>>From London, England. It's the cube covering Koopa inspire 19 brought to you by Cooper. >>Hey, welcome to the cube. At least the Martin on the ground in London, a Coupa inspire 19 and I'm really excited to be joined by my last guest of the day. Save the best for last. We have Roger Hamoud, the EVP of products from Kupo Russia. Welcome back to the program. Thank you for having me. Thanks for coming here. Of course, it's been great. We've had a, we've had a great day. Lots of buzz and excitement in the expo hall. The lights are jammed. It's happy hours. Happy hour for time for the Q during happy hour. So I know your keynote is tomorrow, so we'll get to that since we won't cover that. But talk to me about some of the new product innovations that Cuba announced today. The last time we spoke at inspire Las Vegas was only a few months ago. So what's new? Wow. A lot is new. It's, it's hard to believe. >>It's only been three months since then. It's been so close. Um, we very much continue our, um, focus on our community. Powered, uh, capabilities. Uh, this has been an incredible focus for us. Uh, so most recently we've added to all of the announcements we talked about at, uh, Vegas, uh, the, um, next waves of source together the opportunity to bring our community to come and source, uh, using their collective spent power and lots of new enhancements in that area. And also we're taking our supplier insights to the next level. One of the exciting capabilities our customers loved is that being part of a community member, I can come in and I can look at insights across all of my suppliers, uh, from the entire community. What we have, we've been working with them on is constantly adding more and more information to that. So now we have diversity data. >>So you can come in and you can search for suppliers that meet your women. Exactly. Exactly. Those are increasingly becoming more and more important. And then we can help companies source with the right suppliers much more easily right off the bat. Um, other areas that we've announced today was a coupon pay for expenses in early access program. Uh, we also announced invoice thing. Um, going on GA, when we talked in Vegas, it was still in the early access program, uh, capabilities and opening up our platform, Coupa as a platform. >> Uh, tell me about that, cause I wasn't quite clear when Rob was talking about it this morning. I thought I wanna dig in that with you. Kupa as a platform. What is that? What does it look like? So what's exciting about this is, so from our inception as a company, we were always had this old in Cooper about being open as an ally for the entire ecosystem that our customers might have. >>Our vision has always been, we want to be the, ultimately the business screen for everything business spend management related for our customers. So over years we kept taking the level of openness with our partners through different, um, different levels. If you say, if you will, for example, we started with just integrations in the beginning and we certify these integrations with coupon link. Um, we've taken it most recently where we allow partners to embed their mini apps within Cooper. So, for example, um, you can see in one of our partners EcoVadis now they have the capability to embed their supplier diversity data sustainability data right on the supplier record. Okay. And what's beautiful about this is that our customers, when they look at it, it looks a one beautiful unified experience and bringing all the data in context for what they want. Um, today, this morning, uh, Rob shared one example from Amadeus for, uh, trip integrations. >>So right on the homepage, I can see right within Cooper, I can see all their bookings that I've done with the travel provider, Mike pre-approvals, expense reports, all within one unified experience. But ultimately where we want to take coop as a platform is to become this app directory that, uh, third party partners and platform developers start building applications to extend Copa to bring more choice and value to our customers. Okay. Wow. Is that one of the things I saw Rob shared this morning was integration with Slack. Yes. So business folks can review, approve, or reject, like expenses for example, right from within Slack without even having to go into the platform. Yes, yes. That you hit on a very important concept, which we call the best UI is no UI in many ways. And the idea there is um, we always put ourselves in the user's shoes and ask ourselves how do we get them what they need with the least friction? >>In some cases that might involve a user experience because you need to ask them questions and make cases. We can automate the whole thing. So we just do it. And in many cases it means we go to them to where they are such as in Slack, I'm going to ask you to leave Slack, go somewhere else right then and there you should be able to approve or reject why you have to go anywhere else. Is that what, what Cuba means by no UI is the best UI, correct. Best UI is no UI. So ultimately wherever there is effort, we, we want to involve people only when they need to add value. That's it. And as much as we're able to automate, that's great. So we take that off of their table and we also adjust to the type of experience they need. Sometimes just a text message is enough sometimes to bring the data to me into a collaboration applications that I want. >>Um, sometimes we, we help them approve right from, um, a button. You don't even go into Kupa in order to do that. So always thinking of how we drive adoption, drive adoption. And it's an important concept, not just on the employee side of companies, it's even more so on the supplier side as well. Now when you think of any or like large organizations, they have tens of thousands of thousands of suppliers, many have hundreds of thousand suppliers. And the supplier ecosystem is everything from very small contractor, mom and pop shop, maybe two people or even one person all the way to very, very large companies. Okay. So as you look at that whole spectrum, you have to really think what does every audience need? And so in many cases, these people, um, they may need to do everything very quickly straight from an email without having to remember a user ID and a password to log into something. >>So eliminates friction at every step of the process for them. Wow. So let's talk about that Vic community insights. As we look at some of the, uh, the data that KUKA has gotten from finance leaders of the UK, that was like a survey that you guys, yes, I did recently have 253 decision makers and finance and some of the numbers were glaring. Like, wow, 96% of these decision makers said we don't have complete visibility correct. Of all of our spent. And then I was talking to a customer today who said, we've got now gotten 95% of all of our business men going through Coupa and that was within less than a year. Yes. So the opportunity there to deliver that visibility and those insights back to the community is, is pumped, is incredibly exciting. It's incredibly exciting. We're starting to see more and more the sentiment that's in key, loud and clear and um, by working constantly on the AE, the accelerated and coupon, we work on getting more and more of the spend for each and every customer under management. >>Um, we, when we start to projects for customers right off the bat, uh, we use our AI classification tools before they even start with Copa, where we start helping them get visibility onto all of their existing spent so that as they start into their Coupa journey, they are always looking at it holistically. Okay. So we know them, realize all of that data and provide them insights and reports right off the bat as well. Tell me about the customer interactions that you have as the EVP of product, lot of customers on the platform, a lot of data there. How are customers influential? Yes, yes. The direction. Like for example, you know, obviously I won't give a secret sauce, but for Cooper inspire 20, 20, what are some of the things that we might see customers influencing in terms of your roadmap that direction? Partnerships? Yes. Yes. >>Um, in general, the way, um, we've always worked, uh, at Coupa with our customers and we call them like our community members really is an inc very incredibly tight partnership. Um, we have three releases a year, January, may and September. Each of them packed with roughly about anywhere 72, 19 new features and capabilities. And all of these capabilities are touched either conceived by customers, with customers or touched by customers in the form of working with them on early access validation and all of that. And for me, one of my most favorite things I get to enjoy about working in SAS and, and uh, being at Cooper is that as soon as you are rolling out these capabilities and turning them on in the cloud, customers are using them. So even though like for example right now my entire team has just finished the walkthroughs of all our may release for inspire. >>And when we come back from this trip, uh, we will start the, you know, the, these, the design and, and um, definition. Um, often we might hear of new requirements that might come up and because we are InsightSquared able to, um, here at just what it makes sense and actually be incredibly responsive to what we see. >> How do you do that? How do you look through all the different responses and correlate that data and determine what makes sense to stack? Rank in terms of priorities for new features and new capabilities. So it's definitely an art and a science for sure. Um, but there's a framework that, uh, we follow, uh, since the beginning and we continue to follow and continues to serve us really well. Uh, which is always balancing between three drivers of customers, market and innovation. So the customer one is the obvious one of course, where and many events like this and one on ones and online community. >>We're talking to customers and they're specifically coming and asking for help in areas. Now, we may not build the feature exactly as they asked, but we listened to the pain beneath it and late using the latest technologies, we think of what is the best approach to solve the real pain that they have. So that's one part of the planning for every release cycle. The other is overall market. So for example, as we grow into more regions, uh, newer areas, new spend categories, um, new adjacent powered applications that our customers are needing, um, we started expanding in that area as well. Um, for example, we, right now in London, um, a lot of, uh, when I joined Cooper back in 2012, uh, we were just starting the, uh, entry into the, uh, Mel market and a lot of the product capabilities were market driven in the sense that we were spending a lot of time on compliance and different regulations and all of that. >>And the third is innovation. And what is always one of the things as we bring people on board at Cooper and talk about the framework, um, innovation for us is what we call pragmatic innovation. And it's comes from deep understanding what are the customer problems, what are the market problems? And then we ask ourselves using everything, the latest technologies, what is the best way? So you'll never hear us talk about AI for AI sake and blockchain and all of that would always talking about do we deeply understand the problem and what is the most appropriate? Um, so we call them CMI customer innovation. Uh, within my products organization, every product managers usually has a vision for their product and they have a full release roadmap. And in each full release roadmap, they are listing things as C M I in many cases the same capability is C and M and I, so it becomes an art and a science of balancing those types of things. >>But ultimately when we look at our collective release of CMI, we're asking ourselves, how much does this release accelerate the success goals of our customers? Right. And generally that's the framework that we use. Yeah, that's fantastic. Thank you for explaining that. In terms of acceleration, some of the numbers that Rob shared this morning, we're, I think your customers are collectively approving invoices 30% faster than last year. I said medium, mid size market, customers are getting lot going live on Kupa in about four months. Correct. And mid large enterprises and about eight months. So. Right. And I've talked to a number of customers today about the speed of which they're able to get onto the platform and actually start seeing business value. So that's a free coupon for acceleration was well dissected today. Yes. Yes. It's definitely, yeah. Um, these are the vision areas that Rob talked about today. >>And in each of these vision areas, we're always asking ourselves, how do we continue to accelerate? So that's actually how one of the ideas was born around the turtle is I'm the hair, which is we want to accelerate cycle times, cycle times, and what are the different ways we can do this? What can we borrow from um, the, uh, our consumer lives to do this? And that's where the game unification came. Yes. And sure enough, it was one of those things that got people super excited and, and they're putting more attention into it. Well, the consumer side of our lives is we're so demanding because we can get anything that we want. We can buy products and services, we can pay bills with a clicker swipe. And so the B to C side from a payments perspective has innovated far more rapidly than the B2B side has. >>Correct. A lot more challenged there on the B2B side. But as consumers, we want a simple experience. One of the customers I spoke to who said when he was looking for technology, he's on what something that looks like Amazon marketplace. Yeah. Because from an adoption perspective, my teams will understand it. You so that the consumerization always interests me because we are those pretty much, you know, 12 plus hours a day and to see how software companies like KUKA are taking and meeting the needs of those customers, obviously it's not an overnight process. It gets people excited. It gets its absolutely is you right. That always fascinated me also how I've seen so many companies, um, like people almost have two personalities. Like they go into their personal life, they have a personality, they go into their professional lives and like, Oh, it's okay. It's like a backend system. >>This and this and this. Um, but increasingly the new generation is no longer tolerating and the drive is starting to just go find those shifts that happen changing, right? Yes, yes. But I can't, if I can have this in my personal life, then I need to be able to transact. Exactly. Exactly. Why does it take 45 days? Exactly. Exactly. Five days. Um, so last question for you. Since your keynote is tomorrow. Yes. What are some of the strategic visionary elements that you're going to leave the audience with? So I'm going to leave the audience with the key pillars of our strategy. Um, latest innovations we've done towards them and where we are taking them in the years ahead. One of the things I've always done over the years at inspire is we always share at preview of what, um, the community has been talking to us about and we're working with. >>And usually at the end of it, a lot of new community members might come in and ask to participate in some of the development because it means a lot to them for their own business. And then usually by the following inspire, we start showing these things actually live and, and, um, executed on. So the, um, the three strategic pillars I'll be sharing and talking about are all around the pipe that Trump talked about. Yep. How do I capture more and more spend under management? So we'll be talking about the consumerizing experiences voice using voice use Copa using facial recognition in Cooper. Uh, we'll be talking about new concepts around travel, around the group card school, applying all of it around the theme, focused on the um, end users and delight them, blow them away with consumer experiences. And then now that we do all of that, we can jump into the power users because we are increasing that spend under management. >>The theme by far is all around suite synergy suite synergy. So we seriously, this doesn't exist in the market. The market overall was all siloed applications. We're creating a new category and we've created these beautiful, elegant flows for our customers today. But there's also a wonderful long journey ahead in what we are taking up. Well maybe we'll get to talk about synergy at inspire 20 slowly. I will, we would love to have you again. Excellent. We're going to in Vegas for the afternoon. Best of luck in your keynote tomorrow and we'll see you the next inspire. Thank you. My pleasure. Thanks for Raja Hamoud. I, I'm Lisa Martin. You're watching the cube from Coupa inspire 19 from London. Bye for now.

>> John Furrier: Hello, welcome back to theCUBE's coverage of Cloud Native Security Con 2023 North America the inaugural event. I'm John Furrier, host of theCUBE, along with Dave Alonte and Lisa Martin covering from the studio. But we have on location Emmy Eide, who is with Red Hat, director of Supply Chain Security. Emmy, great to have you on from location. Thanks for joining us. >> Emmy Eide: Yeah, thank you. >> So everyone wants to know this event is new, it's an aural event, cloud native con, coup con. Very successful. Was this event successful? They all want to know what's going on there. What's the vibe? What's the tracks like? Is it different? Why this event? Was it successful? What's different? >> Yeah, I've really enjoyed being here. The food is wonderful. There's also quite a few vendors here that are just some really cool emerging technologies coming out and a lot from open source, which is really cool to see as well. The talks are very interesting. It's really, they're very diverse in subject but still all security related which is really cool to see. And there's also a lot of different perspectives of how to approach security problems and the people behind them, which I love to see. And it's very nice to hear the different innovative ideas that we can go about doing security. >> We heard from some startups as well that they're very happy with the, with the decision to have a dedicated event. Red Hat is no stranger to open source. Obviously coup con, you guys are very successful there in cloud native con, Now the security con. Why do you think they did this? What's the vibe? What's the rationale? What's your take on this? And what's different from a topic standpoint? >> For non-security specific like events? Is that what you mean? >> What's different from coup con, cloud native con, and here at the cloud native security con? Obviously security's the focus. Is it just deeper dives? Is it more under the hood? Is it root problems or is this beyond Kubernetes? What's the focus, I guess. People want to know, you know, why the new event? >> I mean, there's a lot of focus on supply chain security, right? Like that's the hot topic in security right now. So that's been a huge focus. I can't speak to the differences of those other conferences. I haven't been able to attend them. But I will say that having a security specific conference, it really focuses on the open community and how technology is evolving, and how do you apply security. It's not just talking about tools which I think other conferences tend to focus on just the tools and you can really, I think, get lost in that as someone trying to learn about security or trying to even implement security, but they talk about what it takes to implement those tools, What's behind the people behind implementing those tools? >> Let's get into some of the key topics that we've identified and get your reaction. One, supply chain security, which I know you'll give a lot of commentary on 'cause that's your focus. Also we heard, like, Liz Rice talking about the extended Berkeley packet filtering. Okay, that's big. You know, your root kernel management, that's big. Developer productivity was kind of implied around removing the blockers of security, making it, you know, more aligned with developer first mentality. So that seems to be our takeaway. What's your reaction to those things? You see the same thing? >> I don't have a specific reaction to those things. >> Do you see the same thing happening on the ground there? Are they covering supply? >> Oh, yeah. >> Those three things are they the big focus? >> Yeah. Yeah, I think it's all of those things kind of like wrapped into one, right? But yeah, there's... I'm not sure how to answer your question. >> Well, let's jump into supply chain for instance. 'Cause that has come up a lot. >> Sure. >> What's the focus there on the supply chain security? Is it SBOMs? Is it the container security? What's the key conversations and topics being discussed around supply chain security? >> Well, I think there's a lot of laughter around SBOM right now because no one can really define it, specifically, and everyone's talking about it. So there's, there's a lot more than just the SBOM conversation. We're talking about like full end-to-end development process and that whole software supply chain that goes with it. So there's everything from infrastructure, security, all the way through to like signing transparency logs. Really the full gambit of supply chain, which is is really neat to see because it is such a broad topic. I think a lot of folks now are involved in supply chain security in some way. And so just kind of bringing that to the surface of what are the different people that are involved in this space, thinking about, what's on the top of their mind when it comes to supply chain security. >> How would you scope the order of magnitude of the uptick in supply chain attacks? Is it pretty heavy right now or is it, you know, people with the hair on fire or is it... What's the, give us the taste of the temperature in the room on the supply chain attacks? >> I think most of the folks who are involved in the space understand just that it's increasing. I mean, like, what is it? A 742% increase average annual year, year over year in supply chain attacks. So the amount of attacks increasing is a little daunting, right, for most of us. But it is what it is. So I think most of us right now are just trying to come together to say, "What are you doing that works? This is what I'm doing that works." And in all the different facets of that. 'cause I think we try to throw, we try to throw tools at a lot of problems and this problem is so big and broad reaching that we really are needing to share best practices as a community and as a security community. So this has been, this conference has been really great for that. >> Yeah, I've heard that a lot. You know, too many tools, not enough platform thinking, not enough architecture, needs some structure. Are you seeing any best practice around frameworks and structure around how to start getting in and and building out more of a better approach or posture? I mean, what's that, what's the, what's the state of the union for supply chain, how to handle that? >> Well, I talked about that a little bit in my my keynote that I gave, actually, which was about... And I've heard other other leaders talk about it too. And obviously it keyed my ear just because I'm so passionate about it, about partnership. So you know, empathetic security where the security team that's enforcing the policies, creating the policies, guidelines is working with the teams that are actually doing the production and the development, hand-in-hand, right? Like I can sit there and tell you, "Hey, you have all these problems and here's your security checklist or framework you need to follow." But that's not going to do them any good and it's going to create a ton of holes, right? So actually partnering with them helping them to understand the risks that are associated with their very specific need and use case, because every product has a different kind of quirk to it, right? Like how it's being developed. It might use a different tool and if I sit there and say, "Hey, you need to log on to this, you need to like make your tool work this platform over here and it's not compatible." I'm going to have to completely reframe how I'm doing productization. I need to know that as a security practitioner because me disrupting productization is not something that I should be doing. And I've heard a couple a couple of folks kind of talking about that, the people aspect behind how we implement these tools, the frameworks and the platforms, and how do we draw out risk, right? Like how do we talk about risk with these teams and really make them understand so it's part of their core culture in their understanding. So when they go back to their, when they go back and having to make decisions without me in the room they know they can make those business decisions with the risk as part of that decision. >> I love that empathetic angle because that's really going to, what needs to happen. It's not just, "Hey, that's your department, see you later." Or not even having a knowledge of the information. This idea of team construction, team management is a huge cultural shift. I'm sure the reaction was very positive. How do you explain that to an organization that's out there? Like how do you... what's the first three steps you got to take? Is there anything that you can share for advice people watch you saying, "Yeah we need to we need to change how our teams operate and interact with each other." >> Yeah, I think the first step is to take a good hard look at yourself. And if you are standing there on an ivory tower with a clipboard, you're probably doing it wrong. Check the box security is never going to be any way that works long term. It's going to take you a long time to implement any changes. At Red Hat, we did not look ourselves. You know, we've been doing a lot of great things in supply chain security for a while, but really taking that look and saying, "How can we be more empathetic leaders in the security space?" So we looked at that, then you say, "Okay, what is my my rate of change going to happen?" So if I need to make so many security changes explaining to these organizations, you're actually going to go faster. We improved our efficiency by 2000% just by doing that, just by creating this more empathetic. So why it seems like it's more hands-on, so it's going to be harder, it's easy to send out an email and say, "Hey, meet the security standard, right?" That might seem like the easy way 'cause you don't have time to engage. It's so much faster if you actually engage and share that message and have a a common understanding between the teams that like, "I'm here to deliver a product, so is the security team. The security team's here to deliver that same product and I want to help you do it in a trusted way." Right? >> Yeah. Dave Alonte, my co-host, was just on a session. We were talking together about security teams jumping on every team and putting a C on their jersey to be like the captain of the intramural team, and being involved, and it goes beyond just like the checklist, like you said, "Oh, I got the SBOM list of materials and I got a code scanning thing." That's not enough, is what we're hearing. >> No. >> Is there a framework or a methodology to go beyond that? You got the empathetic, that's really kind of team issue. You got to go beyond some of the tactical things. What's next beyond, you got the empathy and what's that framework structure when you say where you say anything there? >> So what do you do after you have the empathy, right? >> Yeah. >> I would say Salsa is a good place to start, the software levels. Supply chain levels for software artifacts. It's a mouthful. That's a really good maturity framework to start with. No matter what size organization you have, they're just going to be coming out here soon with version one. They release 0.1 a few months back. That's a really good place to give yourself a gut check of where you are in maturity and where you can go, what are best practices. And then there's the SSDF, which is the Secure Software Development framework. I think NIST wrote that one. But that is also a really, a really good framework and they map really well to each other, actually, When you work through Salsa, you're actually working through the SSDF requirements. >> Awesome. Well, great to have you on and great to get that that knowledge. I have to ask you like coup con, I remember when it started in Seattle, their first coup con events, right? Kind of small, similar to this one, but there's a lot of end user activities. Certainly the CNCF kind of was coming together like right after that. What's the end user activity like there this week? That seems to always been the driver of these events. It's a little bit organic. You got some of the key experts coming together, focus. Have you observed any end user activity in terms of contributions, participation? What's the story on the end user piece there? Is it heavy? Is it light? What's the... >> Um, yeah... It seems moderate. I guess somewhere in the middle. I would say largely heavy, but there's definitely participation. There is a lot of communing and networking happening between different organizations to partner together, which is important. But I haven't really paid attention much to like the Twitter side of this. >> Yeah, you've been busy doing the keynotes. How's Red Hat doing all this? You guys have been great positioned with the cloud native movement. Been following the Red Hat's moves since OpenStack days. Really good, good line of product, good open source, Mojo, of course. Good product mix, right, and relevant. Where's the security focus here? Obviously, you guys are clearly focused on security. How's the Red Hat story going on over there? >> There was yesterday a really good talk that explains that super well. It was given by a Red Hatter, connecting all of the open source projects we've been a part of and kind of explaining them. And obviously again, I'm keying in 'cause it's a supply chain kind of conversation, but I'd recommend that anyone who's going to go back and watch these on YouTube to check that one out just to see kind of how we're approaching the security space as well as how we contribute back to the community in that way. >> Awesome. Great to have you on. Final word, I'll give you the final word. What's the big buzz on supply chain? How would you peg the progress there? Feeling good about where things are? What's the current progress on supply chain security? >> I think that it has opened up a lot of doors for communication between security organizations that have tended to be closed. I'm in product security. Product securities, information securities tend to not speak externally about what we're doing. So you don't want to, you know, look bad or you don't want to expose any risk that we have, right? But it is, I think, necessary to open those lines of communication, to be able to start tackling this. It's a big problem throughout all of our industries, and if one supply chain is attacked and those products are used in someone else's supply chain, that can continue, right? So I think it's good. We have a lot of work to do as an industry and the advancements in technology is going to make that a little bit more complicated. But I'm excited for it. >> You can just throw AI at it. That's the big, everyone's doing AI. Just throw AI at it, it'll solve it. Isn't that the new thing? >> I do secure AI though. >> Super important. I love what you're doing there. Supply chain, open source needs, supply chain security. Open source needs this big time. It has to be there. Thank you for the work that you do. Really appreciate you coming on. Thank you. >> Yeah, thanks for having me. >> Yeah, good stuff. Supply chain, critical to open source growth. Open source is going to be the key to success in the future with automation and AI right around the corner. And that's important. This theCUBE covers from cloud native con, security con in North America, 2023. I'm John Furrier. Thanks for watching.

>>The cube presents, Coon and cloud native con Europe, 2022, brought to you by red hat, the cloud native computing foundation and its ecosystem partners. >>Welcome to Valencia Spain in Coon cloud native con 2022 Europe. I'm Keith Townsend, along with my cohot on Rico senior, Etti senior it analyst at gig home. We are talking to amazing people, creators people contributing to all these open source projects. Speaking of open source on Rico. Talk to me about the flavor of this show versus a traditional like vendor show of all these open source projects and open source based companies. >>Well, first of all, I think that the real difference is that this is a real conference. Hmm. So real people talking about, you know, projects about, so the, the open source stuff, the experiences are, you know, on stage and there are not really too many product pitches. It's, it's about, it's about the people. It's about the projects. It's about the, the challenges they had, how they, you know, overcome some of them. And, uh, that's the main difference. I mean, it's very educative informative and the kind of people is different. I mean, developers, you know, SREs, you know, you find ends on people. I mean, people that really do stuff that that's a real difference. I mean, uh, quite challenginghow discussing with them, but really, I mean, because they're really opinionated, but >>So we're gonna get talked to, to a company that has boosts on the ground doing open source since the, almost the start mm-hmm <affirmative> Kirsten newcomer, director of hybrid platform security at red hat and, uh, Connor Gorman, senior principal software engineer at red hat. So Kirsten, we're gonna start with you security and Kubernetes, you know, is Kubernetes. It's a, it's a race car. If I wanted security, I'd drive a minivan. <laugh> >>That's, that's a great frame. I think, I think though, if we stick with your, your car analogy, right, we have seen cars in cars and safety in cars evolve over the years to the point where you have airbags, even in, you know, souped up cars that somebody's driving on the street, a race car, race cars have safety built into, right. They do their best to protect those drivers. So I think while Kubernetes, you know, started as something that was largely, you know, used by Google in their environment, you know, had some perimeter based security as Kubernetes has become adopted throughout enterprises, as people. And especially, you know, we've seen the adoption accelerate during the pandemic, the move to both public cloud, but also private cloud is really accelerated. Security becomes even more important. You can't use Kubernetes in banking without security. You can't use it, uh, in automotive without security telco. >>And Kubernetes is, you know, Telco's adoption, Telco's deploying 5g on Kubernetes on open shift. Um, and, and this is just so the security capabilities have evolved over time to meet the customers and the adopters really red hat because of our enterprise customer base, we've been investing in security capabilities and we make those contributions upstream. We've been doing that really from the beginning of our adoption of Kubernetes, Kubernetes 1.0, and we continue to expand the security capabilities that we provide. And which is one of the reasons, you know, the acquisition of stack rocks was, was so important to us. >>And, and actually we are talking about security at different levels. I mean, so yeah, and different locations. So you are securing an edge location differently than a data center or, or, or maybe, you know, the cloud. So there are application level security. So there are so many angles to take this. >>Yeah. And, and you're right. I mean, I, there are the layers of the stack, which starts, you know, can start at the hardware level, right. And then the operating system, the Kubernetes orchestration all the services, you need to have a complete Kubernetes solution and application platform and then the services themselves. And you're absolutely right. That an edge deployment is different than a deployment, uh, on, you know, uh, AWS or in a private da data center. Um, and, and yet, because there is this, if you, if you're leveraging the heart of Kubernetes, the declarative nature of Kubernetes, you can do Kubernetes security in a way that can be consistent across these environments with the need to do some additions at the edge, right? You may, physical security is more important at the edge hardware based encryption, for example, whereas in a, in a cloud provider, your encryption might be at the cloud provider storage layer rather than hardware. >>So how do you orchestrate, because we are talking about orchestration all day and how do you orchestrate all these security? >>Yep. So one of the things, one of the evolutions that we've seen in our customer base in the last few years is we used to have, um, a small number of large clusters that our customers deployed and they used in a multi-tenant fashion, right? Multiple teams from within the organization. We're now starting to see a larger number of smaller clusters. And those clusters are in different locations. They might be, uh, customers are both deploying in public cloud, as well as private, you know, on premises, um, edge deployments, as you mentioned. And so we've invested in, uh, multi cluster management and, or, you know, sort of that orchestration for orchestrators, right? The, and because again of the declarative nature of Kubernetes, so we offer, uh, advanced cluster management, red hat, advanced cluster management, which we open sourced as the multi cluster engine CE. Um, so that component is now also freely available, open source. We do that with everything. So if you need a way to ensure that you have managed the configuration appropriately across all of these clusters in a declarative fashion, right. It's still YAML, it's written in YAML use ACM use CE in combination with a get ops approach, right. To manage that, uh, to ensure that you've got that environment consistent. And, and then, but then you have to monitor, right. You have to, I'm wearing >>All of these stack rocks >>Fits in. I mean, yeah, sure. >>Yeah. And so, um, you know, we took a Kubernetes native approach to securing all of this. Right. And there's kind of, uh, we have to say, there's like three major life cycles. You have the build life cycle, right. You're building these imutable images to go deployed to production. Right. That should never change that are, you know, locked at a point in time. And so you can do vulnerability scanning, you can do compliance checks at that point right. In the build phase. But then you put those in a registry, then those go and be deployed on top of Kubernetes. And you have the configuration of your application, you know, including any vulnerabilities that may exist in those images, you have the R back permissions, right. How much access does it have to the cluster? Is it exposed on the internet? Right. What can you do there? >>And then finally you have, the runtime perspective of is my pod is my container actually doing what I think it's supposed to do. Is it accessing all the right things? Is it running all the right processes? And then even taking that runtime information and influencing the configuration through things like network policies, where we have a feature called process baselining that you can say exactly what processes are supposed to run in this pod. Um, and then influencing configuration in that way to kind of be like, yeah, this is what it's doing. And let's go stamp this, you know, declaratively so that when you deploy it the next time you already have security built in at the Kubernetes level. >>So as we've talked about a couple of different topics, the abstraction layers, I have security around DevOps. So, you know, I have multi tendency, I have to deal with, think about how am I going to secure the, the, the Kubernetes infrastructure itself. Then I have what seems like you've been talking about here, Connor, which is dev SecOps mm-hmm <affirmative> and the practice of securing the application through policy. Right. Are customers really getting what's under the hood of dev SecOps? >>Do you wanna start or yeah. >>I mean, I think yes and no. I think, um, you know, we've, some organizations are definitely getting it right. And they have teams that are helping build things like network policies, which provide network segmentation. I think this is huge for compliance and multi-tenancy right. Just like containers, you know, one of the main benefits of containers, it provides this isolation between your applications, right? And then everyone's familiar with the network firewall, which is providing network segmentation, but now in between your applications inside Kubernetes, you can create, uh, network segmentation. Right. And so we have some folks that are super, super far along that path and, and creating those. And we have some folks who have no network policies except the ones that get installed with our products. Right. And then we say, okay, how can we help you guys start leveraging these things and, and creating maybe just basic name, space isolation, or things like that. And then trying to push that back into more the declarative approach. >>So some of what I think we hear from, from what Connor just te teed up is that real DevSecOps requires breaking down silos between developers, operations and security, including network security teams. And so the Kubernetes paradigm requires, uh, involvement actually, in some ways, it, it forces involvement of developers in things like network policy for the SDN layer, right? You need to, you know, the application developer knows which, what kinds of communication he or she, his app or her app needs to function. So they need to define, they need to figure out those network policies. Now, some network security teams, they're not familiar with YAML, they're not necessary familiar with software development, software defined networking. So there's this whole kind of, how do we do the network security in collaboration with the engineering team? And when people, one of the things I worry about, so DevSecOps it's technology, but it's people in process too. >>Right. And one of the things I think people are very comfortable adopting vulnerability scanning early on, but they haven't yet started to think about the network security angle. This is one area that not only do we have the ability in ACS stack rocks today to recommend a network policy based on a running deployment, and then make it easy to deploy that. But we're also working to shift that left so that you can actually analyze app deployment data prior to it being deployed, generate a network policy, tested out in staging and, and kind of go from the beginning. But again, people do vulnerability analysis shift left, but they kind of tend to stop there and you need to add app config analysis, network communication analysis, and then we need appropriate security gates at deployment time. We need the right automation that helps inform the developers. Not all developers have security expertise, not all security people understand a C I C D pipeline. Right. So, so how, you know, we need the right set of information to the right people in the place they're used to working in order to really do that infinity loop. >>Do you see this as a natural progression for developers? Do they really hit a wall before, you know, uh, finding out that they need to progress in, in this, uh, methodology? Or I know >>What else? Yeah. So I think, I think initially there's like a period of transition, right? Where there's sometimes there's opinion, oh, I, I ship my application. That's what I get paid for. That's what I do. Right. <laugh> um, and, and, but since, uh, Kubernetes has basically increased the velocity of developers on top, you know, of the platform in order to just deploy their own code. And, you know, we have every, some people have commits going to production, you know, every commitment on the repo goes to production. Right. Um, and so security is even more at the forefront there. So I think initially you hit a little bit of a wall security scans in CI. You could get some failures and some pushback, but as long as these are very informative and actionable, right. Then developers always wanna do the right thing. Right. I mean, we all want to ship secure code. >>Um, and so if you can inform you, Hey, this is why we do this. Or, or here's the information about this? I think it's really important because I'm like, right, okay. Now when I'm sending my next commits, I'm like, okay, these are some constraints that I'm thinking about, and it's sort of like a mindset shift, but I think through the tooling that we like know and love, and we use on top of Kubernetes, that's the best way to kind of convey that information of, you know, honestly significantly smaller security teams than the number of developers that are really pushing all of this code. >>So let's scale out what, talk to me about the larger landscape projects like prime cube, Litner, OPPI different areas of investment in, in, in security. Talk to me about where customers are making investments. >>You wanna start with coup linter. >>Sure. So coup linter was a open source project, uh, when we were still, uh, a private company and it was really around taking some of our functionality on our product and just making it available to everyone, to basically check configuration, um, both bridging DevOps and SecOps, right? There's some things around, uh, privileged containers, right? You usually don't wanna deploy those into your environment unless you really need to, but there's other things around, okay, do I have anti affinity rules, right. Am I running, you know, you can run 10 replicas of a pod on the same node, and now your failure domain is a single node. Now you want them on different nodes, right. And so you can do a bunch of checks just around the configuration DevOps best practices. And so we've actually seen quite a bit of adoption. I think we have like almost 2000 stars on, uh, and super happy to see people just really adopt that and integrate it into their pipelines. It's a single binary. So it's been super easy for people to take it into their C I C D and just, and start running three things through it and get, uh, you know, valuable insights into, to what configurations they should change. Right. >>And then if you're, if you were asking about things like, uh, OPPA, open policy agent and OPPA gatekeeper, so one of the things happening in the community about OPPA has been around for a while. Uh, they added, you know, the OPPA gatekeeper as an admission controller for Cobe. There's also veno another open source project that is doing, uh, admission as the Kubernetes community has, uh, kind of is decided to deprecate pod security policies, um, which had a level of complexity, but is one of the key security capabilities and gates built into Kubernetes itself. Um, OpenShift is gonna continue to have security context constraints, very similar, but it prevents by default on an OpenShift cluster. Uh, not a regular user cannot deploy a privileged pod or a pod that has access to the host network. Um, and there's se Linux configuration on by default also protects against container escapes to the file system or mitigates them. >>So pod security policies were one way to ensure that kind of constraint on what the developer did. Developers might not have had awareness of what was important in terms of the level of security. And so again, the cube and tools like that can help to inform the developer in the tools they use, and then a solution like OPPA, gatekeeper, or SCCs. That's something that runs on the cluster. So if something got through the pipeline or somebody's not using one of these tools, those gates can be leveraged to ensure that the security posture of the deployment is what the organization wants and OPPA gatekeeper. You can do very complex policies with that. And >>Lastly, talk to me about Falco and Claire, about what Falco >>Falco and yep, absolutely. So, um, Falco, great runtime analysis have been and something that stack rocks leveraged early on. So >>Yeah, so yeah, we leveraged, um, some libraries from Falco. Uh, we use either an EB P F pro or a kernel module to detect runtime events. Right. And we, we primarily focus on network and process activity as, um, as angles there. And then for Claire, um, it's, it's now within red hat again, <laugh>, uh, through the acquisition of cores, but, uh, we've forked in added a bunch of things around language vulnerabilities and, and different aspects that we wanted. And, uh, and you know, we're really interested in, I think, you know, the code bases have diversion a little bit Claire's on V4. We, we were based off V2, but I think we've both added a ton of really great features. And so I'm really looking forward to actually combining all of those features and kind of building, um, you know, we have two best of best of breed scanners right now. And I'm like, okay, what can we do when we put them together? And so that's something that, uh, I'm really excited about. >>So you, you somehow are aiming at, you know, your roadmap here now putting everything together. And again, orchestrated well integrated yeah. To, to get, you know, also a simplified experience, because that could be the >>Point. Yeah. And, and as you mentioned, you know, it's sort of that, that orchestration of orchestrators, like leveraging the Kubernetes operator principle to, to deliver an app, an opinionated Kubernetes platform has, has been one of the key things we've done. And we're doing that as well for security out of the box security policies, principles based on best practices with stack rocks that can be leveraged in the community or with red hat, advanced cluster security, combining our two scanners into one clear based scanner, contributing back, contributing back to Falco all of these things. >>Well, that speaks to the complexity of open source projects. There's a lot of overlap in reconciling. That is a very difficult thing. Kirsten Connor, thank you for joining the cube Connor. You're now a cube alone. Welcome to main elite group. Great. From Valencia Spain, I'm Keith Townsend, along with en Rico senior, and you're watching the cue, the leader in high tech coverage.

>>The cube presents, Coon and cloud native con Europe, 22 brought to you by the cloud native computing foundation. >>Welcome to ity of Spain and cube con coup con cloud native con Europe 2022 is near the end of the day. That's okay. We, we, we have plenty of energy because we're bringing it. I'm Keith Townsend, along with my coho, Paul Gillon Paul, this has been an amazing day. Thus far. We've talked to some incredible folks. You got a chance to walk the show floor. Yeah. So I'm really excited to hear what's the vibe of the show floor, 7,500 people in Europe following the protocols, but getting stuff done. >>Well, first I have to say that I haven't traveled for two years. So getting out to a show by, by itself is, is an amazing experience, but a show like this with all of the energy and the crowd, she is enormously crowded at lunchtime today. It's hard to believe how many people have made it, made it all the way here out on the floor. The boots are crowded. The, the demonstrations are what you would expect at a show like this. Lots of code, lots of, lots of block diagrams, lots of architecture. I think the audience is eating it up. You know, when they're, they're on their laptops, they're coding on their laptops. And this is very much symbolic of the crowd that comes to a cubic con. And it's, it's a, just a delight to see them outta here. I so much fun. >>So speaking of lots of gold, we have Bome Toro co-founder of pet trade, but, you know, just saw, didn't realize this Isto becoming part of CNCF was the latest on infield. >>Yeah. Is still is, you know, it was always one of those service mesh projects, which was very widely adopted. And it's great to see that going into the cloud native computing foundation. And I think what happened with Kubernetes, like just became the defacto container orchestrator. I think similar thing is happening with Isto and service mesh. >>What, >>So I'm sorry, Keith, what's the process like of becoming adopted by and incubated by the CNCF? >>Yeah, I mean, it's pretty simple. It's an application process into the foundation where you say, you know what the project is about, how diverse is your contributor base, how many people are using it. And it goes through a review of with TC. It goes through a review of like all the users and contributors. And if you see a good base of deployments in production, if you see a diverse of contributors, then you can basically be part of the CNCF. And as you know, CNCF is very flexible on governance. Basically it's like, bring your own governance. And then the projects can basically seamlessly go in and, you know, get into incubation and gradually graduate >>Another project close and dear to you Envoy. Yes. Now I've always considered Envoy just as what it is. It's a, I've always used it as, as a load balancer type thing. So I've always considered it somewhat of a gateway proxy, but Envoy gateway was announced last week. Yes. >>So Envoy is basically won the data plane war of in cloud native workloads. Right. And, but, and this was over the last five years, Envoy was announced even way before Rio and it is used in various deployment models. You can use it as a front load balancer. You can use it as an Ingres in Kubernetes. You can use it as a side car and a service mesh like steel, and it's lightweight dynamically, programmable, very open with a white community. But what we looked at when we looked at the Envoy base, was it still, wasn't very approachable for application developers. Like when you still see like the nouns that it uses in terms of clusters and so on is not what an application developer was used to. And so Envoy gateway is really an effort to make Envoy even more stronger out of the box for an application developer to use it as an API gateway. >>Right? Because if you think about it, ultimately, you know, people de developers start deploying workloads onto their Kubernetes clusters. They need some functionality like an API gateway to expose their services and you wanna make it really, really easy and simple. Right? I often say like what, what engine X was to like static websites like Envoy gateway will be to like, you know, APIs and it's really few the community coming together. We are a big part, but also VMware and as well as end users, like in this case, fidelity who is investing heavily into Envoy and API gateway use cases, joining forces saying, let's do this in upstream Envoy. >>I'd like to go back to IIO because this is a major step in IIOS development. Where do you see SIO coming into the picture? And Kubernetes is already broadly accepted. Is IIO generally adopted as an after an after step to, to Kubernetes or are they increasingly being adopted together? >>Yeah. So usually it's adopted as a follow on step and the reason is primarily the learning curve, right. It's just get used to all the Kubernetes and, you know, it takes a while for people to understand the concepts, get applications going, and then, you know, studio was made to basically solve, you know, three big problems there. Right. Which is around observability traffic management and security. Right. So as people deploy more services, they figure out, okay, how do I connect them? How do I secure all the connections and how do I do more fine grain routing? I'm doing more frequent deployments with Kubernetes, but I would like to do Canary releases to make safer rollouts. Right. And those are the problems that Isto solves. And I don't really want to know the metrics of like, yes, it'll be, I it's good to know all the node level and CPO level metrics. >>But really what I want to know is how are my services performing? Where is the latency, right? Where is the error rate? And those are the things thatto gives out of the box. So that's like a very natural next step for people using Kubernetes. And, you know, Tetra was really formed as a company to enable enterprises, to adopt STO Envoy and service mission, their environment. Right? So we do everything from run an academy for like courses and certifications on Envoy and STO to a distribution, which is, you know, compliant with various bills and tooling as well as a whole platform on top of STO to make it usable and deployment in a large enterprise. >>So paint the end to end for me, for STO in Envoy. I know they can be used in similar fashions is like side cars, but how they work together to deliver value. >>Yeah. So if you step back from technology a little bit, right, and you like, sort of look at what customers are doing and facing, right. Really it is about, they have applications. They have some applications that new workloads going into Kubernetes and cloud native. They have a lot of legacy workloads, a lot of workloads on VMs and with different teams in different clouds or due to acquisitions. They're very heterogeneous right now. Our mission Tetrad's mission is power. The world's application traffic, but really the business value that we are going after is consistency of application operations. Right? And I'll tell you how powerful that is because the more places you can deploy Envoy into the more places you can deploy studio into, the more consistency you can get for the value pillars of observability, traffic management, and security. Right. And really, if you think about what is the journey for an enterprise to migrate from workloads into Kubernetes or from data centers into cloud, the challenges are around security and connectivity, right? Because if it's Kubernetes fabric, the same Kubernetes app and data center can be deployed exactly as is it in cloud. Right. Right. So why is it hard to migrate to cloud, right. The challenges come in the security and networking layer. >>Right. So let's talk about that with some granularity and you can maybe gimme some concrete examples, right? Because it, as I think about the hybrid infrastructure where I have VMs on premises, cloud, native stuff, running in the public cloud, or even cloud native next to VMs, right. I do security differently when I'm in the VM world. I say, you know what, this IP address, can't talk to this Oracle database server. Right. That's not how cloud native works. Right. I, I can't say if I have a cloud, if I have a cloud native app talking to a Oracle database, there's no IP address. Yeah. But how do I, how, how do I secure the communication between the two? Exactly. >>So I think you hit it straight on the head. So which is with things like Kubernetes, IP is no longer a really a valid noun where you can say, because things will auto scale either from Kubernetes or, you know, the cloud autoscales. So really the noun that is becoming now is service. So, and I could have many instances of it. They could go scale up and down. But what I'm saying is this service, which, you know, some app server, some application can talk to the article service. Hmm. And what we have done with the te trade service bridge, which is why we call our platform service bridge, because it's all about bridging all the services is whatever you're running on, the VM can be onboarded onto the mesh, like as if it were a ity service. Right. And then my policy around this service can talk to this service is same in Kubernetes is same for Kubernetes talking to VM it's same for VM to VM, both in terms of access control in terms of encryption. What we do is because it's the Envoy, proxy goes everywhere and the traffic is going through them. We actually take care of distributing, certs, encrypting, everything, and it becomes, and that is what leads to consistent application operations. And that's where the value is. >>We're seeing a lot of activity around observ observability right now, a lot of different tools, both open source and proprietary STO certainly part of the open telemetry project, I believe. Are you part of that? Yes. But the customers are still piecing together a lot of tools on their own. Right. Do you see a, a more coherent framework forming around observability? >>I think very much so. And there are layers of observability, right? So the thing is like, if we tell you there is latency between these two services at L seven layer, the first question is, is it the service? Is it the Envoy? Or is it the network? It sounds like a very simple question. It's actually not that easy to answer. And that is one of the questions we answer in like platforms like ours. Right. But even that is not the end. It, if it's neither of these three, it could be the node. It could be the hardware underneath. Right. And those, you realize like those are different observability tools that work on each layer. So I think there's a lot of work to be done, to enable end users to go from app, like from top to bottom to make, reduce what is called MTTR or meantime to, you know, resolution of an issue, where is the problem. >>But I think with tools like what is being built now, it is becoming easier, right? It is because one of the things we have to realize is with things like Kubernetes, we made the development of microservices easier. Right. And that's great. But as a result, what is happening is that more things are getting broken down. So there is more network in between. So that's harder. It gets to troubleshoot harder. It gets to secure everything harder. It gets to get visibility from everywhere. Right. So I often say like, actually, if you're going embarking down microservices journey, you actually are, you better have a platform like this. Otherwise, you know, you're, you're taking on operational cost. >>Wow. J's paradox. The more accessible we make something, the more it gets used, the more complex it is. That's been a theme here at KU con cloud native con Europe, 2022 from Licia Spain. I'm Keith Townsend, along with my host, Paul Gillman. And you're watching the queue, the leader in high tech coverage.

>> Live from San Francisco. It's the cue covering IBM thing twenty nineteen brought to you by IBM. >> Clever and welcome to the live coverage here. The Cube in San Francisco for IBM. Think twenty nineteen day Volonte where he with Urban Krishna, senior vice president of cloud and cognitive software at IBM. Man in charge of all the cloud products cloud everywhere. Aye, aye. Anywhere are great to see you. Thanks for spending time. Know you're super busy. Thanks for spending time. >> I'm ready to be here right >> now. So we talked at the Red Hat Summit last year. You essentially laid out the vision for micro Services. Coup Burnett is how this always kind of coming together than the redhead acquisition. And now you're seeing big news here at IBM. Think setting the stage here in San Francisco for a I anywhere, which is cognitive kind of all over the clouds, and then really clarity around cloud multi cloud strategy end to end workloads all kind of tied together on premise in the clouds. Super important for IBM. Explain and unpacked that force. What does it mean, >> Right? So I'm going to begin unpacking it from where actually I left off last year. So if I just for ten seconds, last year, we talked a lot about containerized platforms are going to become the future that'll be the fabric on which every enterprise is going to build their IT and their future. OK, we talked about that last year, and I think with the announced acquisition of Red Hat that gets cemented and that'll go further once that closes. Now you take that and now you take it to the next level of value. So take Watson. Watson runs as a containerized set of services. If it's a containerized set of services, it could run on what we call Cloud Private. Cloud Private in turn runs on top of OpenShift. So then you say, wherever OpenShift runs, I can run this entire stack. Where does OpenShift run today? It runs on Amazon. It runs on the IBM cloud and runs on Azure. It runs on your premise. So on the simple simple. I always like things that are simple. So Watson runs on Cloud Private runs and OpenShift runs on all these infrastructures I just mentioned that gives you Watson anywhere. You want it close to your data run it on-prem. You want to run it on Azure, run it there. You want to run it on the IBM cloud you run it there. And hence that's the complete story. >> says it was more important for you to give customers choice >> than it was to keep Watson to yourself. To try to sell >> more cloud. >> I think that every company that survives a long term learns that choice to a customer is really important and forcing customers to do things only one way is jelly in the long term. A bad strategy. So >> from a customer statement, just get the facts right on the hard news. Watson. Anywhere. Now I can run Watson via containers. Asian Open ship Things you mentioned on a ws as sheer Microsoft azure and IBM cloud cloud private. All that >> on on premise >> and on premise, all cohesively enter end. >> Correct in an identical way. Which means even if you do things one place you build up more than one place, you could go deploy a moral in another place gives you that flexibility also. >> So I'm Akash Mercy over This sounds too crazy Is too hard to do that. I've tried all this multi cloud stuff. Got all this stuff. Why is it easier? How do how do you guys make this happen? What's the key secret sauce for pulling that end to end a I anywhere on multiple clouds, on premises and through the workloads. >> Two levels. One. We go to a container infrastructure as that common layer that isolates out what is the bottom infrastructure from everything that runs on top. So going to the common services on a Cuban Eddie's in a container layer that is common across all these environments, does the isolation off the bottom infrastructure? That's hard engineering, but we do that engineering. The second piece is you've taken the Watson set of capabilities and also put them into just three pieces. What's in studio? What's an ML from water machine learning and what's an open scale? And there you have the complete set that you go need to run everywhere. So we have done that engineering as well. >> Congratulations. Get the cloud anywhere. I mean, it's cloud. It's essentially everything's every anywhere. Now you got data everywhere you got cloud everywhere. Cloud operations. Where's the multi cloud and hybrid fit in? Because now, if I could do a I anywhere via container ization, shouldn't I built? Run any workload on premise and in multiple clouds. >> So we fundamentally believe that when I was here last time, we talked about the container fabrics. And I do believe that we need to get to the point where these can run anywhere. So you take the container fabric and you can go run that anywhere, right? So so that's one piece of it, the next part of is but I now need to integrate. So I now need to bring in all my pieces. How I integrate this application with another? It's the old problem of integration back again. So whether you want to use MQ or you want to use Kafka or you want to use one of these technologies? How do we get them to couple one work flow to another work flow? How do I get them to be secure? How do I get them to be resilient in the presence of crashes in the presence of latency and all that? So that's another big piece of announcements that we're making. You can take that complete set off integration technologies, and those can run anywhere on any cloud. Again, using the same partner describes. I'm not going to go into that again. And on premise. So you can knit all of those together. >> How can you talk about the rationale for the Red Hat acquisition? Specifically in the context of developers, IBM over the years has made you know many efforts took to court developers. Now, with the redhead acquisition, it's eight million developers and talk about specifically the importance of developers and how that's changed >> your strategy or enhance your >> strategy. I'm an enhancement. It's not really a change. I think we all acknowledge developers have always been important and will remain important. I mean, IBM has done a great job, I think, over the last twenty years and both helping create the whole developer ecosystem, for example, around Job. We were a very big piece of that, not the only participant in there. There were others, but we were a big piece of that. So you not take red hat on Lenox and Open shit and Open source and J. Boss and all of these technologies. There's a big ecosystem of developers. You mentioned eight million number. But why did that set of people come along? They come along because they get a lot of value from developing on top of something that in turn has so many other people on top. I think there's half a million pieces of software which use redhead as the primary infrastructure on which they develop. So it's the network effect really. Is that value andan Africa can only come from you, keep it open, You keep it running on the widest possible base, and then they get the value that if they develop on that digger access to that and US base on which Red Hat Franz >> are, we have >> evidence that >> totally makes sense. But I want to get one dig deeper that we cover a lot of developer, the business side of developers. Not so much, no ins and outs, so developer tools and stuff. There's a lot of stack overflow. Variety of sources do that, So developers want to things they want to be in the right wave. You laying out a great platform for that, then this monetization Amazon has seen massive growth on their partner network. You guys haven't ecosystem. You mentioned that. How does this anywhere philosophy impact ecosystem because they want to party with IBM? Where's the white spaces? What's the opportunity for partners? How should they evolve with IBM? What's your What's your direction on that? >> Okay, so two kinds of partners one there's a set of partners will bring a huge set of value to their clients because they actually provide the domain knowledge. The application specify acknowledged the management expertise, the operational expertise, printable technologies, perhaps that we provide. That's what a partner's is always gonna have. Value talked yesterday at a portable conference about what, cognizant? Who's a bigger part. They do. They built a self service application for patients off a medical provider to be able to get remote access to doctors when they couldn't get enough. And that was not life threatening immediately. Well, that's a huge sort of valley that they provide built on top of our technologies and products. A second kind of partner you went on developers is people who do open those packages. I think we've been quite good. We don't tend to cannibalize our partners, unlike some others we can talk about. So for those partners who have that value, we can put our investment in other places. But we could help maybe give access to the enterprise market for those developers, which I think opens up. A lot of you >> guys make the martyr for developers. That's right. I want to ask you a question. You guys are all sleep in all in on Cooper Netease. Red hat made a great bed on Cooper Netease on. Now that you're harvesting that with the requisition, huge growth there containers. Everyone saw containers. That was kind of a no brainer. Technical world developers are. What's the importance of uber Netease? As you see Kou Bernetti starting to shrink the abstraction software overlay. In the end, this new complexity where Cooper needs a running great value. What does that mean? This trend mean for CEOs CTO CSOs as enterprise start to think, you know, cohesive set of services across on Prem multiple clouds. Cooper Nettie seems to be a key point. What is the impact of it? What does it mean? >> I think I'll go to the business. Benefit Secure binaries. In the end is an orchestration. Later takes over management complexity. It takes away the cost of doing operations in a large cluster ofthe physical resource is, I think the value for the CIA level is the following today, on average, seventy percent of the total cost and people are tied up in maintaining what you have. Thirty percent is on new. That's rough rule of Tom Technologies like communities have taken to where we wanted to go and flipped out to thirty seventy. We need to spend only thirty percent maintaining what you have. And he could then go spend seventy percent on doing innovation, which is going to make inclined, happier and your business happier. Your team's had a couple of announcements today. One was hyper protect, and the other is a lot of services to facilitate. Hybrid. Can you talk about those brats up to date on a quick one, so hyper protect means. So where do you put your data in the cloud everybody gets worried about? Well, if it's in the clear, it could get stolen. C Togo to encryption. Typically, encryption is then down with the key. Well, who manages that cake? The hyper protect services are all about that key. Management is comin across. Both are getting hybrid world across both your premise and in the cloud. And nobody in the cloud, not even our deepest system administrator in the cloud, can get access to the key. That's pretty remarkable when you think about it, and so that provide the level of safety and encryption that should give you a lot of reassurance that nobody can get hold of that data that's hyper protect. And then if I go to all of the other services were doing, sometimes I see a lot of help. Someone advice. Look, in the three client meeting I just had every one of them was asking what should keep regarded watching I slightly more nice. What should I write knew? That means a whole lot of advice that you need and how to assess what you have in what should be a correct strategy. Then once you do that, somebody will say will help me move it. Others will say, Help me manage it So all the services to go do that is a big piece of what we're announcing it end and to end in addition to but into end. But also you can cover it up. Not only give me advice, I know I got buying strategy laid out, helping move it on Oprah's do boards for me or help you manage it after I move it except >> armor. When you sit in customer meetings. Big clients write me, and when they say we want to modernize, what does that mean to you? And how do you respond to that? >> Well, some organizes. Normally today it means that you've got to bring cloud technologies. You gotta bring air technologies. You got to bring what is called digital transformation all to bear. It's got to be in the service of either client intimacy, or it's got to be in terms ofthe doing straight through processing, as opposed to the old way of doing all the business processes that you have and then you get into always got to begin with some easy wind. So I always say, Begin with the easy stuff, not begin with the harder stuff. What started the architecture that let you do the hardest off later? It's not throw away, and those are all the discussions that we have, which are always a mixture of this people process technology. That world has not changed. We need to worry about. All >> three are thanks for spending your valuable time coming on the Q. Bree. We appreciate the insight. I know you're super busy. Final question. Take take a minute. To explain this year. Think What's the core theme? What's the most important story people should pay attention to this year and IBM think in San Francisco? >> I think this two things and the borders. That is the evolution that is giving greater business value for using the word that is Chapter two off the cloud journey. And it's Chapter two off a cognitive enterprise. Chapter two means that you're not getting into solving really mission critical workloads, and that's what is happening there. And that's enabled through the mixture of what we're calling hybrid on multi cloud strategies and then the cognitive enterprises all around. How can you bring air to power every workflow? It's not a little shiny Tonda. Besides, it's in the very heart off every confirmation. >> The word of the day. Here's anywhere cloud anywhere, data anywhere. Aye, aye, anywhere that's a cube were everywhere and anywhere we could go to get the signal from the noise. Arvin Krista, senior vice president, cloud and cognitive software's new title man Architect in the Red Hat Acquisition in the cloud Multi cloud DNA. Congratulations on your success. Looking forward to following your journey. Thanks for coming on, thanks Thanks. Safe. Okay. More live coverage after this short break state with the cube dot net is where you find the videos were in San Francisco. Live here in Mosconi, North and south, bringing the IBM think twenty nineteen. Stay with us.

we're in preparation with Samsung on this new innovative high-tech app that's coming out and it's gonna be integrated - I mean everything's gonna come together it's gonna have my music in it it's gonna have Stan's gonna make a cameo anything can be a tool you know so the computer doing computer art is an amazing opportunity to explore a new kind of tool right to invent and create new creatures or new things it's all on how you use it looks like one of those old football collars but you put it around like this and it allows for music to come up only to my ears right yeah so actually let's turn on the music and then they'll actually get the hear and through my head put my little headset here and we'll just throw something on it that's kind of cranked up actually okay so this is cranked up can you hear this just a little bit so yeah so he can barely hear that son like talking wow thank you I work as my own self sort of on fashion and technologies of the combination of fashion and technology so yes some of my dresses they are pleading and they are surfing cocktail shorts they are attacking really with mechanic spider legs on the shoulders they are exploding in a layer of smoke sort of so I do a lot with animatronics and robotics and what I want to do is that fashion is augment augmenting a sort of you know so creating an interaction right now the price of our machine is $49 on sous-chef at nonny coup calm because interacts with a food program so there's food that comes with the machine you wave the food in front of the machine it automatically recognizes a time and temperature and interacts with different time and temperatures of different bags of food and use drop it in in 30 minutes you have a gourmet chef prepared meal just the way that we would do it in Michelin star restaurant