>>Okay. Okay. We're back on the cube here in cloud city. I'm John Farah, David latte. Thanks Adam. And guys in the studio. Awesome stuff. Dave mobile world Congress is happening. It's basically a hybrid show. Mostly virtual. Actually the physical action is a lot of booths. Cloud city is tricked out, big time made for TV. The cubes, obviously here, we've got the main stage with Adam and crew, Chloe and team, and it's pretty, pretty cool. Cloud cities, thematic John, we're going to see the next decade be about the cloudification of telco and major, major portions of telco. We're going to move to the cloud. It's very clear. And especially the front end stuff, a lot of the business support systems, some of the operational systems are going to go. When you're seeing that, you're seeing that with Amazon, you're seeing Microsoft, you're seeing Google. They're all moving in that direction. >>So it's inevitable. And I just love the fact that events are back. That's a game changing statement. Mobile world. Congress is not going to go away. There's no way they're going to let this event slide by. Even though we're coming out of the pandemic, clearly Bon Jovi was here. He said, quote, we met him last night, face to face. He's like, go Patriots. Hope they have a good season. This year. He's a big Patriots fan. He said, it's going to be better. This could be better. But he also said he it's the first time he's performed in a year and a half in front of all excited. He wasn't calm, small little intimate crowd. Again, look behind this. You can see the cloud city. This is really built out extremely well. A lot of executives here, but the content has been awesome here, but also remote. We've been bringing people in live remotes and we also had some prerecorded assets that we have. And we've got one here from Booz Allen, who I had a conversation with earlier in the month and grab some time to talk about the impact of 5g telecom and how it relates to national security for cover mints and society. And so let's take a look at that video right now. >>Hi, welcome to the cube conversation here in the cube studios in Palo Alto, California, I'm John for a, your host had a great conversation with two great guests gonna explore the edge, what it means in terms of commercial, but also national security. And as the world goes digital, we're going to have the deep dive conversation around, um, how it's all transforming. We've got Kate Lee, vice president Booz Allen's digital business. Kate. Great to have you, uh, John Paisano principal at Booz Allen's digital cloud solutions. Gentlemen, thanks for coming on. So one of the most hottest topics, obviously besides cloud computing, having the most refactoring impact on business and government and public sector has been the next phase of cloud growth and cloud scale, and that's really modern applications, um, and consumer, and then here, uh, for national security and for governments here in the U S is in the military impact. >>And as digital transformation starts to go to the next level, you starting to see the architectures emerge, where the edge, the IOT edge, the industrial IOT edge, or any kind of edge concept 5g is exploding, making that much more of a dense, more throughput for connectivity with wireless. You've got Amazon with snowballs, snowmobile, all kinds of ways to deploy technology. That's it like and operational technologies it's causing quite a cloud operational opportunity and disruption. So I want to get into it. Let's key. Let's start with you. I mean, we're looking at an architecture, that's changing both commercial and public sector with the edge. What are the key considerations that you guys see as people have to really move fast and this new architecture of digital, >>Which I think is a great question. And, um, if I could just, uh, share our observation on why we even started investing in edge, um, you mentioned cloud, um, but as we've reflected upon kind of the history of it on you to take a look from mainframes to desktops, to servers, to a cloud, to mobile, and now I have a T what we observed was that, um, industry investing in infrastructure led to kind of an evolution of, uh, uh, of it, right? So as you mentioned with industry spending billions on IOT and edge, um, we've just feel that that's going to be the next evolution. Um, if you've take a look at, um, you mentioned 5g, I think 5g will be certainly, um, an accelerator to edge, um, because of the, the resilience, the lower latency and so forth, but, um, taking a look at what's happening in space, you mentioned space earlier as well, right. >>Um, and, uh, what, uh, Starlink is doing by putting satellites to actually provide transport into the space. Um, we're thinking that that actually is going to be the next ubiquitous thing. Once transport becomes ubiquitous, just like cloud allows stores to be ubiquitous. We think that, you know, the next generation internet will be space-based. Um, so when you think about it, um, connected, it won't be connected servers per se. It will be connected devices. Um, so, uh, that's kind of, you know, some of the observations and why we've been really focusing on investing in, in edge. >>Awesome. I'd love to sh to, uh, continue the conversation on space and the edge, um, and super great conversation to have you guys on and really appreciate it. I do want to ask you guys about the innovation and the opportunities, uh, this new shift that's happening is the next big thing is coming quickly and it's here on us and that's cloud. I call it cloud 2.0, the cloud scale, modern software development environment, uh, edge with 5g changing the game. I key, I completely agree with you. And I think this is where people are focusing their attention from startups to companies that are transforming and repivoting, or refactoring their, their, uh, existing assets to be positioned. And you're starting to see clear winners and losers as a pattern emerge, right? You gotta be in the cloud, you gotta be leveraging data. You gotta be, uh, horizontally scalable, but you've gotta have AI machine learning in there with modern software practices that are secure. >>That's the playbook. Some people are it, some people are not getting there. So I got to ask you guys, you know, as telcos become super important and the ability to be a telco. Now, we just mentioned standing up a tactical edge, for instance, uh, launching a satellite couple of hundred K you're going to launch a cube set. Um, that could be good and bad, right? So, so, you know, the telco business is changing radically cloud telco cloud is emerging as an edge phenomenon with 5g, certainly business commercial benefits, more than consumer. How do you guys see the innovation and disruption happening with telco? >>Um, you know, as we think through, um, cloud to edge, um, one thing that we realized, because our definition of edge, John was actually at the point of data collection, right on the sensor themselves, others definition of edge is we're a little bit further back when we call it the edge of the it enterprise. Um, but you know, as we look at this, we realize that you need, you needed this kind of multi echelon environment, right? From your cloud to your tactical clouds, right. Where you can do some processing and then at the edge themselves, really at the end of the day, it's all about, I think, data, right? I mean, everything we're talking about is still all about the data, right? The AI needs to Dane, the telco is transporting the data. Right. And so, um, I think if you think about it from a data perspective, in relationship to telcos, right, one edge will actually enable a very different paradigm in a distributed paradigm for data processing. Right. So instead of bringing the data to some central cloud, right. Um, which takes bandwidth off your telcos, push the products to the data, right. So mitigate, what's actually being sent over to those telco lines to increase the efficiencies of them. Right. Um, so I think, you know, at the end of the day, uh, the telcos are gonna have a pretty big, uh, component to this, um, even from space down to ground station, right. How that works. Um, so, um, the, the network of these telcos, I think, are just going to expand >>John, what's your perspective. I mean, startups are coming out. The scalability speed of innovation is a big factor. The old telco days had like, I mean, you know, months and years, new towers go up and now you've got backbone. You've got, you know, it's kind of a slow glacier pace. Now it's under siege with rapid innovation. >>Yeah. So, um, I definitely echo the sentiments that Q would have, but I would also, if we go back and think about the digital battle space and what we've talked about, um, faster speeds being available, you know, in places it's not been before is great. However, when you think about basing an adversary, that's a near peer threat. The first thing they're going to do is make it contested congested, and you have to be able to survive. I, while yes, the, the pace of innovation is absolutely pushing comms. The places we've not had it before. Um, we have to be mindful to not get complacent and over rely on it, assuming it will always be there because I know in my experience wearing the uniform and even if I'm up against it adversary, that's the first thing I'm gonna do is I'm going to do whatever I can to disrupt your ability to communicate. So how do you take it down to that lowest level and still make that squad, the platoon, whatever that structure is, you know, continued some survivable and lethal. And so that's something I think, as we look at the innovations, we need to be mindful of that so low. And I talk about how do you architect it? What services do you use? Those are all those things that you have to think about. What if I lose it at this echelon? How could, how do I continue to mission? >>Yeah. It's interesting. Mean if you look at how companies have been procuring and consuming technology key, it's been like siloed. Okay. We've got a workplace workforce project, uh, and we have the tactical edge and we have the, you know, siloed it solution when really work in play, whether it's work here. And John's example is the war fighter. And so his concern is safety is his life. Right. And, and protection, the department has to manage the coms. And so they have to have countermeasures and contingencies ready to go. Right. So all this is integrate integrated. Now it's not like one department it's like, it's it's together. >>Yeah. Do you, I mean, you're, you're, uh, I love what you just said. I mean, we have to get away from this siloed siloed banking. Um, not only within a single organization, but across the enterprise. Right. Um, you know, from a digital battlefield perspective, you know, I, you know, it's a joint fight, right. So even across these enterprise of enterprises, right. So I think you're spot on. We have to look horizontally, uh, we have to integrate, we have to inter-operate. Um, and, and by doing that, that's where the innovation is also going to be accelerated too. Right. Not reinventing the wheel. >>Yeah. You know, I think the infrastructure edge is so key. It's going to be very interesting to see how the existing incumbents can handle themselves. Obviously the towers are important. Five GLC has much more, more deployments, not as centralized in terms of the, of the spectrum. Uh, it's more dense. It's gonna create more connectivity options. Um, how do you guys see that impacting? Because certainly more gear, like, obviously not, not the centralized tower from a backhaul standpoint, but now the edge, the radios themselves, the wireless, uh, uh, uh, transit is key. Um, that's the real edge here. How does, how do you guys see that evolving? >>So, um, you know, we're seeing, uh, we're seeing a lot of, um, innovations actually through small companies. We're really focused on very specific niche problems. I think it's a great starting point, um, because what they're doing is showing the art of the possible, right. Um, because again, we're in a different environment now there's different rules, there's different capabilities now, but then we're also seeing, you mentioned earlier on, um, uh, some of the larger companies, Amazon and Microsoft also investing, um, as well. Right. So, um, I think the merge of the, you know, are the unconstrained are the possible right by these small companies that are, you know, just kind of driving, you know, uh, innovations, uh, supported by the, the, the maturity and the, the, the heft of these large companies who are building out kind of these, um, pardoned kind of, uh, capabilities. Um, they're going to converge at some point, right. Um, and, and that's where I think they want to get further innovation. >>Well, I really appreciate you guys taking the time. Final question for you guys, as people are watching this, a lot of smart executives and teams are coming together to kind of put the battle plans together for their companies, as they transition from old to this new way, which is clearly cloud-scale role of data. We've got them, we hit out all the key points. I think here, as they start to think about architecture and how they deploy their resources, this becomes now the new boardroom conversation that trickles down and includes everyone, including the developers. You know, the developers are now going to be on the front lines. Um, mid-level managers are going to be integrated in as well. It's a group conversation. What are some of the advice that you would give to folks who are in this mode of planning, architecture, trying to be positioned to come out of this pandemic with a massive growth opportunity and, and to be on the right side of history? What's your advice? >>Um, this is a quick question. Um, so I think, um, you, you touched upon it. Um, one is take the holistic approach. Uh, you mentioned orchestras a couple of times, and I think that's, that's critical understanding, um, how your edge architectures will let you connect with your cloud architecture. So they're, they're not disjointed, right? They're not siloed, right. They're interoperable, they integrate. So you're taking that enterprise approach. Um, I think the second thing is be patient. Uh, it took us some time to really kind of, and we've been looking at this for, uh, about three years now. Um, and we were very intentional in assessing the landscape, how people were, you know, um, discussing around edge, um, and kind of pulling that all together, but it took us some time to even figure it out, kind of, Hey, what are the use cases? How can we actually apply this and get some ROI and value, um, out for our clients? Right. So being a little bit patient, um, in thinking through kind of how you can leverage this and potentially be a disruptor, >>John, your thoughts on advice to people watching as they try to put the right plans together to be positioned and not foreclose any future value. >>Yeah, absolutely. So, in addition to the points, the key res I would, number one, amplified the fact of recognize that you're going to have a hybrid environment of legacy and modern capabilities. And in addition to thinking, you know, open architectures and whatnot, think about your culture, the people, your processes, your techniques, and whatnot, and your governance. How do you make decisions when it needs to be closed versus open? Where do you invest in the workforce? What decisions are you going to make in your architecture that drive that, that hybrid world that you're going to live in? All those recipes, you know, patients open all that, that I think we often overlook the cultural people aspect of, you know, upskilling it, this is a very different way of thinking on modern software delivery. Like, how do you go through this lifecycle? How's security embedded. So making sure that's part of that boardroom conversation >>Back day, this is a great interview. We just had with Kaley for Booz Allen reason, why I wanted to bring that into the cube programming this week was because you heard him saying ivory cloud. You heard him say public cloud innovation, edge, all elements of the architecture. And he says, we are learning and it takes patience. And the other thing that he was hyper focused on was the horizontal scalability, not silos. And this is an architectural shift. Who's Alan again, premier firm, and they're doing like killer work. Those guys are amazing. So this brings up the whole theme here, which is you got to nail the architecture. If you don't know what checkmate looks like, don't play chess. That's what I always say. Well, you don't know what the game is, don't play it. And I think the telco story that we hear from Dr is that these guys don't know the game. >>Now I would question that Amazon and others think they do because as they're all partnering with them, yeah, Amazon's got great partnerships. Google just announced a partnership with Ericsson goes on and on. I think anything that can move into the hybrid cloud, Ken should and will that'll happen, but there's some stuff that's going to take some time. Maybe we'll never move. You see that with mainframes. But what they'll do is they'll put an abstraction layer around it and it's got to communicate. And I think the big question is, okay, is it going to be the cloud stack coming on prem, which I think is going to happen, or is it going to be the reverse? And I would bet on the former, well, you know, we've been covering the cloud from day one. We've been part of that wave. We've had all the top conversations with Andy Jassy when, and he was just breaking through the growth. All the cloud players we've been there. We talked to all their customers. We have our finger on the pulse of cloud and we are in cloud city. Main street of cloud city is where all the action is. And the main stage is up there. Adam and team take it from here.

>>okay. Getting data right is one of the top priorities for organizations to affect digital strategy. So right now we're going to dig into the challenges customers face when trying to deploy enterprise wide data strategies. And with me to unpack this topic is Kirk born principal data Scientists and executive advisor Booz Allen Hamilton. Kirk, great to see you. Thank you, sir, for coming on the program. >>Great to be here, Dave. >>So hey, enterprise scale data science and engineering initiatives there. Nontrivial. What do you see? Some of the challenges and scaling data science and data engineering ops. >>Well, one of the first challenge is just getting it out of the sandbox because so many organizations, they say, let's do cool things with data. But how do you take it out of that sort of play phase into an operational phase? And so being able to do that is one of the biggest challenges. And then being able to enable that for many different use cases then creates an enormous challenge. Because do you replicate the technology and the team for each individual use case, or can you unify teams and technologies to satisfy all possible use cases? And so those are really big challenges for companies, organizations everywhere to think about >>what about the idea of industrializing those those data operations? I mean, what does that? What does that mean to you? Is that a security connotation? A compliance? How do you think about it? >>It's actually all of those industrialized to me is sort of like How do you not make it a one off? But you make it sort of a reproducible, solid, risk compliant and so forth system that can be reproduced many different times and again using the same infrastructure and the same analytic tools and techniques, but for many different use cases, so we don't have to rebuild the will reinvent the wheel, reinvent the car, so to speak. Every time you need a different type of vehicle, you build a car or a truck or a race car. There's some fundamental principles that are common to all of those, and that's where that industrialization is, and it includes security, compliance with regulations and all those things. But it also means just being able to scale it out to to new opportunities beyond the ones that you dreamed of when you first invented the thing >>you know, data by its very nature. As you well know, it's distributed, but for you've been at this a while. For years, we've been trying to sort of shove everything into a monolithic architecture and and in hardening infrastructures around that and many organizations, it's It's become a block to actually getting stuff done. But so how? How are you seeing things like the edge emerged? How do you How do you think about the edge? How do you see that evolving? And how do you think customers should be dealing with with edge and edge data? >>Well, it's really kind of interesting. I had many years at NASA working on data systems, and back in those days, the the idea was you would just put all the data in a big data center, and then individual scientists would retrieve that data and do analytics on it, do their analysis on their local computer. And you might say that sort of like edge analytics, so to speak, because they're doing analytics at at their home computer. But that's not what edge means. It means actually doing the analytics, the insights, discovery at the point of data collection, and so that's that's really real time Business decision making. You don't bring the data back and then try to figure out sometime in the future what to do. And I think an autonomous vehicle is a good example of why you don't want to do that. Because if you collect data from all the cameras and radars and light ours that are on a self driving car and you move that data back to a data cloud while the car is driving down the street and let's say a child walks in front of the car, you send all the data back. It computes and does some object recognition and pattern detection, and 10 minutes later sent a message to the car. Hey, you need to put your brakes on. Well, it's a little kind of late at that point, and so you need to make those discoveries, insight, discoveries, those pattern discoveries and hence the proper decisions from the patterns in the data at the point of data collection. And so that's Data Analytics at the edge. And so, yes, you can bring the data back to a central cloud or distributed cloud. It almost doesn't even matter if if your data is distributed, so any use case in any data, scientists or any analytic team in the business can access it. Then what you really have is a data mesh or a data fabric that makes it accessible at the point that you need it, whether it's at the edge or in some static post, uh, event processing. For example, typical business quarter reporting takes a long look at your last three months of business. Well, that's fine in that use case, but you can't do that for a lot of other real time analytic decision making. Well, >>that's interesting. I mean, it sounds like you think the the edge not as a place, but as you know, where it makes sense to actually, you know, the first opportunity, if you will, to process the data at low latency, where it needs to be low latency. Is that a good way to think about it? >>Absolutely. It's a little late and see that really matters. Uh, sometimes we think we're gonna solve that with things like five G networks. We're gonna be able to send data really fast across the wire. But again, that self driving cars yet another example because what if you all of a sudden the network drops out, you still need to make the right decision with the network not even being there, >>that darn speed of light problem. Um, and so you use this term data mash or or data fabric? Double click on that. What do you mean by that? >>Well, for me, it's it's, uh, it's a sort of a unified way of thinking about all your data. And when I think of mesh, I think of like weaving on a loom, or you're you're creating a blanket or a cloth and you do weaving, and you do that. All that cross layering of the different threads and so different use cases in different applications and different techniques can make use of this one fabric, no matter where it is in the in the business. Or again if it's at the edge or or back at the office. One unified fabric, which has a global name space so anyone can access the data they need, sort of uniformly, no matter where they're using it. And so it's a way of this unifying all the data and use cases and sort of a virtual environment that that no longer you need to worry about. So what's what's the actual file name or what's the actual server of this thing is on? Uh, you can just do that for whatever use case you have. But I think it helps Enterprises now to reach a stage which I like to call the self driving enterprise. Okay, so it's modeled after the self driving car. So the self driving enterprise needs the business leaders in the business itself. You would say it needs to make decisions oftentimes in real time, all right. And so you need to do sort of predictive modeling and cognitive awareness of the context of what's going on. So all these different data sources enable you to do all those things with data. And so, for example, any kind of a decision in a business, any kind of decision in life, I would say, is a prediction, right? You say to yourself, If I do this such and such will happen If I do that, this other thing will happen. So a decision is always based upon a prediction about outcomes, and you want to optimize that outcome so both predictive and prescriptive analytics need to happen in this in this same stream of data and not statically afterwards, so that self driving enterprises enabled by having access to data wherever and whenever you need it. And that's what that fabric that data fabric and data mesh provides for you, at least in my opinion. >>Well, so like carrying that analogy like the self driving vehicle, your abstracting, that complexity away in this metadata layer that understands whether it's on prem or in the public cloud or across clouds or at the edge where the best places to process that data, what makes sense? Does it make sense to move it or not? Ideally, I don't have to. Is that how you're thinking about it? Is that why we need this notion of a data fabric >>right? It really abstracts away all the sort of complexity that the I T aspects of the job would require. But not every person in the business is going to have that familiarity with the servers and the access protocols and all kinds of it related things, and so abstracting that away. And that's in some sense what containers do. Basically, the containers abstract away that all the information about servers and connectivity protocols and all this kind of thing You just want to deliver some data to an analytic module that delivers me. And inside our prediction, I don't need to think about all those other things so that abstraction really makes it empowering for the entire organization. You like to talk a lot about data, democratization and analytics democratization. This really gives power to every person in the organization to do things without becoming an I t. Expert. >>So the last last question, we have time for years. So it sounds like Kirk the next 10 years of data not going to be like the last 10 years will be quite different. >>I think so. I think we're moving to this. Well, first of all, we're going to be focused way more on the why question. Why are we doing this stuff? The more data we collect, we need to know why we're doing it. And one of the phrases I've seen a lot in the past year, which I think is going to grow in importance in the next 10 years, is observe ability, so observe ability to me is not the same as monitoring. Some people say monitoring is what we do. But what I like to say is, yeah, that's what you do. But why you do it is observe ability. You have to have a strategy. Why what? Why am I collecting this data? Why am I collecting it here? Why am I collecting it at this time? Resolution? And so getting focused on those why questions create be able to create targeted analytic solutions for all kinds of different different business problems. And so it really focuses it on small data. So I think the latest Gartner data and Analytics trending reports said we're gonna see a lot more focused on small data in the near future. >>Kirk born your dot connector. Thanks so much >>for coming on. The Cuban >>being part of the program. >>My pleasure. Mm mm.

(soft music) >> Getting data right, is one of the top priorities for organizations to affect digital strategy. So, right now we're going to dig into the challenges customers face when trying to deploy enterprise wide data strategies and with me to unpack this topic is Kirk Borne, Principal-Data Scientist, and Executive Advisor Booz Allen Hamilton. Kirk, great to see you, thank you sir for coming on the program. >> Great to be here, Dave. >> So hey, enterprise scale, data science and engineering initiatives, they're non-trivial. What do you see as some of the challenges in scaling data science and data engineering ops? >> First challenge is just getting it out of the sandbox, because so many organizations, they say let's do cool things with data but how do you take it out of that sort of play phase into an operational phase? And so being able to do that is one of the biggest challenges and then being able to enable that for many different use cases then creates an enormous challenge, because do you replicate the technology and the team for each individual use case or can you unify teams and technologies to satisfy all possible use cases? And so those are really big challenges for companies, organizations everywhere to think about. >> Well, what about the idea of you know, industrializing those data operations? I mean, what does that mean to you, is that a security connotation, a compliance? How do you think about it? >> It's actually all of those. And industrialized to me is sort of like, how do you not make it a one-off but you make it a sort of a reproducible, solid risk compliant and so forth system that can be reproduced many different times. And again, using the same infrastructure and the same analytic tools and techniques but for many different use cases. So we don't have to rebuild the wheel, reinvent the wheel, reinvent the car so to speak every time you need a different type of vehicle. You can either build a car, or a truck, or a race car there's some fundamental principles that are common to all of those. And that's where that industrialization is. And it includes security, compliance with regulations and all those things but it also means just being able to scale it out to to new opportunities beyond the ones that you dreamed of when you first invented the thing. >> Yeah, data by its very nature as you well know, is it's distributive but for you you've been at this awhile, for years we've been trying to sort of shove everything into a monolithic architecture, and in hardening infrastructures around that. And in many organizations it's become, you know, a block to actually getting stuff done. But, so how are you seeing things like the Edge emerge you know, how do you think about the edge, how do you see that evolving and how do you think customers should be dealing with edge and edge data? >> Well, that's really kind of interesting. I had many years at NASA working on data systems, and back in those days the idea was you would just put all the data in a big data center and then individual scientists would retrieve that data and do analytics on it, do their analysis on their local computer. And you might say that's sort of like edge analytics so to speak because they're doing analytics at their home computer, but that's not what edge means. It means actually doing the analytics, the insights discovery at the point of data collection. And so that's really real time business decision-making. You don't bring the data back and then try to figure out sometime in the future what to do. And I think autonomous vehicles is a good example of why you don't want to do that because if you collect data from all the cameras and radars and lidars that are on a self-driving car, and you move that data back to a data cloud while the car is driving down the street and let's say a child walks in front of the car, you send all the data back it computes and does some object recognition and pattern detection. And 10 minutes later, it sends a message to the car, "Hey, you need to put your brakes on." Well, it's a little kind of late at that point (laughs) and so you need to make those discoveries those insight discoveries, those pattern discoveries and hence the proper decisions from the patterns in the data at the point of data collection. And so that's data analytics at the edge. And so yes, you can bring the data back to a central cloud or distributed cloud. It almost doesn't even matter. If your data is distributed at sort of any use case in any data scientist or any analytic team and the business can access it then what you really have is a data mesh or a data fabric that makes it accessible at the point that you need it, whether it's at the edge or in some static post event processing, for example, typical business quarter reporting takes a long look at your last three months of business. Well, that's fine in that use case, but you can't do that for a lot of other real time analytic decision-making >> Well that's interesting. I mean, it sounds like you think of the edge not as a place, but as you know where it makes sense to actually, you know the first opportunity, if you will, to process the data at low latency where it needs to be low latency, is that a good way to think about it? >> Yeah, absolutely. It's the low latency that really matters. Sometimes we think we're going to solve that with things like 5G networks. We're going to be able to send data really fast across the wire, but again, that self-driving car is yet another example because what if all of a sudden the network drops out you still need to make the right decision with the network not even being there. >> Yeah that darn speed of light problem. And so you use this term data mesh or data fabric, double click on that, what do you mean by that? >> Well, for me, it's sort of a unified way of thinking about all your data. And when I think of mesh, I think of like weaving on a loom, you're creating a a blanket or a cloth and you do weaving and you do that all that cross layering of the different threads. And so different use cases in different applications in different techniques can make use of this one fabric no matter where it is in the business or again, if it's at the edge or back at the office. One unified fabric, which has a global namespace so anyone can access the data they need, sort of uniformly no matter where they're using it. And so it's a way of unifying all of the data and use cases and sort of a virtual environment that you no longer need to worry about. So what's the actual file name or what's the actual server this thing is on, you can just do that for whatever use case you have. I think it helps the enterprises now to reach a stage which I like to call the self-driving enterprise, okay? So it's modeled after the self-driving car. So the self-driving enterprise, the business leaders and the business itself you would say needs to make decisions, oftentimes in real time, All right? And so you need to do sort of predictive modeling and cognitive awareness of the context of what's going on. So all of these different data sources enable you to do all those things with data. And so, for example, any kind of a decision in a business, any kind of decision in life, I would say is a prediction, right? You say to yourself, if I do this such and such will happen. If I do that, this other thing will happen. So a decision is always based upon a prediction about outcomes and you want to optimize that outcome. So both predictive and prescriptive analytics need to happen in this same stream of data and not statically afterwards. And so that self-driving enterprise is enabled by having access to data wherever and whenever you need it and that's what that fabric, that data fabric and data mesh provides for you, at least in my opinion. >> Also like carrying that analogy like the self-driving vehicle, you're abstracting that complexity away and there's a metadata layer that understands whether it's on prem or in the public cloud or across clouds, or at the edge, where are the best places to process that data, what makes sense, does it make sense to move it or not, ideally, I don't have to, Is that how you're thinking about it? Is that why we need this notion of a data fabric? >> Right, it really abstracts away all the, sort of the complexity that the IT aspects of the job would require, but not every person in the business is going to have that familiarity with the servers and the access protocols and all kinds of IT related things. And so abstracting that away, and that's in some sense what containers do. Basically the containers abstract away all the information about servers and connectivity, you know, and protocols and all this kind of thing. You just want to deliver some data to an analytic module that delivers me an insight or a prediction, I don't need to think about all those other things. And so that abstraction really makes it empowering for the entire organization. We like to talk a lot about data democratization and analytics democratization. This really gives power to every person in the organization to do things without becoming an IT expert. >> So the last question we have time for here is, so it sounds like Kirk, the next 10 years of data are not going to be like the last 10 years, it will be quite different. >> I think so. I think we're moving to this, well, first of all, we're going to be focused way more on the why question, like, why are we doing this stuff? The more data we collect we need to know why we're doing it. And what are the phrases I've seen a lot in the past year which I think is going to grow in importance in next 10 years is observability. So observability to me is not the same as monitoring. Some people say monitoring is what we do but what I like to say is, "Yeah, that's what you do, but why you do it is observability." You have to have a strategy. Why am I collecting this data? Why am I collecting it here? Why am I collecting it at this time resolution? And so getting focused on those why questions, be able to create targeted analytics solutions for all kinds of different business problems. And so it really focuses it on small data. So, I think the latest Gartner data and analytics trending report, so we're going to see a lot more focus on small data in the near future. >> Kirk Borne, you're a dot connector. Thanks so much for coming on The Cube and being of the part of the program. >> My pleasure. (soft music)

>> Live from San Francisco. It's the Cube covering artists. A conference twenty nineteen brought to you by for scout. >> Hey, Welcome back, everybody. Jefe Rick here with the Cube were in the force caboose that Arcee and Mosconi center forty thousand people walking around talking about security is by far the biggest security of it in the world. We're excited to be here. And welcome back a Cube. Alumni has been playing in the security space for a very long time. He's Bradman bury the GDP from Booz Allen >> Hamilton. Brad, great to see you. >> Hey, thanks for having me here today. Absolutely. Yeah. I've, uh I've already walked about seven miles today, and, uh, just glad to be here to have >> a conversation. Yeah, the fit bitten. The walking trackers love this place, right? You feel your circles in a very short period of time. >> I feel very fit fit after today. So thank >> you. But it's pretty interesting rights, >> and you're in it. You're in a position where you're >> advising companies, both government and and commercial companies, you know, to come into an environment like this and just be overwhelmed by so many options. Right? And you can't buy everything here, and you shouldn't buy everything here. So how do you help? How do you hope your client's kind of navigate this crazy landscape. >> It's interesting, so you mentioned forty thousand people. Aziz, you see on the show, should share room floor behind us, Thousands of product companies, and, frankly, our clients are confused. Um, you know, there's a lot of tools, lot technologies. There's no silver bullet, and our clients are asking a couple of fundamental problem. A couple of fundamental questions. One. How effective in mine and then once them effective, you know, how can I be more efficient with my cyber pretty spent? >> So it's funny, effective. So how are they measuring effective, Right? Because that's a that's a kind of a changing, amorphous thing to target as well. >> That's I mean, that's that's That's the that's the key question in cybersecurity is how effective my, you know, there's lots of tools and technologies. We do a lot of instant response, but commercially and federally and in general, when looking at past reaches, its not a problem. In most cases, everyone has the best of the best and tools and technologies. But either they're drowning in data on DH or the tools aren't configured properly, so you know we're spending a lot of time helping our client's baseline their current environment. Help them look at their tool configurations, help them look at their screw. The operation center helping them figure out Can they detect the most recent threats? And how quickly can we respond? >> Right? And then how did they prioritize? That's the thing that always amazes me, because then you can't do everything right. And and it's fascinating with, you know, the recent elections and, you know, kind of a state funded threats. Is that what the bad guys are going on going after? Excuse me? Isn't necessarily your personal identifying information or your bank account, but all kinds of things that you may not have thought were that valuable yesterday, >> right? I mean, you know, it's funny. We talk a lot about these black swan events, and so you look at not Petra and you know what? Not Pecchia. There was some companies that were really hit in a very significant way, and, you know, everyone, everyone is surprised, right and way. See it time after time, folks caught off guard by, you know, these unanticipated attack vectors. It's a big problem. But, you know, I think you know, our clients are getting better. They're starting to be more proactive. There start. They're starting to become more integrated communities where they're taking intelligence and using that to better tune and Taylor there screw the operation programs. And, you know, they're starting to also used take the tools and technologies in their environment, better tie them and integrate them with their operational processes and getting better. >> Right. So another big change in the landscape. You said you've been coming here for years. Society, right? And yeah. And it's just called Industrial. I owe to your Jean. Call it. Yeah. And other things. A lot more devices should or should not be connected. Well, are going to be connected. They were necessarily designed to be connected. And you also work on the military side as well. Right? And these have significant implications. These things do things, whether it's a turbine, whether it's something in the hospital, this monitoring that hard or whether it's, you know, something in a military scenarios. So >> how are you seeing >> the adoption of that? Obviously the benefits far out way you know, the potential downfalls. But you gotta protect for the downfall, >> you know? Yo, Tio, we've u o T is one of the most pressing cyber security challenges that our client's case today. And it's funny. When we first started engaging in the OT space, there was a big vocabulary mismatch. You had thesis, Oh, organizations that we're talking threat actors and attack vectors, and then you had head of manufacturing that we're talking up time, availability and reliability and they were talking past each other. I think now we're at an attorney point where both communities air coming together to recognize that this is a really an imminent threat to the survival of their organization and that they've got to protect they're ot environment. They're starting by making sure that they have segmentation in place. But that's not enough. And you know, it's interesting when we look into a lot of the OT environments, you know, I call it the Smithsonian of it. And so, you know, I was looking at one of our client environments and, you know, they had, Ah, lot of Windows and T devices like that's great. I'm a Windows NT expert. I was using that between nineteen ninety four in nineteen ninety six, and you know, I mean, it's everybody's favorite vulnerability. Right on Rodeo. I'm your guy. So, you know, one of the challenges that we're facing is how do you go into these legacy environments that have very mission critical operations and, you know, integrates cyber security to protect and ensure their mission. And so we're working with companies like for Scott, you know, that provide Asian agent lis capabilities, that that allow us to better no one understand what's in the environment and then be able to apply policies to be able to better protect and defend them. But certainly it's a major issue that everyone's facing. We spent a lot of time talking about issues in manufacturing, but but think about the utilities. Think about the power grid. Think about building control systems. H back. You know, I was talking to a client that has a very critical mission, and I asked them all like, what's your biggest challenge? You face today? And I was thinking for something. I was thinking they were going to be talking about their mission control system. Or, you know, some of some of the rial, you know, critical critical assets they have. But what he said, My biggest challenge is my, my age back, and I'm like, really, He's like my age back goes down, My operation's gonna be disrupted. I'm going out to Coop halfway across the country, and that could result in loss of life. It's a big issue. >> Yeah, it's wild. Triggered all kinds. I think Mike earlier today said that a lot of a lot of the devices you don't even know you're running in tea. Yeah, it's like a little tiny version of Inti that's running underneath this operating system that's running this device. You don't even know it. And it's funny. You talked about the HBC. There was a keynote earlier today where they talk about, you know, if a data center HBC goes down first. I think she said, sixty seconds stuff starts turning off, right? So, you know, depending on what that thing is powering, that's a pretty significant data point. >> Yeah, you know, I think where we are in the journey and the OT is, you know, we started by creating the burning platform, making sure that there was awareness around hate. There is a problem. There is a threat. I think we've moved beyond that. WeII then moved into, you know, segmenting the BOT environment, A lot of the major nation state attacks that we've seen started in the enterprise and move laterally into the OT environment. So we're starting to get better segmentation in place. Now we're getting to a point where we're moving into, you know, the shop floors, the manufacturing facilities, the utilities, and we're starting Teo understand what's on the network right in the world This has probably been struggling with for years and have started to overcome. But in the OT environment, it's still a problem. So understanding what's connected to the network and then building strategy for how we can really protecting defendant. And the difference is it's not just about protecting and defending, but it's insuring continuity of mission. It's about being resilient, >> right and being able to find if there's a problem down the problem. I mean, we're almost numb. Tow the data breach is right there in the paper every day. I mean, I think Michael is really the last big when everyone had a connection fit down. Okay, it's another another data breach. So it's a big It's a big issue. That's right. So >> one of the things you talked about last time we had >> John was continuous diagnostic and mitigation. I think it's a really interesting take that pretty clear in the wording that it's not. It's not by something, put it in and go on vacation. It was a constant, an ongoing process, and I have to really be committed to >> Yeah, you know, I think that, you know, our clients, the federally and commercially are moving beyond compliance. And if you rewind the clock many years ago, everyone was looking at these compliance scores and saying Good to go. And in reality, if you're if you're compliant, you're really looking in the rear view mirror. And it's really about, you know, putting in programs that's continually assessing risk, continuing to take a continues to look at your your environment so that you can better understand what are the risks, one of the threats and that you can prioritize activity in action. And I think the federal government is leading the way with some major programs. I got a VHS continuous diagnostic in mitigation where they're really looking Teo up armor dot gov and, you know, really take a more proactive approach. Teo, you know, securing critical infrastructure, right? Just >> curious because you you kind >> of split the fence between the federal clients and the commercial clients. Everybody's, you know, kind of points of view in packs away they see the world. >> What if you could share? >> Kind of, maybe what's more of a federal kind of centric view that wasn't necessarily shared on the commercial side of they prioritize. And what's kind of the one of the commercial side that the feds are missing? I assume you want to get him both kind of thinking about the same thing, but there's got to be a different set of priorities. >> Yeah, you know, I think after some of the major commercial breaches, Way saw the commercial entities go through a real focused effort. Teo, take the tools that they have in the infrastructure to make sure that they're better integrated. Because, you know, in this mass product landscape, there's lots of seems that the adversaries livin and then better tie the tooling in the infrastructure with security operations and on the security operation side, take more of an intelligence driven approach, meaning that you're looking at what's going on out in the wild, taking that information be able to enrich it and using that to be more proactive instead of waiting for an event to pop up on the screen hunt for adversaries in your network. Right now, we're seeing the commercial market really refining that approach. And now we're seeing our government clients start to adopt an embrace commercial. Best practices. >> Write some curious. I love that line. Adversaries live in the scene. Right? We're going to an all hybrid world, right? Public cloud is kicking tail. People have stuff in public, cloud their stuff in their own cloud. They have, you know, it's very kind of hybrid ecosystems that sounds like it's making a whole lot of scenes. >> Yeah, you know, it. You know, just went Just when we think we're getting getting there, you know, we're getting the enterprise under control. We've got asset management in place, You know. We're modernizing security operations. We're being Mohr Hunt driven. More proactive now the attacks services expanding. You know, earlier we talked about the OT environment that's introducing a much broader and new attack service. But now we're talking about cloud and it's not just a single cloud. There's multiple cloud providers, right? And now we're not. Now we're talking about software is a service and multiple software's of service providers. So you know, it's not just what's in your environment now. It's your extended enterprise that includes clouds. So far is the service. Excuse me, ot Io ti and the problem's getting much more complex. And so it's going to keep us busy for the next couple of years. I think job security's okay, I think where I think we're gonna be busy, all >> right, before I let you go, just kind of top trends that you're thinking about what you guys are looking at a za company as we had in twenty >> nineteen, you know, a couple of things. You know, Who's Alan being being deeply rooted in defense and intelligence were working, Teo, unlocking our tradecraft that we've gained through years of dealing with the adversary and working to figure out howto better apply that to cyber defense. Things like advanced threat hunting things like adversary red teaming things like being able to do base lining to assess the effectiveness of an organisation. And then last but not least, a i a. I is a big trend in the industry. It's probably become one of the most overused but buzzwords. But we're looking at specific use cases around artificial intelligence. How do you, you know better Accelerate. Tier one tier, two events triaging in a sock. How do you better detect, you know, adversary movement to enhance detection in your enterprise and, you know, eyes, you know, very, you know, a major major term that's being thrown out at this conference. But we're really looking at how to operationalize that over the next three to five years, >> right? Right. And the bad guys have it too, right? And never forget tomorrow's Law. One of my favorite, not quoted enough laws, right, tend to overestimate in the short term and underestimate in the long term, maybe today's buzzword. But three to five years A I's gonna be everywhere. Absolutely. Alright. Well, Brad, thanks for taking a few minutes of your day is done by. Good >> to see you again. All right, >> all right. He's Brad. I'm Jeff. You're watching. The Cube were in Arcee conference in downtown San Francisco. Thanks >> for watching. We'LL see you next time.

>> Live, from San Francisco, it's The Cube! Covering DockerCon '18. Brought to you by Docker and its ecosystem partners. >> Hey, welcome back to The Cube. We are live at DockerCon 2018 on a beautiful day in San Francisco. We're glad you're not playing hooky though if you're in the city because it's important to be here watching John Troyer and myself, Lisa Martin, talk to some awesome, inspiring guests. We're excited to welcome two Docker captains, that's right, to The Cube. We've got Nirmal Mehta, you are the chief technologist of Booz Allen. Welcome back to The Cube. And, we've got Bret Fisher, the author of Docker Mastery. Both of you, Docker captains. Can't wait to dig into that. But you're both speakers here at the fifth annual DockerCon. So Bret, let's talk, you just came off the stage basically. So, thank you for carving out some time for us. Talk to us about your session. What did you talk about? What was some of the interaction with the attendees? >> Well the focus is on Docker Swarm and I'm a assist admin at heart so I focus on ops more than developer but I spend my life helping developers get their stuff into production. And so, that talk centers around the challenges of going in and doing real work that's for a business with containers and how do you get what seems like an incredible amount of new stuff into production all at the same time on a container ecosystem. So, kind of helping them build the tools they need, and what we call a stack, a stack of tools, that ultimately create a full production solution. >> What were some of the commentary you heard from attendees in terms of... Were these mostly community members, were there users of container technology, what was sort of the dynamic like? >> Well you have, there's all sorts of dynamics, right? I mean you have startups, I think I took a survey in the room because it was packed and like 20% of the people in the room about were a solo DevOps admin. So they were the only person responsible for their infrastructure and their needs are way different than a team that has 20 or 30 people all serving that responsibility. So, the talk was a little bit about how do they handle their job and do this stuff. You know, all this latest technology without being overwhelmed and, then, how does it grow in complexity to a larger team and how do they sustain that. So, yeah. >> Bret, it's nice that the technology is mature enough now that people are in production, but what are some of the barriers that people hit when they try to go into production the first time? >> Yeah, great question. I think the biggest barrier is trying to do too much new at the same time. And, I don't know why we keep relearning this lesson in IT, right? We've had that problem for decades of projects being over cost, over budget, over timed, and I think with so much exciting new stuff in containers it's susceptible to that level of, we need all these new things, but you actually don't, right? You can actually get by with very small amounts of change, incrementally. So, we try to teach that pattern of growing over time, and, yeah. >> You mentioned like the one person team versus the multi-person team kind of DevOps organization. Does that same problem of boiling the ocean, do you see that in both groups? >> Yeah, I mean you have fundamentally the same needs, the same problem that you have to solve, but different levels of complexity is really all it has to do with and different levels of budget, obviously, right? So, usually the solo admin doesn't have the million dollar budget for all the tools and bells and whistles, so they might have to do more on their own, but, then, they also have less time so it's a tough row to hoe, you know, to deal with, because you've got those two different fundamental problems of time and money and people are using the most expensive thing. So, no matter what the tool is you're trying to buy, it's usually your time that's the most valuable thing. So how do we get more of our time back? And that's really what containers were all about originally was just getting more of our time back out of it and so we can put back into the business instead of focusing on the tech itself. >> Nirmal, your talk tomorrow is on empathy. >> Yes. >> Very provocative, dig into that for us. >> Sure, so it was actually inspired by a conversation I had with John a couple years ago on Geek Whisperers podcast and he asked the folks on that show, yourself included, asked if there was an event in my past that I kind of regret or taught me a lot. And it was about basically neglecting someone on my team and just kind of shoving them away. And, that moment was a big change in how I felt about the IT industry. And, what I had done was pushed someone who probably needed that help and built up a lot of courage to talk to me and I kind of just dismissed him too quickly. And, from there, I was thinking more and more about game theory and behavioral economics and seeing a lot of our clients and organizations struggle to go through a digital transformation, a DevOps transformation, a cultural transformation. So, to me, culture is kind of the core of what's happening in the industry. And so, the idea of my talk is a little bit of behavioral economics, a little bit of game theory, to kind of set the stage for where your IT organization is probably kind of is right now and how to use empathy to get your organization to that DevOps and to a more efficient place and resolve those conflicts that happen inherently. And, somehow tie that all together with Docker. So, that's kind of what my talk is all about. >> Nice, I mean what's interesting to me, Lisa, is that we do Cubes and there are many Cubes actually all across the country during conference season, right? And we talk to CEOs and VPs of very large companies and even today, at DockerCon, the word 'culture' and the talking about culture and process and people has come up every single interview. So, it's not just from the techies up that this conversation is going... this DevOps and empathy conversation is going on, it seems to be from the top down as well. Everyone seems to recognize that, if you really are going to get this productivity gain, it's not just about the tech, you gotta have culture. >> Absolutely, a successful transformation of an organization is both grassroots and top down. Can't have it without either. And, I think we inherently want to have a... Like, we want to take a pill to solve that problem and there's lots of pills: Docker or cloud or CICD or something. But, those tools are the foundational safety net for a cultural transformation, that's all that it is. So, if you're implementing Docker or Jenkins or some CICD pipeline or automation, that's a safety blanket for providing trust in an organization to allow that change in the culture to happen. But, you still need that cultural change. Just adopting Docker isn't going to make you automatically a more effective organization. Sorry, but it's just one piece and it's an important piece but you have to have that top down understanding of where you are now as an organization and where you want to be in the future. And understanding that this kind of legacy, siloed team mindset is no longer how you can achieve that. >> You talked about trust earlier from a thematic perspective as something that comes up. You know we were at SAP Sapphire last week and trust came up a lot as really paramount. And that was in the context of a vendor/customer relationship. But, to your point, it's imperative that it's actually coming from within organizations. We talk a lot about, well stuff today: multi-cloud--multi-cloud, silos-- but, there's also silos with people and without that cultural shift and probably that empathy, how successful, how big of an impact can a technology make? Are you talking with folks that are at the executive level as well as the developer level in terms of how they each have a stake and need to contribute to this empathy? >> Yeah, absolutely. So, the talk I'm doing is basically the ammunition a lower level person would need to go up to management and say, hey, you know this is where the organization is, this is what the IT department kind of looks like, these are the conflicts, and we have to change in order to succeed. And a lot of folks don't. They see the technology changes that they need. You know, adopting the new javascript framework or the new UX pattern. But, they might not have the ammunition to understand the business strategy, the organizational issues. But, they still need that evidence to actually convince a CTO or a CEO or a COO for the need to change. So, I've talked to both groups. From the C-level side, I think it comes from the inherent speed of the industry, the competitive landscape, those are all the pressures that they see and the disruptions that they are tackling. Maybe it's incumbent disruption or new startups that they may have to compete with in the future. The need for constant innovation is kind of the driver. And, IT is kind of where all that is, these days. >> That's great. Building on the concept of trust and this morning at the keynote, Matt Mckesson where they talked about trusting Docker, trusting Docker the company, trusting Docker the technology. Almost the very first words out of Steve Singh's mouth this morning were about community. And, I think community is one of the big reasons people do trust Docker and one of the things that brings them along. You guys are both Docker captains, part of a program of advocacy, community programs. I don't know, Bret, can you tell us a little bit about the program and what's involved in it? >> Yeah, sure. So, it's been around over two years now and it actually spawned out of Docker's pre-existing programs were focusing on speakers and bloggers and supporting them as well as community leaders that run meetups. And they kind of figured out that a key set of people were kind of doing two or three of those things all at once. And so, they were sort of deciding how do we make like super-groups of these people and they came up with the term Docker captain It really just means you know something about Docker, you share it constantly, something about a Docker toolset, something about the container tools. And that you're sort of... And you don't work for Docker. You're a community person that is, maybe you're working for someone that is a partner of Docker or maybe you're just a meetup volunteer that also blogs a lot about patterns and practices of Docker or new Docker features. And so, they kind of use the engineering teams at Docker to kind of pick through people on the internet and the people they see in the community that are sort of rising out of all the noise out there. And they ask them to be a part of the program and then, of course, we get nice jackets and lots of training. And, it's really just a great group of people, we're about 70 people now around the world. >> And yeah, this is global as well, right? >> Oh yeah, yep. It's one of my favorite aspects is the international aspect. I work for Booz Allen which is a more US government focused and I don't get to interact with the global community much. But, through the Docker captain program got friendships and connections almost on every continent and a lot of locations. I just saw a post of a Docker meetup in like, I think it was like Tunisia. Very, very out there kind of places. There was a Cuban one, recently, in Havana. The best connections to a global community that I've ever seen. I think one of the biggest drivers is the rapid adoption and kind of industry trend of containerization and the Docker brand and what it is basically gave rise to a ton of folks just beginners, just wanting to know what it's all about. And, we've been identified as folks that are approachable and have kind of a mandate to be people that can help answer those initial questions, help align folks that have questions with the right resources, and also just make it like a soft, warm, fuzzy kind of introduction to the community. And engage on all kinds of levels, advanced to beginner levels. >> It was interesting, again, this morning, I think about half the people raised their hands to the question, "is it their first year?" So, it still seems like the Docker, the inbound people interested in Docker is still growing and millions of developers all over the world, right? I don't know, Bret, you have a course, Docker Mastery, you also do meetups, and so I'm curious like what is the common pathway or drivers for new folks coming in, that you see and talk with? >> Yeah, what's the pathways? >> Yeah, the pathway, what's driving them? What are they trying to do? Again, are they these solo folks? >> Yeah, it's sort of a little bit of everything. We're very lucky in the course. We actually just crossed 55,000 students worldwide, 161 countries on a course that is only a year old. So, it kind of speaks to the volume of people around the world that really want to learn containers and all the tools around them. I think that the common theme there is I think we had the early adopters, right, and that was the first three or four years of Docker was people that were Silicon Valley, startups, people who were already on the bleeding edge of technology, whether it was hobbyist or enterprise. It was all people, but it was sort of the Linux people. Now, what we're getting is the true enterprise admins and developers, right. And that means, Microsoft, IBM mainframes, .Net, Java, you're getting all of these sort of traditional enterprise technologies but they all have the same passion, they're just coming in a few years later. So, what's funny is, you're meetups don't really change. They're just growing. Like what you see worldwide, the trend is we're still on the up-climb of all the groups, we have over 200 meetups worldwide now that meet once a month about Docker. It's just a crazy time right now. Everything's growing and it's like you wonder if it's ever going to stop, right How big are we gonna get, gonna take over the world with containers? >> Yeah, about 60% or more of all our meetups are completely new to Docker. And, it ranges from, you know, my boss told me about it so I gotta learn it or I found it and I want to convince other people in my organization to use it so I need to learn it more so I can make that case or, it's immediately solving a problem but I don't know how to take it to the next level, don't know where it's going, all that. It's a lot of new people. >> I get students a lot, college students that want to be more aggressive when they get in the marketplace and they hear the word 'DevOps' a lot and they think DevOps is a thing I need to learn in order to get a job. They don't really know what that is. And, of course, we don't even. At this point, it's so watered down, I don't know if anyone really knows what it is. But eventually, they search that and they come up with sort of key terms and I think one of those the come up right away is Docker. And they don't know what that is. But, I get asked the question a lot, If I go to this workshop or if I go the meetup or whatever, can I put that on my resume so I can get my first job out of school? They're always looking for something else beyond their schooling to make them a better first resume. So, it's cool to see even the people just stepping into the job market getting their feet wet with Docker even when they don't even know why they need it. >> It sounds like a symbiotic thought leadership community that you guys are part of and it sounds like the momentum we heard this morning in the general session is really carried out through the Docker captains and the communities. So, Nirmal, Bret, thanks so much for stopping by bringing your snazzy sweatshirts and sharing what you guys are doing as Docker captains. We appreciate your time. >> Thank you. >> Thank you. >> We want to thank you for watching The Cube. I'm Lisa Martin with John Troyer. We're live at DockerCon 2018. Stick around, John and I will be right back with our next guest.

>> Announcer: Live from Washington, DC it's theCube covering .conf 2017 brought to you by Splunk. >> Welcome back here on theCube the flagship broadcast for Silicon Angle TV, glad to have you here at .conf 2017 along with Dave Vellante, John Walls. We are live in Washington, DC and balmy Washington, DC. It's like 88 here today, really hot. >> It's cooler here than it is in Boston, I here. >> Yeah, right, but we're not used to it this time of year. Brad Medairy now joins us he's an SVP at Booz Allen Hamilton and Brad, thank you for being with us. >> Dave: And another Redskins fan I heard. >> Another Redskins fan. >> It was a big night wasn't it? Sunday night, I mean we haven't had many of those in the last decade or so. >> Yeah, yeah, I became a Redskins fan in 1998 and unfortunately a little late after the three or four superbowls. >> John: That's a long dry spell, yeah. >> Are you guys Nats fans? >> Oh, huge Nats fan, I don't know, how about Brad, I don't want to speak for you. >> I've got a soft spot in my heart for the Nats, what's the story with that team? >> Well, it's just been post-season disappointment, but this year. >> This is the year. >> This is the year, although-- >> Hey, if the Redsox and the Cubs can do it. >> I hate to go down the path, but Geos worry me a little bit, but we can talk about it offline. >> Brad: Yeah, let's not talk about DC Sports. >> Three out of five outings now have not been very good, but anyway let's take care of what we can. Cyber, let's talk a little cyber here. I guess that's your expertise, so pretty calm, nothing going on these days, right? >> It's a boring field, you know? Boring field, yeah. >> A piece of cake. So you've got clients private sector, public sector, what's kind of the cross-pollination there? I mean, what are there mutual concerns, and what do you see from them in terms of common threats? >> Yeah, so at Booz Allen we support both federal and commercial clients, and we have a long history in cyber security kind of with deep roots in the defense and the intelligence community, and have been in the space for years. What's interesting is I kind of straddle both sides of the fence from a commercial and a federal perspective, and the commercial side, some of the major breaches really force a lot of these organizations to quickly get religion, and early on everything was very compliance driven and now it's much more proactive and the need to be much more both efficient and effective. The federal space is, I think in many cases, catching up, and so I've done a lot of work across .mil and there's been a lot of investment across .mil, and very secure, .gov, you know, is still probably a fast follower, and one of the things that we're doing is bringing a lot of commercial best practices into the government space and the government's quickly moving from a compliance-based approach to cyber security to much more proactive, proactive defense. >> Can you get, it's almost like a glacier sometimes, right, I mean there's a legacy mindset, in a way, that government does it's business, but I would assume that events over the past year or two have really prompted them along a little bit more. >> I mean there's definitely been some highly publicized events around breaches across .gov, and I think there's a lot of really progressive programs out there that are working to quickly you know, remediate a lot of these issues. One of the programs we're involved in is something called CDM that's run out of DHS, Continuous Diagnostic and Mitigation, and it's a program really designed to up-armor .gov, you know to increase situational awareness and provide much more proactive reporting so that you can get real-time information around events and postures of the network, so I think there's a lot of exciting activities and I think DHS and partnership with the federal agencies is really kind of spearheading that. >> So if we can just sort of lay out the situation in the commercial world and see how it compares to what's going on in gov. Product creep, right, there's dozens and dozens and dozens of products that have been installed, security teams are just sort of overwhelmed, overworked, response is too slow, I've seen data from, whatever, 190 days to 350 days, to identify an infiltration, nevermind remediate it, and so, it's a challenge, so what's happening in your world and how can you guys help? >> Yeah, you know it's funny, I love going out to the RSA conference and, you know, I watch a lot of folks in the space, walking around with a shopping cart and they meet all these great vendors and they have all these shiny pebbles and they walk away with the silver bullet, right, and so if they implement this tool or technology, they're done, right? And I think we all know, that's not the case, and so over the years I think that we've seen a lot of, a lot of organizations, both federal and commercial, try to solve a lot of the problems through, you know, new technology solutions, whether it's the next best intrusion detection, or if it's endpoint, you know, the rage now is EDR, MDR, and so, but the problem is at the end of the day, the adversaries live in the seams, and in the world that I grew up in focused a lot around counter-terrorism. We took a data-centric approach to finding advanced adversaries, and one of the reasons that the Booz Allen has strategically partnered with Splunk is we believe that, you know, in a data-centric approach to cyber, and Splunk as a platform allows us to quickly integrate data, independent of the tools because the other thing with these tool ecosystems is all these tools work really well within their own ecosystem, but as soon as you start to mix and match best of breed tools and capabilities, they tend to not play well together. And so we use Splunk as that integration hub to bring together the data that allows us to bring our advanced trade-craft and tech-craft around hunting, understanding of the adversaries to be able to fuse that data and do advanced detection and help our clients be a lot more proactive. >> So cyber foresight is the service that you lead with? >> Yeah, you know, one of the things, having a company that's been, Booz Allen I think now is 103 years old, with obvious deep roots in the federal government, and so we have a pedigree in defense and intelligence, and we have a lot of amazing analysts, a lot of amazing, what we call, tech-craft, and what we did was, this was many many years ago, and we're probably one of the best kept secrets in threat intelligence, but after maybe five or six years ago when you started to see a lot of the public breaches in the financial services industry, a lot of the financial service clients came to us and said, "Hey, Booz Allen, you guys understand the threat, you understand actors, you understand TTPs, help educate us around what these adversaries are doing. Why are they doing it, how are they doing it, and how can we get out in front of it?" So the question has always been, you know, how can we be more proactive? And so we started a capability that we, or we developed a capability called cyber foresight where we provided some of our human intelligence analysts and applied them to open-source data and we were providing threat intelligence as a service. And what's funny is today you see a lot of the cyber threat intelligence landscape is fairly crowded, when I talk to clients they affectionately refer to people that provide threat intelligence as beltway book reporters, which I love. (laughter) But for us, you know, we've lived in that space for so many years we have the analysts, the scale, the tradecraft, the tools, the technologies, and we feel that we're really well positioned to be able to provide clients with the insights. You know, early on when we were working heavily in the financial services sector, the biggest challenge a lot of our clients had in threat intelligence was, what do I do with it? Okay, so you're going to send me, what we call a Spot Report, and so hey we know this nation-state actor with this advanced set of TTPs is targeting my organization, so what, right? I'm the CISO, I'm the CIO, should I resign? Should I jump out the window? (laughter) What do I do? I know these guys are coming after me, how do I actually operationalize that? And so what we've spent a lot of time thinking about and investing in is how to operationalize threat intelligence, and when we started, you kind of think of it as a pitcher and a catcher, right? You know, so the threat intelligence provider throws those insights, but the receiver needs to be able to catch that information, be able to put it in context, process it, and then operationalize it, implement it within their enterprise to be able to stop those advanced threats. And so one of the reasons that we gravitated toward Splunk, Splunk is a platform, Splunk is becoming really, in our mind, one of the defacto repositories for IT and cyber data across our client space, so when you take that, all those insights that Splunk has around the cyber posture and the infrastructure of an enterprise, and you overlay the threat intelligence with that, it gives us the ability to be able to quickly operationalize that intelligence, and so what does that mean? So, you know, when a security operator is sitting at a console, they're drowning in data, and, you know, analysts, we've investigated tons of commercial breaches and in most cases what we see is the analyst, at some point, had a blinking red light on their screen that was an indicator of that particular breach. The problem is, how do you filter through the noise? That's a problem that this whole industry, it's a signal to noise ratio issue. >> So you guys bring humans to that equation, human intelligence meets analytics and machine intelligence, and your adversary has evolved, and I wonder if you can talk about that, it's gone from sort of hacktivists to organized crime and nation-states, so they've become much more sophisticated. How have the humans sort of evolved as well that your bridge to bear? >> Yeah, I mean certainly the bear to entry is lower, and so now we're seeing ransomware as a service, we're seeing attacks on industrial control systems, on IOT devices, you know, financial services now is extremely concerned about building control systems because if you can compromise and build a control system you can get into potentially laterally move into the enterprise network. And so our analysts now not only are traditional intelligence analysts that understand adversaries and TTPs, but they also need to be technologists, they need to have reverse engineering experience, they need to be malware analysts, they need to be able to look at attack factors in TTPs to be able to put all the stuff in context, and again it goes back to being able to operationalize this intelligence to get value out of it quickly. >> They need to have imaginations, right? I mean thinking like the bad guys, I guess. >> Yeah, I mean we spend a lot of time, we've started up a new capability called Dark Labs and it's our way to be able to unlock some of those folks that think like bad guys and be able to unleash them to look at the world through a different lens, and be able to help provide clients insights into attack factors, new TTPs, and it's fascinating to watch those teams work. >> How does social media come into play here? Or is that a problem at all, or is that a consideration for you at all? >> Well, you know, when we look at a lot of attacks, what's kind of interesting with the space now is you look at nation-state and nation-state activists and they have sophisticated TTPs. In general they don't have to use them. Nation-states haven't even pulled out their quote "good stuff" yet because right now, for the most part they go with low-hanging fruit, low-hanging fruit being-- >> Just pushing the door open, right? >> Yeah, I mean, why try to crash through the wall when you can just, you know, the door's not locked? And so, you know, when you talk about things like social media whether it's phishing, whether it's malware injected in images, or on Facebook, or Twitter, you know, the majority of tacts are either driven through people, or driven through just unpatched systems. And so, you know, it's kind of cliche, but it really starts with policies, training of the people in your organization, but then also putting some more proactive monitoring in place to be able to kind of start to detect some of those more advanced signatures for some of the stuff that's happening in social media. >> It's like having the best security system in the world, but you left your front door unlocked. >> That's right, that's right. >> So I wonder if, Brad, I don't know how much you can say, but I wonder if you could comment just generally, like you said, we haven't seen their best pitch yet, we had Robert Gates on, and when I was interviewing him he said, "You know, we have great offensive posture and security, but we have to be super careful how we use it because when it comes to critical infrastructure we have the most to lose." And when you think about the sort of aftermath of Stuxnet, when basically the Iranians said hey we can do this too, what's the general sort of philosophy inside the beltway around offense versus defense? >> You know, I think from, that's a great question. From an offensive cyber perspective I think where the industry is going is how do you take offensive tradecraft and apply it to defensive? And so by that I mean, think about we take folks that have experience thinking like a bad guy, but unleash them in a security operation center to do things like advanced hunting, and so what they'll do is take large sets of data and start doing hypothesis driven analytics where they'll be able to kind of think like a bad guy and then they'll have developers or techies next to them building different types of analytics to try to take their mind and put it into an analytic that you can run over a set of data to see, hey, is there an actor on your network performing like that? And so I think we see in the space now a lot of focus around hunting and red teaming, and I think that's kind of the industry's way of trying to take some of that offensive mentality, but then apply it on the defensive side. >> Dave: It just acts like kind of Navy Seal operations in security. >> Right, right, yeah. I mean the challenge is there's a finite set of people in the world that really, truly have that level of tradecraft so the question is, how do you actually deliver that at any level of scale that can make a difference across this broader industry. >> So it's the quantity of those skill sets, and they always say that the amazing thing, again I come back to Stuxnet, was that the code was perfect. >> Brad: Yeah. >> The antivirus guy said, "We've never seen anything like that where the code is just perfect." And you're saying it's just a quantity of skills that enables that, that's how you know it's nation-state, obviously, something like that. >> Yeah, I mean the level of expertise, the skill set, the time it take to be able to mature that tradecraft is many many years, and so I think that when we can crack the bubble of how we can take that expertise, deliver it in a defensive way to provide unique insights that, and do that at scale because just taking one of those folks into an organization doesn't help the whole, right? How can you actually kind of operationalize that to be able to deliver that treadecraft through things like analytics as a service, through manage, detection, and response, at scale so that one person can influence many many organizations at one time. >> And, just before we go, so cyber foresight is available today, it's something you're going to market with. >> Yeah, we just partnered with Splunk, it's available as a part of Splunk ES, it's an add-on, and it provides our analysts the ability to provide insights and be able to operationalize that within Splunk, we're super excited about it and it's been a great partnership with Splunk and their ES team. >> Dave: So you guys are going to market together on this one. >> We are partnered, we're going to market together, and delivering the best of our tradecraft and our intelligence analysts with their platform and product. >> Dave: Alright, good luck with it. >> Hey, thank you, thank you very much, guys. >> Good pair, that's for sure, yeah. Thank you, Brad, for being with us here, and Monday night, let's see how it goes, right? >> Yeah, I'm optimistic. >> Very good, alright. Coach Brad Medairy joining us with his rundown on what's happening at Booz Allen. Back with more here on theCube, you're watching live .conf 2017.

(upbeat music) >> Announcer: From theCUBE studios in Palo Alto in Boston connecting with thought leaders all around the world, this is theCUBE Conversation. >> Well, welcome to theCUBE Conversation here in theCUBE studios in Palo Alto, California. I'm John Furrier, your host. Got a great conversation with two great guests, going to explore the edge, what it means in terms of commercial, but also national security. And as the world goes digital, we're going to have that deep dive conversation around how it's all transforming. We've got Ki Lee, Vice President of Booz Allen's Digital Business. Ki, great to have you. John Pisano, Principal at Booz Allen's Digital Cloud Solutions. Gentlemen, thanks for coming on. >> And thanks for having us, John. >> So one of the most hottest topics, obviously besides cloud computing having the most refactoring impact on business and government and public sector has been the next phase of cloud growth and cloud scale, and that's really modern applications and consumer, and then here for national security and for governments here in the U.S. is military impact. And as digital transformation starts to go to the next level, you're starting to see the architectures emerge where the edge, the IoT edge, the industrial IoT edge, or any kind of edge concept, 5G is exploding, making that much more of a dense, more throughput for connectivity with wireless. You got Amazon with Snowball, Snowmobile, all kinds of ways to deploy technology, that's IT like and operational technologies. It's causing quite a cloud operational opportunity and disruption, so I want to get into it. Ki, let's start with you. I mean, we're looking at an architecture that's changing both commercial and public sector with the edge. What are the key considerations that you guys see as people have to really move fast in this new architecture of digital? >> Yeah, John, I think it's a great question. And if I could just share our observation on why we even started investing in edge. You mentioned the cloud, but as we've reflected upon kind of the history of IT, then you take a look from mainframes to desktops to servers to cloud to mobile and now IoT, what we observed was that industry investing in infrastructure led to kind of an evolution of IT, right? So as you mentioned, with industry spending billions on IoT and edge, we just feel that that's going to be the next evolution. If you take a look at, you mentioned 5G, I think 5G will be certainly an accelerator to edge because of the resilience, the lower latency and so forth. But taking a look at what's happening in space, you mentioned space earlier as well, right, and what Starlink is doing by putting satellites to actually provide transport into the space, we're thinking that that actually is going to be the next ubiquitous thing. Once transport becomes ubiquitous, just like cloud allows storage to be ubiquitous. We think that the next generation internet will be space-based. So when you think about it, connected, it won't be connected servers per se, it will be connected devices. >> John: Yeah, yeah. >> That's kind of some of the observations and why we've been really focusing on investing in edge. >> I want to come back to that piece around space and edge and bring it from a commercial and then also tactical architecture in a minute 'cause there's a lot to unpack there, role of open source, modern application development, software and hardware supply chains, all are core issues that are going to emerge. But I want to get with John real quick on cloud impact, because you think about 5G and the future of work or future of play, you've got people, right? So whether you're at a large concert like Coachella or a 49ers or Patriots game or Redskins game if you're in the D.C. area, you got people there, of congestion, and now you got devices now serving those people. And that's their play, people at work, whether it's a military operation, and you've got work, play, tactical edge things. How is cloud connecting? 'Cause this is like the edge has never been kind of an IT thing. It's been more of a bandwidth or either telco or something else operationally. What's the cloud at scale, cloud operations impact? >> Yeah, so if you think about how these systems are architected and you think about those considerations that Ki kind of touched on, a lot of what you have to think about now is what aspects of the application reside in the cloud, where you tend to be less constrained. And then how do you architect that application to move out towards the edge, right? So how do I tier my application? Ultimately, how do I move data and applications around the ecosystem? How do I need to evolve where my application stages things and how that data and those apps are moved to each of those different tiers? So when we build a lot of applications, especially if they're in the cloud, they're built with some of those common considerations of elasticity, scalability, all those things; whereas when you talk about congestion and disconnected operations, you lose a lot of those characteristics, and you have to kind of rethink that. >> Ki, let's get into the aspect you brought up, which is space. And then I was mentioning the tactical edge from a military standpoint. These are use cases of deployments, and in fact, this is how people have to work now. So you've got the future of work or play, and now you've got the situational deployments, whether it's a new tower of next to a stadium. We've all been at a game or somewhere or a concert where we only got five bars and no connectivity. So we know what that means. So now you have people congregating in work or play, and now you have a tactical deployment. What's the key things that you're seeing that it's going to help make that better? Are there any breakthroughs that you see that are possible? What's going on in your view? >> Yeah, I mean, I think what's enabling all of this, again, one is transport, right? So whether it's 5G to increase the speed and decrease the latency, whether it's things like Starlink with making transport and comms ubiquitous, that tied with the fact that ships continue to get smaller and faster, right? And when you're thinking about tactical edge, those devices have limited size, weight, power conditions and constraints. And so the software that goes on them has to be just as lightweight. And that's why we've actually partnered with SUSE and what they've done with K3s to do that. So I think those are some of the enabling technologies out there. John, as you've kind of alluded to it, there are additional challenges as we think about it. We're not, it's not a simple transition and monetization here, but again, we think that this will be the next major disruption. >> What do you guys think, John, if you don't mind weighing in too on this as modern application development happens, we just were covering CloudNativeCon and KubeCon, DockerCon, containers are very popular. Kubernetes is becoming super great. As you look at the telco landscape where we're kind of converging this edge, it has to be commercially enterprise grade. It has to have that transit and transport that's intelligent and all these new things. How does open source fit into all this? Because we're seeing open source becoming very reliable, more people are contributing to open source. How does that impact the edge in your opinion? >> So from my perspective, I think it's helping accelerate things that traditionally maybe may have been stuck in the traditional proprietary software confines. So within our mindset at Booz Allen, we were very focused on open architecture, open based systems, which open source obviously is an aspect of that. So how do you create systems that can easily interface with each other to exchange data, and how do you leverage tools that are available in the open source community to do that? So containerization is a big drive that is really going throughout the open source community. And there's just a number of other tools, whether it's tools that are used to provide basic services like how do I move code through a pipeline all the way through? How do I do just basic hardening and security checking of my capabilities? Historically, those have tend to be closed source type apps, whereas today you've got a very broad community that's able to very quickly provide and develop capabilities and push it out to a community that then continues to adapt and add to it or grow that library of stuff. >> Yeah, and then we've got trends like Open RAN. I saw some Ground Station for the AWS. You're starting to see Starlink, you mentioned. You're bringing connectivity to the masses. What is that going to do for operators? Because remember, security is a huge issue. We talk about security all the time. Where does that kind of come in? Because now you're really OT, which has been very purpose-built kind devices in the old IoT world. As the new IoT and the edge develop, you're going to need to have intelligence. You're going to be data-driven. There is an open source impact key. So, how, if I'm a senior executive, how do I get my arms around this? I really need to think this through because the security risks alone could be more penetration areas, more surface area. >> Right. That's a great question. And let me just address kind of the value to the clients and the end users in the digital battlefield as our warriors to increase survivability and lethality. At the end of the day from a mission perspective, we know we believe that time's a weapon. So reducing any latency in that kind of observe, orient, decide, act OODA loop is value to the war fighter. In terms of your question on how to think about this, John, you're spot on. I mean, as I've mentioned before, there are various different challenges, one, being the cyber aspect of it. We are absolutely going to be increasing our attack surface when you think about putting processing on edge devices. There are other factors too, non-technical that we've been thinking about s we've tried to kind of engender and kind of move to this kind of edge open ecosystem where we can kind of plug and play, reuse, all kind of taking the same concepts of the open-source community and open architectures. But other things that we've considered, one, workforce. As you mentioned before, when you think about these embedded systems and so forth, there aren't that many embedded engineers out there. But there is a workforce that are digital and software engineers that are trained. So how do we actually create an abstraction layer that we can leverage that workforce and not be limited by some of the constraints of the embedded engineers out there? The other thing is what we've, in talking with several colleagues, clients, partners, what people aren't thinking about is actually when you start putting software on these edge devices in the billions, the total cost of ownership. How do you maintain an enterprise that potentially consists of billions of devices? So extending the standard kind of DevSecOps that we move to automate CI/CD to a cloud, how do we move it from cloud to jet? That's kind of what we say. How do we move DevSecOps to automate secure containers all the way to the edge devices to mitigate some of those total cost of ownership challenges. >> It's interesting, as you have software defined, this embedded system discussion is hugely relevant and important because when you have software defined, you've got to be faster in the deployment of these devices. You need security, 'cause remember, supply chain on the hardware side and software in that too. >> Absolutely. >> So if you're going to have a serviceability model where you have to shift left, as they say, you got to be at the point of CI/CD flows, you need to be having security at the time of coding. So all these paradigms are new in Day-2 operations. I call it Day-0 operations 'cause it should be in everyday too. >> Yep. Absolutely. >> But you've got to service these things. So software supply chain becomes a very interesting conversation. It's a new one that we're having on theCUBE and in the industry Software supply chain is a superly relevant important topic because now you've got to interface it, not just with other software, but hardware. How do you service devices in space? You can't send a break/fix person in space. (chuckles) Maybe you will soon, but again, this brings up a whole set of issues. >> No, so I think it's certainly, I don't think anyone has the answers. We sure don't have all the answers but we're very optimistic. If you take a look at what's going on within the U.S. Air Force and what the Chief Software Officer Nic Chaillan and his team, and we're a supporter of this and a plankowner of Platform One. They were ahead of the curve in kind of commoditizing some of these DevSecOps principles in partnership with the DoD CIO and that shift left concept. They've got a certified and accredited platform that provides that DevSecOps. They have an entire repository in the Iron Bank that allows for hardened containers and reciprocity. All those things are value to the mission and around the edge because those are all accelerators. I think there's an opportunity to leverage industry kind of best practices as well and patterns there. You kind of touched upon this, John, but these devices honestly just become firmware. The software is just, if the devices themselves just become firmware , you can just put over the wire updates onto them. So I'm optimistic. I think all the piece parts are taking place across industry and in the government. And I think we're primed to kind of move into this next evolution. >> Yeah. And it's also some collaboration. What I like about, why I'm bringing up the open source angle and I think this is where I think the major focus will shift to, and I want to get your reaction to it is because open source is seeing a lot more collaboration. You mentioned some of the embedded devices. Some people are saying, this is the weakest link in the supply chain, and it can be shored up pretty quickly. But there's other data, other collective intelligence that you can get from sharing data, for instance, which hasn't really been a best practice in the cybersecurity industry. So now open source, it's all been about sharing, right? So you got the confluence of these worlds colliding, all aspects of culture and Dev and Sec and Ops and engineering all coming together. John, what's your reaction to that? Because this is a big topic. >> Yeah, so it's providing a level of transparency that historically we've not seen, right? So in that community, having those pipelines, the results of what's coming out of it, it's allowing anyone in that life cycle or that supply chain to look at it, see the state of it, and make a decision on, is this a risk I'm willing to take or not? Or am I willing to invest and personally contribute back to the community to address that because it's important to me and it's likely going to be important to some of the others that are using it? So I think it's critical, and it's enabling that acceleration and shift that I talked about, that now that everybody can see it, look inside of it, understand the state of it, contribute to it, it's allowing us to break down some of the barriers that Ki talked about. And it reinforces that excitement that we're seeing now. That community is enabling us to move faster and do things that maybe historically we've not been able to do. >> Ki, I'd love to get your thoughts. You mentioned battlefield, and I've been covering a lot of the tactical edge around the DOD's work. You mentioned about the military on the Air Force side, Platform One, I believe, was from the Air Force work that they've done, all cloud native kind of directions. But when you talk about a war field, you talk about connectivity. I mean, who controls the DNS in Taiwan, or who controls the DNS in Korea? I mean, we have to deploy, you've got to stand up infrastructure. How about agility? I mean, tactical command and control operations, this has got to be really well done. So this is not a trivial thing. >> No. >> How are you seeing this translate into the edge innovation area? (laughs) >> It's certainly not a trivial thing, but I think, again, I'm encouraged by how government and industry are partnering up. There's a vision set around this joint all domain command control, JADC2. And then all the services are getting behind that, are looking into that, and this vision of this military, internet of military things. And I think the key thing there, John, as you mentioned, it's not just the connected of the sensors, which requires the transport again, but also they have to be interoperable. So you can have a bunch of sensors and platforms out there, they may be connected, but if they can't speak to one another in a common language, that kind of defeats the purpose and the mission value of that sensor or shooter kind of paradigm that we've been striving for for ages. So you're right on. I mean, this is not a trivial thing, but I think over history we've learned quite a bit. Technology and innovation is happening at just an amazing rate where things are coming out in months as opposed to decades as before. I agree, not trivial, but again, I think there are all the piece parts in place and being put into place. >> I think you mentioned earlier that the personnel, the people, the engineers that are out there, not enough, more of them coming in. I think now the appetite and the provocative nature of this shift in tech is going to attract a lot of people because the old adage is these are hard problems attracts great people. You got in new engineering, SRE like scale engineering. You have software development, that's changing, becoming much more robust and more science-driven. You don't have to be just a coder as a software engineer. You could be coming at it from any angle. So there's a lot more opportunities from a personnel standpoint now to attract great people, and there's real hard problems to solve, not just security. >> Absolutely. Definitely. I agree with that 100%. I would also contest that it's an opportunity for innovators. We've been thinking about this for some time, and we think there's absolute value from various different use cases that we've identified, digital battlefield, force protection, disaster recovery, and so forth. But there are use cases that we probably haven't even thought about, even from a commercial perspective. So I think there's going to be an opportunity just like the internet back in the mid '90s for us to kind of innovate based on this new kind of edge environment. >> It's a revolution. New leadership, new brands are going to emerge, new paradigms, new workflows, new operations, clearly great stuff. I want to thank you guys for coming on. I also want to thank Rancher Labs for sponsoring this conversation. Without their support, we wouldn't be here. And now they were acquired by SUSE. We've covered their event with theCUBE virtual last year. What's the connection with those guys? Can you guys take a minute to explain the relationship with SUSE and Rancher? >> Yeah. So it's actually it's fortuitous. And I think we just, we got lucky. There's two overall aspects of it. First of all, we are both, we partner on the Platform One basic ordering agreement. So just there we had a common mentality of DevSecOps. And so there was a good partnership there, but then when we thought about we're engaging it from an edge perspective, the K3s, right? I mean, they're a leader from a container perspective obviously, but the fact that they are innovators around K3s to reduce that software footprint, which is required on these edge devices, we kind of got a twofer there in that partnership. >> John, any comment on your end? >> Yeah, I would just amplify, the K3s aspects in leveraging the containers, a lot of what we've seen success in when you look at what's going on, especially on that tactical edge around enabling capabilities, containers, and the portability it provides makes it very easy for us to interface and integrate a lot of different sensors to close the OODA loop to whoever is wearing or operating that a piece of equipment that the software is running on. >> Awesome, I'd love to continue the conversation on space and the edge and super great conversation to have you guys on. Really appreciate it. I do want to ask you guys about the innovation and the opportunities of this new shift that's happening as the next big thing is coming quickly. And it's here on us and that's cloud, I call it cloud 2.0, the cloud scale, modern software development environment, edge with 5G changing the game. Ki, I completely agree with you. And I think this is where people are focusing their attention from startups to companies that are transforming and re-pivoting or refactoring their existing assets to be positioned. And you're starting to see clear winners and losers. There's a pattern emerging. You got to be in the cloud, you got to be leveraging data, you got to be horizontally scalable, but you got to have AI machine learning in there with modern software practices that are secure. That's the playbook. Some people are making it. Some people are not getting there. So I'd ask you guys, as telcos become super important and the ability to be a telco now, we just mentioned standing up a tactical edge, for instance. Launching a satellite, a couple of hundred K, you can launch a CubeSat. That could be good and bad. So the telco business is changing radically. Cloud, telco cloud is emerging as an edge phenomenon with 5G, certainly business commercial benefits more than consumer. How do you guys see the innovation and disruption happening with telco? >> As we think through cloud to edge, one thing that we realize, because our definition of edge, John, was actually at the point of data collection on the sensor themselves. Others' definition of edge is we're a little bit further back, what we call it the edge of the IT enterprise. But as we look at this, we realize that you needed this kind of multi echelon environment from your cloud to your tactical clouds where you can do some processing and then at the edge of themselves. Really at the end of the day, it's all about, I think, data, right? I mean, everything we're talking about, it's still all about the data, right? The AI needs the data, the telco is transporting the data. And so I think if you think about it from a data perspective in relationship to the telcos, one, edge will actually enable a very different paradigm and a distributed paradigm for data processing. So, hey, instead of bringing the data to some central cloud which takes bandwidth off your telcos, push the products to the data. So mitigate what's actually being sent over those telco lines to increase the efficiencies of them. So I think at the end of the day, the telcos are going to have a pretty big component to this, even from space down to ground station, how that works. So the network of these telcos, I think, are just going to expand. >> John, what's your perspective? I mean, startups are coming out. The scalability, speed of innovation is a big factor. The old telco days had, I mean, months and years, new towers go up and now you got a backbone. It's kind of a slow glacier pace. Now it's under siege with rapid innovation. >> Yeah, so I definitely echo the sentiments that Ki would have, but I would also, if we go back and think about the digital battle space and what we've talked about, faster speeds being available in places it's not been before is great. However, when you think about facing an adversary that's a near-peer threat, the first thing they're going to do is make it contested, congested, and you have to be able to survive. While yes, the pace of innovation is absolutely pushing comms to places we've not had it before, we have to be mindful to not get complacent and over-rely on it, assuming it'll always be there. 'Cause I know in my experience wearing the uniform, and even if I'm up against an adversary, that's the first thing I'm going to do is I'm going to do whatever I can to disrupt your ability to communicate. So how do you take it down to that lowest level and still make that squad, the platoon, whatever that structure is, continue survivable and lethal. So that's something I think, as we look at the innovations, we need to be mindful of that. So when I talk about how do you architect it? What services do you use? Those are all those things that you have to think about. What if I lose it at this echelon? How do I continue the mission? >> Yeah, it's interesting. And if you look at how companies have been procuring and consuming technology, Ki, it's been like siloed. "Okay, we've got a workplace workforce project, and we have the tactical edge, and we have the siloed IT solution," when really work and play, whether it's work here in John's example, is the war fighter. And so his concern is safety, his life and protection. >> Yeah. >> The other department has to manage the comms, (laughs) and so they have to have countermeasures and contingencies ready to go. So all this is, they all integrate it now. It's not like one department. It's like it's together. >> Yeah. John, I love what you just said. I mean, we have to get away from this siloed thinking not only within a single organization, but across the enterprise. From a digital battlefield perspective, it's a joint fight, so even across these enterprise of enterprises, So I think you're spot on. We have to look horizontally. We have to integrate, we have to inter-operate, and by doing that, that's where the innovation is also going to be accelerated too, not reinventing the wheel. >> Yeah, and I think the infrastructure edge is so key. It's going to be very interesting to see how the existing incumbents can handle themselves. Obviously the towers are important. 5G obviously, that's more deployments, not as centralized in terms of the spectrum. It's more dense. It's going to create more connectivity options. How do you guys see that impacting? Because certainly more gear, like obviously not the centralized tower, from a backhaul standpoint but now the edge, the radios themselves, the wireless transit is key. That's the real edge here. How do you guys see that evolving? >> We're seeing a lot of innovations actually through small companies who are really focused on very specific niche problems. I think it's a great starting point because what they're doing is showing the art of the possible. Because again, we're in a different environment now. There's different rules. There's different capabilities. But then we're also seeing, you mentioned earlier on, some of the larger companies, the Amazons, the Microsofts, also investing as well. So I think the merge of the, you know, or the unconstrained or the possible by these small companies that are just kind of driving innovations supported by the maturity and the heft of these large companies who are building out these hardened kind of capabilities, they're going to converge at some point. And that's where I think we're going to get further innovation. >> Well, I really appreciate you guys taking the time. Final question for you guys, as people are watching this, a lot of smart executives and teams are coming together to kind of put the battle plans together for their companies as they transition from old to this new way, which is clearly cloud-scale, role of data. We hit out all the key points I think here. As they start to think about architecture and how they deploy their resources, this becomes now the new boardroom conversation that trickles down and includes everyone, including the developers. The developers are now going to be on the front lines. Mid-level managers are going to be integrated in as well. It's a group conversation. What are some of the advice that you would give to folks who are in this mode of planning architecture, trying to be positioned to come out of this pandemic with a massive growth opportunity and to be on the right side of history? What's your advice? >> It's such a great question. So I think you touched upon it. One is take the holistic approach. You mentioned architectures a couple of times, and I think that's critical. Understanding how your edge architectures will let you connect with your cloud architecture so that they're not disjointed, they're not siloed. They're interoperable, they integrate. So you're taking that enterprise approach. I think the second thing is be patient. It took us some time to really kind of, and we've been looking at this for about three years now. And we were very intentional in assessing the landscape, how people were discussing around edge and kind of pulling that all together. But it took us some time to even figure it out, hey, what are the use cases? How can we actually apply this and get some ROI and value out for our clients? So being a little bit patient in thinking through kind of how we can leverage this and potentially be a disruptor. >> John, your thoughts on advice to people watching as they try to put the right plans together to be positioned and not foreclose any future value. >> Yeah, absolutely. So in addition to the points that Ki raised, I would, number one, amplify the fact of recognize that you're going to have a hybrid environment of legacy and modern capabilities. And in addition to thinking open architectures and whatnot, think about your culture, the people, your processes, your techniques and whatnot, and your governance. How do you make decisions when it needs to be closed versus open? Where do you invest in the workforce? What decisions are you going to make in your architecture that drive that hybrid world that you're going to live in? All those recipes, patience, open, all that, that I think we often overlook the cultural people aspect of upskilling. This is a very different way of thinking on modern software delivery. How do you go through this lifecycle? How's security embedded? So making sure that's part of that boardroom conversation I think is key. >> John Pisano, Principal at Booz Allen Digital Cloud Solutions, thanks for sharing that great insight. Ki Lee, Vice President at Booz Allen Digital Business. Gentlemen, great conversation. Thanks for that insight. And I think people watching are going to probably learn a lot on how to evaluate startups to how they put their architecture together. So I really appreciate the insight and commentary. >> Thank you. >> Thank you, John. >> Okay. I'm John Furrier. This is theCUBE Conversation. Thanks for watching. (upbeat music)

>>and hello, we're back. I've got my panel and we are doing things real time here. So sorry for the delay a few minutes late. So the way let's talk about things, the reason we're here and we're going around the room and introduce everybody. Got three special guests here. I got my evil or my john and the normal And we're going to talk about get ops I called it future office just because I want to think about what's the next thing for that at the end, we're gonna talk about what our ideas for what's next for getups, right? Um, because we're all starting to just get into get ups now. But of course a lot of us are always thinking about what's next? What's better? How can we make this thing better? So we're going to take your questions. That's the reason we're here, is to take your questions and answer them. Or at least the best we can for the next hour. And all right, so let's go around the room and introduce yourself. My name is Brett. I am streaming from Brett from that. From Brett. From Virginia Beach in Virginia beach, Virginia, United States. Um, and I talk about things on the internet, I sell courses on you, to me that talk about Docker and kubernetes Ive or introduce yourself. >>How's it going? Everyone, I'm a software engineer at axel Springer, currently based in Berlin and I happen to be Brett Brett's teaching assistant. >>All right, that's right. We're in, we're in our courses together almost every day. Mm john >>hey everyone, my name is john Harris, I used to work at Dhaka um, I now work at VM ware is a star field engineer. Um, so yeah, >>and normal >>awesome by the way, you are streaming from Brett Brett, >>I answered from breath to breath. >>Um I'm normal method. I'm a distinguished engineer with booz allen and I'm also a doctor captain and it's good to see either in person and it's good to see you again john it's been a little while. >>It has the pre covid times, right? You're up here in Seattle. >>Yeah. It feels, it feels like an eternity ago. >>Yeah, john shirt looks red and reminds me of the Austin T shirt. So I was like, yeah, so we all, we all have like this old limited edition doctor on E. >>T. That's a, that's a classic. >>Yeah, I scored that one last year. Sometimes with these old conference church, you have to like go into people's closets. I'm not saying I did that. Um, but you know, you have to go steal stuff, you to find ways to get the swag >>post post covid. If you ever come to my place, I'm going to have to lock the closets. That >>that's right, That's right. >>So the second I think it was the second floor of the doctor HQ in SAn Francisco was where they kept all the T shirts, just boxes and boxes and boxes floor to ceiling. So every time I went to HQ you just you just as many as you can fit in your luggage. I think I have about 10 of these. You >>bring an extra piece of luggage just for your your shirt shirt grab. Um All right, so I'm going to start scanning questions uh so that you don't have to you can you help you all are welcome to do that. And I'm going to start us off with the topic. Um So let's just define the parameters. Like we can talk about anything devops and here we can go down and plenty of rabbit holes. But the kind of, the goal here is to talk about get ups and get ups if you haven't heard about it is essentially uh using versioning systems like get like we've all been getting used to as developers to track your infrastructure changes, not just your code changes and then automate that with a bunch of tooling so that the robots take over. And essentially you have get as a central source of truth and then get log as a central source of history and then there's a bunch of magic little bits in the middle and then supposedly everything is wonderful. It's all automatic. The reality is is what it's often quite messy, quite tricky to get everything working. And uh the edges of this are not perfect. Um so it is a relatively new thing. It's probably three, maybe four years old as an official thing from. We've uh so we're gonna get into it and I'll let's go around the room and the same word we did before and um not to push on that, put you on the spot or anything. But what is, what is one of the things you either like or either hate about getups um that you've enjoyed either using it or you know, whatever for me. I really, I really love that I can point people to a repo that basically is hopefully if they look at the log a tracking, simplistic tracking of what might have changed in that part of the world or the environment. I remember many years past where, you know, I've had executive or some mid level manager wants to see what the changes were or someone outside my team went to see what we just changed. It was okay, they need access to this system into that dashboard and that spreadsheet and then this thing and it was always so complicated and now in a world where if we're using get up orbit bucket or whatever where you can just say, hey go look at that repo if there was three commits today, probably three changes happened. That's I love that particular part about it. Of course it's always more complicated than that. But um Ive or I know you've been getting into this stuff recently. So um any thoughts? Yeah, I think >>my favorite part about get ops is >>reproducibility. Um >>you know the ability to just test something and get it up and running >>and then just tear it down. >>Uh not >>being worried that how did I configure it the first time? I think that's my favorite part about >>it. I'm changing your background as we do this. >>I was going to say, did you just do it get ups pushed to like change his >>background, just a dialogue that different for that green screen equals false? Uh Change the background. Yeah, I mean, um and I mean I think last year was really my first year of actually using it on anything significant, like a real project. Um so I'm still, I still feel like I'm very new to john you anything. >>Yeah, it's weird getups is that thing which kind of crystallizes maybe better than anything else, the grizzled veteran life cycle of emotions with the technology because I think it's easy to get super excited about something new. And when I first looked into get up, so I think this is even before it was probably called getups, we were looking at like how to use guest source of truth, like everything sounds great, right? You're like, wait, get everyone knows, get gets the source of truth, There's a load of robust tooling. This just makes a sense. If everything dies, we can just apply the get again, that would be great. Um and then you go through like the trough of despair, right? We're like, oh no, none of this works. The application is super stateless if this doesn't work and what do we do with secrets and how do we do this? Like how do we get people access in the right place and then you realize everything is terrible again and then everything it equalizes and you're kind of, I think, you know, it sounds great on paper and they were absolutely fantastic things about it, but I think just having that measured approach to it, like it's, you know, I think when you put it best in the beginning where you do a and then there's a magic and then you get C. Right, like it's the magic, which is >>the magic is the mystery, >>right? >>Magic can be good and bad and in text so >>very much so yeah, so um concurrence with with john and ever uh in terms of what I like about it is the potential to apply it to moving security to left and getting closer to a more stable infrastructures code with respect to the whole entire environment. Um And uh and that reconciliation loop, it reminds me of what, what is old is new again? Right? Well, quote unquote old um in terms of like chef and puppet and that the reconciliation loop applied in a in a more uh in a cleaner interface and and into the infrastructure that we're kind of used to already, once you start really digging into kubernetes what I don't like and just this is in concurrence with the other Panelist is it's relatively new. It has um, so it has a learning curve and it's still being, you know, it's a very active um environment and community and that means that things are changing and constantly and there's like new ways and new patterns as people are exploring how to use it. And I think that trough of despair is typically figuring out incrementally what it actually is doing for you and what it's not going to solve for you, right, john, so like that's that trough of despair for a bit and then you realize, okay, this is where it fits potentially in my architecture and like anything, you have to make that trade off and you have to make that decision and accept the trade offs for that. But I think it has a lot of promise for, for compliance and security and all that good stuff. >>Yeah. It's like it's like the potentials, there's still a lot more potential than there is uh reality right now. I think it's like I feel like we're very early days and the idea of especially when you start getting into tooling that doesn't appreciate getups like you're using to get up to and use something else and that tool has no awareness of the concept so it doesn't flow well with all of the things you're trying to do and get um uh things that aren't state based and all that. So this is going to lead me to our first question from Camden asking dumb questions by the way. No dumb questions here. Um How is get apps? Not just another name for C. D. Anybody want to take that as an answer as a question. How is get up is not just another name for C. D. I have things but we can talk about it. I >>feel like we need victor foster kids. Yeah, sure you would have opinions. Yeah, >>I think it's a very yeah. One person replied said it's a very specific it's an opinionated version of cd. That's a great that's a great answer like that. Yeah. >>It's like an implement. Its it's an implementation of deployment if you want it if you want to use it for that. All right. I realize now it's kind of hard in terms of a physical panel and a virtual panel to figure out who on the panel is gonna, you know, ready to jump in to answer a question. But I'll take it. So um I'll um I'll do my best inner victor and say, you know, it's it's an implementation of C. D. And it's it's a choice right? It's one can just still do docker build and darker pushes and doctor pulls and that's fine. Or use other technologies to deploy containers and pods and change your, your kubernetes infrastructure. But get apps is a different implementation, a different method of doing that same thing at the end of the day. Yeah, >>I like it. I like >>it and I think that goes back to your point about, you know, it's kind of early days still, I think to me what I like about getups in that respect is it's nice to see kubernetes become a platform where people are experimenting with different ways of doing things, right? And so I think that encourages like lots of different patterns and overall that's going to be a good thing for the community because then more, you know, and not everything needs to settle in terms of only one way of doing things, but a lot of different ways of doing things helps people fit, you know, the tooling to their needs, or helps fit kubernetes to their needs, etcetera. Yeah, >>um I agree with that, the, so I'm gonna, since we're getting a load of good questions, so um one of the, one of the, one of the, I want to add to that real quick that one of the uh from the, we've people themselves, because I've had some on the show and one of things that I look at it is distinguishing is with continuous deployment tools, I sort of think that it's almost like previous generation and uh continuous deployment tools can be anything like we would consider Jenkins cd, right, if you if you had an association to a server and do a doctor pull and you know, dr up or dr composed up rather, or if it did a cube control apply uh from you know inside an ssh tunnel or something like that was considered considered C. D. Well get ops is much more rigid I think in terms of um you you need to apply, you have a specific repo that's all about your deployments and because of what tool you're using and that one your commit to a specific repo or in a specific branch that repo depends on how you're setting it up. That is what kicks off a workflow. And then secondly there's an understanding of state. So a lot of these tools now I have uh reconciliation where they they look at the cluster and if things are changing they will actually go back and to get and the robots will take over and will commit that. Hey this thing has changed um and you maybe you human didn't change it, something else might have changed it. So I think that's where getups is approaching it, is that ah we we need to we need to consider more than just a couple of commands that be runnin in a script. Like there needs to be more than that for a getups repo to happen anyway, that's just kind of the the take back to take away I took from a previous conversation with some people um >>we've I don't think that lost, its the last piece is really important, right? I think like for me, C d like Ci cd, they're more philosophical ideas, write a set of principles, right? Like getting an idea or a code change to environments promoting it. It's very kind of pipeline driven um and it's very imperative driven, right? Like our existing CD tools are a lot of the ways that people think about Cd, it would be triggered by an event, maybe a code push and then these other things are happening in sequence until they either fail or pass, right? And then we're done. Getups is very much sitting on the, you know, the reconciliation side, it's changing to a pull based model of reconciliation, right? Like it's very declarative, it's just looking at the state and it's automatically pulling changes when they happen, rather than this imperative trigger driven model. That's not to say that there aren't city tools which we're doing pull based or you can do pull based or get ups is doing anything creatively revolutionary here, but I think that's one of the main things that the ideas that are being introduced into those, like existing C kind of tools and pipelines, um certainly the pull based model and the reconciliation model, which, you know, has a lot in common with kubernetes and how those kind of controllers work, but I think that's the key idea. Yeah. >>Um This is a pretty specific one Tory asks, does anyone have opinions about get ops in a mono repo this is like this is getting into religion a little bit. How many repos are too many repose? How um any thoughts on that? Anyone before I rant, >>go >>for it, go for it? >>Yeah. How I'm using it right now in a monitor repo uh So I'm using GIT hub. Right, so you have what? The workflow and then inside a workflow? Yeah, mo file, I'll >>track the >>actual changes to the workflow itself, as well as a folder, which is basically some sort of service in Amman Arepa, so if any of those things changes, it'll trigger the actual pipeline to run. So that's like the simplest thing that I could figure out how to, you know, get it set up using um get hubs, uh workflow path future. Yeah. And it's worked for me for writing, you know? That's Yeah. >>Yeah, the a lot of these things too, like the mono repo discussion will, it's very tool specific. Each tool has various levels of support for branch branching and different repos and subdirectories are are looking at the defense and to see if there's changes in that specific directory. Yeah. Sorry, um john you're going to say something, >>I was just going to say, I've never really done it, but I imagine the same kind of downsides of mono repo to multiple report would exist there. I mean, you've got the blast radius issues, you've got, you know, how big is the mono repo? Do we have to pull does the tool have to pull that or cashier every time it needs to determine def so what is the support for being able to just look at directories versus you know, I think we can get way down into a deeper conversation. Maybe we'll save it for later on in the conversation about what we're doing. Get up, how do we structure our get reposed? We have super granular repo per environment, Perper out reaper, per cluster repo per whatever or do we have directories per environment or branches per environment? How how is everything organized? I think it's you know, it's going to be one of those, there's never one size fits all. I'll give the class of consultant like it depends answer. Right? >>Yeah, for sure. It's very similar to the code struggle because it depends. >>Right? >>Uh Yeah, it's similar to the to the code problem of teams trying to figure out how many repose for their code. Should they micro service, should they? Semi micro service, macro service. Like I mean, you know because too many repose means you're doing a bunch of repo management, a bunch of changes on your local system, you're constantly get pulling all these different things and uh but if you have one big repo then it's it's a it's a huge monolithic thing that you usually have to deal with. Path based issues of tools that only need to look at a specific directory and um yeah, it's a it's a culture, I feel like yeah, like I keep going back to this, it's a culture thing. Does your what is your team prefer? What do you like? What um what's painful for everyone and who's what's the loudest pain that you need to deal with? Is it is it repo management? That's the pain um or is it uh you know, is that that everyone's in one place and it's really hard to keep too many cooks out of the kitchen, which is a mono repo problem, you know? Um How do we handle security? So this is a great one from Tory again. Another great question back to back. And that's the first time we've done that um security as it pertains to get up to anyone who can commit can change the infrastructure. Yes. >>Yes. So the tooling that you have for your GIT repo and the authentication, authorization and permissions that you apply to the GIT repo using a get server like GIT hub or get lab or whatever your flavor of the day is is going to be how security is handled with respect to changes in your get ups configuration repository. So um that is completely specific to your implementation of that or ones implementation of of how they're handling that. Get repositories that the get ups tooling is looking at. To reconcile changes with respect to the permissions of the for lack of better term robot itself. Right? They get up tooling like flux or Argosy. D Um one kid would would create a user or a service account or uh other kind of authentication measures to limit the permissions for that service account that the Gaddafi's tooling needs to be able to read the repose and and send commits etcetera. So that is well within the realm of what you have already for your for your get your get um repo. Yeah. >>Yeah. A related question is from a g what they like about get apps if done nicely for a newbie it's you can get stuff done easily if you what they dislike about it is when you have too many get repose it becomes just too complicated and I agree. Um was making a joke with a team the other week that you know the developer used to just make one commit and they would pass pass it on to a QA team that would then eventually emerging in the master. But they made the commits to these feature branches or whatever. But now they make a commit, they make a pR there for their code then they go make a PR in the helm chart to update the thing to do that and then they go make a PR in the get ups repeal for Argo. And so we talked about that they're probably like four or five P. R. Is just to get their code in the production. But we were talking about the negative of that but the reality was It's just five or 4 or five prs like it wasn't five different systems that had five different methodologies and tooling and that. So I looked at it I was like well yeah that's kind of a pain in the get sense but you're also dealing with one type. It's a repetitive action but it's it's the one thing I don't have to go to five different systems with five different ways of doing it. And once in the web and one's on the client wants a command line that I don't remember. Um Yeah so it's got pros and cons I think when you >>I think when you get to the scale where those kind of issues are a problem then you're probably at the scale where you can afford to invest some time into automation into that. Right? Like what I've when I've seen this in larger customers or larger organizations if there ever at that stage where okay apps are coming up all the time. You know, there's a 10 X 100 X developer to operations folks who may be creating get repose setting up permissions then that stuff gets automated, right? Like, you know, maybe ticket based systems or whatever. Developers say I need a new app. It templates things or more often using the same model, right of reconciliation and operators and the horrific abuse of cogs that we're seeing in the communities community right now. Um You know, developers can create a crd which just says, hey, I'm creating a new app is called app A and then a controller will pick up that app a definition. It will go create a get a repo Programmatically it will add the right definitely will look up and held up the developers and the permissions that need to be able to get to that repo it will create and template automatically some name space and the clusters that it needs in the environments that it needs, depending on, you know, some metadata it might read. So I think, you know, those are definite problems and they're definitely like a teething, growing pain thing. But once you get to that scale, you kind of need to step back and say, well look, we just need to invest in time into the operational aspect of this and automating this pain away, I think. Yeah, >>yeah. And that ultimately ends in Yeah. Custom tooling, which it's hard to avoid it at scale. I mean, there's there's two, there's almost two conversations here, right. There is what I call the Solo admin Solo devops, I bought that domain Solo devops dot com because, you know, whenever I'm talking to dr khan in the real world, it's like I asked people to raise hands, I don't know how we can raise hands here, but I would ask people to raise hands and see how many of you here are. The sole person responsible for deploying the app that your team makes and like a quarter of the room would raise their hand. So I call that solo devops like those, that person can't make all the custom tooling in the world. So they really need dr like solutions where it's opinionated, the workflow is sort of built in and they don't have to wrangle things together with a bunch of glue, you know, in other words bash. Um and so this kind of comes to a conversation uh starting this question from lee he's asking how do you combine get ops with ci cd, especially the continuous bit. How do you avoid having a human uh sort of the complaint the team I was working with has, how do you avoid a human editing and get committing for every single deploy? They've settled on customized templates and a script for routine updates. So as a seed for this conference, this question I'm gonna ask you all uh instead of that specific question cause it's a little open ended. Um Tell me whether you agree with this. I I kind of look at the image, the image artifact because the doctor image or container image in general is an artifact that I I view it that way and that thing going into the registry with the right label or right part of the label. Um That tag rather not the label but the tag that to me is like one of the great demarche points of, we're kind of done with Ci and we're now into the deployment phase and it doesn't necessarily mean the tooling is a clear cut there, but that artifact being shipped in a specific way or promoted as we sometimes say. Um what do you think? Does anyone have opinions on that? I don't even know if that's the right opinion to have so mhm. >>So um I think what you're, what you're getting at is that get ups, models can trigger off of different events um to trigger the reconciliation loop. And one way to do that is if the image, if it notices a image change in the registry, the other is if there's a commit event on a specific rebo and branch and it's up to, you are up to the person that's implementing their get ups model, what event to trigger there, that reconciliation loop off of, You can do both, you can do one or the other. It also depends on the Templeton engine that you're using on top of um on top of kubernetes, such as helm or um you know, the other ones that are out there or if you're not even doing that, then, you know straight. Yeah, mo um so it kind of just depends, but those are the typically the two options one has and a combination of of those to trigger that event. You can also just trigger it manually, right? You can go into the command line and force a a, you know, a really like a scan or a new reconciliation loop to occur. So it kind of just, I don't want to say this, but it depends on what you're trying to do and what makes sense in your pipeline. Right? So if you're if you're set up where you are tag, if you're doing it based off of image tags, then you probably want to use get ups in a way that you're using the image tags. Right. And the pattern that you've established there, if you're not really doing that and you're more around, like, different branches are mapped to different environments, then triggered off of the correct branch. And that's where the permissions also come into play. Where if you don't want someone to touch production and you've got your getups for your production cluster based off of like uh you know, a main branch, then whoever can push a change to that main branch has the authority to push that change to production. Right? So that's your authentication and permissions um system same for the registry itself. Right. So >>Yeah. Yeah. Sorry, anyone else have any thoughts on that? I was about to go to the next topic, >>I was going to say. I think certain tools dictate the approach, like, if you're using Argosy d it's I think I'm correct me if I'm wrong, but I think the only way to use it right now is just through image modification. Like, the manifest changes, it looks at a specific directory and anything changes then it will do its thing. And uh Synchronize the cost there with whatever's and get >>Yeah, flux has both. Yeah, and flux has both. So it it kind of depends. I think you can make our go do that too, but uh this is back to what we were saying in the beginning, uh you know, these things are changing, right? So that might be what it is right now in terms of triggering the reconciliation loops and get ups, tooling, but there might be other events in the future that might trigger it, and it's not completely stand alone because you still need you're tooling to do any kind of testing or whatever you have in terms of like the specific pipeline. So oftentimes you're bolting in getups into some other part of broader Cfd solution. That makes sense. Yeah, >>we've got a lot of questions about secrets or people that are asking about secrets. >>So my my tongue and cheek answered the secrets question was, what's the best practices for kubernetes? Secrets? That's the same thing for secrets with good apps? Uh getups is not last time I checked and last time I was running this stuff get ups is not has nothing to do with secrets in that sense. It's just there to get your stuff running on communities. So, um there's probably a really good session on secrets at dr concept. I >>would agree with you, I agree with you. Yeah, I mean, get off stools, I mean every every project of mine handles secrets differently. Uh huh. And I think I'm not sure if it was even when I was talking to but talking to someone recently that I'm very bullish on get up actions, I love get up actions, it's not great for deployments yet, but we do have this new thing and get hub environments, I think it's called. So it allows me at least the store secrets per environment, which it didn't have the concept of that before, which you know, if you if any of you running kubernetes out there, you typically end up when you start running kubernetes, you end up with more than one kubernetes, like you're going to end up with a lot of clusters at some point, at least many multiple, more than two. Um and so if you're trying to store secret somewhere, you do have and there's a discussion happening in chat right now where people are talking about um sealed secrets which if you haven't heard of that, go look that up and just be versed on what sealed secrets is because it's a it's a fantastic concept for how to store secrets in the public. Um I love it because I'm a big P. K. I nerd but um it's not the only way and it doesn't fit all models. So I have clients that use A W. S. Secrets because they're in A W. S. And then they just have to use the kubernetes external secret. But again like like like normal sand, you know, it's that doesn't really affect get ops, get ops is just applying whatever helm charts or jahmal or images that you're, you're you're deploying, get off. It was more about the approach of when the changes happen and whether it's a push or pull model like we're talking about and you know, >>I would say there's a bunch of prerequisites to get ups secrets being one of them because the risk of you putting a secret into your git repo if you haven't figured out your community secrets architecture and start diving into getups is high and removing secrets from get repose is you know, could be its own industry, right. It's >>a thing, >>how do >>I hide this? How do I obscure this commit that's already now on a dozen machines. >>So there are some prerequisites in terms of when you're ready to adopt get up. So I think is the right way of saying the answer to that secrets being one of them. >>I think the secrets was the thing that made me, you know, like two or three years ago made me kind of see the ah ha moment when it came to get ups which, which was that the premier thing that everyone used to say about get up about why it was great. Was its the single source of truth. There's no state anywhere else. You just need to look at git. Um and then secrets may be realized along with a bunch of other things down the line that is not true and will never be true. So as soon as you can lose the dogmatism about everything is going to be and get it's fantastic. As long as you've understood everything is not going to get. There are things which will absolutely never be and get some tools just don't deal with that. They need to earn their own state, especially in communities, some controls on their own state. You know, cuz sealed secrets and and other projects like SOps and I think there are two or three others. That's a great way of dealing with secrets if you want to keep them in get. But you know, projects like vault more kind of like what I would say, production grade secret strategies. Right? And if you're in AWS or a cloud, you're more likely to be using their secrets. Your secret policy is maybe not dictated by you in large organizations might be dictated by CSO or security or Great. Like I think once if you, if you're trying to adopt getups or you're thinking about it, get the dogmatism of get as a single point of truth out of your mind and think about getups more as a philosophy and a set of best practice principles, then you will be in much better stead, >>right? Yeah. >>People are asking more questions in chat like infrastructure as code plus C d essentially get ups or C I rather, um, these are all great questions and a part of the debate, I'm actually just going to throw up on screen. I'm gonna put this in chat, but this is, this is to me the source, Right? So we worked with when they coined the term. We, a lot of us have been trying to get, if we talk about the history for a minute and then tell me if I'm getting this right. Um, a lot of us were trying to automate all these different parts of the puzzle, but a lot of them, they, some things might have been infrastructure as code. Some things weren't, some things were sort of like settings is coded, like you're going to Jenkins and type in secrets and settings or type in a certain thing in the settings of Jenkins and then that it wasn't really in get and so what we was trying to go for was a way to have almost like eventually a two way state understanding where get might change your infrastructure but then your infrastructure might also change and needs to be reflected in the get if the get is trying to be the single source of truth. Um and like you're saying the reality is that you're never gonna have one repo that has all of your infrastructure in it, like you would have to have, you have to have all your terra form, anything else you're spinning up. Right. Um but anyway, I'm gonna put this link in chat. So this guide actually, uh one of things they talk about is what it's not, so it's, it's kind of great to read through the different requirements and like what I was saying well ago um mhm. Having having ci having infrastructure as code and then trying a little bit of continuous deployment out, it's probably a prerequisite. Forget ops so it's hard to just jump into that when you don't already have infrastructure as code because a machine doing stuff on your behalf, it means that you have to have things documented and somewhere and get repo but let me put this in the in the >>chitty chat, I would like to know if the other panelists agree, but I think get apps is a okay. I would say it's a moderate level, it's not a beginner level communities thing, it's like a moderate level advanced, a little bit more advanced level. Um One can start off using it but you definitely have to have some pre recs in place or some understanding of like a pattern in place. Um So what do the other folks think about that opinion? >>I think if you're if you're trying to use get out before, you know what problem you have, you're probably gonna be in trouble. Right. It's like having a solution to it probably don't have yet. Mhm. Right. I mean if if you're just evil or and you're just typing, keep control apply, you're one person right, Get off. It doesn't seem like a big a big jump, like, I mean it doesn't like why would I do that? I'm just, I'm just gonna inside, it's the type of get commit right, I'm typing Q control apply. But I think one of the rules from we've is none of your developers and none of your admins can have cute control access to the cluster because if you can't, if you do have access and you can just apply something, then that's just infrastructure as code. That's just continuous deployment, that's, that's not really get ops um, getups implies that the only way things get into the cluster is through the get up, get automation that you're using with, you know, flux Argo, we haven't talked about, what's the other one that Victor Farsi talks about, by the way people are asking about victor, because victor would love to talk about this stuff, but he's in my next life, so come back in an hour and a half or whatever and victor is going to be talking about sys, admin list with me. Um >>you gotta ask him nothing but get up questions in the next, >>confuse them, confuse them. But anyway, that, that, that's um, it's hard, it's hard to understand and without having tried it, I think conceptually it's a little challenging >>one thing with getups, especially based off the we've works blog post that you just put up on there. It's an opinionated way of doing something. Uh you know, it's an opinionated way of of delivering changes to an environment to your kubernetes environment. So it's opinionated were often not used to seeing things that are very opinionated in this sense, in the in the ecosystem, but get apps is a opinionated thing. It's it's one way of doing it. Um there are ways to change it and like there are options um like what we were talking about in terms of the events that trigger, but the way that it's structured is an opinion opinionated way both from like a tooling perspective, like using get etcetera, but also from a devops cultural perspective, right? Like you were talking about not having anyone access cube control and changing the cluster directly. That's a philosophical opinion that get ups forces you to adopt otherwise. It kind of breaks the model and um I just I want everyone to just understand that. That is very opinion, anything in that sense. Yeah, >>polygamy is another thing. Infrastructure as code. Um someone's mentioning plummy and chat, I just had actually my life show self plug bread that live go there. I'm on Youtube every week. I did the same thing. These these are my friends um and had palami on two weeks ago uh last week, remember uh and it was in the last couple of weeks and we talked about their infrastructure as code solution. Were actually writing code instead of um oh that's an interesting take on uh developer team sort of owning coding the infrastructure through code rather than Yamil as a data language. I don't really have an opinion on it yet because I haven't used it in production or anything in the real real world, but um, I'm not sure how much they are applying trying to go towards the get up stuff. I will do a plug for Solomon hikes. Who has a, the beginning of the day, it's already happened so you can go back and watch it. It's a, it's a, what's it called? Q. Rethinking application delivery with Q. And build kit. So go look this up. This is the found co founder of Dr and former CTO Solomon hikes at the beginning of the day. He has a tool called dagger. I'm not sure why the title of the talk is delivering with Q. And built it, but the tool is showing off in there for an hour is called dagger. And it's, it's an interesting idea on how to apply a lot of this opinionated automated stuff to uh, to deployment and it's get off space and you use Q language. It's a graph language. I watched most of it and it was a really interesting take. I'm excited to see if that takes off and if they try that because it's another way that you can get a little bit more advanced with your you're get deployments and without having to just stick everything in Yemen, which is kind of what we're in today with helm charts and what not. All right. More questions about secrets, I think. I think we're not going to have a whole lot of more, a lot more about secrets basically. Uh put secrets in your cluster to start with and kubernetes in encrypted, you know, thing. And then, you know, as it gets harder, then you have to find another solution when you have five clusters, you don't wanna have to do it five times. That's when you have to go for Walton A W. S secrets and all >>that. Right? I'm gonna post it note. Yeah. Crm into the cluster. Just kidding. >>Yes, there are recordings of this. Yes, they will be later. Uh, because we're that these are all gonna be on youtube later. Um, yeah, detects secrets cushion saying detect secrets or get Guardian are absolute requirements. I think it's in reference to your secrets comment earlier. Um, Camels asking about Cuban is dropping support for Docker that this is not the place to ask for that, but it, it is uh, basically it's a Nonevent Marantz has actually just created that same plug in available in a different repos. So if you want to keep using Docker and kubernetes, you know, you can do it like it's no big deal. Most of us aren't using doctor in our communities anyway, so we're using like container D or whatever is provided to us by our provider. Um yeah, thank you so much for all these comments. These are great people helping each other and chat. I feel like we're just here to make sure the chats available so people can help each other. >>I feel like I want to pick up on something when you mentioned pollux me, I think there's a um we're talking about getups but I think in the original like the origination of that I guess was deploying applications to clusters right, picking up deployment manifest. But I think with the gloomy and I obviously terra form and things have been around a long time, folks are starting to apply this I think I found one earlier which was like um kub stack the Terror Forms get ups framework. Um but also with the advent of things like cluster A. P. I. Um in the Cuban at the space where you can declare actively build the infrastructure for your clusters and build the cluster right? We're not just talking about deploying applications, the cluster A. P. I will talk to a W. S. Spin up, VPc spin up machines, you know, we'll do the same kind of things that terra form does and and those other tools do I think applying getups principles to the infrastructure spin up right, the proper infrastructure as code stuff, constantly applying Terror form um you know, plans and whatever, constantly applying cluster Api resources spinning up stuff in those clouds. That's a super interesting. Um you know, extension of this area, I'd be curious to see if what the folks think about that. >>Yeah, that's why I picked this topic is one of my three. Uh I got I got to pick the topics. I was like the three things that there like the most bleeding edge exciting. Most people haven't, we haven't basically we haven't figured all this out yet. We as an industry, so um it's I think we're gonna see more ideas on it. Um what's the one with the popsicle as the as the icon victor talks about all the time? It's not it's another getups like tool, but it's um it's getups for you use this kubernetes limit and then we have to look it up, >>You're talking about cross plane. >>So >>my >>wife is over here with the sound effects and the first sound effect of the day that she chooses to use is one. >>All right, can we pick it? Let's let's find another question bret >>I'm searching >>so many of them. All right, so uh I think one really quick one is getups only for kubernetes, I think the main to tooling to tools that we're talking about, our Argosy D and flux and they're mostly geared toward kubernetes deployments but there's a, it seems like they're organized in a way that there's a clean abstraction in with respect to the agent that's doing the deployment and the tooling that that can interact with. So I would imagine that in the future and this might be true already right now that get ups could be applied to other types of deployments at some point in the future. But right now it's mostly focused and treats kubernetes as a first class citizen or the tooling on top of kubernetes, let's say something like how as a first class citizen? Yeah, to Brett, >>to me the field, back to you bret the thing I was looking for is cross plane. So that's another tool. Um Victor has been uh sharing a lot about it in Youtube cross plane and that is basically runs inside a kubernetes, but it handles your other infrastructure besides your app. It allows you to like get ops, you're a W. S stuff by using the kubernetes state engine as a, as a way to manage that. And I have not used it yet, but he does some really great demos on Youtube. So people are liking this idea of get off, so they're trying to figure out how do we, how do we manage state? How do we uh because the probably terra form is that, well, there's many problems, but it's always a lot of problems, but in the get outs world it's not quite the right fit yet, It might be, but you still, it's still largely as expected for people to, you know, like type the command, um, and it keeps state locally the ss, clouds and all that. And but the other thing is I'm I'm now realizing that when I saw the demo from Solomon, I'm going back to the Solomon hikes thing. He was using the demo and he was showing it apply deploying something on S three buckets, employing internet wifi and deploying it on google other things beyond kubernetes and saying that it's all getups approach. So I think we're just at the very beginning of seeing because it all started with kubernetes and now there's a swarm one, you can look up swarm, get office and there's a swarm, I can't take the name of it. Swarm sink I think is what's called swarm sink on git hub, which allows you to do swarm based getups like things. And now we're seeing these other tools coming out. They're saying we're going to try to do the get ups concepts, but not for kubernetes specifically and that's I think, you know, infrastructure as code started with certain areas of the world and then now then now we all just assume that you're going to have an infrastructure as code way of doing whatever that is and I think get off is going to have that same approach where pretty soon, you know, we'll have get apps for all the clouds stuff and it won't just be flexor Argo. And then that's the weird thing is will flex and Argo support all those things or will it just be focused on kubernetes apps? You know, community stuff? >>There's also, I think this is what you're alluding to. There is a trend of using um kubernetes and see rDS to provision and control things that are outside of communities like the cloud service providers services as if they were first class entities within kubernetes so that you can use the kubernetes um focus tooling for things that are not communities through the kubernetes interface communities. Yeah, >>yeah, even criticism. >>Yeah, yeah, I'm just going to say that sounds like cross plane. >>Yeah, yeah, I mean, I think that's that's uh there were, you know, for the last couple of years, it's been flux and are going back and forth. Um they're like frenemies, you know, and they've been going back and forth with iterating on these ideas of how do we manage this complicated thing? That is many kubernetes clusters? Um because like Argo, I don't know if the flux V two can do this, but Argo can manage multiple clusters now from one cluster, so your, you can manage other clusters, technically external things from a single entity. Um Originally flux couldn't do that, but I'm going to say that V two can, I don't actually >>know. Um I think all that is gonna, I think that's going to consolidate in the future. All right. In terms of like the common feature set, what Iver and john what do you think? >>I mean, I think it's already begun, right, I think haven't, didn't they collaborate on a common engine? I don't know whether it's finished yet, but I think they're working towards a common getups engine and then they're just going to layer on features on top. But I think, I mean, I think that's interesting, right, because where it runs and where it interacts with, if we're talking about a pull based model, it shouldn't, it's decentralized to a certain extent, right? We need get and we need the agent which is pulling if we're saying there's something else which is orchestrating something that we start to like fuzzy the model even right. Like is this state living somewhere else, then I think that's just interesting as well. I thought flux was completely decentralized, but I know you install our go somewhere like the cargo has a server as well, but it's been a while since I've looked in depth at them. But I think the, you know, does that muddy the agent only pull model? >>I'm reading a >>Yeah, I would say that there's like a process of natural selection going on as as the C. N. C. F. Landscape evolves and grows bigger and a lot of divide and conquer right now. But I think as certain things kind of get more prominent >>and popular, I think >>it starts to trend and it inspires other things and then it starts to aggregate and you know, kind of get back into like a unified kind of like core. Maybe like for instance, cross plane, I feel like it shouldn't even really exist. It should be, it like it's a communities add on, but it should be built in, it should be built into kubernetes, like why doesn't this exist already >>for like controlling a cloud? >>Yeah, like just, you know, having this interface with the cloud provider and be able to Yeah, >>exactly. Yeah, and it kinda, you're right. That kinda happens because you do, I mean when you start talking about storage providers and networking providers was very specific implementations of operators or just individual controllers that do operate and control other resources in the cloud, but certainly not universally right. Not every feature of AWS is available to kubernetes out of the box. Um and you know, it, one of the challenges across plane is you gotta have kubernetes before you can deploy kubernetes. Like there's a chicken and egg issue there where if you're going to use, if you're going to use our cross plane for your other infrastructure, but it's gotta, but it has to run on kubernetes who creates that first kubernetes in order for you to put that on there. And victor talks about one of his videos, the same problem with flux and Argo where like Argo, you can't deploy Argo itself with getups. There has to be that initial, I did a thing with, I'm a human and I typed in some commands on a server and things happened but they don't really have an easy deployment method for getting our go up and running using simply nothing but a get push to an existing system. There's something like that. So it's a it's an interesting problem of day one infrastructure which is again only day one, I think data is way more interesting and hard, but um how can we spend these things up if they're all depending on each other and who is the first one to get started? >>I mean it's true of everything though, I mean at the end of that you need some kind of big bang kind of function too, you know, I started running start everything I >>think without going over that, sorry, without going off on a tangent. I was, I was gonna say there's a, if folks have heard of kind which is kubernetes and Docker, which is a mini kubernetes cluster, you can run in a Docker container or each container will run as a as a node. Um you know, that's been a really good way to spin up things like clusters. KPI because they boot strap a local kind, install the manifests, it will go and spin up a fully sized cluster, it will transfer its resources over there and then it will die itself. Right? So that, that's kind of bootstrapping itself. And I think a couple of folks in the community, Jason to Tiberius, I think he works for Quinyx metal um has, has experimented with like an even more minimal just Api server, so we're really just leveraging the kubernetes ideas of like a reconciliation loop and a controller. We just need something to bootstrap with those C R D s and get something going and then go away again. So I think that's gonna be a pattern that comes up kind of more and more >>Yeah, for sure. Um, and uh, the next, next quick answer to the question, Angel asked what your thoughts on getups being a niche to get or versus others vcs tools? Well, if I knew anyone who is using anything other than get, I would say no, you know, get ops is a horrible name. It should just be CVS office, but that doesn't or vcs ops or whatever like that, but that doesn't roll off the tongue. So someone had to come up with the get ups phrase. Um but absolutely, it's all about version control solutions used for infrastructure, not code. Um might get doctor asks a great question, we're not gonna have time for it, but maybe people can reply and chat with what they think but about infrastructure and code, the lines being blurred and that do develop, how much of infrastructure does developer do developers need to know? Essentially, they're having to know all the things. Um so unfortunately we've had way more questions like every panel here today with all the great community, we've got way more questions we can handle in this time. So we're gonna have to wrap it up and say goodbye. Go to the next live panel. I believe the next one is um on developer, developer specific setups that's gonna be peter running that panel. Something about development in containers and I'm sure it's gonna be great. Just like this one. So let's go around the room where can people find you on the internet? I'm at Brett fisher on twitter. That's where you can usually find me most days you are? >>Yeah, I'm on twitter to um, I'll put it in the chat. It's kind of confusing because the TSR seven. >>Okay. Yeah, that's right. You can't just say it. You can also look at the blow of the video and like our faces are there and if you click on them, it tells you our twitter in Arlington and stuff, john >>John Harris 85, pretty much everywhere. Get hub Twitter slack, etc. >>Yeah >>and normal, normal faults or just, you know, living on Youtube live with Brett. >>Yeah, we're all on the twitter so go check us out there and thank you so much for joining. Uh thank you so much to you all for being here. I really appreciate you taking time in your busy schedule to join me for a little chit chat. Um Yes, all the, all the cheers, yes. >>And I think this kid apps loop has been declarative lee reconciled. >>Yeah, there we go. And with that ladies and gentlemen, uh bid you would do, we will see you in the next, next round coming up next with Peter >>bye.

(upbeat music) >> Welcome friends to HPE Ezmeral's analytics unleashed. I couldn't be more excited to have you here today. We have a packed and informative agenda. It's going to give you not just a perspective on what HPE Ezmeral is and what it can do for your organization, but you should leave here with some insights and perspectives that will help you on your edge to cloud data journey in general. The lineup we have today is awesome. We have industry experts like Kirk Borne, who's going to talk about the shape this space will take to key customers and partners who are using Ezmeral technology as a fundamental part of their stack to solve really big, hairy, complex real data problems. We will hear from the execs who are leading this effort to understand the strategy and roadmap forward as well as give you a sneak peek into the new ISV ecosystem that is hosted in the Ezmeral marketplace. And finally, we have some live music being played in the form of three different demos. There's going to be a fun time so do jump in and chat with us at any time or engage with us on Twitter in real time. So grab some coffee, buckle up and let's get going. (upbeat music) Getting data right is one of the top priorities for organizations to affect digital strategy. So right now we're going to dig into the challenges customers face when trying to deploy enterprise wide data strategies and with me to unpack this topic is Kirk Borne, principal data scientist, and executive advisor, Booz Allen Hamilton. Kirk, great to see you. Thank you sir, for coming into the program. >> Great to be here, Dave. >> So hey, enterprise scale data science and engineering initiatives, they're non-trivial. What do you see as some of the challenges in scaling data science and data engineering ops? >> The first challenge is just getting it out of the sandbox because so many organizations, they, they say let's do cool things with data, but how do you take it out of that sort of play phase into an operational phase? And so being able to do that is one of the biggest challenges, and then being able to enable that for many different use cases then creates an enormous challenge because do you replicate the technology and the team for each individual use case or can you unify teams and technologies to satisfy all possible use cases. So those are really big challenges for companies organizations everywhere to about. >> What about the idea of, you know, industrializing those those data operations? I mean, what does that, what does that mean to you? Is that a security connotation, a compliance? How do you think about it? >> It's actually, all of those I'm industrialized to me is sort of like, how do you not make it a one-off but you make it a sort of a reproducible, solid risk compliant and so forth system that can be reproduced many different times. And again, using the same infrastructure and the same analytic tools and techniques but for many different use cases. So we don't have to rebuild the wheel, reinvent the wheel re reinvent the car. So to speak every time you need a different type of vehicle you need to build a car or a truck or a race car. There's some fundamental principles that are common to all of those. And that's what that industrialization is. And it includes security compliance with regulations and all those things but it also means just being able to scale it out to to new opportunities beyond the ones that you dreamed of when you first invented the thing. >> Yeah. Data by its very nature as you well know, it's distributed, but for a you've been at this awhile for years we've been trying to sort of shove everything into a monolithic architecture and in in hardening infrastructures or around that. And in many organizations it's become a block to actually getting stuff done. But so how, how are you seeing things like the edge emerge How do you, how do you think about the edge? How do you see that evolving and how do you think customers should be dealing with with edge and edge data? >> Well, that's really kind of interesting. I had many years at NASA working on data systems, and back in those days, the idea was you would just put all the data in a big data center and then individual scientists would retrieve that data and do analytics on it do their analysis on their local computer. And you might say that's sort of like edge analytics so to speak because they're doing analytics at their home computer, but that's not what edge means. It means actually doing the analytics the insights discovery at the point of data collection. And so that's that's really real time business decision-making you don't bring the data back and then try to figure out some time in the future what to do. And I think in autonomous vehicles a good example of why you don't want to do that because if you collect data from all the cameras and radars and lidars that are on a self-driving car and you move that data back to a data cloud while the car is driving down the street and let's say a child walks in front of the car you send all the data back at computes and does some object recognition and pattern detection. And 10 minutes later, it sends a message to the car. Hey, you need to put your brakes off. Well, it's a little kind of late at that point. And so you need to make those discoveries those insight discoveries, those pattern discoveries and hence the proper decisions from the patterns in the data at the point of data collection. And so that's data analytics at the edge. And so, yes, you can ring the data back to a central cloud or distributed cloud. It almost doesn't even matter if, if if your data is distributed sort of any use case in any data scientist or any analytic team and the business can access it then what you really have is a data mesh or a data fabric that makes it accessible at the point that you need it, whether it's at the edge or on some static post event processing, for example typical business quarter reporting takes a long look at your last three months of business. Well, that's fine in that use case, but you can't do that for a lot of other real time analytic decision making. >> Well, that's interesting. I mean, it sounds like you think of the edge not as a place, but as you know where it makes sense to actually, you know the first opportunity, if you will, to process the data at at low latency where it needs to be low latency is that a good way to think about it? >> Yeah, absolutely. It's the low latency that really matters. Sometimes we think we're going to solve that with things like 5G networks. We're going to be able to send data really fast across the wire. But again, that self-driving car has yet another example because what if you, all of a sudden the network drops out you still need to make the right decision with the network not even being . >> That darn speed of light problem. And so you use this term data mesh or data fabric double-click on that. What do you mean by that? >> Well, for me, it's, it's, it's, it's sort of a unified way of thinking about all your data. And when I think of mesh, I think of like a weaving on a loom, or you're creating a blanket or a cloth and you do weaving and you do that all that cross layering of the different threads. And so different use cases in different applications in different techniques can make use of this one fabric no matter what, where it is in the, in the business or again, if it's at the edge or, or back at the office one unified fabric, which has a global namespace. So anyone can access the data they need and sort of uniformly no matter where they're using it. And so it's, it's a way of unifying all of the data and use cases and sort of a virtual environment that it could have that no log you need to worry about. So what's what's the actual file name or what's the actual server this thing is on you can just do that for whatever use case you have. Let's I think it helps you enterprises now to reach a stage which I like to call the self-driving enterprise. Okay. So it's modeled after the self-driving car. So the self-driving enterprise needs the business leaders in the business itself, you would say needs to make decisions oftentimes in real time. All right. And so you need to do sort of predictive modeling and cognitive awareness of the context of what's going on. So all of these different data sources enable you to do all those things with data. And so, for example, any kind of a decision in a business any kind of decision in life, I would say is a prediction. It's you say to yourself if I do this such and such will happen if I do that, this other thing will happen. So a decision is always based upon a prediction about outcomes, and you want to optimize that outcome. So both predictive and prescriptive analytics need to happen in this in this same stream of data and not statically afterwards. And so that's, self-driving enterprises enabled by having access to data wherever you and whenever you need it. And that's what that fabric, that data fabric and data mesh provides for you, at least in my opinion. >> Well, so like carrying that analogy like the self-driving vehicle you're abstracting that complexity away in in this metadata layer that understands whether it's on prem or in the public cloud or across clouds or at the edge where the best places to process that data. What makes sense, does it make sense to move it or not? Ideally, I don't have to. Is that how you're thinking about it is that why we need this notion of a data fabric >> Right. It really abstracts away all the sort of the complexity that the it aspects of the job would require, but not every person in the business is going to have that familiarity with with the servers and the access protocols and all kinds of it related things. And so abstracting that away. And that's in some sense, what containers do basically the containers abstract away all the information about servers and connectivity and protocols and all this kind of thing. You just want to deliver some data to an analytic module that delivers me an insight or a prediction. I don't need to think about all those other things. And so that abstraction really makes it empowering for the entire organization. We like to talk a lot about data democratization and analytics democratization. This really gives power to every person in the organization to do things without becoming an it expert. >> So the last, last question we have time for here. So it sounds like. Kirk, the next 10 years of data are not going to be like the last 10 years, it'd be quite different. >> I think so. I think we're moving to this. Well, first of all, we're going to be focused way more on the why question, like, why are we doing this stuff? The more data we collect, we need to know why we're doing it. And what are the phrases I've seen a lot in the past year which I think is going to grow in importance in the next 10 years is observability. So observability to me is not the same as monitoring. Some people say monitoring is what we do. But what I like to say is, yeah, that's what you do but why you do it is observability. You have to have a strategy. Why, what, why am I collecting this data? Why am I collecting it here? Why am I collecting it at this time resolution? And so, so getting focused on those, why questions create be able to create targeted analytics solutions for all kinds of diff different business problems. And so it really focuses it on small data. So I think the latest Gartner data and analytics trending reports, so we're going to see a lot more focus on small data in the near future >> Kirk borne. You're a dot connector. Thanks so much for coming on the cube and being a part of the program. >> My pleasure (upbeat music) (relaxing upbeat music)

(upbeat music) >> Announcer: Live from Las Vegas, it's theCUBE! Covering UIPath FORWARD America's 2019. Brought to you by UIPath. >> Welcome back, everyone, to theCUBE's live coverage of UIPath FORWARD, here in Sin City, Las Vegas Nevada. I'm your host, Rebecca Knight, co-hosting alongside Dave Velante. We have two guests for this segment. We have Kurt Carlson, Associate Dean for faculty and academic affairs of the Mason School of Business at the college of William and Mary. Thanks for coming on the show. >> Thanks you for having me. >> Rebecca: And we have Tom Clancy, the SVP of learning at UIPath, thank you so much. >> Great to be here. >> You're a Cube alum, so thank you for coming back. >> I've been here a few times. >> A Cube veteran, I should say. >> I think 10 years or so >> So we're talking today about a robot for every student, this was just announced in August, William and Mary is the first university in the US to provide automation software to every undergraduate student, thanks to a four million dollar investment from UIPath. Tell us a little bit about this program, Kurt, how it works and what you're trying to do here. >> Yeah, so first of all, to Tom and the people at UIPath for making this happen. This is a bold and incredible initiative, one that, frankly, when we had it initially, we thought that maybe we could get a robot for every student, we weren't sure that other people would be willing to go along with that, but UIPath was, they see the vision, and so it was really a meeting of the minds on a common purpose. The idea was pretty simple, this technology is transforming the world in a way that students, we think it's going to transform the way that students actually are students. But it's certainly transforming the world that our students are going into. And so, we want to give them exposure to it. We wanted to try and be the first business school on the planet that actually prepares students not just for the way RPA's being used today, but the way that it's going to be used when AI starts to take hold, when it becomes the gateway to AI three, four, five years down the road. So, we talked to UIPath, they thought it was a really good idea, we went all in on it. Yeah, all of our starting juniors in the business school have robots right now, they've all been trained through the academy live session putting together a course, it's very exciting. >> So, Tom, you've always been an innovator when it comes to learning, here's my question. How come we didn't learn this school stuff when we were in college? We learned Fortran. >> I don't know, I only learned BASIC, so I can't speak to that. >> So you know last year we talked about how you're scaling, learning some of the open, sort of philosophy that you have. So, give us the update on how you're pushing learning FORWARD, and why the College of William and Mary. >> Okay, so if you buy into a bot for every worker, or a bot for every desktop, that's a lot of bots, that's a lot of desktops, right? There's studies out there from the research companies that say that there's somewhere a hundred and 200 million people that need to be educated on RPA, RPA/AI. So if you buy into that, which we do, then traditional learning isn't going to do it. We're going to miss the boat. So we have a multi-pronged approach. The first thing is to democratize RPA learning. Two and a half years ago we made, we created RPA Academy, UIPath academy, and 100% free. After two and a half years, we have 451,000 people go through the academy courses, that's huge. But we think there's a lot more. Over the next next three years we think we'll train at least two million people. But the challenge still is, if we train five million people, there's still a hundred million that need to know about it. So, the second biggest thing we're doing is, we went out, last year at this event, we announced our academic alliance program. We had one university, now we're approaching 400 universities. But what we're doing with William and Mary is a lot more than just providing a course, and I'll let Kurt talk to that, but there is so much more that we could be doing to educate our students, our youth, upscaling, rescaling the existing workforce. When you break down that hundred million people, they come from a lot of different backgrounds, and we're trying to touch as many people as we can. >> You guys are really out ahead of the curve. Oftentimes, I mean, you saw this a little bit with data science, saw some colleges leaning in. So what lead you guys to the decision to actually invest and prioritize RPA? >> Yeah, I think what we're trying to accomplish requires incredibly smart students. It requires students that can sit at the interface between what we would think of today as sort of an RPA developer and a decision maker who would be stroking the check or signing the contract. There's got to be somebody that sits in that space that understands enough about how you would actually execute this implementation. What's the right buildout of that, how we're going to build a portfolio of bots, how we're going to prioritize the different processes that we might automate, How we're going to balance some processes that might have a nice ROI but be harder for the individual who's process is being automated to absorb against processes that the individual would love to have automated, but might not have as great of an ROI. How do you balance that whole set of things? So what we've done is worked with UIPath to bring together the ideas of automation with the ideas of being a strategic thinker in process automation, and we're designing a course in collaboration to help train our students to hit the ground running. >> Rebecca, it's really visionary, isn't it? I mean it's not just about using the tooling, it's about how to apply the tooling to create competitive advantage or change lives. >> I used to cover business education for the Financial Times, so I completely agree that this really is a game changer for the students to have this kind of access to technology and ability to explore this leading edge of software robotics and really be, and graduate from college. This isn't even graduate school, they're graduating from college already having these skills. So tell me, Kurt, what are they doing? What is the course, what does it look like, how are they using this in the classroom? >> The course is called a one credit. It's 14 hours but it actually turns into about 42 when you add this stuff that's going on outside of class. They're learning about these large conceptual issues around how do you prioritize which processes, what's the process you should go through to make sure that you measure in advance of implementation so that you can do an audit on the backend to have proof points on the effectiveness, so you got to measure in advance, creating a portfolio of perspective processes and then scoring them, how do you do that, so they're learning all that sort of conceptual straight business slash strategy implementation stuff, so that's on the first half, and to keep them engaged with this software, we're giving them small skills, we're calling them skillets. Small skills in every one of those sessions that add up to having a fully automated and programmed robot. Then they're going to go into a series of days where every one of those days they're going to learn a big skill. And the big skills are ones that are going to be useful for the students in their lives as people, useful in lives as students, and useful in their lives as entrepreneurs using RPA to create new ventures, or in the organizations they go to. We've worked with UIPath and with our alums who've implement this, folks at EY, Booz. In fact, we went up to DC, we had a three hour meeting with these folks. So what are the skills students need to learn, and they told us, and so we build these three big classes, each around each one of those skills so that our students are going to come out with the ability to be business translators, not necessarily the hardcore programmers. We're not going to prevent them from doing that, but to be these business translators that sit between the programming and the decision makers. >> That's huge because, you know, like, my son's a senior in college. He and his friends, they all either want to work for Amazon, Google, an investment bank, or one of the big SIs, right? So this is a perfect role for a consultant to go in and advise. Tom, I wanted to ask you, and you and I have known each other for a long time, but one of the reasons I think you were successful at your previous company is because you weren't just focused on a narrow vendor, how to make metrics work, for instance. I presume you're taking the same philosophy here. It transcends UIPath and is really more about, you know, the category if you will, the potential. Can you talk about that? >> So we listen to our customers and now we listen to the universities too, and they're going to help guide us to where we need to go. Most companies in tech, you work with marketing, and you work with engineering, and you build product courses. And you also try to sell those courses, because it's a really good PNL when you sell training. We don't think that's right for the industry, for UIPath, or for our customers, or our partners. So when we democratize learning, everything else falls into place. So, as we go forward, we have a bunch of ideas. You know, as we get more into AI, you'll see more AI type courses. We'll team with 400 universities now, by end of next year, we'll probably have a thousand universities signed up. And so, there's a lot of subject matter expertise, and if they come to us with ideas, you mentioned a 14 hour course, we have a four hour course, and we also have a 60 hour course. So we want to be as flexible as possible, because different universities want to apply it in different ways. So we also heard about Lean Six Sigma. I mean, sorry, Lean RPA, so we might build a course on Lean RPA, because that's really important. Solution architect is one of the biggest gaps in the industry right now so, so we look to where these gaps are, we listen to everybody, and then we just execute. >> Well, it's interesting you said Six Sigma, we have Jean Younger coming on, she's a Six Sigma expert. I don't know if she's a black belt, but she's pretty sure. She talks about how to apply RPA to make business processes in Six Sigma, but you would never spend the time and money, I mean, if it's an airplane engine, for sure, but now, so that's kind of transformative. Kurt, I'm curious as to how you, as a college, market this. You know, you're very competitive industry, if you will. So how do you see this attracting students and separating you guys from the pack? >> Well, it's a two separate things. How do we actively try to take advantage of this, and what effects is it having already? Enrollments to the business school, well. Students at William and Mary get admitted to William and Mary, and they're fantastic, amazingly good undergraduate students. The best students at William and Mary come to the Raymond A. Mason school of business. If you take our undergraduate GPA of students in the business school, they're top five in the country. So what we've seen since we've announced this is that our applications to the business school are up. I don't know that it's a one to one correlation. >> Tom: I think it is. >> I believe it's a strong predictor, right? And part because it's such an easy sell. And so, when we talk to those alums and friends in DC and said, tell us why this is, why our students should do this, they said, well, if for no other reason, we are hiring students that have these skills into data science lines in the mid 90s. When I said that to my students, they fell out of their chairs. So there's incredible opportunity here for them, that's the easy way to market it internally, it aligns with things that are happening at William and Mary, trying to be innovative, nimble, and entrepreneurial. We've been talking about being innovative, nimble, and entrepreneurial for longer than we've been doing it, we believe we're getting there, we believe this is the type of activity that would fit for that. As far as promoting it, we're telling everybody that will listen that this is interesting, and people are listening. You know, the standard sort of marketing strategy that goes around, and we are coordinating with UIPath on that. But internally, this sells actually pretty easy. This is something people are looking for, we're going to make it ready for the world the way that it's going to be now and in the future. >> Well, I imagine the big consultants are hovering as well. You know, you mentioned DC, Booz Allen, Hughes and DC, and Excensior, EY, Deloitte, PWC, IBM itself. I mean it's just, they all want the best and the brightest, and now you're going to have this skill set that is a sweet spot for their businesses. >> Kurt: That's the plan. >> I'm just thinking back to remembering who these people are, these are 19 and 20 year olds. They've never experienced the dreariness of work and the drudge tasks that we all know well. So, what are you, in terms of this whole business translator idea, that they're going to be the be people that sit in the middle and can sort of be these people who can speak both languages. What kind of skills are you trying to impart to them, because it is a whole different skill set. >> Our vision is that in two or three years, the nodes and the processes that are currently... That currently make implementing RPA complex and require significant programmer skills, these places where, right now, there's a human making a relatively mundane decision, but it's sill a model. There's a decision node there. We think AI is going to take over that. The simple, AI's going to simply put models into those decision nodes. We also think a lot of the programming that takes place, you're seeing it now with studio X, a lot of the programming is going to go away. And what that's going to do is it's going to elevate the business process from the mundane to the more human intelligent, what would currently be considered human intelligence process. When we get into that space, people skills are going to be really important, prioritizing is going to be really important, identifying organizations that are ripe for this, at this moment in time, which processes to automate. Those are the kind of skills we're trying to get students to develop, and what we're selling it partly as, this is going to make you ready of the world the way we think it's going to be, a bit of a guess. But we're also saying if you don't want to automate mundane processes, then come with us on a different magic carpet ride. And that magic carpet ride is, imagine all the processes that don't exist right now because nobody would ever conceive of them because they couldn't possibly be sustained, or they would be too mundane. Now think about those processes through a business lens, so take a business student and think about all the potential when you look at it that way. So this course that we're building has that, everything in the course is wrapped in that, and so, at the end of the course, they're going to be doing a project, and the project is to bring a new process to the world that doesn't currently exist. Don't program it, don't worry about whether or not you have a team that could actually execute it. Just conceive of a process that doesn't currently exist and let's imagine, with the potential of RPA, how we would make that happen. That's going to be, we think we're going to be able to bring a lot of students along through that innovative lens even though they are 19 and 20, because 19 and 20 year olds love innovation, while they've never submitted a procurement report. >> Exactly! >> A innovation presentation. >> We'll need to do a Cube follow up with that. >> What Kurt just said, is the reason why, Tom, I think this market is being way undercounted. I think it's hard for the IDCs and the forces, because they look back they say how big was it last year, how fast are these companies growing, but, to your point, there's so much unknown processes that could be attacked. The TAM on this could be enormous. >> We agree. >> Yeah, I know you do, but I think that it's a point worth mentioning because it touches so many different parts of every organization that I think people perhaps don't realize the impact that it could have. >> You know, when listening to you, Kurt, when you look at these young kids, at least compared to me, all the coding and setting up a robot, that's the easy part, they'll pick that up right away. It's really the thought process that goes into identifying new opportunities, and that's, I think, you're challenging them to do that. But learning how to do robots, I think, is going to be pretty easy for this new digital generation. >> Piece of cake. Tom and Kurt, thank you so much for coming on theCUBE with a really fascinating conversation. >> Thank you. >> Thanks, you guys >> I'm Rebecca Knight, for Dave Velante, stay tuned for more of theCUBEs live coverage of UIPath FORWARD. (upbeat music)

>> From Cambridge, Massachusetts, it's theCUBE covering MIT Chief Data Officer and Information Quality Symposium 2019 brought to you by SiliconANGLE Media. (upbeat techno music) >> Hi everybody, welcome back to Cambridge, Massachusetts. You're watching theCUBE, the leader in tech coverage. We go out to the events. We extract the signal from the noise, and we're here at the MIT CDOIQ Conference, Chief Data Officer Information Quality Conference. It is the 13th year here at the Tang building. We've outgrown this building and have to move next year. It's fire marshal full. Gokula Mishra is here. He is the Senior Director of Global Data and Analytics and Supply Chain-- >> Formerly. Former, former Senior Director. >> Former! I'm sorry. It's former Senior Director of Global Data Analytics and Supply Chain at McDonald's. Oh, I didn't know that. I apologize my friend. Well, welcome back to theCUBE. We met when you were at Oracle doing data. So you've left that, you're on to your next big thing. >> Yes, thinking through it. >> Fantastic, now let's start with your career. You've had, so you just recently left McDonald's. I met you when you were at Oracle, so you cut over to the dark side for a while, and then before that, I mean, you've been a practitioner all your life, so take us through sort of your background. >> Yeah, I mean my beginning was really with a company called Tata Burroughs. Those days we did not have a lot of work getting done in India. We used to send people to U.S. so I was one of the pioneers of the whole industry, coming here and working on very interesting projects. But I was lucky to be working on mostly data analytics related work, joined a great company called CS Associates. I did my Master's at Northwestern. In fact, my thesis was intelligent databases. So, building AI into the databases and from there on I have been with Booz Allen, Oracle, HP, TransUnion, I also run my own company, and Sierra Atlantic, which is part of Hitachi, and McDonald's. >> Awesome, so let's talk about use of data. It's evolved dramatically as we know. One of the themes in this conference over the years has been sort of, I said yesterday, the Chief Data Officer role emerged from the ashes of sort of governance, kind of back office information quality compliance, and then ascended with the tailwind of the Big Data meme, and it's kind of come full circle. People are realizing actually to get value out of data, you have to have information quality. So those two worlds have collided together, and you've also seen the ascendancy of the Chief Digital Officer who has really taken a front and center role in some of the more strategic and revenue generating initiatives, and in some ways the Chief Data Officer has been a supporting role to that, providing the quality, providing the compliance, the governance, and the data modeling and analytics, and a component of it. First of all, is that a fair assessment? How do you see the way in which the use of data has evolved over the last 10 years? >> So to me, primarily, the use of data was, in my mind, mostly around financial reporting. So, anything that companies needed to run their company, any metrics they needed, any data they needed. So, if you look at all the reporting that used to happen it's primarily around metrics that are financials, whether it's around finances around operations, finances around marketing effort, finances around reporting if it's a public company reporting to the market. That's where the focus was, and so therefore a lot of the data that was not needed for financial reporting was what we call nowadays dark data. This is data we collect but don't do anything with it. Then, as the capability of the computing, and the storage, and new technologies, and new techniques evolve, and are able to handle more variety and more volume of data, then people quickly realize how much potential they have in the other data outside of the financial reporting data that they can utilize too. So, some of the pioneers leverage that and actually improved a lot in their efficiency of operations, came out with innovation. You know, GE comes to mind as one of the companies that actually leverage data early on, and number of other companies. Obviously, you look at today data has been, it's defining some of the multi-billion dollar company and all they have is data. >> Well, Facebook, Google, Amazon, Microsoft. >> Exactly. >> Apple, I mean Apple obviously makes stuff, but those other companies, they're data companies. I mean largely, and those five companies have the highest market value on the U.S. stock exchange. They've surpassed all the other big leaders, even Berkshire Hathaway. >> So now, what is happening is because the market changes, the forces that are changing the behavior of our consumers and customers, which I talked about which is everyone now is digitally engaging with each other. What that does is all the experiences now are being captured digitally, all the services are being captured digitally, all the products are creating a lot of digital exhaust of data and so now companies have to pay attention to engage with their customers and partners digitally. Therefore, they have to make sure that they're leveraging data and analytics in doing so. The other thing that has changed is the time to decision to the time to act on the data inside that you get is shrinking, and shrinking, and shrinking, so a lot more decision-making is now going real time. Therefore, you have a situation now, you have the capability, you have the technology, you have the data now, you have to make sure that you convert that in what I call programmatic kind of data decision-making. Obviously, there are people involved in more strategic decision-making. So, that's more manual, but at the operational level, it's going more programmatic decision-making. >> Okay, I want to talk, By the way, I've seen a stat, I don't know if you can confirm this, that 80% of the data that's out there today is dark data or it's data that's behind a firewall or not searchable, not open to Google's crawlers. So, there's a lot of value there-- >> So, I would say that percent is declining over time as companies have realized the value of data. So, more and more companies are removing the silos, bringing those dark data out. I think the key to that is companies being able to value their data, and as soon as they are able to value their data, they are able to leverage a lot of the data. I still believe there's a large percent still not used or accessed in companies. >> Well, and of course you talked a lot about data monetization. Doug Laney, who's an expert in that topic, we had Doug on a couple years ago when he, just after, he wrote Infonomics. He was on yesterday. He's got a very detailed prescription as to, he makes strong cases as to why data should be valued like an asset. I don't think anybody really disagrees with that, but then he gave kind of a how-to-do-it, which will, somewhat, make your eyes bleed, but it was really well thought out, as you know. But you talked a lot about data monetization, you talked about a number of ways in which data can contribute to monetization. Revenue, cost reduction, efficiency, risk, and innovation. Revenue and cost is obvious. I mean, that's where the starting point is. Efficiency is interesting. I look at efficiency as kind of a doing more with less but it's sort of a cost reduction, but explain why it's not in the cost bucket, it's different. >> So, it is first starts with doing what we do today cheaper, better, faster, and doing more comes after that because if you don't understand, and data is the way to understand how your current processes work, you will not take the first step. So, to take the first step is to understand how can I do this process faster, and then you focus on cheaper, and then you focus on better. Of course, faster is because of some of the market forces and customer behavior that's driving you to do that process faster. >> Okay, and then the other one was risk reduction. I think that makes a lot of sense here. Actually, let me go back. So, one of the key pieces of it, of efficiency is time to value. So, if you can compress the time, or accelerate the time and you get the value that means more cash in house faster, whether it's cost reduction or-- >> And the other aspect you look at is, can you automate more of the processes, and in that way it can be faster. >> And that hits the income statement as well because you're reducing headcount cost of your, maybe not reducing headcount cost, but you're getting more out of different, out ahead you're reallocating them to more strategic initiatives. Everybody says that but the reality is you hire less people because you just automated. And then, risk reduction, so the degree to which you can lower your expected loss. That's just instead thinking in insurance terms, that's tangible value so certainly to large corporations, but even midsize and small corporations. Innovation, I thought was a good one, but maybe you could use an example of, give us an example of how in your career you've seen data contribute to innovation. >> So, I'll give an example of oil and gas industry. If you look at speed of innovation in the oil and gas industry, they were all paper-based. I don't know how much you know about drilling. A lot of the assets that goes into figuring out where to drill, how to drill, and actually drilling and then taking the oil or gas out, and of course selling it to make money. All of those processes were paper based. So, if you can imagine trying to optimize a paper-based innovation, it's very hard. Not only that, it's very, very by itself because it's on paper, it's in someone's drawer or file. So, it's siloed by design and so one thing that the industry has gone through, they recognize that they have to optimize the processes to be better, to innovate, to find, for example, shale gas was a result output of digitizing the processes because otherwise you can't drill faster, cheaper, better to leverage the shale gas drilling that they did. So, the industry went through actually digitizing a lot of the paper assets. So, they went from not having data to knowingly creating the data that they can use to optimize the process and then in the process they're innovating new ways to drill the oil well cheaper, better, faster. >> In the early days of oil exploration in the U.S. go back to the Osage Indian tribe in northern Oklahoma, and they brilliantly, when they got shuttled around, they pushed him out of Kansas and they negotiated with the U.S. government that they maintain the mineral rights and so they became very, very wealthy. In fact, at one point they were the wealthiest per capita individuals in the entire world, and they used to hold auctions for various drilling rights. So, it was all gut feel, all the oil barons would train in, and they would have an auction, and it was, again, it was gut feel as to which areas were the best, and then of course they evolved, you remember it used to be you drill a little hole, no oil, drill a hole, no oil, drill a hole. >> You know how much that cost? >> Yeah, the expense is enormous right? >> It can vary from 10 to 20 million dollars. >> Just a giant expense. So, now today fast-forward to this century, and you're seeing much more sophisticated-- >> Yeah, I can give you another example in pharmaceutical. They develop new drugs, it's a long process. So, one of the initial process is to figure out what molecules this would be exploring in the next step, and you could have thousand different combination of molecules that could treat a particular condition, and now they with digitization and data analytics, they're able to do this in a virtual world, kind of creating a virtual lab where they can test out thousands of molecules. And then, once they can bring it down to a fewer, then the physical aspect of that starts. Think about innovation really shrinking their processes. >> All right, well I want to say this about clouds. You made the statement in your keynote that how many people out there think cloud is cheaper, or maybe you even said cheap, but cheaper I inferred cheaper than an on-prem, and so it was a loaded question so nobody put their hand up they're afraid, but I put my hand up because we don't have any IT. We used to have IT. It was a nightmare. So, for us it's better but in your experience, I think I'm inferring correctly that you had meant cheaper than on-prem, and certainly we talked to many practitioners who have large systems that when they lift and shift to the cloud, they don't change their operating model, they don't really change anything, they get a bill at the end of the month, and they go "What did this really do for us?" And I think that's what you mean-- >> So what I mean, let me make it clear, is that there are certain use cases that cloud is and, as you saw, that people did raise their hand saying "Yeah, I have use cases where cloud is cheaper." I think you need to look at the whole thing. Cost is one aspect. The flexibility and agility of being able to do things is another aspect. For example, if you have a situation where your stakeholder want to do something for three weeks, and they need five times the computing power, and the data that they are buying from outside to do that experiment. Now, imagine doing that in a physical war. It's going to take a long time just to procure and get the physical boxes, and then you'll be able to do it. In cloud, you can enable that, you can get GPUs depending on what problem we are trying to solve. That's another benefit. You can get the fit for purpose computing environment to that and so there are a lot of flexibility, agility all of that. It's a new way of managing it so people need to pay attention to the cost because it will add to the cost. The other thing I will point out is that if you go to the public cloud, because they make it cheaper, because they have hundreds and thousands of this canned CPU. This much computing power, this much memory, this much disk, this much connectivity, and they build thousands of them, and that's why it's cheaper. Well, if your need is something that's very unique and they don't have it, that's when it becomes a problem. Either you need more of those and the cost will be higher. So, now we are getting to the IOT war. The volume of data is growing so much, and the type of processing that you need to do is becoming more real-time, and you can't just move all this bulk of data, and then bring it back, and move the data back and forth. You need a special type of computing, which is at the, what Amazon calls it, adds computing. And the industry is kind of trying to design it. So, that is an example of hybrid computing evolving out of a cloud or out of the necessity that you need special purpose computing environment to deal with new situations, and all of it can't be in the cloud. >> I mean, I would argue, well I guess Microsoft with Azure Stack was kind of the first, although not really. Now, they're there but I would say Oracle, your former company, was the first one to say "Okay, we're going to put the exact same infrastructure on prem as we have in the public cloud." Oracle, I would say, was the first to truly do that-- >> They were doing hybrid computing. >> You now see Amazon with outposts has done the same, Google kind of has similar approach as Azure, and so it's clear that hybrid is here to stay, at least for some period of time. I think the cloud guys probably believe that ultimately it's all going to go to the cloud. We'll see it's going to be a long, long time before that happens. Okay! I'll give you last thoughts on this conference. You've been here before? Or is this your first one? >> This is my first one. >> Okay, so your takeaways, your thoughts, things you might-- >> I am very impressed. I'm a practitioner and finding so many practitioners coming from so many different backgrounds and industries. It's very, very enlightening to listen to their journey, their story, their learnings in terms of what works and what doesn't work. It is really invaluable. >> Yeah, I tell you this, it's always a highlight of our season and Gokula, thank you very much for coming on theCUBE. It was great to see you. >> Thank you. >> You're welcome. All right, keep it right there everybody. We'll be back with our next guest, Dave Vellante. Paul Gillin is in the house. You're watching theCUBE from MIT. Be right back! (upbeat techno music)

>> Announcer: Live from Washington D. C., it's the CUBE. Covering .conf2017. Brought to you by Splunk. (electronic music) >> Welcome back to the nation's capitol everybody. This is the CUBE, the leader in live tech coverage. And we're here at day two covering Splunk's .conf user conference #splunkconf17, and my name is Dave Vellante, I'm here with with co-host, George Gilbert. As I say, this is day two. We just came off the keynotes. I'm over product orientation today. George, what I'd like to do is summarize the day and the quarter that we've had so far, and then bring you into the conversation and get your opinion on what you heard. You were at the analyst event yesterday. I've been sitting in keynotes. We've been interviewing folks all day long. So let me start, Splunk is all about machine data. They ingest machine data, they analyze machine data for a number of purposes. The two primary use cases that we've heard this week are really IT, what I would call operations management. Understanding the behavior of your systems. What's potentially going wrong, what needs to be remediated. to avoid an outage or remediate an outage. And of course the second major use case that we've heard here is security. Some of the Wall Street guys, I've read some of the work this morning. Particularly Barclays came out with a research note. They had concerns about that, and I really don't know what the concerns are. We're going to talk about it. I presume it's that they're looking for a TAM expansion strategy to support a ten billion dollar valuation, and potentially a much higher valuation. It's worth noting the conference this year is 7,000 attendees, up from 5,000 last year. That's a 40% increase, growing at, or above actually, the pace of revenue growth at Splunk. Pricing remains a concern for some of the users that I've talked to. And I want to talk to you about that. And then of course, there's a lot of product updates that I want to get into. Splunk Enterprise 7.0 which is really Splunk's core analytics platform ITSI which is what I would, their 3.0, which I would call their ITOM platform. UBA which is user behavior analytics 4.0. Updates to Splunk Cloud, which is a service for machine data in the cloud. We've heard about machine learning across the portfolio, really to address alert fatigue. And a new metrics engine called Mstats. And of course we heard today, enterprise content security updates and many several security-oriented solutions throughout the week on fraud detection, ransomware, they've got a deal with Booz Allen Hamilton on Cyber4Sight which is security as a service that involves human intelligence. And a lot of ecosystem partnerships. AWS, DellEMC was on yesterday, Atlassian, Gigamon, et cetera, growing out the ecosystem. That's a quick rundown, George. I want to start with the pricing. I was talking to some users last night before the party. You know, "What do you like about Splunk? "What don't you like about Splunk? "Are you a customer?" I talked to one prospective customer said, "Wow, I've been trying to do "this stuff on my own for years. "I can't wait to get my hands on this." Existing customers, though, only one complaint that I heard was your price is to high, essentially is what they were telling Splunk. Now my feeling on that, and Raymo from Barclays mentioned that in his research note this morning. Raymo Lencho, top securities analyst following software industry. And my feeling George is that historically, "Your price is too high," has never been a headwind for software companies. You look at Oracle, you look at ServiceNow, sometimes customers complain about pricing too high. Splunk, and those companies tend to do very well. What's your take on pricing as a headwind or tailwind indicator? >> Well the way, you always set up these questions in a way that makes answering them easy. Because it's a tailwind in the sense that the deal sizes feed an enterprise sales force. And you need an enterprise sales force ultimately to be pervasive in an organization. 'Cause you can't just throw up like an Amazon-style console and say, "Pick your poison and put it all together." There has to be an advisory, consultative approach to working with a customer to tell them how best to fit their portfolio. >> Right. >> And their architecture. So yes, the price helps you feed that what some people in the last era of enterprise software used to call the most expensive migratory workforce in the world., which is the sales, enterprise sales organization. >> Sure, right. >> But what's happened in the different, in the change from the last major enterprise applications, ERPCRM, and what we're getting into now, is that then the data was all generated and captured by humans. It was keyboard entry. And so there was no, the volumes of data just weren't that great. It was human, essentially business transactions. Now we're capturing data streaming off everything. And you could say Splunk was sort of like the first one out of the gate doing that. And so if you take the new types of data, customer interactions, there are about ten to a hundred customer interactions for every business transaction. Then the information coming out of the IT applications and infrastructure. It's about ten to a hundred times what the customer interactions were. >> Yeah. >> So you can't price the, Your pricing model, if it stays the same will choke you. >> So you're talking about multiple orders of magnitude >> Yes. >> Of more data. >> Yeah. >> And if you're pricing by the terabyte, >> Right. >> Then that's going to cross your customers. >> Right. But here's what I would argue though George. I mean, and you mentioned AWS. AWS is another one where complaints of high pricing. But if, to me, if the company is adding value, the clients will pay for it. And when you get to the point where it becomes a potential headwind, the company, Oracle is a classic at this, will always adjust its pricing to accommodate both its needs as a public organization and a company that has to make money and fund R & D, and the customers needs, and find that balance where the competition can't get in. And so it seems to me, and we heard this from Doug Merritt yesterday, that his challenge is staying ahead of the game. Staying, moving faster than the cloud guys. >> Yeah. >> In what they do well. And to the extent that they do that, I feel like their customers will reward them with their loyalty. And so I feel as though they can adjust their pricing mechanisms. Yeah, everybody's worried about 606, and of course the conversions to subscriptions. I feel as though a high growth, and adjustments to your pricing strategy, I think can address that. What do you think about that? >> It's... It sounds like one of those sayings where, the friends say, "Well it works in practice, "but does it work in theory?" >> No, no. But it has worked in practice in the industry hasn't it? So what's different now? >> Okay. So take Oracle, at list price for Oracle 12C, flagship database. The price per processor core, with all the features thrown in, is something like three hundred thousand, three hundred fifty thousand per core. So you take an average Intel high end server chip, that might have 24 cores, and then you have two sockets, so essentially one node server is 48 times 350. And then of course, Oracle will say, "But for a large customer, we'll knock 90% off that," or something like that. >> Yeah, well exactly. >> Which is exactly what the Splunk guys told me yesterday. But it's-- >> But that's what I'm saying. They'll do what they have to do to maintain the footprint in the customer, do right by the customer, and keep the competition out. >> But if it's multiple orders of magnitude different. If you take the open source guys where essentially the software's free and you're just paying for maintenance. >> (laughs) Yeah and humans. >> Yeah, yeah. >> Okay, that's the other advantage of Splunk, as you pointed out yesterday, they've got a much more integrated set of offerings and services that dramatically lower. I mean, we all know the biggest cost of IT is people. It's not the hardware and software but, all right, I don't want to rat hole on pricing, but that was a good discussion. What did you learn yesterday? You've sat through the analyst meeting. Give us the rundown on George Gilbert's analysis of .conf generally and Splunk as a company specifically. >> Okay, so for me it was a bit of an eye opener because I got to understand sort of, I've always had this feeling about where Splunk fits relative to the open source big data ecosystem. But now I got a sense for what their ambitions are, and what their tactical plan is. I've said for awhile, Splunk's the anti-Hadoop. You know, Hadoop is multiple, sort of dozens of animals with three zookeepers. And I mean literally. >> Yeah. >> And the upside of that is, those individual projects are advancing with a pace of innovation that's just unheard of. The problem is the customer bears the burden of putting it all together. Splunk takes a very different approach which is, they aspire apparently to be just like Hadoop in terms of platform for modern operational analytic applications, but they start much narrower. And it gets to what Ramie's point was in that Wall Street review, where if you take at face value what they're saying, or you've listened just to the keynote, it's like, "Geez, they're in this IT operations ghetto, "in security and that's a La Brea tar pit, "and how are they ever going to climb out of that, "to something really broad?" But what they're doing is, they're not claiming loudly that they're trying to topple the giants and take on the world. They're trying to grow in their corner where they have a defensible moat. And basically the-- >> Let me interrupt you. >> Yeah. >> But to get to five billion >> Yeah. >> Or beyond, they have to have an aggressive TAM expansion strategy, kind of beyond ITOM and security, don't they? >> Right. And so that's where they start generalizing their platform. The data store they had on the platform, the original one, is kind of like a data lake in the sense that it really was sort of the same searchable type index that you would put under a sort of a primitive search engine. They added a new data store this time that handles numbers really well and really fast. That's to support the metrics so they can have richer analytics on the dashboard. Then they'll have other data stores that they add over time. And for each one, you're able to now build with their integrated tool set, more and more advanced apps. >> So you can't use a general purpose data store. You've got to use the Splunk within data. It's kind of like Work Day. >> Yeah, well except that they're adding more over time, and then they're putting their development tools over these to shield them. Now how seamlessly they can shield them remains to be seen. >> Well, but so this is where it gets interesting. >> Yeah. >> Splunk as a platform, as an application development platform on which you can build big data apps, >> Yeah. >> It's certainly, conceptually, you can see how you could use Splunk to do that right? >> And so their approaches out of the box will help you with enterprise security, user, they call it user behavior analytics, because it's a term another research firm put on it, but it's really any abnormal behavior of an entity on the network. So they can go in and not sell this fuzzy concept of a big data platform. They said, they go in and sell, to security operations center, "We make your life much, much easier. "And we make your organization safer." And they call these curated experiences. And the reason this is important is, when Hadoop sells, typically they go in, and they say, "Well, we have this data lake. "which is so much cheaper and a better way "to collect all your data than a data warehouse." These guys go in and then they'll add what more and more of these curated experiences, which is what everyone else would call applications. And then the research Wikibon's done, depth first, or rather breadth first versus depth first. Breadth first gives you the end to end visibility across on prem, across multiple clouds, down to the edge. But then, when they put security apps on it, when they put dev ops or, some future big data analytics apps as their machine learning gets richer and richer, then all of a sudden, they're not selling the platform, because that's a much more time-intensive sale, and lots more of objectives, I'm sorry, objections. >> It's not only the solutions, those depth solutions. >> Yes, and then all of a sudden, the customer wakes up and he's got a dozen of these things, and all of a sudden this is a platform. >> Well, ServiceNow is similar in that it's a platform. And when Fred Luddy first came out with it, it's like, "Here." And everybody said, "Well, what do I do with it?" So he went back and wrote a IT service management app. And they said, "Oh okay, we get it." Splunk in a similar way has these depth apps, and as you say, they're not selling the platform, because they say, "Hey, you want to buy a platform?" people don't want to buy a platform, they want to buy a solution. >> Right. >> Having said that, that platform is intrinsic to their solutions when they deliver it. It's there for them to leverage. So the question is, do they have an application developer kit strategy, if you will. >> Yeah. >> Whether it's low code or even high code. >> Yeah. >> Where, and where they're cultivating a developer community. Is there anything like that going on here at .conf? >> Yeah, they're not making a big deal about the development tools, 'cause that makes it sound more like a platform. >> (laughs) But they could! >> But they could. And the tools, you know, so that you can build a user interface, you can build dashboards, you can build machine learning models. The reason those tools are simpler and more accessible to developers, is because they were designed to fit the pieces underneath, the foundation. Whereas if you look at some of the open source big data ecosystem, they've got these notebooks and other tools where you address one back end this way, another back end that way. It's sort of, you know, you can see how Frankenstein was stitched together, you know? >> Yeah so, I mean to your point, we saw fraud detection, we saw ransomware, we see this partnership with Booz Allen Hamilton on Cyber4Sight. We heard today about project Waytono, which is unified monitoring and troubleshooting. And so they have very specific solutions that they're delivering, that presumably many of them are for pay. And so, and bringing ML across the platform, which now open up a whole ton of opportunities. So the question is, are these incremental, defend the base and then grow the core solutions, or are they radical innovations in your view? >> I think they're trying to stay away from the notion of radical innovation, 'cause then that will create more pushback from organizations. So they started out with a google-search-like product for log analytics. And you can see that as their aspirations grow for a broader set of applications, they add in a richer foundation. There's more machine learning algorithms now. They added that new data store. And when we talked about this with the CEO, Doug Merritt yesterday at the analyst day, he's like, "Yes, you look out three to five years, "and the platform gets more and more broad. "and at some point customers wake up "and they realize they have a new strategic platform." >> Yeah, and platforms do beat products, and even though it's hard sell, if you have a platform like Splunk does, you're in a much better strategic position. All right, we got to wrap. George thanks for joining me for the intro. I know you're headed to New York City for Big Data NYC down there, which is the other coverage that we have this week. So thank you again for coming on. >> Okay. >> All right, keep it right there. We'll be back with our next guest, we're live. This is the CUBE from Splunk .conf2017 in the nation's capitol, be right back. (electronic music)