might take of the market. So it'd actually be good to split the market with somebody else to come in and share those now super highways for how to mesh data at the file system level, you know, in here. So yeah, hopefully that answered your question. Does that answer the question about how we embrace the open source? >> Right, and there was one other, just that my last one is how do you enable something to run in every environment? And if we take the edge, for example, as being, as an environment which is much very, very compute heavy, but having a lot less capability, how do you do a hold? >> Perfect question. Perfect question. What we do today is a software appliance. We are using a Linux RHEL 8, RHEL 8 equivalent or a CentOS 8, or it's, you know, they're all roughly equivalent. But we have bundled and a software appliance which can be instantiated on bare metal hardware on any type of VM system from VMware to all of the different hypervisors in the Linux world, to even Nutanix and such. So it can run in any virtualized environment and it can run on any cloud instance, server instance in the cloud. And we have it packaged and deployable from the marketplaces within the different clouds. So you can literally spin it up at the click of an API in the cloud on instances in the cloud. So with all of these together, you can basically instantiate a Hammerspace set of machinery that can offer up this file system mesh. like we've been using the terminology we've been using now, anywhere. So it's like being able to take and spin up Snowflake and then just be able to install and run some VMs anywhere you want and boom, now you have a Snowflake service. And by the way, it is so complete that some of our customers, I would argue many aren't even using public clouds at all, they're using this just to run their own data centers in a cloud-like fashion, you know, where they have a data service that can span it all. >> Yeah and to Molly's first point, we would consider that, you know, cloud. Let me put you on the spot. If you had to describe conceptually without a chalkboard what an architectural diagram would look like for supercloud, what would you say? >> I would say it's to have the same runtime environment within every data center and defining that runtime environment as what it takes to schedule the execution of applications, so job scheduling, runtime stuff, and here we're talking Kubernetes, Slurm, other things that do job scheduling. We're talking about having a common way to, you know, instantiate compute resources. So a global compute environment, having a common compute environment where you can instantiate things that need computing. Okay? So that's the first part. And then the second is the data platform where you can have file block and object volumes, and have them available with the same APIs in each of these distributed data centers and have the exact same data omnipresent with the ability to control where the data is from one moment to the next, local, where all the data is instantiate. So my definition would be a common runtime environment that's bifurcate-- >> Oh. (attendees chuckling) We just lost them at the money slide. >> That's part of the magic makes people listen. We keep someone on pin and needles waiting. (attendees chuckling) >> That's good. >> Are you back, David? >> I'm on the edge of my seat. Common runtime environment. It was like... >> And just wait, there's more. >> But see, I'm maybe hyper-focused on the lower level of what it takes to host and run applications. And that's the stuff to schedule what resources they need to run and to get them going and to get them connected through to their persistence, you know, and their data. And to have that data available in all forms and have it be the same data everywhere. On top of that, you could then instantiate applications of different types, including relational databases, and data warehouses and such. And then you could say, now I've got, you know, now I've got these more application-level or structured data-level things. I tend to focus less on that structured data level and the application level and am more focused on what it takes to host any of them generically on that super pass layer. And I'll admit, I'm maybe hyper-focused on the pass layer and I think it's valid to include, you know, higher levels up the stack like the structured data level. But as soon as you go all the way up to like, you know, a very specific SAS service, I don't know that you would call that supercloud. >> Well, and that's the question, is there value? And Marianna Tessel from Intuit said, you know, we looked at it, we did it, and it just, it was actually negative value for us because connecting to all these separate clouds was a real pain in the neck. Didn't bring us any additional-- >> Well that's 'cause they don't have this pass layer underneath it so they can't even shop around, which actually makes it hard to stand up your own SAS service. And ultimately they end up having to build their own infrastructure. Like, you know, I think there's been examples like Netflix moving away from the cloud to their own infrastructure. Basically, if you're going to rent it for more than a few months, it makes sense to build it yourself, if it's at any kind of scale. >> Yeah, for certain components of that cloud. But if the Goldman Sachs came to you, David, and said, "Hey, we want to collaborate and we want to build "out a cloud and essentially build our SAS system "and we want to do that with Hammerspace, "and we want to tap the physical infrastructure "of not only our data centers but all the clouds," then that essentially would be a SAS, would it not? And wouldn't that be a Super SAS or a supercloud? >> Well, you know, what they may be using to build their service is a supercloud, but their service at the end of the day is just a SAS service with global reach. Right? >> Yeah. >> You know, look at, oh shoot. What's the name of the company that does? It has a cloud for doing bookkeeping and accounting. I forget their name, net something. NetSuite. >> NetSuite. NetSuite, yeah, Oracle. >> Yeah. >> Yep. >> Oracle acquired them, right? Is NetSuite a supercloud or is it just a SAS service? You know? I think under the covers you might ask are they using supercloud under the covers so that they can run their SAS service anywhere and be able to shop the venue, get elasticity, get all the benefits of cloud in the, to the benefit of their service that they're offering? But you know, folks who consume the service, they don't care because to them they're just connecting to some endpoint somewhere and they don't have to care. So the further up the stack you go, the more location-agnostic it is inherently anyway. >> And I think it's, paths is really the critical layer. We thought about IAS Plus and we thought about SAS Minus, you know, Heroku and hence, that's why we kind of got caught up and included it. But SAS, I admit, is the hardest one to crack. And so maybe we exclude that as a deployment model. >> That's right, and maybe coming down a level to saying but you can have a structured data supercloud, so you could still include, say, Snowflake. Because what Snowflake is doing is more general purpose. So it's about how general purpose it is. Is it hosting lots of other applications or is it the end application? Right? >> Yeah. >> So I would argue general purpose nature forces you to go further towards platform down-stack. And you really need that general purpose or else there is no real distinguishing. So if you want defensible turf to say supercloud is something different, I think it's important to not try to wrap your arms around SAS in the general sense. >> Yeah, and we've kind of not really gone, leaned hard into SAS, we've just included it as a deployment model, which, given the constraints that you just described for structured data would apply if it's general purpose. So David, super helpful. >> Had it sign. Define the SAS as including the hybrid model hold SAS. >> Yep. >> Okay, so with your permission, I'm going to add you to the list of contributors to the definition. I'm going to add-- >> Absolutely. >> I'm going to add this in. I'll share with Molly. >> Absolutely. >> We'll get on the calendar for the date. >> If Molly can share some specific language that we've been putting in that kind of goes to stuff we've been talking about, so. >> Oh, great. >> I think we can, we can share some written kind of concrete recommendations around this stuff, around the general purpose, nature, the common data thing and yeah. >> Okay. >> Really look forward to it and would be glad to be part of this thing. You said it's in February? >> It's in January, I'll let Molly know. >> Oh, January. >> What the date is. >> Excellent. >> Yeah, third week of January. Third week of January on a Tuesday, whatever that is. So yeah, we would welcome you in. But like I said, if it doesn't work for your schedule, we can prerecord something. But it would be awesome to have you in studio. >> I'm sure with this much notice we'll be able to get something. Let's make sure we have the dates communicated to Molly and she'll get my admin to set it up outside so that we have it. >> I'll get those today to you, Molly. Thank you. >> By the way, I am so, so pleased with being able to work with you guys on this. I think the industry needs it very bad. They need something to break them out of the box of their own mental constraints of what the cloud is versus what it's supposed to be. And obviously, the more we get people to question their reality and what is real, what are we really capable of today that then the more business that we're going to get. So we're excited to lend the hand behind this notion of supercloud and a super pass layer in whatever way we can. >> Awesome. >> Can I ask you whether your platforms include ARM as well as X86? >> So we have not done an ARM port yet. It has been entertained and won't be much of a stretch. >> Yeah, it's just a matter of time. >> Actually, entertained doing it on behalf of NVIDIA, but it will absolutely happen because ARM in the data center I think is a foregone conclusion. Well, it's already there in some cases, but not quite at volume. So definitely will be the case. And I'll tell you where this gets really interesting, discussion for another time, is back to my old friend, the SSD, and having SSDs that have enough brains on them to be part of that fabric. Directly. >> Interesting. Interesting. >> Very interesting. >> Directly attached to ethernet and able to create a data mesh global file system, that's going to be really fascinating. Got to run now. >> All right, hey, thanks you guys. Thanks David, thanks Molly. Great to catch up. Bye-bye. >> Bye >> Talk to you soon.

>>The Cube presents UI Path Forward five, brought to you by UI Path. >>Hi everybody. Welcome to Las Vegas. We're here in the Venetian, formerly the Sans Convention Center covering UI Path Forward five. This is the fourth time the Cube has covered forward, not counting the years during Covid, but UiPath was one of the first companies last year to bring back physical events. We did it at the Bellagio last year, Lisa Martin and myself. Today, my co-host is David Nicholson, coming off of last week's awesome CrowdStrike show back here in Vegas. David talking about UI path. UI path is a company that had a very strange path, as I wrote one time to IPO this company that was founded in 2005 and was basically a development shop. And then they realized they got lightning in a bottle with this RPA thing. Yeah. And Daniel Deez, the founder of the company, just really drove it hard and they really didn't do any big kind of VC raise for several years. >>And then all of a sudden, boom, the rocket ship took off, kind of really got out over their skis a little bit, but then got to IPO and, and has had a very successful sort of penetration into the market. The IPO obviously has not gone as well. We can talk about that, but, but they've hit a billion dollars in arr. There aren't a lot of companies that, you know, have hit a billion dollars in ARR that quickly. These guys had massive valuations that were cut back, obviously with the, with the downturn, but also some execution misuses. But the one thing about UiPath, Dave, is they've been very successful at penetrating customers. And that's the thing you always get at forward customer stories. And the other thing I'll, I'll, I'll add is that it started out with the narrative was, oh, automation software, robots, they're gonna take away jobs. The opposite has happened, the zero unemployment. Now basically we're heading into a recession, we're actually probably in a recession. And so how do you combat a recession? You put automation to work and gain if, if, if, if inflation is five to 7% and you can get 20% from automation. Well, it's a good roi. But you sat in the keynotes, it was really your first exposure to the company. What were your thoughts? >>Yeah, I think the whole subject is interesting. I think if you've been involved in tech for a while, the first thing you think of is, well, hold on a second. Isn't this just high tech scripting? Aren't you essentially just automating stuff? How, how cool can that possibly be? >>Well, it kinda was in the >>Beginning. Yeah, yeah. But, but, but when you dig into it, to your, to your point about the concern about displacing human beings, the first things that can automate it are the mundane and the repetitive tasks, which then frees individuals up frontline individuals who are doing those tasks to do more strategic things for the business. So when you, when we, you know, one of the things that was talked about in the keynote was this idea of an army of citizen developers within an organization. Not, you know, not just folks who are innovating and automating at the core of enterprise applications, but also folks out on the front line automating the tasks that are interfering with their productivity. So it seems like it's a win-win for, for everybody throughout the enterprise. >>Yeah. So let's take a, let's take folks through the, the keynote to, basically we learned there are 3,500 people here, roughly, you know, we're in the Venetian and we do a lot of shows at, at the Venetian, formerly the San Convention Center. The one thing about UiPath, they, they are a cool company. Yeah, they are orange colors, kinda like pure storage, but they got the robots moving around. The setup is very nice, it's very welcoming and very cool, but 300 3500 attendees, including partners and UiPath employees, 250 sessions. They've got a CIO, automation council and a pickleball court inside this hall, which pickleball is, you know, all the rage. So Bobby, Patrick and Mary Telo kicked it off. Bobby's the cmo, Mary's the head of branding, and Bobby raised four themes. It it, this is a tool that it's, this is RPA is going from a tool to a way of operating and innovating. >>The second thing is, the big news here is the UI path business platform, something like that. They're calling, but they're talking about about platform and they're really super gluing that to digital transformation. The third is really outcomes shifting from tactical. I have a robot, a software robot on my desk doing, you know, mimicking what I do with the script to something that's transformative. We're seeing this operationalized very deeply. We'll go into some examples. And then the fourth theme is automation is being featured as a strategic line item in annual reports. Bobby Patrick, as he left the stage, I think he was commenting on my piece where I said that RPA automation is more discretionary than some other things. He said, this is not discretionary, it's strategic. You know, unfortunately when you're heading into a recession, you can, you can put off some of the more strategic items. However, the flip side of that, Dave, is as they were saying before, if you're gonna, if if you're, if you're looking at five to 7% inflation may be a way to attack that is with automation. Yeah. >>There's no question, there's no question that automation is a way to attack that. There's no question that automation is critical moving forward. There's no question that we have moved. We're in the, you know, we're, we're still in the age of cloud, but automation is gonna be absolutely critical. The question is, what will UI path's role be in that market? And, and, and when you hear, when you hear UI path talk about platform versus tool sets and things like that, that's a critical differentiator because if they are just a tool, then why wouldn't someone exploit a tool that is within an application environment instead of exploiting a platform? So what I'm gonna be looking for in terms of the, the folks we talked to over the next few days is this question of, you know, make the case that this is actually a platform that extends across all kinds of application environments. If they can't seize that high ground moving forward, it's it's gonna be, it's gonna be tough for them. >>Well, they're betting the company on >>That, that's Rob Ensslin coming in. That's why he's part of the, the equation. But >>That platform play is they are betting the company. And, and the reason is, so the, the, the history here is in the early days of this sort of RPA craze, Automation Anywhere and UI path went out, they both raised a ton of money. UI Path rocketed out to the lead. They had a much e easier to install, you know, Automation Anywhere, Blue Prism, some of the other legacy business process folks, you know, kind of had on-prem, Big Stacks, UiPath came in a really simple self-serve platform and took off and really got a foothold in the market. And then started building or or making some of these acquisitions like Process Gold, like cloud elements, which is API automation. More recently Reiner, We, which is natural language processing. We heard them up on the stage today and they've been putting that together to do not just rpa but process mining, task mining, you know, document automation, et cetera. >>And so Rob Ins insulin was brought in from Google, formerly Google and SAP, to really provide that sort of financial and go to market expertise as well as Shim Gupta who's, who's the cfo. So they, they, and they were kinda late with that. They sort of did all this post ipo. I wish they had done it, you know, somewhat beforehand, but they're sort of bringing in that adult supervision supervision that's necessary. Rob Sland, I thought was very cogent. He was assertive on stage, he was really clear, he was energetic. He talked about the phases, e r p, Internet cloud and the now automation is a new S-curve. He quoted a Forester analyst talking about that. He also had a great quote. He said, you know, the old adage better, faster, cheaper, pick two. He said, You don't have to do that anymore with automation. He cited reports from analysts, 50% efficiency improvement, 40% productivity improvement, 40% improvement in customer satisfaction. >>And then what I always, again, love about UiPath is they're no shortage of customers. They do as good a job as anybody, and I think I would say the best of, of, of getting customers to talk about their experiences. You'll see that on the cube all this week, talked about Changi airport from Singapore. They're adding 50 able to service 50 million new customers, new travelers with no new headcount company called Vital or retail. And how you say that a hundred thousand employees having access to it. Uber, 150% ROI in one year. New York state getting 1.2 million relief checks out in two weeks and identifying potentially 12 billion in fraud. They also talk about 25% of the, of the UI path finance team is digital. And they've, they've only incremented headcount, you know, very slightly one and a half times their revenue's grown. What a 10 x? And really he talked about how to, for how to turn automation into a force multiplier for growth. And to your point, I think that's their challenge. What were your thoughts on Rob ens insulin's keynote? >>First of all, in addition to his background, Rob brings a brand with him. Rob Ensslin is a brand, and that brand is enterprise overarching platform. Someone you go to for that platform play, not for a tool set. And again, I'll, I'll say it again. It's critically important that they, that they demonstrate this to the marketplace, that they are a platform worth embracing as opposed to simply a tool set. Because the large enterprise software providers are going to provide their own tool sets within their platforms. And if you can't convince someone that it's worth doing two things instead of one thing, you're, you're, you're never gonna make it. So I've had experiences with Rob when he was at Google. He's, he's, he's the right person for the job and I, and I I I buy into his strategy and narrative about where we are and the critical nature of automation question remains, will you I path to be able to benefit from that trend. >>So a couple things on that. So your point about sap, you know, is right on EY was up on stage. They, EY is a huge SAP customer and they chose UI path to automate their SAP installation, right? And they're going all in with UI path as a partner. Of course. I I often like to say that the global system integrators, they like to eat at the trough, right? When you see GSIs like EY and others coming into the ecosystem, that means there's business being done. We saw Orange up on stage, which was really interesting. >>Javier from Spain. Yeah. Yep. >>Talking about he had this really cool dashboard and then Ted Coomer was talking about the business automation platform and all the different chapters and the evolution. They've gotta get to a platform play because the thing I failed to mention is Microsoft a couple years ago made a tuck in acquisition and got it to this market really providing individual automations and making it, you know, it's Microsoft, they're gonna make it really easy to add it really >>Cheaply. SAP would tell you that they have the same thing and, >>And then, and then just grow from that. So UiPath has to pivot to a platform play. They started this back in 2019, but as you know, it takes a long time to integrate stuff. Okay. So they're, they're, they're working through that. But this is, you know, Rob ends and put up on the, the slide go big, I, I tweeted, took a page outta Michael Dell. Go big or go home. Final thoughts before we break? >>I think go big or go home is pretty much sums it up. I mean this is, this is an existential mission that UiPath is on right now, starting to stay forward. They need to seize that high ground of platform versus tool set. Otherwise they will never get beyond where they are now. I I I, I do wanna mention too, to folks in the audience, there's a huge difference between a billion dollar valuation and a billion dollars in revenue every year. So, so, you know, these, these guys have reached a milestone, there's no question about that. But to get to that next level platform, platform, platform, and I know we'll be, we'll be probing our guests on that question over the next couple years. >>Yeah. And the key is obviously gonna be keep servicing the customers, you know, all the financial machinations and you know, they reduced yesterday their guidance from the high end being 25% ARR growth down to roughly 20% when you, when you factor out currency conversions. UiPath has a lot of business overseas. They're taking that overseas revenue and converting it back to dollars though dollars are appreciated. So they're less of them. I know this is kind of the inside baseball, but, but we're gonna get into that over the next two days. Dave Ante and Dave, you're watching the Cubes coverage of UI path forward, five from Las Vegas. We'll be right back, right after this short break.

The Cube presents UI Path Forward five. Brought to you by UI Path. >>Hi, everybody went back live at the Venetian, formerly the Sands Convention Center. Dave Ante with David Nicholson. UI. Paths forward five. This is the fourth forward conference that the Cube has done. So we've seen the ascendancy of UI path, the growth customers. UiPath is one of the first companies to actually come back Post Covid. Last year, 2021 at the Bellagio. They took a chance and it actually worked out great at a couple thousand people there. Lots of customers. We're here with Lauren Joyce, who's the global automation lead at Whirlpool. She's joined by Regener Facade rp, who is the global automation lead at Accenture. Good to see you again. Lauren. Welcome to the Cube first timer. Very much, >>Yes, thank >>You. So you're relatively new to automation, but you, as we were talking, you're a process with talk about the center of excellence that you're building out. What's the importance of that to Whirlpool? >>Absolutely. So we are first looking at automation from our finance organization and they were coming to us with, Hey, here are 12 things we wanna automate. And really what we are finding is that not all of these things were suitable for automation. So we've started on the COE journey of, well, how do we make sure that we're getting the most ROI for our business? Starting with discovery, making sure that what we're automating it makes sense, it's the right process versus just an upgrade or, or retooling set. So for us, especially being a global company, making sure that we had that governance in place, that mindset and what should be automated and when really made sense and helped us on our journey pursuing. >>And, and, and I presume that's where Accenture comes in. I mean, rp, you got deep industry expertise, you've got automation expertise. What role do you play in that prioritization exercise? >>So the, the way we approach any automation implementation is similar to what we did here in our pool. First step is, you know, I call it as knowing where you are in the automation journey. Like what always is, if you don't know where you are on a map, a map won't help you. So baselining the current automation maturity and the current journey where they are. And once you do that, you identify you are not star and prioritization and the goals that are required and then you build a plan. And exactly how we approach in establishing a center of excellence that drives the automation with rigor, knowing where you are and where you want to get to, >>What's the team look like in a, in a, who's on the bus, You know, who's who's, who's in in the circle if you will. How do you com you know, build, you've written about this, it's like a sports team. You put it together, you need be a quarterback, you need a lineman, you need, you know, wide receivers who's on the center of excellence team. >>So the way you always build the center of excellence is making sure that your business partners and the senior leadership team is committed to the entire automation journey. That's the key ingredient for success. Then you build, one of the critical aspect is the talent, the quarterback, you said the talent. In today's world, automation talent is just not about knowing, you know, RPA techniques or you know, process optimization, but it is an end to end technology stack starting from cloud to data to analytics and entire platform capabilities of automation that combined and coupled with change management and how do you drive an enterprise chain management is very, very critical in terms of implementing automation. >>Absolutely. Lauren, I'm curious, did, did Accenture bring UI path to Whirlpool or did you bring, or did you bring Accenture in and UI path in together? How, how did that interaction? >>Yes. So we brought Accenture in and they really helped us along with that journey and they brought UI path to us. Our European business was actually using Blue Prism and that's when we said no, we wanna standardize specifically on UI path and make sure from a global standpoint we're using the same tooling. And that really helped that as we were building our team, we leaned on their expertise and then even we're retooling people within our corporation of, hey, we took our SAP lead, our GCP lead to be our technical architect and and people that could help speak the language and translate from process and explain that doesn't have to be a large project and explain what automation is to help drive return investment for sure. >>Now you're early in, but have you seen results, you know so far? Can you talk about that, quantify it in any way or? >>Absolutely. So we started our journey December of 2020. We've automated about 60 or so bots, but really everything that we've done is based on hours saved. So we're at about 60,000 hours automated and with some of our biggest, like our big box stores and our KitchenAid small appliances, we've even had hard dollar savings that we had a bot that went live about in 60 days. We had a $3 million return and take took out 3000 hours of human interaction. That was great for us. >>So the world's kind of a mess right now. You got supply chain issues, you got inflation, you got a recession, you got the United States. Anyway, you got the Fed trying to figure out, oh there's sling shoting, you know, some people are, you know, really hurting stock market is starting to show that there's a lot of confusion out there. The world is changed quite a bit obviously the last few years. How do you guys see it? What role has, I wonder if both of you could answer, what role has automation played in helping like, for instance, Whirlpool with maybe supply chain problems or maybe bigger forecasting and, and what are you seeing across organizations? But Lauren if you could start. >>Absolutely. So for us being able to show improvement in a six to eight week development cycle and instead of saying here's a heavy dollar investment or a new tooling that you gotta get people resources up to speed on, we can take where we are today, automate save hours where we're getting our employee engagement scores of I'm overworked, I have too much on my plate, how can you help me? And automation is there to support and that's really helped our business one take unnecessary work off their plate and show very quick value add to the business without having to have huge dollar investments in our, I'm you trying to save money. >>Are people, what are you seeing in terms of, so some of the problems that people I see as sign out here said, oh, in inflation at five to 7% go after productivity and make it in 20% gains. I mean, what are you seeing in the field? >>More than ever, More than ever, automation is more relevant now given the current economy environment that we are operating. Because automation always free up or optimizers the capacity that every enterprise has. Optimizing capacity is very important so that you can take your talented employees and the talented resources to do more strategic transformation program, which helps to sustain and stay and scale in your business. So I see that automation playing a significant role to impact business imperative. >>What are some of the common misconceptions? I mean we talk a lot about people's fear of automation. You know, I don't think that's necessarily a misconception. I think a lot of times people are fearful about automating though. Maybe they, they shouldn't be. We had Dentsu on today, DS like, you know, this giant global branding firm and they get a lot of young kids, they're like, No, bring it on. I don't want to do all this mundane stuff. But you know, a lot of folks are are are concerned, but, so that maybe is one misconception. Are there others, Lauren, that you found that you can share? >>I think we were lucky that we didn't necessarily have that fear of being replaced by automation. I think our change management plan really helped drive that. We included some fun things of any time a bot went live you got almost like a birth certificate of here's the process we save for you, here's how it's grown over six, six months, 12 months, 18 months. But I'm not sure if we had any other major gaps like that or or pitfalls >>Or, or p anything that, >>So my philosophy is automation is human plus machine combination. You can't run just, you know, people can't think that, you know, if my task get automated, I lose the, I lose my my jobs. That's not how it works because you, you do need human expertise, competency skills to kind of argument what you do with automation. And most important thing when you do this change is that most of the enterprises do not believe, do not understand that you have to get even process, right? You don't want to, you know, have an inefficient process and put automation on the top of it. Then you just made your inefficiency run more faster. So you need to kind of make sure that you address inefficiency, optimize your process, then infuse automation, then have human plus machine capability to strengthen your automation. >>Is it really that easy? Sounds easy, right? It, >>So from an, from an Accenture perspective, if you're, if you're looking at the market as a whole or looking at industry verticals, what's the difference between an organization that is leveraging automation and an organization that is not leveraging organ leveraging automation? Is there, is there sort of a range of percentage of efficiency that you can put on that? What does it mean for their bottom line? >>Essent, you must have data on this. Yeah, I mean what, >>Yeah, >>Today, today's world in the technology world, every organization understands the importance of automation that's given. That's a table stake. Now, where an organization is in the journey differs some of the enterprises maybe at the beginning of the maturity spectrum. In my book I talk about automation maturity framework wherein there are the initial stages of automation. Some of them are intelligent automation at the end of the spectrum where they're using data cloud and AI to drive the automation journey. But in every enterprise, the key success of automation depends upon whether you do automation and enterprisewide not in a silo in the organization, but if you do enterprise wide apply across, you get a lot more benefits, lot more efficiency to drive. >>Does does automation being more strategic or key? Does it, does it in a way make investments in automation more, more scrutinized or more circumspect? I, I would, I would use the term discretionary. We heard Bobby Patrick today say this is not discretionary, it's strategic to me. If it's strategic it might be a mandate but it's might be something I can kick down the road. What are you seeing there in the field just in terms of overall demand and sentiment? >>Automation today, as I said, is a table stake. When it becomes an integrated DNA of enterprise, it is always, you know, whether you want to call one pillar of strategy, key DNA of your strategic roadmap you are in investments have to be directly proportional to what you want to accomplish as your business KPIs to thrive and deliver your business with. Otherwise, if you do it as like a one off thing, you know you won't get the benefit. Yeah. >>Or from your standpoint, where do you want to take the automation initiative inside a whirlpool? How are you thinking about scaling it? What have you learned that you can apply to driving scale? >>So we put some strict governance in place who weren't just automating everything under the sun cuz >>Wild west >>Yeah, I can't support that. Right? So we made sure that everything had at least less than a one year invest return on investment and 500 hours worth of automation for us to even consider it as part of our coe. So because of that, we do have some automations that would make sense, but that's why we're looking at a citizen development program or low code, no code. What other types of options are there to make sure that it does become a part of our culture and dna that you can automate those even small parts of your workflow to, to make your day better. >>When, when you're looking at those workflows, do you, are you, are you literally looking over someone's shoulder with a stopwatch and measuring, Measuring how time >>And motion studies? No >>Question. Yeah. I mean is it time and motion studies? I mean, is that sort of the entry level data that that you use or is it more, or is it more automated than that? >>I would say it's a little more automated than that, but we do sit down and we ask our business process, show me what this process looks like to you. And then from that we can take some task mining and look at, okay, how long did it take you to do this? How often are you doing it? And then based on how long the automation would take, see how many hours are saved and how many people are doing that same task on a monthly, daily, weekly basis. >>Great. All right guys, thanks so much for coming in the cube and sharing your story. A whirlpool and always love to have Accenture on. You guys got such a massive observation space, global depth of industry. So thank you very much both. Thank you. Thank you. You're very welcome. All right, keep it right there. Dave Nicholson and Dave Ante will be back right to the short break, you watching the cubes coverage of UI path forward. Five live from Las Vegas.

>>The Cube presents UI Path Forward five. Brought to you by UI Path. >>Hi everybody. We're back at UI path forward to five. This is Dave Ante with Dave Nicholson. Derek Mu is here. He's automation product line lead for Merck. Thank you, by the way, for, you know, all you guys do, and thank you Dave for having in the, in the, in the vaccine area, saving our butts. And Bill Engel is back on the cube. He's the director at cgi. Guys, good to see you again. >>Good to see you. Thank >>You. So Merrick, Wow, it's been quite a few years for you guys. Take us through Derek, what's happening in sort of your world that's informing your automation strategy? >>Well, Dave, I mean as you know, we just came out of the pandemic. We actually have quite a few products like Gabriel Antiviral Pill. Obviously we worked, you know, continue to drive our products through a difficult time. But, you know, is during these can last few years that, you know, we've accelerated our journey in automation. We're about four years plus in our journey, you know, so just like the theme of this conference we're we're trying to move towards, you know, bigger automations, transformational change, continue to drive digital transformation in our company. >>Now Bill, you've been on before, but CGI tell people about the firm. It's not computer graphics imaging. >>Sure. No, it's, it's definitely not. So cgi, we're a global consultancy about 90,000 folks across the world. We're a, we're both a product company and a services company. So we have a lot of different, you know, software products that we deliver to our clients, such as CGI Advantage, which is a state local government EER P platform. And so outside of that, we, my team does automation and so we wrap automation around R IP and deliver that to our clients. >>So you guys are automation pros, implementation partners, right? So, so let's go back. Yep. Derek said four years I think. Yep. Right, You're in. So take us through what was the catalyst, how did you get started? Obviously it was pre pandemic, so it's interesting, a lot of companies pre pandemic gave lip service to digital transformation. Sounds like you guys already started your journey, but I'll come back to that. But take us back to the Catalyst four years ago. Why automation? We'll get into why UI path, >>Right. So I, I would say it started pretty niche in our company. Started first in our finance area. Of course, you know, we were looking in technology evaluating different companies, Blue Prism, ui P. Ultimately we chose UI p did it on-prem to start to use automation in sort of our invoice processing, sort of our financial processes, right? And then from there, after it was really when the pandemic hit, that's when sort of we all went to remote work. That's when the team, the COE continued to scale up, especially during pandemic. We were trying to automate more and more processes given the fact that more and more of our workers are remote, they reprocesses. How, how do you do events? You know, part of our livelihood is, is meeting with engaging with customers. Customers in this case is, are doctors and physicians, right? How do you engage with them digitally? How do you, you know, you know, a lot of the face to face contact now have to kind of shift to more digital, digital way. And so automation was a way to kind of help accelerate that, help facilitate that. >>You, you, I think you mentioned COE as in center of excellence. Yep. So, so describe your approach to implementing automation. It's, that sounds like when you say center, it sounds like something is centralized as, as opposed to a bunch of what we've been hearing a lot about citizen developers. What does that interaction >>Look like? We do have both. I would say in the beginning was more decentralized, but over time we, over the few years as, as we built more and more bots, we're now at maybe somewhere between four to 500 bots. We now have sort of internal to the company functional verticals, right? So there's an animal health, we have an animal health function. So there's, there's a team building engaging with the animal health business to build animal health box. There's human health, which is what I work on as well as hr, finance, manufacturing, research. And so internally there's engagement leads, one of the engagement leads that interact with the business. Then when there's an engineering squads that help build and design, develop and support and maintain those as well as sort of a DevOps team that supports the platform and maintains all the bot infrastructure. >>So you started in finance common story, right? I'm sure you hear this a lot Belt, How did you decide what to target? Was it, was it process driven decision? Was it, was it data oriented? Like some kind of combination? How did you decide, Do you remember? Or do you, could you take >>Us back to Oh yeah. So for, for cgi how we started to engage with MER is, you know, we, we do a lot of other business with Merck. We work on all their different business lines and we, we understand the business process. So we, we knew where there was potential for automation. So we brought those ideas to Merck and, and really kind of landed there and helped them realize the value from automation from that standpoint. And then from there the journey just continued to expand, you know, looking for those use cases that, that, you know, fit the mold for, for, for RPA to start. And now the evolution is to go to broader hyper automation. >>And, and was it CFO led into the finance department and then, or was it sort of more bottoms >>Up? Yeah, so, so I think it started in, in finance and, and, but we actually really started out in the business line. So out in regulatory clinical, that's, that's where we, we have the life science expertise that are embedded. And so I partnered with them to come up with, hey, here's a real solution we could do to help streamline, say submission archiving. So when, when submissions come back from the fda, they need to be archived into, you know, the, their system of record. So that's, those are the types of use cases that, that we helped automate. >>Okay. Cause you're saying a human had to sort physically archive that and you were able to sort of replicate that. Okay. And you started with software robots, obviously rpa and now you're expanding into, we we're hearing from UI this the platform message. How does that coincide Derek, with what you guys are doing? Are you sort of adding platform? What aspects of the platform are, are you adding? >>Yeah, no, I mean we are, we are on-premise, right? So we have the platform, but some of the cool things we just had, another colleague of mine presented earlier today. Some of the cool things we're, we're doing ephemeral infrastructure. So infrastructure as code, which essentially means instead of having all these dedicated bot machines, that that, you know, cuz these bots only in some cases run 10 minutes and they're done. So we're, we're soon of doing all on demand, you know, start up a server, run the bot when it's finished, you know, kill the server. So we only pay for the servers that we use, which allows us to save a whole >>Lot of money. Serverless bots. So you, but you're doing that OnPrem, so you >>No, >>No, but >>That's >>Cloud. We, >>We, we we're doing it OnPrem, but our, our bot machines that actually run the, let's say SAP process, right? We spin that machine up, it's on the cloud, it runs it finish, Let's say it's processed in one hour and then when it's done, we kill that machine. So we only play for that one hour usage of that bot machine. >>Okay. So you mentioned SAP earlier you mentioned Blue Prism when you probably looked at other competitors too. You pull the Gartner Magic quadrant, blah, blah, you know, with the way people, you know, evaluate technology, but SAP's got a product. Why UI path mean? Is it that a company like SAP two narrow for their only sap you wanted to apply it other ways? Maybe they weren't even in the business that back then four years ago they probably weren't. Right? But I'm curious as to how the decision was made for UiPath. >>Well, I think you hit it right on the nail. You know, SAP sort of came on a little later and they're specific to sort of their function, right? So UiPath for us is the most flexible tool can interact by UI to our sales and marketing systems, to, to workday, to service Now. It's, it cuts across every function that we have in the company as well as you're the most mature. I mean, you're the market leader, right? So Right. Definitely you, you continue to build upon those capabilities and we are exploring the new capabilities, especially being announced today. >>And what do you see Bill in the marketplace? Are you, are you kind of automation tool agnostic? Are you more sort of all in on? I >>Would say we are, we are agnostic as a company, but obviously as part of a, as an automation practice lead, you know, I want to deliver solutions to my clients that are gonna benefit them as a whole. So looking at UI path, you know, that this platform is, it covers the end to end spectrum of, of automation. So I can go really into any use case and be able to provide a solution that, that delivers value. And so that's, that's where I see the value in UI path and that's why CGI is, is a customer as well. We automate our internal processes. We actually have, we just launched probably SALT in the, in the market last week, expanded partnership with UiPath. We launched CGI, Excel 360. That's our fully managed service around automation. We host our clients whole UI path infrastructure and bots. It's completely hands off to them and they just get the value outta >>Automation. Nice, nice. Love >>It. Derek, you mentioned, you mentioned this ephemeral infrastructure. Yeah. Sounds like it's also ethereal possibility possibly you're saying, you, you're saying you have processes that are running on premises, right? But then you reach out to have an automation process run that's happening off pre and you're, and you're sort of, >>It's on the cloud, so, so yeah, so we have a in-house orchestrator, so we don't, we're not using your sort of on the cloud orchestrator. So, so we brought it in-house for security reasons. Okay. But we use, you know, so inside the vpn, you know, we have these cloud machines that run these automations. So, so that's, that's the ephemeral side of the, of the >>Infrastructure. But is there a financial angle to that in terms of when you're spinning these things up, are you, is it a, is it a pay by the drink or by the, by the CPU >>Hours, if you can imagine like we, you know, like I mentioned where somewhere between four to 500 bots and every bot has a time slot to run and takes a certain amount of time. And so that's hundreds and hundreds of bot machines that we in the old days have to have to buy and procure and, you know, staff and support and maintain. So in this new model, and we're just beginning to kind of move from pilot into implementation, we're moving all, all of bots this in ephemeral infrastructure, right? So these, okay, these machines, these bot machines are, you know, spun up. They run the, they, they run their automation and then they spin >>Down. But just to be clear, they're being spun up on physical infrastructure that is in your >>Purview and they spun up on aws. Yeah. Okay. And then they spin down. Okay, got >>It. Got it. Interesting. Four >>To 500 bots. You know, Daniel one point play out this vision of a bot chicken in every pot, I called it a bot for every employee. Is that where you're headed or is that kind of in this new ephemeral world, not necessary, it's like maybe every employee has access to an ephemeral bot. How, how are you thinking about that? >>That's a good question. So obviously the, the four to 500 is a mix of unattended bonds versus attended bonds, right? That, that we also have a citizen developer, sort of a group team. We support that as well from a coe. So, you know, we see the future as a mix. There's, there's a spectrum of, we are the professional development team. There's also, we support and nurture the personal automation and we provide the resources to help them build smaller scale automations that help, you know, reduce the, you know, the mundaneness and the hours of their own tasks. But you know, for us, we want to focus more and more on building bigger and bigger transfer transformational automations that really drive process efficiencies and, and savings. >>And what's the, what's the business impact been? You mentioned savings and maybe there's other sort of productivity. How do you measure the benefit, the ROI and, and >>Quantify that we, you know, I, I don't, I don't profess I don't think we have all the right answers, but yeah, simple metrics like number of hours saved or other sort of excitement sort of in like an nps, internal NPS between the different groups that we engage. But we definitely see automation demand coming from our, our functional teams going up, driving up. So it's, it's continued to be a hot area and hopefully we, we can, you know, like, like what the key message and theme of this, of this conference. Essentially we want to take and build upon the, the good work that we've done in terms of rpa and we want to drive it more towards digital transformation. >>So Bill, what are you seeing across the, your customer base in terms of, of, of roi? I'm not looking for percentages there. I'm sure they're off the charts, but in terms of, you know, you can optimize for fast payback, you know, maybe lower the denominator, you know, or you can optimize for, you know, net benefit over time, right? You know, what are you seeing? What are customers after they want fast payback and little quick hits? Or are they looking for sort of a bigger enterprise wide impact? >>Yeah, I think it's, it's the latter. It's that larger impact, right? Obviously they, you know, they want an roi and just depending upon the use case, that's gonna vary in terms of the, the benefits delivered. And a lot of our clients, depending on the industry, so in in life sciences it may be around, you know, compliance like GXP compliance is huge. And so that may may not be much of a time saver, but it ensures that they're, they're running their processes and they're being compliant with, you know, federal standards. So that's, that's one aspect to it. But you know, to, you know, a bank, they're looking to reduce their overall costs and and so on. But yeah, I think, I think the other, the other part of it is, you know, impacting broader business processes. So taking that top down approach versus kind of bottom up, you know, doing ta you know, the ones you choose the tasks is not as impactful as looking at broader across the entire business process and seeing how we can impact >>It. Now, Derek, when you guys support a citizen developer, how does that work? So, hey, I got this task I want to automate, I'm gonna go write a, you know, software robot. I'm gonna go do an automation. Do I just do it and then throw her to the defense? You guys, you guys send me a video on how to do it. Hold my hand. How's that work? >>Yeah, I mean, good question. So, so we obviously direct them to the UI path Academy, get some training. We also have some internal training materials to how to build a bot sort of internal inside Merck. We, we go through, we have writeups and SOPs on using the right framework for automations, using the right documentation, PDD kind of materials, and then ultimately how do we deploy bot inside the MER ecosystem. But I, I, maybe I'll just add, I think you asked the point about ROI before. Yeah. I'll also say because we're, we're a pharmaceutical company. I think one of the other key metrics is actually time saved, right? So if, if, if we have a bot that helps us get through the clinical process or even the getting a, a label approved faster, even if it's eight days saved, that's eight days of a product that can get out to the market faster to, to our patients and, and healthcare professionals. And that's, that, that's immeasurable benefit. >>Yeah, I bet if you compress that ELAP time of, of getting approval and so forth. All right guys, we've gotta go. Thanks so much. Congratulations on all the success and appreciate you sharing your story. Thank >>You so much. Appreciate it. You're welcome. >>Appreciate it. All right. Thank you for watching this Dave Ante for Dave Nicholson, The cubes coverage, two day coverage. We're here in day one, UI path forward, five. We'll be right back right after the short break. Awesome. >>Great.

hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

(upbeat music) >> Good afternoon, everyone. Welcome back to the CUBE's day one coverage of VMware Explorer 22, live from San Francisco. I'm Lisa Martin. Dave Nicholson is back with me. Welcome back to the set. We're pleased to welcome William Bell as our next guest. The executive vice president of products at Phoenix NAP. William, welcome to the CUBE. Welcome back to the CUBE. >> Thank you, thank you so much. Happy to be here. >> Talk to us a little, and the audience a little bit about Phoenix NAP. What is it that you guys do? Your history, mission, value prop, all that good stuff. >> Absolutely, yeah. So we're global infrastructures as a service company, foundationally, we are trying to build pure play infrastructure as a service, so that customers that want to adopt cloud infrastructure but maybe don't want to adopt platform as a service and really just, you know, program themselves to a specific API can have that cloud adoption without that vendor lock in of a specific platform service. And we're doing this in 17 regions around the globe today. Yeah, so it's just flexible, easy. That's where we're at. >> I like flexible and easy. >> Flexible and easy. >> You guys started back in Phoenix. Hence the name. Talk to us a little bit about the evolution of the company in the last decade. >> Yeah, 100%. We built a data center in Phoenix expecting that we could build the centralized network access point of Phoenix, Arizona. And I am super proud to say that we've done that. 41 carriers, all three hyperscalers in the building today, getting ready to expand. However, that's not the whole story, right. And what a lot of people don't know is we founded an infrastructure as a service company, it's called Secured Servers no longer exists, but we founded that company the same time and we built it up kind of sidecar to Phoenix NAP and then we merged all of those together to form this kind of global infrastructure platform that customers can consume. >> Talk to us about the relationship with VMware. Obviously, here we are at VMware Explore. There's about seven... We're hearing 7,000 to 10,000 people here. People are ready to be back to hear from VMware and it's partner ecosystem. >> Yeah, I mean, I think that we have this huge history with VMware that maybe a lot of people don't know. We were one of the first six, the SPPs in 2011 at the end of the original kind of data center, whatever, vCloud data center infrastructure thing that they did. And so early on, there was only 10 of us, 11 of us. And most of those names don't exist anymore. We're talking, Terramark, Blue Lock, some of these guys. Good companies, but they've been bought or whatnot. And here's plucky Phoenix NAP, still, you know, offering great VMware cloud services for customers around the globe. >> What are some of the big trends that you're seeing in the market today where customers are in this multi-cloud world? You know this... I love the theme of this event. The center of the multi-cloud universe. Customers are in that by default. How do you help them navigate that and really unlock the value of it? >> Yeah, I think for us, it's about helping customers understand what applications belong where. We're very, very big believers both in the right home. But if you drill down on that right home for right applicator or right application, right home, it's more about the infrastructure choices that you're making for that application leads to just super exciting optimizations, right. If you, as an example, have a large media streaming business and you park it in a public called hyperscaler and you just eat those egress fees, like it's a big deal. Right? And there are other ways to do that, right. If you need a... If your application needs to scale from zero cores to 15,000 cores for an hour, you know, there are hyperscalers for that, right. And people need to learn how to make that choice. Right app, right home, right infrastructure. And that's kind of what we help them do. >> It's interesting that you mentioned the concept of being a pure play in infrastructure as a service. >> Yeah. >> At some point in the past, people would have argued that infrastructure as a service only exists because SaaS isn't good enough yet. In other words, if there's a good enough SaaS application then you don't want IaaS because who wants to mess around with IaaS, infrastructures as a service. Do you have customers who look at what they're developing as so much a core of what their value proposition is that they want to own it? I mean, is that a driving factor? >> I would challenge to say that we're seeing almost every enterprise become a SaaS company. And when that transition happens, SaaS companies actually care a lot about the cost basis, efficiency, uptime of their application. And ultimately, while they don't want to be in the data center business anymore, it doesn't mean that they want to pay someone else to do things that they feel wholly competent in doing. And we're seeing this exciting transition of open source technologies, open source platforms becoming good enough that they don't actually have to manage a lot of things. They can do it in software and the hardware's kind of abstracted. But that actually, I would say is a boon for infrastructure as a service, as an independent thing. It's been minimized over the years, right. People talk about hyperscalers as being cloud infrastructure companies and they're not. They're cloud platform companies, right. And the infrastructure is high quality. It is easy to access and scale, right, but it's ultimately, if you're just using one of those hyperscalers for that infrastructure, building VMs and doing a bunch of things yourself, you're not getting the value out of that hyperscaler. And ultimately that infrastructure's very expensive if you look at it that way. >> So it's interesting because if you look at what infrastructure consists of, which is hardware and software-- >> Yeah. >> People who said, eh, IaaS as is just a bridge to a bright SaaS future, people also will make the argument that the hardware doesn't matter anymore. I imagine that you are doing a lot of optimization with both hardware and stuff like the VMware cloud stack that you deploy as a VCPP partner. >> Absolutely, yeah. >> So to talk about that. >> Absolutely. >> I mean, you agree. I mean, if I were to just pose a question to you, does hardware still matter? Does infrastructure still matter? >> Way more than people think. >> Well, there you go. So what are you doing in that arena, specifically with VCPP? >> Yeah, absolutely. And so I think a good example of that, right, so last VMworld in person, 2019, we showcased a piece of technology that we had been working with Intel on for about two years at the time which was Intel persistent memory DC, persistent memory. Right? And we launched the first VMware cloud offering to have Intel DC persistent memory onboard. So that customers with the VMs that needed that technology could leverage it with the integrations in vSphere 6.7 and ultimately in seven more, right. Now I do think that was maybe a swing and a miss technology potentially but we're going to see it come back. And that specialized infrastructure deployment is a big part of our business, right. Helping people identify, you know, this application, if you'd have this accelerator, this piece of infrastructure, this quality of network can be better, faster, cheaper, right. That kind of mentality of optimization matters a lot. And VMware plays a critical role in that because it still gives the customer the operational excellence that they need without having to do everything themselves, right. And our customers rely on that a lot from VMware to get that whole story, operationally efficient, easy to manage, automated. All those things make a lot of difference to our VMware customers. >> Speaking of customers, what are you hearing, if anything, from customers, VMware customers that are your joint customers about the Broadcom acquisition? Are they excited about it? Are they concerned about it? And how do you talk about that? >> Yeah, I mean, I think that everyone that's in the infrastructure business is doing business with Broadcom, all right. And we've had so many businesses that we've been engaged with that have ultimately been a acquiree. I can say that this one feels different only in the size of the acquisition. VMware carries so much weight. VMware's brand exceeds Broadcom's brand, in my opinion. And I think ultimately, I don't know anything that's not public, right-- >> Well, they rebranded. By the way, on the point of brand, they rebranded their software business, VMware. >> Yeah. I mean, that's what I was going to say. That was the word on the street. I don't know if there's beneficial. Is that a-- >> Well, that's been-- >> But that's the word, right? >> That's what they've said. Well, but when a Avago acquired Broadcom they said, "we'll call ourselves Broadcom." >> Absolutely. Why wouldn't you? >> So yeah. So I imagine that what's been reported is likely-- >> Likely. Yeah, I 100% agree. I think that makes a ton of sense and we can start to see even more great intellectual property in software. That's where, you know, all of these businesses, CA, Symantec, VMware and all of the acquisitions that VMware has made, it's a great software intellectual property platform and they're going to be able to get so much more value out of the leadership team that VMware has here, is going to make a world of difference to the Broadcom software team. Yeah, so I'm very excited, you know. >> It's a lot of announcements this morning, a lot of technical product announcements. What did you hear in that excites you about the evolution of VMware as well as the partnership and the value in it for your customers? >> You know, one of our fastest growing parts of our business is this metal as a service infrastructure business and doing very, very... Using very specific technologies to do very interesting things, makes a big difference in our world and for our customers. So anything that's like smartNICs, disaggregated hypervisor, accelerators as a first class citizen in VMware, all that stuff makes the Phoenix NAP story better. So I'm super excited about that, right. Yeah. >> Well, it's interesting because VCPP is not a term that people who are not insiders know of. What they know is that there are services available in hyperscale cloud providers where you can deploy VMware. Well, you know, VMware cloud stack. Well, you can deploy those VMware cloud stacks with you. >> Absolutely. >> In exactly the same manner. However, to your point, all of this talk about disaggregation of CPU, GPU, DPU, I would argue with it, you're in a better position to deploy that in an agile way than a hyperscale cloud provider would be and foremost, I'm not trying to-- >> No, yeah. >> I'm not angling for a job in your PR department. >> Come on in. >> But the idea that when you start talking about something like metal as a service, as an adjunct or adjacent to a standard deployment of a VMware cloud, it makes a lot of sense. >> Yeah. >> Because there are people who can't do everything within the confines of what the STDC-- >> Yes. >> Consists of. >> Absolutely. >> So, I mean... Am I on the right track? >> No, you are 100% hitting it. I think that that point you made about agility to deliver new technology, right, is a key moment in our kind of delivery every single year, right. As a new chip comes out, Intel chip or Accelerator or something like that, we are likely going to be first to market by six months potentially and possibly ever. Persistent memory never launched in public cloud in any capacity but we have customers running on it today that is providing extreme value for their business, right. When, you know, the discreet GPUs coming from the just announced Flex series GPU from Intel, you're likely not going to see them in public cloud hyperscalers quickly, right. Over time, absolutely. We'll have them day one. Isolate came out, you could get it in our metal as a service platform the morning it launched on demand, right. Those types of agility points, they're not... Because they're hyperscale by nature. If they can't hyperscale it, they're not doing it, right. And I think that that is a very key point. Now, as it comes in towards VMware, we're driving this intersection of building that VCF or VMware cloud foundation which is going to be a key point of the VMware ecosystem. As you see this transition to core based licensing and some of the other things that have been talked about, VMware cloud foundation is going to be the stack that they expect their customers to adopt and deliver. And the fact that we can automate that, deliver it instantaneously in a couple of hours to hardware that you don't need to own, into networks you don't need to manage, but yet you are still in charge, keys to the kingdom, ready to go, just like you're doing it in your own data center, that's the message that we're driving for. >> Can you share a customer example that you think really just shines a big flashlight on the value that you guys are delivering? >> We definitely, you know, we had the pleasure of working with Make-A-Wish foundation for the last seven years. And ultimately, you know, we feel very compelled that every time we help them do something unique, different or what not, save money, that money's going into helping some child that's in need, right. And so we've done so many things together. VMware has stepped up as the plate over the years, done so many things with them. We've sponsored stuff. We've done grants, we've done all kinds of things. The other thing I would say is we are helping the City of Hope and Translational Genomics Research Institute on sequencing single cell RNA so that they can fight COVID, so that they can build cure, well, not cures but build therapies for colon cancer and things like that. And so I think that, you know, this is a driving light for us internally is helping people through efficiency and change. And that's what we're looking for. We're looking for more stories like that. We're looking... If you have a need, we're looking for people to come to us and say, "this is my problem. This is what this looks like. Let us see if we can find a solution that's a little bit different, a little bit out of the box and doesn't have to change your business dramatically." Yeah. >> And who are you talking to within customers? Is this a C level conversation? >> Yeah, I mean, I would say that we would love it to be... I think most companies would love to have that, you know, CFO conversation with every single customer. I would say VPs of engineering, increasingly, especially as we become more API centric, those guys are driving a lot of those purchasing decisions. Five years ago, I would've said director of IT, like director of IT. Now today, it's like VP of engineering, usually software oriented folks looking to deliver some type of application on top of a piece of hardware or in a cloud, right. And those guys are, you know, I guess, that's even another point, VMware's doing so much work on the API side that they don't get any credit for. Terraform, Ansible, all these integrations, VMware doing so much in this area and they just don't get any credit for it ever, right. It's just like, VMware's the dinosaur and they're just not, right. But that's the thing that people think of today because of the hype of the hyperscaler. I think that's... Yeah. >> When you're in customer conversations, maybe with prospects, are you seeing more customers that have gone all in on a hyperscaler and are having issues and coming to you guys saying help, this is getting way too expensive? >> Yeah, I think it's the unexpected growth problem or even the expected growth problem where they just thought it would be okay, but they've suffered some type of competitive pressure that they've had to optimize for and they just didn't really expect it. And so, I think that increasingly we are finding organizations that quickly adopted public cloud. If they did a full digital transformation of their business and then transformation of their applications, a lot of them now feel very locked in because every application is just reliant on x hyperscaler forever, or they didn't transform anything and they just migrated and parked it. And the bills that are coming in are just like, whoa like, how is that possible? We are typically never recommending get out of the public cloud. We are just... It's not... If I say the right home for the right application, it's by default saying that there are right applications for hyperscalers. Parking your VMware environment that you just migrated to a hyperscaler, not the right application. You know, I would love you to be with me but if you want to do that, at least go to VMC on AWS or go to OCVS or GCVE or any of those. If that's going to go with a Google or an Amazon and that's just the mandate and you're going to move your applications, don't just move them into native. Move them into a VMware solution and then if you still want to make that journey, that full transformation, go ahead and make it. I would still argue that that's not the most efficient way but, you know, if you're going to do anything, don't just dump it all into cloud, the native hyperscaler stuff. >> Good advice. >> So what do typical implementations look like with you guys when you're moving on premises environments into going back to the VCPP, STDC model? >> Absolutely. Do you have people moving and then transforming and re-platforming? What does that look like? What's the typical-- >> Yeah. I mean, I do not believe that anybody has fully made up their mind if exactly where they want to be. I'm only going to be in this cloud. It's an in the close story, right. And so even when we get customers, you know, we firmly believe that the right place to just pick up and migrate is to a VCPP cloud. Better cost effectiveness, typically better technology, you know service, right. Better service, right. We've been part of VMware for 12 years. We love the technology behind VMC's, now AWS is fantastic, but it's still just infrastructure without any help at all right, right. They're going to be there to support their technology but they're not going to help you with the other stuff. We can do some of those things. And if it's not us, it's another VCPP provider that has that expertise that you might need. So yes, we help you quickly, easily migrate everything to a VMware cloud. And then you have a decision point to make. You're happy where you are, you are leveraging public cloud for a certain applications. You're leveraging VMware cloud offerings for the standard applications that you've been running for years. Do you transform them? Do you keep them? What do you do? All those decisions can be made later. But I stress that repurchasing all your hardware again, staying inside your colo and doing everything yourself, it is for me, it's like a company telling me they're going to build a data center for themselves, single tenant data center. Like no one's doing that, right. But there are more options out there than just I'm going to go to Azure, right. Think about it. Take the time, assess the landscape. And VMware cloud providers as a whole, all 17,000 of us or whatever across the globe, people don't know that group of individuals of the companies is the third or fourth potentially largest cloud in the world. Right? That's the power of the VMware cloud provider ecosystem. >> Last question for you as we wrap up here. Where can the audience go to learn more about Phoenix NAP and really start test driving with you guys? >> Absolutely. Well, if you come to phoenixnap.com, I guarantee you that we will re-target you and you can click on a banner later if you don't want to stay there. (Lisa laughs) But yeah, phoenixnap.com has all the information that you need. We also put out tons of helpful content. So if you're looking for anything technology oriented and you're just, "I want to upgrade to Ubuntu," you're likely going to end up on a phoenixnap.com website looking for that. And then you can find out more about what we do. >> Awesome, phoenixnap.com. William, thank you very much for joining Dave and me, talking about what you guys are doing, what you're enabling customers to achieve as the world continues to evolve at a very dynamic pace. We appreciate your insights. >> Absolutely, thank you so much >> For our guest and Dave Nicholson, I'm Lisa Martin. You've been watching the CUBE live from VMware Explorer, 2022. Dave and I will be joined by a guest consultant for our keynote wrap at the end of the day in just a few minutes. So stick around. (upbeat music)

(upbeat music) >> Welcome back to Supercloud22. This is an open community event, and it's dedicated to tracking the future of cloud in the 2020s. Supercloud is a term that we use to describe an architectural abstraction layer that hides the underlying complexities of the individual cloud primitives and APIs and creates a common experience for developers and users irrespective of where data is physically stored or on which cloud platform it lives. We're now going to explore the nuances of going to market in a world where data architectures span on premises across multiple clouds and are increasingly stretching out to the edge. Paula Hansen is the President and Chief Revenue Officer at Alteryx. And the reason we asked her to join us for Supercloud22 is because first of all, Alteryx is a company that is building a form of Supercloud in our view. If you have data in a bunch of different places and you need to pull in different data sets together, you might want to filter it or blend it, cleanse it, shape it, enrich it with other data, analyze it, report it out to your colleagues. Alteryx allows you to do that and automate that life cycle. And in our view is working to break down the data silos across clouds, hence Supercloud. Now, the other reason we invited Paula to the program is because she's a rockstar female in tech, and since day one at theCube, we've celebrated great women in tech, and in this case, a woman of data, Paula Hansen, welcome to the program. >> Thank you, Dave. I am absolutely thrilled to be here. >> Okay, we're going to focus on customers, their challenges and going to market in this cross cloud, multi-cloud, Supercloud world. First, Paula, what's changing in your view in the way that customers are innovating with data in the 2020s? >> Well, I think we've all learned very clearly over these last two years that the global pandemic has altered life and business as we know it. And now we're in an interesting time from a macroeconomic perspective as well. And so what we've seen is that every company in every industry has had to pivot and think about how they meet redefined customer expectations and an ever evolving competitive landscape. There really isn't an industry that wasn't reshaped in some way over the last couple of years. And we've been fortunate to work with companies in all industries that have adapted to this ever changing environment by leveraging Alteryx to help accelerate their digital transformations. Companies know that they need to unlock the full potential of their data to be able to move quickly to pivot and to respond to their customer's needs, as well as manage their businesses most efficiently. So I think nothing tells that story better than sharing a customer example with you, Dave. We love to share stories of our very innovative customers. And so the one that I'll share with you today in regards to this is Delta Airlines, who we're all very familiar with. And of course Delta's goal is to always keep their airplanes in the air flying passengers and getting people to their destinations efficiently. So they focus on the maintenance of their aircraft as a necessary part of running their business and they need to manage their maintenance stops and the maintenance of their aircraft very efficiently and effectively. So we work with them. They leverage our platform to automate all the processes for their aircraft maintenance centers. And so they've built out a fully automated reporting system on our platform leveraging tons of data. And this gives their service managers and their aircraft technicians foresight into what's happening with their scheduling and their maintenance processes. So this ensures that they've got the right technicians in the service center when the aircrafts land and that everything across that process is fully in place. And previously because of data silos and just complexity of data, this process would've taken them many many hours in each independent service center, and now leveraging Alteryx and the power of analytics and bringing all the data together. Those centers can do this process in just minutes and get their planes back in the air efficiently and delivering on their promises to their customers. So that's just one of many examples that we have in terms of the way the Alteryx analytics automation helps customers in this new age and helping to really unlock the power of their data. >> You know, Paul, that's an interesting example. Because in a previous life I worked with some airlines and people maybe don't realize this but, aircraft maintenance is the mission critical application for carriers. It's not the booking system. Because we've been there before, we show you there's a problem when you're booking or sometimes it's unfortunate, but people they get de booked. But the aircraft maintenance is the one that matters the most and that keeps planes in the air. So we hear all the time, you just mention it. About data silos and how problematic they are. So, specifically how are you seeing customers thinking about busting the data silos? >> Yeah, that's right, it's a big topic right now. Because companies realize that business processes that they run their business with, is very cross-functional in nature and requires data across every department in the enterprise. And you can't keep data locked in one department. So if you think of business processes like pay to procure or quote to cash, these are business processes that companies in every industry run their business. And that requires them to get data from multiple departments and bring all of that data together seamlessly to make the best business decisions that they can make. So what our platform does is, and is really well known for, is being very easy for users number one, and then number two, being really great at getting access to data quickly and easily from all those data silos, really, regardless of where it is. We talk about being everywhere. And when we say that we mean, whether it's on-prem, in your legacy applications and databases, or whether it's in the cloud with of course, all the multiple cloud platforms and modern cloud data warehouses. Regardless of where it is, we have the ability to bring that data together across hundreds of different data sources, bring it together to help drive insights and ultimately help our customers make better decisions, take action, and deliver on the business outcomes that they all are trying to drive within their respective industries. And what's- >> You know- >> Go ahead. >> Please carry on. >> Well, I was just going to say that what I do think has really sort of a tipping point in the last six months in particular is that executives themselves are really demanding of their organizations, this democratization of data. And the breaking down of the silos and empowering all of the employees across their enterprise regardless of how sophisticated they are with analytics to participate in the analytic opportunity. So we've seen some really cool things of late where executives, CEOs, chief financial officers, chief data officers are sponsoring events within their organizations to break down these silos and encourage their employees to come together on this democratization opportunity of democratization of data and analytics. And there's a shortage of data scientists on top of this. So there's no way that you're going to be able to hire enough data scientists to make sense of all this data running around your enterprise. So we believe with our platform we empower people regardless of their skillset. And so we see executives sponsoring these hackathons within their environments to bring together people to brainstorm and ideate on use cases, to share examples of how they leverage our platform and leverage the data within their organization to make better decisions. And it's really quite cool. Companies like Stanley Black & Decker, Ingersoll Rand, Inchcape PLC, these are all companies that the executive team has sponsored these hackathon events and seen really powerful things come out of it. As an example Ingersoll Rand sponsored their Alteryx hackathon with all of their data workers across various different functions where the data exists. And they focused on both top line revenue use cases as well as bottom line efficiency cases. And one of the outcomes was a use case that helped with their distribution center in north America and bringing all the data together across their various applications to reduce the amount of over ordering and under ordering of parts and more effectively manage their inventory within that distribution center. So, really cool to see this is now an executive level board level conversation. >> Very cool, a hackathon bringing people together for collaboration. A couple things that you said I want to comment on. Again, one of the reasons why we invited you guys to come on is, when you think about on-prem data and anybody who follows theCube and my breaking analysis program, knows we're big fans of Zhamak Dehghani's concept of data mesh. And data mesh is supposed to be inclusive. It doesn't matter if it's an S3 bucket, Oracle data base, or data warehouse, or data lake, that's just a note on the data mesh. And so it should be inclusive and Supercloud should include on-prem data to the extent that you can make that experience consistent. We have a lot of technical sessions here at Supercloud22, we're focusing now and go to market and the ecosystem. And we live in a world of multiple partners exploding ecosystems. And a lot of times it's co-opetition. So Paula, when you joined Alteryx you brought a proven go to market discipline to the company. Alignment with the customer, playbooks, best practice of sales, et cetera. And we've seen the results. It's a big reason why Mark Anderson and the board promoted you to president just after 10 months. Summarize how you approached the situation at Alteryx when you joined last spring. >> Yeah, I think first we were really intentional about what part of the market, what type of enterprises get the most benefit from the innovation that we deliver? And it's really clear that it's large enterprises. That the more complex a company is, most likely the more data they have and oftentimes the more decentralized that data is. And they're also really all trying to figure out how to remain competitive by leveraging that data. So, the first thing we did was be very intentional that we're focused on the enterprise and building out all of the capability required to be able to serve the enterprise. Of course, essential to all of that is having a platform capability because enterprises require that. So, with Suresh Vittal our Chief Product Officer, he's been fantastic in building out an end to end analytic platform that serves a wide range of analytic capabilities to a wide range of users. And then of course has this flexibility to operate both on-prem and in the cloud which is very important. Because we see this hybrid environment in this multicloud environment being something that is important to our customers. The second thing that I was really focused on was understanding how do you have those conversations with customers when they all are in maybe different types of backgrounds? So the way that you work with a business analyst in the office of finance or supply chain or sales and marketing, is different than the way that you serve a data scientist or a data engineer in IT. The way that you talk to a business owner who wants not to really understand the workflow level of data but wants to understand the insights of data, that's a different conversation. When you want to have a conversation of analytics for all or democratization of analytics at the executive level with the chief data officer or a CIO, that's a whole different conversation. And so we've built very specific sales plays to be able to have those conversations bring the relevant information to the relevant person so that we're really making sure that we explain the value proposition of the platform. Fully understand their world, their language and can work with them to deliver the value to them. And then the third thing that we did, was really heavily invest in our partnerships and you referenced this day. It's a a broad ecosystem out there. And we know that we have to integrate into that broad data ecosystem. and be a good partner to serve our customers. So, we've invested both in technology integration as well as go to market strategies with cloud data warehouse companies like Snowflake and Databricks, or RPA companies like UiPath and Blue Prism, as well as a wide range of other application and all of the cloud platforms because that's what our customers expect from us. So that's been a really important sort of third pillar of our strategy in making sure that from a go to market perspective, we understand where we fit in the ecosystem and how we collectively deliver on value to our joint customers. >> So that's super helpful. What I'm taking away from this is you didn't come to it with a generic playbook. Frank Lyman always talks about situation leadership. You assess the situation and applied that and a great example of partners is Snowflake and Databricks, these sort of opposites, but trying to solve similar problems. So you've got to be inclusive of all that. So we're trying to sort of squint through this Paula and say, okay, are there nuances and best practices beyond some of the the things that you just described that are unique to what we call Supercloud? Are there observations you can make with respect to what's different in this post isolation economy? Specifically in managing remote employees and of course remote partners, working with these complex ecosystems and the rise of this multi-cloud world, is it different or is it same wine new bottle? >> Well, I think it's both common from the on-prem or pre-cloud world, but there's also some differences as well. So what's common is that companies still expect innovation from us and still want us to be able to serve a wide range of skill sets. So our belief is that regardless of the skill set that you have, you can participate in the analytics opportunity for your company and unlocking the potential of your data. So we've been very focused since our inception to build out a platform that really serves this wide range of capabilities across the enterprise space. What's perhaps changed more or continues to evolve in this cloud world is just the flexibility that's required. You have to be everywhere. You have to be able to serve users wherever they are and be able to live in a multi-cloud or super cloud world. So when I think of cloud, I think it just unlocks a whole bigger opportunity for Alteryx and for companies that want to become analytic leaders. Because now you have users all over the globe, many of them looking for web-based analytic solutions. And of course these enterprises are all in various places on their journey to cloud and they want a partner and a platform that operates in all of those environments, which is what we do at Alteryx. So, I think it's an exciting time. I think that it's still very early in the analytic market and what companies are going to do to leverage their data to drive their transformation. And we're really excited to be a part of it. >> So last question is, I said up front we always like to celebrate women in tech. How'd you get into tech.? You've got a background, you've got somewhat of a technical background of being technical sales. And then of course rose up throughout your career and now have a leadership position. I called you a woman of data. How'd you get into it? Where'd you find the love of data? Give us the background and help us inspire some of the young women out there. >> Oh, well, but I'm super passionate about inspiring young women and thinking about the future next generation of women that can participate in technology and in data specifically. I grew up loving math and science. I went to school and got an electrical engineering degree but my passion around technology hasn't been just around technology for technology's sake, my passion around technology is what can it enable? What can it do? What are the outcomes that technology makes possible? And that's why data is so attractive because data makes amazing things possible. I shared some of those examples with you earlier but it not only can we have effect with data in businesses and enterprise, but governments globally now are realizing the ability for data to really have broad societal impact. And so I think that that speaks to women many times. Is that what does technology enable? What are the outcomes? What are the stories and examples that we can all share and be inspired by and feel good and and inspired to be a part of a broader opportunity that technology and data specifically enables? So that's what drives me. And those are the conversations that I have with the women that I speak with in all ages all the way down to K through 12 to inspire them to have a career in technology. >> Awesome, the more people in STEM the better, and the more women in our industry the better. Paula Hansen, thanks so much for coming in the program. Appreciate it. >> Thank you, Dave. >> Okay, keep it right there for more coverage from Supercloud 22, you're watching theCube. (upbeat music)