(upbeat music) >> Hello and welcome back to theCUBE. We're here in Palo Alto, California. I'm your host, John Furrier with a special guest here in the studio. As part of our Cloud Native SecurityCon Coverage we had an opportunity to bring in Jon Turow who is the partner at Madrona Venture Partners formerly with AWS and to talk about machine learning, foundational models, and how the future of AI is going to be impacted by some of the innovation around what's going on in the industry. ChatGPT has taken the world by storm. A million downloads, fastest to the million downloads there. Before some were saying it's just a gimmick. Others saying it's a game changer. Jon's here to break it down, and great to have you on. Thanks for coming in. >> Thanks John. Glad to be here. >> Thanks for coming on. So first of all, I'm glad you're here. First of all, because two things. One, you were formerly with AWS, got a lot of experience running projects at AWS. Now a partner at Madrona, a great firm doing great deals, and they had this future at modern application kind of thesis. Now you are putting out some content recently around foundational models. You're deep into computer vision. You were the IoT general manager at AWS among other things, Greengrass. So you know a lot about data. You know a lot about some of this automation, some of the edge stuff. You've been in the middle of all these kind of areas that now seem to be the next wave coming. So I wanted to ask you what your thoughts are of how the machine learning and this new automation wave is coming in, this AI tools are coming out. Is it a platform? Is it going to be smarter? What feeds AI? What's your take on this whole foundational big movement into AI? What's your general reaction to all this? >> So, thanks, Jon, again for having me here. Really excited to talk about these things. AI has been coming for a long time. It's been kind of the next big thing. Always just over the horizon for quite some time. And we've seen really compelling applications in generations before and until now. Amazon and AWS have introduced a lot of them. My firm, Madrona Venture Group has invested in some of those early players as well. But what we're seeing now is something categorically different. That's really exciting and feels like a durable change. And I can try and explain what that is. We have these really large models that are useful in a general way. They can be applied to a lot of different tasks beyond the specific task that the designers envisioned. That makes them more flexible, that makes them more useful for building applications than what we've seen before. And so that, we can talk about the depths of it, but in a nutshell, that's why I think people are really excited. >> And I think one of the things that you wrote about that jumped out at me is that this seems to be this moment where there's been a multiple decades of nerds and computer scientists and programmers and data thinkers around waiting for AI to blossom. And it's like they're scratching that itch. Every year is going to be, and it's like the bottleneck's always been compute power. And we've seen other areas, genome sequencing, all kinds of high computation things where required high forms computing. But now there's no real bottleneck to compute. You got cloud. And so you're starting to see the emergence of a massive acceleration of where AI's been and where it needs to be going. Now, it's almost like it's got a reboot. It's almost a renaissance in the AI community with a whole nother macro environmental things happening. Cloud, younger generation, applications proliferate from mobile to cloud native. It's the perfect storm for this kind of moment to switch over. Am I overreading that? Is that right? >> You're right. And it's been cooking for a cycle or two. And let me try and explain why that is. We have cloud and AWS launch in whatever it was, 2006, and offered more compute to more people than really was possible before. Initially that was about taking existing applications and running them more easily in a bigger scale. But in that period of time what's also become possible is new kinds of computation that really weren't practical or even possible without that vast amount of compute. And so one result that came of that is something called the transformer AI model architecture. And Google came out with that, published a paper in 2017. And what that says is, with a transformer model you can actually train an arbitrarily large amount of data into a model, and see what happens. That's what Google demonstrated in 2017. The what happens is the really exciting part because when you do that, what you start to see, when models exceed a certain size that we had never really seen before all of a sudden they get what we call emerging capabilities of complex reasoning and reasoning outside a domain and reasoning with data. The kinds of things that people describe as spooky when they play with something like ChatGPT. That's the underlying term. We don't as an industry quite know why it happens or how it happens, but we can measure that it does. So cloud enables new kinds of math and science. New kinds of math and science allow new kinds of experimentation. And that experimentation has led to this new generation of models. >> So one of the debates we had on theCUBE at our Supercloud event last month was, what's the barriers to entry for say OpenAI, for instance? Obviously, I weighed in aggressively and said, "The barriers for getting into cloud are high because all the CapEx." And Howie Xu formerly VMware, now at ZScaler, he's an AI machine learning guy. He was like, "Well, you can spend $100 million and replicate it." I saw a quote that set up for 180,000 I can get this other package. What's the barriers to entry? Is ChatGPT or OpenAI, does it have sustainability? Is it easy to get into? What is the market like for AI? I mean, because a lot of entrepreneurs are jumping in. I mean, I just read a story today. San Francisco's got more inbound migration because of the AI action happening, Seattle's booming, Boston with MIT's been working on neural networks for generations. That's what we've found the answer. Get off the neural network, Boston jump on the AI bus. So there's total excitement for this. People are enthusiastic around this area. >> You can think of an iPhone versus Android tension that's happening today. In the iPhone world, there are proprietary models from OpenAI who you might consider as the leader. There's Cohere, there's AI21, there's Anthropic, Google's going to have their own, and a few others. These are proprietary models that developers can build on top of, get started really quickly. They're measured to have the highest accuracy and the highest performance today. That's the proprietary side. On the other side, there is an open source part of the world. These are a proliferation of model architectures that developers and practitioners can take off the shelf and train themselves. Typically found in Hugging face. What people seem to think is that the accuracy and performance of the open source models is something like 18 to 20 months behind the accuracy and performance of the proprietary models. But on the other hand, there's infinite flexibility for teams that are capable enough. So you're going to see teams choose sides based on whether they want speed or flexibility. >> That's interesting. And that brings up a point I was talking to a startup and the debate was, do you abstract away from the hardware and be software-defined or software-led on the AI side and let the hardware side just extremely accelerate on its own, 'cause it's flywheel? So again, back to proprietary, that's with hardware kind of bundled in, bolted on. Is it accelerator or is it bolted on or is it part of it? So to me, I think that the big struggle in understanding this is that which one will end up being right. I mean, is it a beta max versus VHS kind of thing going on? Or iPhone, Android, I mean iPhone makes a lot of sense, but if you're Apple, but is there an Apple moment in the machine learning? >> In proprietary models, here does seem to be a jump ball. That there's going to be a virtuous flywheel that emerges that, for example, all these excitement about ChatGPT. What's really exciting about it is it's really easy to use. The technology isn't so different from what we've seen before even from OpenAI. You mentioned a million users in a short period of time, all providing training data for OpenAI that makes their underlying models, their next generation even better. So it's not unreasonable to guess that there's going to be power laws that emerge on the proprietary side. What I think history has shown is that iPhone, Android, Windows, Linux, there seems to be gravity towards this yin and yang. And my guess, and what other people seem to think is going to be the case is that we're going to continue to see these two poles of AI. >> So let's get into the relationship with data because I've been emerging myself with ChatGPT, fascinated by the ease of use, yes, but also the fidelity of how you query it. And I felt like when I was doing writing SQL back in the eighties and nineties where SQL was emerging. You had to be really a guru at the SQL to get the answers you wanted. It seems like the querying into ChatGPT is a good thing if you know how to talk to it. Labeling whether your input is and it does a great job if you feed it right. If you ask a generic questions like Google. It's like a Google search. It gives you great format, sounds credible, but the facts are kind of wrong. >> That's right. >> That's where general consensus is coming on. So what does that mean? That means people are on one hand saying, "Ah, it's bullshit 'cause it's wrong." But I look at, I'm like, "Wow, that's that's compelling." 'Cause if you feed it the right data, so now we're in the data modeling here, so the role of data's going to be critical. Is there a data operating system emerging? Because if this thing continues to go the way it's going you can almost imagine as you would look at companies to invest in. Who's going to be right on this? What's going to scale? What's sustainable? What could build a durable company? It might not look what like what people think it is. I mean, I remember when Google started everyone thought it was the worst search engine because it wasn't a portal. But it was the best organic search on the planet became successful. So I'm trying to figure out like, okay, how do you read this? How do you read the tea leaves? >> Yeah. There are a few different ways that companies can differentiate themselves. Teams with galactic capabilities to take an open source model and then change the architecture and retrain and go down to the silicon. They can do things that might not have been possible for other teams to do. There's a company that that we're proud to be investors in called RunwayML that provides video accelerated, sorry, AI accelerated video editing capabilities. They were used in everything, everywhere all at once and some others. In order to build RunwayML, they needed a vision of what the future was going to look like and they needed to make deep contributions to the science that was going to enable all that. But not every team has those capabilities, maybe nor should they. So as far as how other teams are going to differentiate there's a couple of things that they can do. One is called prompt engineering where they shape on behalf of their own users exactly how the prompt to get fed to the underlying model. It's not clear whether that's going to be a durable problem or whether like Google, we consumers are going to start to get more intuitive about this. That's one. The second is what's called information retrieval. How can I get information about the world outside, information from a database or a data store or whatever service into these models so they can reason about them. And the third is, this is going to sound funny, but attribution. Just like you would do in a news report or an academic paper. If you can state where your facts are coming from, the downstream consumer or the human being who has to use that information actually is going to be able to make better sense of it and rely better on it. So that's prompt engineering, that's retrieval, and that's attribution. >> So that brings me to my next point I want to dig in on is the foundational model stack that you published. And I'll start by saying that with ChatGPT, if you take out the naysayers who are like throwing cold water on it about being a gimmick or whatever, and then you got the other side, I would call the alpha nerds who are like they can see, "Wow, this is amazing." This is truly NextGen. This isn't yesterday's chatbot nonsense. They're like, they're all over it. It's that everybody's using it right now in every vertical. I heard someone using it for security logs. I heard a data center, hardware vendor using it for pushing out appsec review updates. I mean, I've heard corner cases. We're using it for theCUBE to put our metadata in. So there's a horizontal use case of value. So to me that tells me it's a market there. So when you have horizontal scalability in the use case you're going to have a stack. So you publish this stack and it has an application at the top, applications like Jasper out there. You're seeing ChatGPT. But you go after the bottom, you got silicon, cloud, foundational model operations, the foundational models themselves, tooling, sources, actions. Where'd you get this from? How'd you put this together? Did you just work backwards from the startups or was there a thesis behind this? Could you share your thoughts behind this foundational model stack? >> Sure. Well, I'm a recovering product manager and my job that I think about as a product manager is who is my customer and what problem he wants to solve. And so to put myself in the mindset of an application developer and a founder who is actually my customer as a partner at Madrona, I think about what technology and resources does she need to be really powerful, to be able to take a brilliant idea, and actually bring that to life. And if you spend time with that community, which I do and I've met with hundreds of founders now who are trying to do exactly this, you can see that the stack is emerging. In fact, we first drew it in, not in January 2023, but October 2022. And if you look at the difference between the October '22 and January '23 stacks you're going to see that holes in the stack that we identified in October around tooling and around foundation model ops and the rest are organically starting to get filled because of how much demand from the developers at the top of the stack. >> If you look at the young generation coming out and even some of the analysts, I was just reading an analyst report on who's following the whole data stacks area, Databricks, Snowflake, there's variety of analytics, realtime AI, data's hot. There's a lot of engineers coming out that were either data scientists or I would call data platform engineering folks are becoming very key resources in this area. What's the skillset emerging and what's the mindset of that entrepreneur that sees the opportunity? How does these startups come together? Is there a pattern in the formation? Is there a pattern in the competency or proficiency around the talent behind these ventures? >> Yes. I would say there's two groups. The first is a very distinct pattern, John. For the past 10 years or a little more we've seen a pattern of democratization of ML where more and more people had access to this powerful science and technology. And since about 2017, with the rise of the transformer architecture in these foundation models, that pattern has reversed. All of a sudden what has become broader access is now shrinking to a pretty small group of scientists who can actually train and manipulate the architectures of these models themselves. So that's one. And what that means is the teams who can do that have huge ability to make the future happen in ways that other people don't have access to yet. That's one. The second is there is a broader population of people who by definition has even more collective imagination 'cause there's even more people who sees what should be possible and can use things like the proprietary models, like the OpenAI models that are available off the shelf and try to create something that maybe nobody has seen before. And when they do that, Jasper AI is a great example of that. Jasper AI is a company that creates marketing copy automatically with generative models such as GPT-3. They do that and it's really useful and it's almost fun for a marketer to use that. But there are going to be questions of how they can defend that against someone else who has access to the same technology. It's a different population of founders who has to find other sources of differentiation without being able to go all the way down to the the silicon and the science. >> Yeah, and it's going to be also opportunity recognition is one thing. Building a viable venture product market fit. You got competition. And so when things get crowded you got to have some differentiation. I think that's going to be the key. And that's where I was trying to figure out and I think data with scale I think are big ones. Where's the vulnerability in the stack in terms of gaps? Where's the white space? I shouldn't say vulnerability. I should say where's the opportunity, where's the white space in the stack that you see opportunities for entrepreneurs to attack? >> I would say there's two. At the application level, there is almost infinite opportunity, John, because almost every kind of application is about to be reimagined or disrupted with a new generation that takes advantage of this really powerful new technology. And so if there is a kind of application in almost any vertical, it's hard to rule something out. Almost any vertical that a founder wishes she had created the original app in, well, now it's her time. So that's one. The second is, if you look at the tooling layer that we discussed, tooling is a really powerful way that you can provide more flexibility to app developers to get more differentiation for themselves. And the tooling layer is still forming. This is the interface between the models themselves and the applications. Tools that help bring in data, as you mentioned, connect to external actions, bring context across multiple calls, chain together multiple models. These kinds of things, there's huge opportunity there. >> Well, Jon, I really appreciate you coming in. I had a couple more questions, but I will take a minute to read some of your bios for the audience and we'll get into, I won't embarrass you, but I want to set the context. You said you were recovering product manager, 10 plus years at AWS. Obviously, recovering from AWS, which is a whole nother dimension of recovering. In all seriousness, I talked to Andy Jassy around that time and Dr. Matt Wood and it was about that time when AI was just getting on the radar when they started. So you guys started seeing the wave coming in early on. So I remember at that time as Amazon was starting to grow significantly and even just stock price and overall growth. From a tech perspective, it was pretty clear what was coming, so you were there when this tsunami hit. >> Jon: That's right. >> And you had a front row seat building tech, you were led the product teams for Computer Vision AI, Textract, AI intelligence for document processing, recognition for image and video analysis. You wrote the business product plan for AWS IoT and Greengrass, which we've covered a lot in theCUBE, which extends out to the whole edge thing. So you know a lot about AI/ML, edge computing, IOT, messaging, which I call the law of small numbers that scale become big. This is a big new thing. So as a former AWS leader who's been there and at Madrona, what's your investment thesis as you start to peruse the landscape and talk to entrepreneurs as you got the stack? What's the big picture? What are you looking for? What's the thesis? How do you see this next five years emerging? >> Five years is a really long time given some of this science is only six months out. I'll start with some, no pun intended, some foundational things. And we can talk about some implications of the technology. The basics are the same as they've always been. We want, what I like to call customers with their hair on fire. So they have problems, so urgent they'll buy half a product. The joke is if your hair is on fire you might want a bucket of cold water, but you'll take a tennis racket and you'll beat yourself over the head to put the fire out. You want those customers 'cause they'll meet you more than halfway. And when you find them, you can obsess about them and you can get better every day. So we want customers with their hair on fire. We want founders who have empathy for those customers, understand what is going to be required to serve them really well, and have what I like to call founder-market fit to be able to build the products that those customers are going to need. >> And because that's a good strategy from an emerging, not yet fully baked out requirements definition. >> Jon: That's right. >> Enough where directionally they're leaning in, more than in, they're part of the product development process. >> That's right. And when you're doing early stage development, which is where I personally spend a lot of my time at the seed and A and a little bit beyond that stage often that's going to be what you have to go on because the future is going to be so complex that you can't see the curves beyond it. But if you have customers with their hair on fire and talented founders who have the capability to serve those customers, that's got me interested. >> So if I'm an entrepreneur, I walk in and say, "I have customers that have their hair on fire." What kind of checks do you write? What's the kind of the average you're seeing for seed and series? Probably seed, seed rounds and series As. >> It can depend. I have seen seed rounds of double digit million dollars. I have seen seed rounds much smaller than that. It really depends on what is going to be the right thing for these founders to prove out the hypothesis that they're testing that says, "Look, we have this customer with her hair on fire. We think we can build at least a tennis racket that she can use to start beating herself over the head and put the fire out. And then we're going to have something really interesting that we can scale up from there and we can make the future happen. >> So it sounds like your advice to founders is go out and find some customers, show them a product, don't obsess over full completion, get some sort of vibe on fit and go from there. >> Yeah, and I think by the time founders come to me they may not have a product, they may not have a deck, but if they have a customer with her hair on fire, then I'm really interested. >> Well, I always love the professional services angle on these markets. You go in and you get some business and you understand it. Walk away if you don't like it, but you see the hair on fire, then you go in product mode. >> That's right. >> All Right, Jon, thank you for coming on theCUBE. Really appreciate you stopping by the studio and good luck on your investments. Great to see you. >> You too. >> Thanks for coming on. >> Thank you, Jon. >> CUBE coverage here at Palo Alto. I'm John Furrier, your host. More coverage with CUBE Conversations after this break. (upbeat music)

(rousing music) >> Hello everyone. Welcome back to "theCUBE's" day one coverage of Cloud Native Security Con 23. This is going to be an exciting panel. I've got three great guests. I'm Lisa Martin, you know our esteemed analysts, John Furrier, and Dave Vellante well. And we're excited to welcome to "theCUBE" for the first time, Yves Sandfort, the CEO of Comdivision Group, who's coming to us from Germany. As you know, Cloud Native Security Con is a global event. Everyone welcome Yves, great to have you in particular. Welcome to "theCUBE." >> Great to be here. >> Thank you for inviting me. >> Yves, tell us a little bit, before we dig into really wanting to understand your perspectives on the event and get Dave and John's feedback as well, tell us a little bit about you. >> So yeah, talking about me, or talking about Comdivision real quick. We are in the business for over 27 years already. We started as a SaaS company, then became more like an architecture and, and Cloud Native company over the last few years. But what's interesting is, and I think that's, that's, that's really interesting when we look at our industry. It hasn't really, the requirements haven't really changed over the years. It's still security. We still have to figure out how we deal with security. We still have to figure out how we deal with compliance and everything else. And I think therefore, it's more and more important that we take these items more seriously. Also, based on the fact that when we look at it, how development and other things happen nowadays, it's, it's, everybody says it's like open source. It's great because everybody can look into the code. We, I think the last few years have shown us enough example that that's not necessarily solving all the issues, but it's also code and development has changed rapidly when we look at the Cloud Native approach, where it's far more about gluing the pieces together, versus the development pieces. When I was actually doing software development 25 years ago, and had to basically build my code because I didn't have that much internet access for it. So it has evolved, but even back then we had to deal with security and everything. >> Right. The focus on security is, is incredibly important, and the focus keeps growing as you mentioned. This is, guys, and I want to get your perspectives on this. We're going to start with John. This is the first time Cloud Native Security Con is its own event being extracted from, and amplified from KubeCon. John, I want to understand from your perspective, break down the event, what you see, what you've heard, and Cloud Native Security in general. What does this mean to companies? What does it mean to customers? Is this a reality? >> Well, I think that's the topic we want to discuss, and I think Yves background, you see the VMware certification, I love that. Because what VMware did with virtualization, was abstract that from server virtualization, kind of really changed the game on things, and you start to see Cloud Native kind of go that next level of how companies will be operating their business, not just digital transformation, as digital transformation goes to completion, it's total business transformation where IT is everywhere. And so you're starting to see the trends where, "Okay, that's happening." Now you're starting to see, that's Cloud Native Con, or KubeCon, AWS re:Invent, or whatever show, or whatever way you want to look at it. But in, in the past decade, past five years, security has always been front and center as almost a separate thing, and, in and of itself, but the same thing. So you're starting to see the breakout of security conversations around how to make things work. So a lot of operational conversations around what used to be DevOps makes infrastructure as code, and that was great, that fueled that. Then DevSecOps came. So the Cloud Native next level, is more application development at scale, developers driving the standards with developer first thinking, shifting left, I get all that. But down in the lower ends of the stack, you got real operational issues. DNS we've heard in the keynote, we heard about the Colonel, the Lennox Colonel. Things that need to be managed and taken care of at a security level. These are like, seem like in the weeds, but you're starting to see that happen. And the other thing that I think's real about Cloud Native Security Con that's going to be interesting to watch, is Amazon has pretty much canceled all their re:Invent like shows except for two; Re:Invent, which is their annual conference, and Re:Inforce, which is dedicated to securities. So Cloud Native, Linux, the Linux Foundation has now breaking out Cloud Native Con and KubeCon, and now Cloud Native Security Con. They can't call it KubeCon because it's not Kubernetes, but it's like security focus. I think this is the beginning of starting to see this new developer driving, developers driving the standards, and it has it implications, what used to be called IT ops, and that's like the VMwares of the world. You saw all the stuff that was not at developer focus, but more ops, becoming much more in the application. So I think, I think it's real. The question is where does it go? How fast does it develop? So to me, I think it's a real trend, and it's worthy of a breakout, but it's not yet clear of where the landing zone is for people to start doing it, how they get started, what are the best practices. Machine learning's going to be a big part of this. So to me it's totally cool, but I'm not yet seeing the beachhead. So that's kind of my take. >> Dave, our inventor and host of breaking analysis, what's your take? >> So when you, I think when you zoom out, there's some, there's a big macro change that's been going on. I think when you look back, let's say 10, 12 years ago, the, the need for speed far trumped the, the, the security aspect, the governance, the data privacy. It was like, "Yeah, the risks, they're not that great compared to our opportunity." That has completely changed because the risks are now so much higher. And so what's happening, I think there's a, there's a major effort amongst CIOs and CISOs to try to make security not a blocker because it use to be, it still is. "Okay, I got this great initiative." Eh, give it to the SecOps pros, and let them take it for a while before we can go to market. And so a huge challenge now is to simplify, automate, AI comes in, the whole supply chain security, so the, so the companies can not be facing so much friction. And that is non-trivial. I don't think we're anywhere close there, but I think the goal is by, within the next several years, we're going to be in a position, that security, we heard today, is, wasn't designed in to the initial internet protocols. It was bolted on. And so increasingly, the fundamental architecture of the internet, the Cloud, et cetera, is, is seeing designed in security, and, and that is an imperative, or else business is going to come to a grinding halt. >> Right. It's no longer, the bolt no longer works. Yves, what's your perspective on Cloud Native Security, where it stands today? What's in it for customers, whether we're talking about banks, or hospitals, or retailers, what do you think? >> I think when we, when we look at security in the, in the modern world, is we need to as, as Dave mentioned, we need to rethink how we apply it. Very often, security in the past has been always bolted on in the end. If we continue to do that, it'll become more and more difficult, because as companies evolve, and as companies want to bring products and software to market in a much faster and faster way, it's getting more and more difficult if we bolt on the security process at the end. It's like, developers build something and then someone checks security. That's not going to work any longer. Especially if we also consider now the changes in the industry. We had Stack Overflow over the last 10 years. If I would've had Stack Overflow 15, 20, what, 25 years ago when I was a developer, it would've changed a hell lot. Looking at it now, and looking at it what we had in the last few weeks, it's like where nearly all of my team members say is like finally I don't need any script kiddies anymore because I can't go to (indistinct) who writes the code for me. Which is on one end great, because it enables us to solve certain problems in a much higher pace. But the challenge with that is, if the people who just copy and past that code, don't understand the implications of that code, we have a much higher risk continuously. And what people thought was, is challenging with Stack Overflow. Imagine that something in one of these AI engines, is actually going ballistic, and it creates holes in nearly every one of these applications. And trust me, there will be enough developers who are going to use these tools to develop codes, the same as students in university are going to take this to write their essays and everything else. And so it's really important that every developer team basically has a security person within their team, and not a security at the end. So we build something, we check it, go through QA, and then it goes to security. Security needs to be at the forefront. And I think that's where we see Cloud Native Security Con, where we see AWS. I saw it during re:Invent already where they said is like, we have reinforced next year. I think this becomes more and more of a topic, and I think companies, as much as it is become a norm that you have a firewall and everything else, it needs to become a norm that when you are doing software development, and every development team needs to have a security person on that needs to be trained. >> I love that chat comment Dave, 'cause you and I were talking about this. And I think that is going to be the issue. Do we need security chat for the chat bot? And there's like a, like a recursive model there. The biases are built in. I think, and I think our interview with the Palo Alto Network's co-founder, Dave, when he talked about zero trust as a structured way to start things, but he was referencing that with Cloud, there's a chance to rethink or do a do-over in security. So, I think this is kind of to me, where this is all going. And I think you asked Pat Gelsinger what, year 2013, 2014, can, is security a do over? I think we're in that do over time. >> He said yes. >> He said yes. (laughing) He was right. But yeah, eight years later... But this is, how do you, zero trust gives you some structure, but how do you organize and redo security? Because to me, I think that's what's happening here. >> And John you heard, Zuk at Palo Alto Network said, "Yeah, the, the words security and architecture, they don't go together historically." And so it is a total, total retake. >> Well is that because there's too many tools out there and- >> Yeah. For sure. >> Yeah, well, first of all, a lot of hardware. And then yeah, a lot of tools. You even see IIOT and industry 40, you see IOT security coming up as another stove pipe, and that's not the right approach. And, and so- >> Well let me, let me ask you a question Dave, and Yves, if you don't mind. 'Cause I was just riffing on this yesterday about this. In the ML space, you're seeing the ML models, you're seeing proprietary models versus open source. Is security going to go down this proprietary security methods and open source? Because that's interesting, because the CNCF is run by the the Linux Foundation. So you can almost maybe see a model where there's more proprietary security methods than open source. Or is it, is that a non-issue? >> I would, I would, let me, if I, if I jump in here first, I think the last, especially last five or 10 years have clearly shown the, the whole and, and I invested early on in the, in the end 90s in several open source startups in the Bay area. So, I'm well behind the whole open source idea and, and mid (indistinct) and others back then several times. But the point is, I think what we have seen is open source is not in general, more secure or less secure, because code is too complex nowadays. You have millions of lines of code, and it's not that either one way or the other is going to solve it. The ways I think we are going to look at it is more is what's the role to market, because only because something is open source doesn't necessarily mean it's going to be available for everyone. And the same for proprietary source from that perspective, even though everybody mixes licensing and payments and all that all the time, but it doesn't necessarily have anything to do with it. But I think as we are going through it, and when we also look at the industry, security industry over the last 10 plus years has been primarily hardware focused. And a lot of these vendors have done a good business out of selling hardware boxes, putting software on top of it. Whereas in reality, those were still X86 standard boxes in the end. So it was not that we had specific security ethics or anything like that in there anymore. And so overall, the question of the market is going to change. And as we are looking into Cloud Native, think about someone like an AWS, do you really envision them to have a hardware box of every supplier in their data center, and that in every availability zone in every region? Same for Microsoft, same for Google, etc? So we need to have new ways on how we can apply security. And that applies both on the backend services, but also on the front end side. >> And if I, and if I could chime in, I think the, the good, I think the answer is, is, is no and yes. And what I mean by that is if you take, antivirus and known malware, I mean pretty much anybody today can, can solve that problem, it's the unknown malware. So I think the yes part of the answer is yes, it's, it's going to be proprietary, but in the sense we're going to use open source tooling, and then apply that in a proprietary way with, with specific algorithms and unique architectures that are going to solve problems. For example, XDR with, with unknown malware. So, and that's the, that's the hard part. As somebody said, I think this morning at the keynote, it's, it's all the stuff that, that the SecOps team couldn't find. That's the really hard part. >> (laughs) Well the question will be will, is the new IP, the ability to feed ChatGPT some magical spelled insertion query string that does the job, that's unique, that might be the new IP, the the question to ask. >> Well, that's what the hackers are going to do. And I, they're on offense. (John laughs) And the offense knows what play is coming. So, they're going to start. >> So guys, let's take this conversation up a level. I want to get your perspectives on what's in this for me as a customer? We know security is a board level conversation. We talk about this all the time. We also know that they're based on, I think David, was the conversations that you and I had, with Palo Alto Networks at Ignite in December. There's a, there's a lack of alignment between the executives and the board from a security perspective. When we talk about Cloud Native Security, we all talked about the value in that, what's in it for customers? I want to get your perspectives on should this be a board level conversation, and if so, how do you advise organizations, whether it is a hospital, or a bank, or an organization that is really affected by things like ransomware? How should they be thinking about this from an organizational perspective? >> Well, I'll start first, because we had this conversation during our Super Cloud event last month, and this comes up a lot. And this is, the CEO board level. Yes it is a board level conversation for security, as is application development as in terms of transforming their business to be competitive, not to be on the wrong side of history with this wave coming. So I think that's more of a management. But the issue is, they tell their people, "Go do it." And they're like, 'cause they get sold on the idea of, "Hey, won't you transform your business, and everything's going to be data driven, and machine learning's going to power your apps, get new customers, be profitable." "Oh, sign me up for that." When you have to implement this, it's really hard. And I think the core issue is, where are companies in their life cycle of the ability to execute and architect this thing properly as Dave said, Nick Zuk said, "You can't have architecture and security, you need platforms." So, I think the re-platforming, and the re-factoring of business is a big factor, and that's got to get down into the, the organizational shifts and the people to do it. So are there skills? Do I do a managed service? How do I architect it? Are there more services? Are there developers doing applications that are going to be more agile? So, this is not an easy thing. And to move a business from IT operations that is proven, to be positioned for this enablement, is just really difficult. And it's expensive. And if you screw it up, you could be, could be on the wrong side of things. So, to me, that's the big issue is, you sell the dream and then you got to implement it. And that's really difficult. >> Yves, give us your perspective on, based on John's comments, how do organizations shift so dramatically? There's a cultural element there as well, but there's also organizations that are, have competitive competitors in the rear view mirror, and there's time to waste. What are your thoughts on that? >> I think that's exactly the point. It's like, as an organization, you need to take the decision between the time, the risk, and all the other elements we have into this game. Because you can try to achieve 100% security, but that's exactly the same as trying to, to protect gold or anything else 100%. It's most likely not going to be from a risk perspective anyway sensible. And that's the same from a corporational perspective. When you look at building new internet services, or IOT services, or any kind of new shopping experience or whatever else, you need to balance out between the risks and the advantages out of it. And you also need to be accepting that you potentially on the way make mistakes, but then it's more important than ever that you are able to quickly fix any mistakes, and to adjust to anything what's happening in the market. Because as we are building all these new Cloud Native applications, and build up all these skill sets, one of the big scenarios is we are far more depending on individual building blocks. These building blocks come out of open source communities, which have a much different way. When we look back in software development, back then we had application servers from Oracle, Web Logic, whatsoever, they had a release cycles of every three to six months. As now we have to deal with open source, where sometimes release cycles are on a four week schedule, in between security patches. So you need to be much faster in adopting that, checking that, implementing that, getting things to work. So there is a security stretch from that perspective. There is a speech stretch on the other thing companies have to deal with, and on the other side it's always a measurement between the risk, and the security you can afford. Because reality is, you will not be 100% protected no matter what you do. So, you need to balance out what you as an organization can actually build on. But I think, coming back also to the point, it's on the bot level nowadays. It's like nearly every discussion we have with companies nowadays as they move into the Cloud, especially also here in Europe where for the last five years, it was always, it's like "It's data privacy." Data privacy is no longer, I mean, yes, for certain people, it's still the point, but for many more people it's like, "How protected is my data?" "What do we do in case of ransomware attack?" "What do we do in case of a denial of service?" All of these things become more vulnerable, where in the past you were discussing these things with a becking page, or, or like a stock exchange. They were, it's like, "What the hell is going to happen if we have a denial of service?" Now all of the sudden, this now affects nearly everyone in their storefronts and everything else, because everything is depending on it. >> Yeah, I think you're right on. You think about how cultural change occurs, it's bottom ups or, bottom up, top down or middle out. And what, what's happened with security is the people in the security team cared about it, they were the, everybody said, "Oh, it's their problem." And then it just did an end run to the board, kind of mid, early last decade. And then the board sort of pushed that down. And the line of business is realizing, "Holy cow. My business, my EBIT can be dramatically affected by this, so I care." Now it's this whole house, cultural team sport. I know it's sort of a, a cliche, but it, it's true. Everybody actually is beginning to care about security because the risks are now so high, and it's going to affect not only the bottom line of the company, the bottom line of the business, their job, it's, it's, it's virtually everywhere. It's a huge cultural shift that we're seeing. >> And that's a big challenge for organizations in any industry. And Yves, you talked about ransomware service. Every industry across the globe is vulnerable to this. But how can, maybe John, we'll start with you. How can Cloud Native Security help organizations if they're able to embrace it, operationally, culturally, dial down some of the vulnerabilities that just seem to keep growing? >> Well, I mean that's the big question. The breaches are, are critical. The governances also could be a way that anchors down growth. So I think the balance between the governance compliance piece of it is key, but making the developers faster and more productive is the key to me. And I think having the security paradigm where they're not blockers, as Dave said, is critical. So I love the whole shift left, but now that we have more data focused initiatives around how that, you can use data to understand the security issues, I think data and security are together, and I think there's a going to be a data operating system model emerging, where data and security will be almost one thing. And that will be set up by the security teams, and the data teams together. And that will feed guardrails into the developer environment. So the developer should feel no pain at all in doing this. So I think the best practice will end up being what we're seeing with supply chain, security, with making sure code's verified. And you're going to see the container, security side completely address has been, and KubeCon, we just, I asked Scott Johnson, the CEO of Docker, and I asked him directly, "Are you guys all tight on container security?" He said, yes, but other people are suggesting that's not true. There's a lot of issues with the container security. So, there's all kinds of areas where there's holes. So Cloud Native is cool on one hand, and very relevant, but if it's not shored up, it's going to be a problem. But I, so I think that's where the action will be, at the developer pipeline, in the containers, and the data. So, that will be very relevant, and if companies nail that, they'll be faster, they'll have better apps, and that'll be the differentiator. And again, if they don't on this next wave, they're going to be driftwood. >> Dave, how do they prevent becoming driftwood? >> Well, I think Cloud has had a huge impact. And a Cloud's by no means a panacea, but let's face it, it's dramatically improved a lot of companies security posture. Now there's still that shared responsibility. Even though an S3 bucket is encrypted, it's still your responsibility to make sure that it doesn't get decrypted by somebody who has access to it. So there are things like that, but to Yve's earlier point, that can be, that's done through software now, it's done through best practices. Those best practices can be shared. So the way you, you don't become driftwood, is you start to, you step back, rethink that security architecture as we were talking about earlier, take advantage of the Cloud, take advantage of Cloud Native, and all the, the rapid pace of innovation that's occurring there, and you don't use, it's called before, The audit is the last line of defense. That's no longer a check box item. "Oh yeah, we're in compliance." It's, this is a business imperative, and because we're going to reduce our expected loss and reduce our business risk. That's part of the business case today. >> Yeah. >> It's a huge, critically important part of the business case. Yves, question for you. If you're in an elevator with a CEO, a CFO, and a CISO, and they're talking about security and Cloud Native Security, what's your value proposition to them on a, on a say a 32nd elevator ride? >> Difficult story. I think at the moment, the most important part is, we need to get people to work together, and we need to train people to work more much better together. I think that's the overall most important part for all of these solutions, because in the end, security is always a person issue. If, we can have the best tools in the industry, as long as we don't get all of these teams to work together, then we have a problem. If the security team is always seen as the end of the solution to fix everything, that's not going to work because they always are the bad guys in the game. And so we need to bring the teams together. And once we have the teams work together, I think we have a far better track on, on maintaining security. >> John and Dave, I want to get your perspectives on what Yves just said. In all the experience that the two of you have as industry analysts here on "theCUBE," Wikibon, Siliconangle Media. How do you advise organizations to get those teams together? As Eve said, that alignment is critical, but John, we'll start with you, then Dave go to you. What's your advice for organizations that need to align those teams and really don't have a lot of time to wait to do it? >> (chuckling) That's a great question. I think, I think that's everyone pays hundreds of thousands of millions of dollars to get that advice from these consultants, organizations out there doing the transformations. But I think it comes down to personnel and commitment. I think if there's a C-level commitment to the effort, you'll see the institutional structure change. So you can see really getting behind it with their, with their wallet and their, and their support of either getting more personnel to support and assist, or manage services, or giving the power to the teams to execute and doing it in a way that, that's, that's well known and best practices. Start small, build out the pilots, build the platform, and then start getting it right. And I think that's the key. Not the magic wand, the old model of rolling out stuff in, in six month cycles. It's really, get the proof points, double down and change the culture, but also execute and have real metrics. And changing the architecture, like having more penetration tests as a service. Doing pen tests is like a joke now. So that doesn't make any sense. You got to have that built in almost every day, and every minute. So, these kinds of new techniques have to be implemented and have to be tried. So that's why these communities are growing. That's why I like what open source has been doing, and I like the open source as the place to have these conversations, because that's where the action will be for new stuff. And I think people will implement open source like they did before, but with different ways, better testing, better supply chain on the software side, verifying code. So, I see open source actually getting a tailwind from this, not a headwind. So, I'm bullish on the open source piece here on, on all levels, machine learning- >> Lisa, my answer is intramural sports. And it's 'cause I think it's cultural. And what I mean by that, is you take your your best and brightest security, and this is what frankly, a lot of CISOs do, an examples is Lena Smart, MongoDB. Take your best and brightest security pros, make them captains of the intramural teams, and pair them up with pods of individuals across the organization, which is most people who don't know anything about security, and put them together, so that they can, they, so that the folks that understand security can, can realize how little people know, what, what, what, how, what the worst practices that are out there in the reverse, how they can cross pollinate. And they do that on a regular basis, I know at Mongo and other companies. And that kind of cultural assimilation is a starting point for how you get security awareness up to your question around making it a team sport. >> Absolutely critical. Yves, I want to kind of wrap things with you. We've got a couple of minutes left. When you're really looking at the Cloud Native community, the growth of it, we talked about earlier in the program, Cloud Native Security Con being now extracted and elevated out of KubeCon, what are your thoughts on the groundswell that this community is generating around Cloud Native Security, the benefits that organizations will achieve from it? >> I think overall, when we have these securities conferences, or these security arms a bit spread out and separated out of the main conference, it helps to a certain degree, because especially in the security space, when you look at at other like black hat or white hat conferences and things like that in the past, although they were not focused on Cloud Native, a lot of these security folks didn't feel well taken care of in any of the other conferences because they were always these, it's like they are always blocking us, they're always making us problems, and all these kinds of things. Now that we really take the Cloud Native piece and the security piece together, or like AWS does it with re:Inforce, I think we will see more and more that people understand is that security is a permanent topic we need to cover, but we need to bring different people together, because security also has compliance and a lot of other components in there. So we will see at these conferences moving forward, also a different audience. It's not going to be only the Cloud Native developers. And if I see some of these security audiences, I can't really imagine them to really be at KubeCon because there is too much other things going on. And you couldn't really see much of that at re:Invent because re:Invent by itself has become a complete monster of a conference. It covers too many topics. And so having this very, very important security piece separated, also gives the opportunity, I think, that we can bring in the security people, but also have the type of board level discussions potentially, between the leaders of the industry, to also discuss on how we can evolve, how we can make things better, and how, how we can actually, yeah, evolve our industry for it. Because let's face it, that threat is not going to go away. It's, it's a business. And one of the last security conferences I was on, on the ransomware part, it was one of the topics someone said is like, "Look, currently on average, it takes a hacker group roughly around they said 15 to 20 K to break into a company, and they on average make 100K. It's a business, let's face it. And it's a business we don't like. And ethically, it's no discussion that this is not good, but that's something which is happening. People are making money with it. And as long as that's going to go on, and we have enough countries where these people can hide, it's going to stay and survive. And so, with that being said, it's important for us to really build an industry around this. But I also think it's good that we have separate conferences. In the past we had more the RSA conference, which tried to cover all of these areas. But that is not really fitting Cloud Native and everything else. So I think it's good that we have these new opportunities, the Cloud Native one, but also what AWS brings up for someone. >> Yves, you just nailed it. It just comes down to simple math. It's a fraction. Revenue over cost. And if you could increase the hacker's cost, increase the denominator, their ROI will go down. And that is the game. >> Great point, Dave. What I'm hearing guys, and we can talk about technology for days and days. I know all of you. But there's, there's a big component that, that the elevation of Cloud Native Security, on its own as standalone is critical, as is the people component. You guys all talked about that. We talked about the cultural change necessary for that. Hopefully what we're seeing with Cloud Native Security Con 23, this first event is going to give us more insight over the next couple of days, and the next months or so, as to how this elevation, and how the people can come together to really help organizations from a math perspective as, as Dave talked about, really dial down the risks there, understand more of the vulnerabilities so that ransomware as a service is not as lucrative as it is today. Guys, so much appreciate your time, really breaking down Cloud Native Security, the value in it from different perspectives, and what your thoughts are on where it's going. Thanks so much for your time. >> All right. Thanks. >> Thanks, Lisa. >> Thank you. >> Thanks, Yves. >> All right. For my guests, I'm Lisa Martin. You're watching theCUBE's day one coverage of Cloud Native Security Con 23. Thanks for watching. (rousing music)

(bright music) >> Welcome back everyone. theCube's live coverage here. Day two, of two sets, three days of theCube coverage here at VMware Explore. This is our 12th year covering VMware's annual conference, formerly called VM World. I'm John Furrier, with Dave Vellante. We'd love seeing the progress and we've got great security comes Tom Gill, senior vices, president general manager, networking and advanced security business group at VMware. Great to see you. Thanks for coming on. >> Thanks. for having me. >> Yeah, really happy we could have you on. >> I think this is my sixth edition on the theCube. Do I get frequent flyer points or anything? >> Yeah. >> You first get the VIP badge. We'll make that happen. You can start getting credits. >> Okay, there we go. >> We won't interrupt you. Seriously, you got a great story in security here. The security story is kind of embedded everywhere, so it's not called out and blown up and talked specifically about on stage. It's kind of in all the narratives in the VM World for this year. But you guys have an amazing security story. So let's just step back and to set context. Tell us the security story for what's going on here at VMware and what that means to this supercloud, multi-cloud and ongoing innovation with VMware. >> Yeah, sure thing. So probably the first thing I'll point out is that security's not just built in at VMware. It's built differently. So, we're not just taking existing security controls and cut and pasting them into our software. But we can do things because of our platform, because of the virtualization layer that you really can't do with other security tools. And where we're very, very focused is what we call lateral security or East-West movement of an attacker. 'Cause frankly, that's the name of the game these days. Attackers, you've got to assume that they're already in your network. Already assume that they're there. Then how do we make it hard for them to get to the stuff that you really want? Which is the data that they're going after. And that's where we really should. >> All right. So we've been talking a lot, coming into VMware Explore, and here, the event. About two things. Security, as a state. >> Yeah. >> I'm secure right now. >> Yeah. >> Or I think I'm secure right now, even though someone might be in my network or in my environment. To the notion of being defensible. >> Yeah. >> Meaning I have to defend and be ready at a moment's notice to attack, fight, push back, red team, blue team. Whatever you're going to call it. But something's happening. I got to be able to defend. >> Yeah. So what you're talking about is the principle of Zero Trust. When I first started doing security, the model was we have a perimeter. And everything on one side of the perimeter is dirty, ugly, old internet. And everything on this side, known good, trusted. What could possibly go wrong. And I think we've seen that no matter how good you make that perimeter, bad guys find a way in. So Zero Trust says, you know what? Let's just assume they're already in. Let's assume they're there. How do we make it hard for them to move around within the infrastructure and get to the really valuable assets? 'Cause for example, if they bust into your laptop, you click on a link and they get code running on your machine. They might find some interesting things on your machine. But they're not going to find 250 million credit cards. >> Right. >> Or the script of a new movie or the super secret aircraft plans. That lives in a database somewhere. And so it's that movement from your laptop to that database. That's where the damage is done and that's where VMware shines. >> So if they don't have the right to get to that database, they're not in. >> And it's not even just the right. So they're so clever and so sneaky that they'll steal a credential off your machine, go to another machine, steal a credential off of that. So, it's like they have the key to unlock each one of these doors. And we've gotten good enough where we can look at that lateral movement, even though it has a credential and a key, we're like wait a minute. That's not a real CIS Admin making a change. That's ransomware. And that's where you. >> You have to earn your way in. >> That's right. That's right. Yeah. >> And we're all kinds of configuration errors. But also some user problems. I've heard one story where there's so many passwords and username and passwords and systems that the bad guys scour, the dark web for passwords that have been exposed. >> Correct. >> And go test them against different accounts. Oh one hit over here. >> Correct. >> And people don't change their passwords all the time. >> Correct. >> That's a known vector. >> Just the idea that users are going to be perfect and never make a mistake. How long have we been doing this? Humans are the weakest link. So people are going to make mistakes. Attackers are going to be in. Here's another way of thinking about it. Remember log4j? Remember that whole fiasco? Remember that was at Christmas time. That was nine months ago. And whoever came up with that vulnerability, they basically had a skeleton key that could access every network on the planet. I don't know if a single customer that said, "Oh yeah, I wasn't impacted by log4j." So here's some organized entity had access to every network on the planet. What was the big breach? What was that movie script that got stolen? So there wasn't one, right? We haven't heard anything. So the point is, the goal of attackers is to get in and stay in. Imagine someone breaks into your house, steals your laptop and runs. That's a breach. Imagine someone breaks into your house and stays for nine months. It's untenable, in the real world, right? >> Right. >> We don't know in there, hiding in the closet. >> They're still in. >> They're watching everything. >> Hiding in your closet, exactly. >> Moving around, nibbling on your cookies. >> Drinking your beer. >> Yeah. >> So let's talk about how this translates into the new reality of cloud-native. Because now you hear about automated pentesting is a new hot thing right now. You got antivirus on data is hot within APIs, for instance. >> Yeah. >> API security. So all kinds of new hot areas. Cloud-native is very iterative. You know, you can't do a pentest every week. >> Right. >> You got to do it every second. >> So this is where it's going. It's not so much simulation. It's actually real testing. >> Right. Right. >> How do you view that? How does that fit into this? 'cause that seems like a good direction to me. >> Yeah. If it's right in, and you were talking to my buddy, Ahjay, earlier about what VMware can do to help our customers build cloud native applications with Tanzu. My team is focused on how do we secure those applications? So where VMware wants to be the best in the world is securing these applications from within. Looking at the individual piece parts and how they talk to each other and figuring out, wait a minute, that should never happen. By almost having an x-ray machine on the innards of the application. So we do it for both for VMs and for container based applications. So traditional apps are VM based. Modern apps are container based. And we have a slightly different insertion mechanism. It's the same idea. So for VMs, we do it with a hypervisor with NSX. We see all the inner workings. In a container world we have this thing called a service mesh that lets us look at each little snippet of code and how they talk to each other. And once you can see that stuff, then you can actually apply. It's almost like common sense logic of like, wait a minute. This API is giving back credit card numbers and it gives five an hour. All of a sudden, it's now asking for 20,000 or a million credit cards. That doesn't make any sense. The anomalies stick out like a sore thumb. If you can see them. At VMware, our unique focus in the infrastructure is that we can see each one of these little transactions and understand the conversation. That's what makes us so good at that East-West or lateral security. >> You don't belong in this room, get out or that that's some weird call from an in memory database, something over here. >> Exactly. Where other security solutions won't even see that. It's not like there algorithms aren't as good as ours or better or worse. It's the access to the data. We see the inner plumbing of the app and therefore we can protect the app from. >> And there's another dimension that I want to get in the table here. 'Cause to my knowledge only AWS, Google, I believe Microsoft and Alibaba and VMware have this. >> Correct >> It's Nitro. The equivalent of a Nitro. >> Yes. >> Project Monterey. >> Yeah. >> That's unique. It's the future of computing architectures. Everybody needs a Nitro. I've written about this. >> Yeah. >> Right. So explain your version. >> Yeah. >> It's now real. >> Yeah. >> It's now in the market, right? >> Yeah. >> Or soon will be. >> Here's our mission. >> Salient aspects. >> Yeah. Here's our mission of VMware. Is that we want to make every one of our enterprise customers. We want their private cloud to be as nimble, as agile, as efficient as the public cloud. >> And secure. >> And secure. In fact, I'll argue, we can make it actually more secure because we're thinking about putting security everywhere in this infrastructure. Not just on the edges of it. Okay. How do we go on that journey? As you pointed out, the public cloud providers realized five years ago that the right way to build computers was not just a CPU and a graphics process unit, GPU. But there's this third thing that the industry's calling a DPU, data processing unit. And so there's kind of three pieces of a computer. And the DPU is sometimes called a Smartnic. It's the network interface card. It does all that network handling and analytics and it takes it off the CPU. So they've been building and deploying those systems themselves. That's what Nitro is. And so we have been working with the major Silicon vendors to bring that architecture to everybody. So with vSphere 8, we have the ability to take the network processing, that East-West inspection I talked about, take it off of the CPU and put it into this dedicated processing element called the DPU and free up the CPU to run the applications that Ahjay and team are building. >> So no performance degradation at all? >> Correct. To CPU offload. >> So even the opposite, right? I mean you're running it basically Bare Metal speeds. >> Yes, yes and yes. >> And you're also isolating the storage from the security, the management, and. >> There's an isolation angle to this, which is that firewall, that we're putting everywhere. Not just that the perimeter, but we put it in each little piece of the server is running when it runs on one of these DPUs it's a different memory space. So even if an attacker gets to root in the OS, they it's very, very, never say never, but it's very difficult. >> So who has access to that resource? >> Pretty much just the infrastructure layer, the cloud provider. So it's Amazon, Google, Microsoft, and the enterprise. >> Application can't get in. >> Can't get in there. Cause you would've to literally bridge from one memory space to another. Never say never, but it would be very. >> But it hasn't earned the trust to get. >> It's more than barbwire. It's multiple walls. >> Yes. And it's like an air gap. It puts an air gap in the server itself so that if the server is compromised, it's not going to get into the network. Really powerful. >> What's the big thing that you're seeing with this supercloud transition. We're seeing multi-cloud and this new, not just SaaS hosted on the cloud. >> Yeah. >> You're seeing a much different dynamic of, combination of large scale CapEx, cloud-native, and then now cloud-native drills on premises and edge. Kind of changing what a cloud looks like if the cloud's on a cloud. >> Yeah. >> So we're the customer, I'm building on a cloud and I have on premise stuff. So, I'm getting scale CapEx relief from the hyperscalers. >> I think there's an important nuance on what you're talking about. Which is in the early days of the cloud customers. Remember those first skepticism? Oh, it'll never work. Oh, that's consumer grade. Oh, that's not really going to work. Oh some people realize. >> It's not secure. >> Yeah. It's not secure. >> That one's like, no, no, no it's secure. It works. And it's good. So then there was this sort of over rush. Let's put everything on the cloud. And I had a lot of customers that took VM based applications said, I'm going to move those onto the cloud. You got to take them all apart, put them on the cloud and put them all back together again. And little tiny details like changing an IP address. It's actually much harder than it looks. So my argument is, for existing workloads for VM based workloads, we are VMware. We're so good at running VM based workloads. And now we run them on anybody's cloud. So whether it's your east coast data center, your west coast data center, Amazon, Google, Microsoft, Alibaba, IBM keep going. We pretty much every. >> And the benefit of the customer is what. >> You can literally VMotion and just pick it up and move it from private to public, public to private, private to public, Back and forth. >> Remember when we called Vmotion BS, years ago? >> Yeah. Yeah. >> VMotion is powerful. >> We were very skeptical. We're like, that'll never happen. I mean we were. This supposed to be pat ourselves on the back. >> Well because alchemy. It seems like what you can't possibly do that. And now we do it across clouds. So it's not quite VMotion, but it's the same idea. You can just move these things over. I have one customer that had a production data center in the Ukraine. Things got super tense, super fast and they had to go from their private cloud data center in the Ukraine, to a public cloud data center out of harm's way. They did it over a weekend. 48 hours. If you've ever migrated a data center, that's usually six months. Right. And a lot of heartburn and a lot of angst. Boop. They just drag and dropped and moved it on over. That's the power of what we call the cloud operating model. And you can only do this when all your infrastructures defined in software. If you're relying on hardware, load balancers, hardware, firewalls, you can't move those. They're like a boat anchor. You're stuck with them. And by the way, they're really, really expensive. And by the way, they eat a lot of power. So that was an architecture from the 90's. In the cloud operating model your data center. And this comes back to what you were talking about is just racks and racks of X86 with these magic DPUs, or smart nics, to make any individual node go blisteringly fast and do all the functions that you used to do in network appliances. >> We just had Ahjay taking us to school, and everyone else to school on applications, middleware, abstraction layer. And Kit Culbert was also talking about this across cloud. We're talking supercloud, super pass. If this continues to happen, which we would think it will happen. What does the security posture look like? It feels to me, and again, this is your wheelhouse. If supercloud happens with this kind of past layer where there's vMotioning going on. All kinds of spanning applications and data across environments. >> Yeah. Assume there's an operating system working on behind the scenes. >> Right. >> What's the security posture in all this? >> Yeah. So remember my narrative about the bad guys are getting in and they're moving around and they're so sneaky that they're using legitimate pathways. The only way to stop that stuff, is you've got to understand it at what we call Layer 7. At the application layer. Trying to do security to the infrastructure layer. It was interesting 20 years ago, kind of less interesting 10 years ago. And now it's becoming irrelevant because the infrastructure is oftentimes not even visible. It's buried in some cloud provider. So Layer 7 understanding, application awareness, understanding the APIs and reading the content. That's the name of the game in security. That's what we've been focused on. Nothing to do with the infrastructure. >> And where's the progress bar on that paradigm. One to ten. Ten being everyone's doing it. >> Right now. Well, okay. So we as a vendor can do this today. All the stuff I talked about, reading APIs, understanding the individual services looking at, Hey, wait a minute this credit card anomalies, that's all shipping production code. Where is it in customer adoption life cycle? Early days 10%. So there's a whole lot of headroom for people to understand, Hey, I can put these controls in place. They're software based. They don't require appliances. It's Layer 7, so it has contextual awareness and it's works on every single cloud. >> We talked about the pandemic being an accelerator. It really was a catalyst to really rethink. Remember we used to talk about Pat as a security do over. He's like, yes, if it's the last thing I do, I'm going to fix security. Well, he decided to go try to fix Intel instead. >> He's getting some help from the government. >> But it seems like CISOs have totally rethought their security strategy. And at least in part, as a function of the pandemic. >> When I started at VMware four years ago, Pat sat me down in his office and he said to me what he said to you, which is like, "Tom," he said, "I feel like we have fundamentally changed servers. We fundamentally change storage. We fundamentally change networking. The last piece of the puzzle of security. I want you to go fundamentally change it." And I'll argue that the work that we're doing with this horizontal security, understanding the lateral movement. East- West inspection. It fundamentally changes how security works. It's got nothing to do with firewalls. It's got nothing to do with Endpoint. It's a unique capability that VMware is uniquely suited to deliver on. And so Pat, thanks for the mission. We delivered it and it's available now. >> Those WET web applications firewall for instance are around, I mean. But to your point, the perimeter's gone. >> Exactly. >> And so you got to get, there's no perimeter. so it's a surface area problem. >> Correct. And access. And entry. >> Correct. >> They're entering here easy from some manual error, or misconfiguration or bad password that shouldn't be there. They're in. >> Think about it this way. You put the front door of your house, you put a big strong door and a big lock. That's a firewall. Bad guys come in the window. >> And then the windows open. With a ladder. >> Oh my God. Cause it's hot, bad user behavior trumps good security every time. >> And then they move around room to room. We're the room to room people. We see each little piece of the thing. Wait, that shouldn't happen. Right. >> I want to get you a question that we've been seeing and maybe we're early on this or it might be just a false data point. A lot of CSOs and we're talking to are, and people in industry in the customer environment are looking at CISOs and CSOs, two roles. Chief information security officer, and then chief security officer. Amazon, actually Steven Schmidt is now CSO at Reinforce. They actually called that out. And the interesting point that he made, we had some other situations that verified this, is that physical security is now tied to online, to your point about the service area. If I get a password, I still got the keys to the physical goods too. >> Right. So physical security, whether it's warehouse for them or store or retail. Digital is coming in there. >> Yeah. So is there a CISO anymore? Is it just CSO? What's the role? Or are there two roles you see that evolving? Or is that just circumstance. >> I think it's just one. And I think that the stakes are incredibly high in security. Just look at the impact that these security attacks are having on. Companies get taken down. Equifax market cap was cut 80% with a security breach. So security's gone from being sort of a nuisance to being something that can impact your whole kind of business operation. And then there's a whole nother domain where politics get involved. It determines the fate of nations. I know that sounds grand, but it's true. And so companies care so much about it they're looking for one leader, one throat to choke. One person that's going to lead security in the virtual domain, in the physical domain, in the cyber domain, in the actual. >> I mean, you mention that, but I mean, you look at Ukraine. I mean that cyber is a component of that war. I mean, it's very clear. I mean, that's new. We've never seen. this. >> And in my opinion, the stuff that we see happening in the Ukraine is small potatoes compared to what could happen. >> Yeah. >> So the US, we have a policy of strategic deterrence. Where we develop some of the most sophisticated cyber weapons in the world. We don't use them. And we hope never to use them. Because our adversaries, who could do stuff like, I don't know, wipe out every bank account in North America. Or turn off the lights in New York City. They know that if they were to do something like that, we could do something back. >> This is the red line conversation I want to go there. So, I had this discussion with Robert Gates in 2016 and he said, "We have a lot more to lose." Which is really your point. >> So this brand. >> I agree that there's to have freedom and liberty, you got to strike back with divorce. And that's been our way to balance things out. But with cyber, the red line, people are already in banks. So they're are operating below the red line line. Red line meaning before we know you're in there. So do we move the red line down because, hey, Sony got hacked. The movie. Because they don't have their own militia. >> Yeah. >> If their were physical troops on the shores of LA breaking into the file cabinets. The government would've intervened. >> I agree with you that it creates tension for us in the US because our adversaries don't have the clear delineation between public and private sector. Here you're very, very clear if you're working for the government. Or you work for an private entity. There's no ambiguity on that. >> Collaboration, Tom, and the vendor community. I mean, we've seen efforts to try to. >> That's a good question. >> Monetize private data and private reports. >> So at VMware, I'm very proud of the security capabilities we've built. But we also partner with people that I think of as direct competitors. We've got firewall vendors and Endpoint vendors that we work with and integrate. And so coopetition is something that exists. It's hard. Because when you have these kind of competing. So, could we do more? Of course we probably could. But I do think we've done a fair amount of cooperation, data sharing, product integration, et cetera. And as the threats get worse, you'll probably see us continue to do more. >> And the government is going to trying to force that too. >> And the government also drives standards. So let's talk about crypto. Okay. So there's a new form of encryption coming out called processing quantum. >> Quantum. Quantum computers have the potential to crack any crypto cipher we have today. That's bad. Okay. That's not good at all because our whole system is built around these private communications. So the industry is having conversations about crypto agility. How can we put in place the ability to rapidly iterate the ciphers in encryption. So, when the day quantum becomes available, we can change them and stay ahead of these quantum people. >> Well, didn't NIST just put out a quantum proof algo that's being tested right now by the community? >> There's a lot of work around that. Correct. And NIST is taking the lead on this, but Google's working on it. VMware's working on it. We're very, very active in how do we keep ahead of the attackers and the bad guys? Because this quantum thing is a, it's an x-ray machine. It's like a dilithium crystal that can power a whole ship. It's a really, really, really powerful tool. >> Bad things will happen. >> Bad things could happen. >> Well, Tom, great to have you on the theCube. Thanks for coming on. Take the last minute to just give a plug for what's going on for you here at VMWorld this year, just VMware Explore this year. >> Yeah. We announced a bunch of exciting things. We announced enhancements to our NSX family, with our advanced load balancer. With our edge firewall. And they're all in service of one thing, which is helping our customers make their private cloud like the public cloud. So I like to say 0, 0, 0. If you are in the cloud operating model, you have zero proprietary appliances. You have zero tickets to launch a workload. You have zero network taps and Zero Trust built into everything you do. And that's what we're working on. Pushing that further and further. >> Tom Gill, senior vices president, head of the networking at VMware. Thanks for coming on. We do appreciate it. >> Thanks for having us. >> Always getting the security data. That's killer data and security of the two ops that get the most conversations around DevOps and Cloud Native. This is The theCube bringing you all the action here in San Francisco for VMware Explore 2022. I'm John Furrier with Dave Vellante. Thanks for watching. (bright music)

>>Welcome back everyone Cube's live coverage here. Day two, two sets, three days of cube coverage here at VMware Explorer. This is our 12th year covering VMware's annual conference, formally called world I'm Jean Dave ante. We'd love seeing the progress and we've got great security comes Tom Gill, senior rights, president general manager, networking and advanced security business group at VMware. Great to see you. Thanks for coming on. Thanks >>For having me. Yeah, really happy we could have you on, you know, I think, I think this is my sixth edition on the cube. Like, do I get freaking flyer points or anything? >>Yeah, you get first get the VIP badge. We'll make that happen. You can start getting credits. >>Okay. There we go. >>We won't interrupt you. No, seriously, you got a great story in security here. The security story is kind of embedded everywhere, so it's not like called out and, and blown up and talked specifically about on stage. It's kind of in all the narratives in, in the VM world for this year. Yeah. But you guys have an amazing security story. So let's just step back into set context. Tell us the security story for what's going on here at VMware and what that means to this super cloud multi-cloud and ongoing innovation with VMware. Yeah, >>Sure thing. So, so probably the first thing I'll point out is that, that security's not just built in at VMware it's built differently, right? So we're not just taking existing security controls and cut and pasting them into, into our software. But we can do things because of our platform because of the virtualization layer that you really can't do with other security tools and where we're very, very focused is what we call lateral security or east west movement of an attacker. Cuz frankly, that's the name of the game these days. Right? Attackers, you gotta assume that they're already in your network. Okay. Already assume that they're there, then how do we make it hard for them to get to what the, the stuff that you really want, which is the data that they're, they're going after. Right. And that's where we, >>We really should. All right. So we've been talking a lot coming into world VMware Explorer and here the event about two things security as a state. Yeah. I'm secure right now. Yeah. Or I, I think I'm secure right now, even though someone might be in my network or in my environment to the notion of being defensible. Yeah. Meaning I have to defend and be ready at a moment's notice to attack, fight, push back red team, blue team, whatever you're gonna call it, but something's happening. I gotta be a to defend. Yeah. >>So you, what you're talking about is the principle of zero trust. So the, the, when we, when I first started doing security, the model was we have a perimeter and everything on one side of the perimeter is dirty, ugly, old internet and everything on this side known good, trusted what could possibly go wrong. And I think we've seen that no matter how good you make that perimeter, bad guys find a way in. So zero trust says, you know what? Let's just assume they're already in. Let's assume they're there. How do we make it hard for them to move around within the infrastructure and get to the really valuable assets? Cuz for example, if they bust into your laptop, you click on a link and they get code running on your machine. They might find some interesting things on your machine, but they're not gonna find 250 million credit cards. Right. Or the, the script of a new movie or the super secret aircraft plans, right. That lives in a database somewhere. And so it's that movement from your laptop to that database. That's where the damage is done. Yeah. And that's where VMware shines. If they don't >>Have the right to get to that database, they're >>Not >>In and it's not even just the right, like, so they're so clever. And so sneaky that they'll steal a credential off your machine, go to another machine, steal a credential off of that. So it's like they have the key to unlock each one of these doors and we've gotten good enough where we can look at that lateral movement, even though it has a credential and a key where like, wait a minute, that's not a real CIS admin making a change. That's ransomware. Yeah. Right. And that's, that's where we, you have to earn your way in. That's right. That's >>Right. Yeah. And we're all, there's all kinds of configuration errors. But also some, some I'll just user problems. I've heard one story where there's so many passwords and username and passwords and systems that the bad guy's scour, the dark web for passwords that have been exposed. Correct. And go test them against different accounts. Oh one hit over here. Correct. And people don't change their passwords all the time. Correct? Correct. That's a known, known vector. We, >>We just, the idea that users are gonna be perfect and never make mistake. Like how long have we been doing this? Like humans with the weakest link. Right. So, so, so people are gonna make mistakes. Attackers are gonna be in here's another way of thinking about it. Remember log for J. Remember that whole ago, remember that was a Christmas time. That was nine months ago. And whoever came up with that, that vulnerability, they basically had a skeleton key that could access every network on the planet. I don't know if a single customer that was said, oh yeah, I wasn't impacted by log for J. So seers, some organized entity had access to every network on the planet. What was the big breach? What was that movie script that got stolen? So there wasn't one. Right? We haven't heard anything. So the point is the goal of attackers is to get in and stay in. Imagine someone breaks into your house, steals your laptop and runs. That's a breach. Imagine someone breaks into your house and stays for nine months. Like it's untenable, the real world. Right, right. >>We don't even go in there. They're still in there >>Watching your closet. Exactly. Moving around, nibbling on your ni line, your cookies. You know what I mean? Drinking your beer. >>Yeah. So, so let's talk about how this translates into the new reality of cloud native, because now know you hear about, you know, automated pen testing is a, a new hot thing right now you got antivirus on data. Yeah. Is hot is hot within APIs, for instance. Yeah. API security. So all kinds of new hot areas, cloud native is very iterative. You know, you, you can't do a pen test every week. Right. You gotta do it every second. Right. So this is where it's going. It's not so much simulation. It's actually real testing. Right. Right. How do you view that? How does that fit into this? Cuz that seems like a good direction to me. >>Yeah. It, it, it fits right in. And you were talking to my buddy AJ earlier about what VMware can do to help our customers build cloud native applications with, with Zu, my team is focused on how do we secure those applications? So where VMware wants to be the best in the world is securing these applications from within looking at the individual piece parts and how they talk to each other and figuring out, wait a minute. That, that, that, that, that should never happen by like almost having an x-ray machine on the ins of the application. So we do it for both for VMs and for container based applications. So traditional apps are VM based. Modern apps are container based and we, and we have a slightly different insertion mechanism. It's the same idea. So for VMs, we do it with the hypervisor, with NSX, we see all the inner workings in a container world. >>We have this thing called a service me that lets us look at each little snippet of code and how they talk to each other. And once you can see that stuff, then you can actually apply. It's almost like common sense logic of like, wait a minute. You know, this API is giving back credit card numbers and it gives five an hour. All of a sudden, it's now asking for 20,000 or a million credit card that doesn't make any sense. Right? The anomalies stick out like a sore thumb. If you can see them. And VMware, our unique focus in the infrastructure is that we can see each one of these little transactions and understand the conversation. That's what makes us so good at that east west or lateral >>Security. Yeah. You don't belong in this room, get out or that that's right. Some weird call from an in-memory database, something over >>Here. Exactly. Where other, other security solutions won't even see that. Right. It's not like there algorithms aren't as good as ours or, or better or worse. It's that, it's the access to the data. We see the, the, the, the inner plumbing of the app. And therefore we can protect >>The app from, and there's another dimension that I wanna get in the table here, cuz to my knowledge only AWS, Google, I, I believe Microsoft and Alibaba and VMware have this, it nitro the equivalent of a nitro. Yes. Project Monterey. Yeah. That's unique. It's the future of computing architectures. Everybody needs a nitro. I've I've written about this. Yeah. Right. So explain your version. Yeah. Project. It's now real. It's now in the market right. Or soon will be. Yeah. Here. Here's our mission salient aspects. Yeah. >>Here's our mission of VMware is that we wanna make every one of our enterprise customers. We want their private cloud to be as nimble, as agile, as efficient as the public cloud >>And secure >>And secure. In fact, I'll argue, we can make it actually more secure because we're thinking about putting security everywhere in this infrastructure. Right. Not just on the edges of it. So, so, so, okay. How do we go on that journey? As you pointed out, the public cloud providers realized, you know, five years ago that the right way to build computers was not just a CPU and a GPU graphics process, unit GPU, but there's this third thing that the industry's calling a DPU data processing unit. So there's kind of three pieces of a computer. And the DPU is sometimes called a smart Nick it's the network interface card. It does all that network handling and analytics and it takes it off the CPU. So they've been building and deploying those systems themselves. That's what nitro is. And so we have been working with the major Silicon vendors to bring that architecture to everybody. So, so with vSphere eight, we have the ability to take the network processing that east west inspection. I talked about, take it off of the CPU and put it into this dedicated processing element called the DPU and free up the CPU to run the applications that AJ and team are building. >>So no performance degradation at all, correct. >>To CPU >>Offload. So even the opposite, right? I mean you're running it basically bare metal speeds. >>Yes, yes. And yes. >>And, and, and you're also isolating the, the storage right from the, from the, the, the security, the management. And >>There's an isolation angle to this, which is that firewall that we're putting everywhere. Not just that the perimeter, we put it in each little piece of the server is running when it runs on one of these DPU, it's a different memory space. So even if, if an attacker gets to root in the OS, they it's very, very, never say never, but it's very difficult. >>So who has access to that? That, that resource >>Pretty much just the infrastructure layer, the cloud provider. So it's Google Microsoft, you know, and the enterprise, the >>Application can't get in, >>Can't get in there. Cause it, you would've to literally bridge from one memory space to another, never say never, but it would be very, very, >>It hasn't earned the trust >>To get it's more than Bob wire. It's, it's, it's multiple walls and, and >>It's like an air gap. It puts an air gap in the server itself so that if the server's compromised, it's not gonna get into the network really powerful. >>What's the big thing that you're seeing with this super cloud transition we're seeing, we're seeing, you know, multicloud and this new, not just SAS hosted on the cloud. Yeah. You're seeing a much different dynamic of combination of large scale CapEx, cloud native. And then now cloud native develops on premises and edge kind of changing what a cloud looks like if the cloud's on a cloud. So rubber customer, I'm building on a cloud and I have on-prem stuff. So I'm getting scale CapEx relief from the, from the cap, from the hyperscalers. >>I, I think there's an important nuance on what you're talking about, which is, is in the early days of the cloud customers. Remember those first skepticism? Oh, it'll never work. Oh, that's consumer grade. Oh, that's not really gonna work. And some people realize >>It's not secure. Yeah. >>It, it's not secure that one's like, no, no, no, it's secure. It works. And it, and it's good. So then there was this sort of over rush. Like let's put everything on the cloud. And I had a lot of customers that took VM based applications said, I'm gonna move those onto the cloud. You gotta take 'em all apart, put 'em on the cloud and put 'em all back together again. And little tiny details, like changing an IP address. It's actually much harder than it looks. So my argument is for existing workloads for VM based workloads, we are VMware. We're so good at running VM based workloads. And now we run them on anybody's cloud. So whether it's your east coast data center, your west coast data center, Amazon, Google, Microsoft, Alibaba, IBM keep going. Right. We pretty much every, and >>The benefit of the customer is what you >>Can literally vMotion and just pick it up and move it from private to public public, to private, private, to public, public, back and forth. >>Remember when we called VMO BS years ago. Yeah, yeah, yeah. >>We were really, skeptic is >>Powerful. We were very skeptical. We're like, that'll never happen. I mean, we were, I mean, it's supposed to be pat ourselves on the back. We, well, >>Because it's alchemy, it seems like what you can't possibly do that. Right. And so, so, so, and now we do it across clouds, right? So we can, you know, it's not quite VMO, but it's the same idea. You can just move these things over. I have one customer that had a production data center in the Ukraine, things got super tense, super fast, and they had to go from their private cloud data center in the Ukraine to a public cloud data center outta harm's way. They did it over a weekend, 48 hours. If you've ever migrated data, that's usually six months, right? And a lot of heartburn and a lot of angst, boom. They just drag and drop, moved it on over. That's the power of what we call the cloud operating model. And you can only do this when all your infrastructure's defined in software. >>If you're relying on hardware, load, balancers, hardware, firewalls, you can't move those. They're like a boat anchor. You're stuck with them. And by the way, really, really expensive. And by the way, they eat a lot of power, right? So that was an architecture from the nineties in the cloud operating model, your data center. And this goes back to what you were talking about is just racks and racks of X 86 with these magic DPU or smart necks to make any individual node go blisteringly fast and do all the functions that you used to do in network appliances. >>We just said, AJ taking us to school and everyone else to school on applications, middleware abstraction layer. Yeah. And kit Culver was also talking about this across cloud. We're talking super cloud, super pass. If this continues to happen, which we would think it will happen. What does the security posture look like? It has. It feels to me. And again, this is, this is your wheelhouse. If super cloud happens with this kind of past layer where there's B motioning going on, all kinds of yeah. Spanning applications and data. Yeah. Across environments. Yeah. Assume there's an operating system working on behind the scenes. Right. What's the security posture in all this. Yeah. >>So remember my narrative about like VA guys are getting in and they're moving around and they're so sneaky that they're using legitimate pathways. The only way to stop that stuff is you've gotta understand it at what, you know, we call layer seven at the application layer the in, you know, trying to do security, the infrastructure layer. It was interesting 20 years ago, kind of less interesting 10 years ago. And now it's becoming irrelevant because the infrastructure is oftentimes not even visible, right. It's buried in some cloud provider. So layer seven, understanding, application awareness, understanding the APIs and reading the content. That's the name of the game in security. That's what we've been focused on. Right. Nothing to do with >>The infras. And where's the progress bar on that, that paradigm early one at the 10, 10 being everyone's doing it >>Right now. Well, okay. So we, as a vendor can do this today. All the stuff I talked about about reading APIs, understanding the, the individual services looking at, Hey, wait a minute. This credit card anomalies, that's all shipping production code. Where is it in customer adoption life cycle, early days, 10%. So, so there's a whole lot of headroom. We, for people to understand, Hey, I can put these controls in place. There's software based. They don't require appliances. It's layer seven. So it has contextual awareness and it's works on every single cloud. >>You know, we talk about the pandemic. Being an accelerator really was a catalyst to really rethink. Remember we used to talk about pat his security a do over. He's like, yes, if it's the last thing I'm due, I'm gonna fix security. Well, he decided to go try to fix Intel instead, but, >>But, but he's getting some help from the government, >>But it seems like, you know, CISOs have totally rethought, you know, their security strategy. And, and at least in part is a function of the pandemic. >>When I started at VMware four years ago, pat sat me down in his office and he said to me what he said to you, which is like Tom, he said, I feel like we have fundamentally changed servers. We fundamentally changed storage. We fundamentally changed networking. The last piece of the puzzle of security. I want you to go fundamentally change it. And I'll argue that the work that we're doing with this, this horizontal security understanding the lateral movement east west inspection, it fundamentally changes how security works. It's got nothing to do with firewalls. It's got nothing to do with endpoint. It's a unique capability that VMware is uniquely suited to deliver on. And so pat, thanks for the mission. We delivered it and available >>Those, those wet like web applications firewall for instance are, are around. I mean, but to your point, the perimeter's gone. Exactly. And so you gotta get, there's no perimeter. So it's a surface area problem. Correct. And access and entry, correct. They're entering here easy from some manual error or misconfiguration or bad password that shouldn't be there. They're >>In. Think about it this way. You put the front door of your house, you put a big strong door and a big lock. That's a firewall bad guys, come in the window. Right. And >>Then the window's open and the window with a ladder room. Oh my >>God. Cause it's hot, bad user behavior. Trump's good security >>Every time. And then they move around room to room. We're the room to room people. Yeah. We see each little piece of the thing. Wait, that shouldn't happen. Right. >>I wanna get you a question that we've been seeing and maybe we're early on this, or it might be just a, a false data point. A lot of CSOs and we're talking to are, and people in industry in the customer environment are looking at CSOs and CSOs, two roles, chief information security officer, and then chief security officer Amazon, actually, Steven Schmidt is now CSO at reinforced. They actually called that out. Yeah. And the, and the interesting point that he made, we've had some other situations that verified. This is that physical security is now tied to online to your point about the service area. If I get a password, I still at the keys to the physical goods too. Right. Right. So physical security, whether it's warehouse for them is, or store or retail digital is coming in there. Yeah. So is there a CSO anymore? Is it just CSO? What's the role or are there two roles you see that evolving or is that just, >>Well, >>I circumstance, >>I, I think it's just one. And I think that, that, you know, the stakes are incredibly high in security. Just look at the impact that these security attacks are having on it. It, you know, companies get taken down, Equifax market cap was cut, you know, 80% with a security breach. So security's gone from being sort of a nuisance to being something that can impact your whole kind of business operation. And then there's a whole nother domain where politics get involved. Right. It determines the fate of nations. I know that sounds grand, but it's true. Yeah. And so, so, so companies care so much about it. They're looking for one liter, one throat to choke, you know, one person that's gonna lead security in the virtual domain, in the physical domain, in the cyber domain, in, in, you know, in the actual, well, it is, >>I mean, you mentioned that, but I mean, mean you look at Ukraine. I mean the, the, that, that, that cyber is a component of that war. I mean, that's very clear. I mean, that's, that's new, we've never seen >>This. And in my opinion, the stuff that we see happening in the Ukraine is small potatoes compared to what could happen. Yeah, yeah. Right. So the us, we have a policy of, of strategic deterrents where we develop some of the most sophisticated cyber weapons in the world. We don't use them and we hope never to use them because the, the, our adversaries who could do stuff like, oh, I don't know, wipe out every bank account in north America, or turn off the lights in New York city. They know that if they were to do something like that, we could do something back. >>I, this discuss, >>This is the red line conversation I wanna go there. So >>I had this discussion with Robert Gates in 2016 and he said, we have a lot more to lose, which is really >>Your point. So this brand, so I agree that there's the, to have freedom and Liberty, you gotta strike back with divorce and that's been our way to, to balance things out. Yeah. But with cyber, the red line, people are already in banks. So they're addresses are operating below the red line, red line, meaning before we know you're in there. So do we move the red line down because Hey, Sony got hacked the movie because they don't have their own militia. Yeah. If they were physical troops on the shores of LA breaking into the file cabinets. Yeah. The government would've intervened. >>I, I, I agree with you that it creates, it creates tension for us in the us because our, our adversaries don't have the clear delineation between public and private sector here. You're very, very clear if you're working for the government or you work for an private entity, there's no ambiguity on that. And so, so we have different missions in each department. Other countries will use the same cyber capabilities to steal intellectual, you know, a car design as they would to, you know, penetrate a military network. And that creates a huge hazard for us on the us. Cause we don't know how to respond. Yeah. Is that a civil issue? Is that a, a, a military issue? And so, so it creates policy ambiguity. I still love the clarity of separation of, you know, sort of the various branches of government separation of government from, >>But that, but, but bureau on multinational corporation, you then have to, your cyber is a defensible. You have to build the defenses >>A hundred percent. And I will also say that even though there's a clear D mark between government and private sector, there's an awful lot of cooperation. So, so our CSO, Alex toshe is actively involved in the whole intelligence community. He's on boards and standards and we're sharing because we have a common objective, right? We're all working together to fight these bad guys. And that's one of the things I love about cyber is that that even direct competitors, two big banks that are rivals on the street are working together to share security information and, and private, is >>There enough? Is collaboration Tom in the vendor community? I mean, we've seen efforts to try to, that's a good question, monetize private data, you know? Yeah. And private reports and, >>And, you know, like, so at VMware, we, we, I'm very proud of the security capabilities we've built, but we also partner with people that I think of as direct competitors, we've got firewall vendors and endpoint vendors that we work with and integrate. And so cooperation is something that exists. It's hard, you know, because when you have these kind of competing, you know, so could we do more? Of course we probably could, but I do think we've done a fair amount of cooperation, data sharing, product integration, et cetera, you know, and, you know, as the threats get worse, you'll probably see us continue to do more. >>And the governments is gonna trying to force that too. >>And, and the government also drives standards. So let's talk about crypto. Okay. So there's a new form of encryption coming out called quantum processing, calling out. Yeah. Yeah. Quantum, quantum computers have the potential to crack any crypto cipher we have today. That's bad. Okay. Right. That's not good at all because our whole system is built around these private communications. So, so the industry is having conversations about crypto agility. How can we put in place the ability to rapidly iterate the ciphers in encryption? So when the day quantum becomes available, we can change them and stay ahead of these quantum people. Well, >>Didn't this just put out a quantum proof algo that's being tested right now by the, the community. >>There's a lot of work around that. Correct. And, and, and this is taking the lead on this, but you know, Google's working on it, VMware's working on it. We're very, very active in how do we keep ahead of the attackers and the bad guys? Because this quantum thing is like a, it's a, it's a x-ray machine. You know, it's like, it's like a, a, a di lithium crystal that can power a whole ship. Right. It's a really, really, really powerful >>Tool. It's bad. Things will happen. >>Bad things could happen. >>Well, Tom, great to have you on the cube. Thanks for coming. Take the last minute to just give a plug for what's going on for you here at world this year, VMware explore this year. Yeah. >>We announced a bunch of exciting things. We announced enhancements to our, our NSX family, with our advanced load balancer, with our edge firewall. And they're all in service of one thing, which is helping our customers make their private cloud like the public cloud. So I like to say 0, 0, 0. If you are in the cloud operating model, you have zero proprietary appliances. You have zero tickets to launch a workload. You have zero network taps and zero trust built into everything you do. And that's, that's what we're working on and pushing that further and further. >>Tom Gill, senior vices president head of the networking at VMware. Thanks for coming up for you. Appreciate >>It. Yes. Thanks for having guys >>Always getting the security data. That's killer data and security of the two ops that get the most conversations around dev ops and cloud native. This is the queue bringing you all the action here in San Francisco for VMware. Explore 2022. I'm John furrier with Dave, Alan. Thanks for watching.

>>Hey everyone. Welcome back to the cube. Lisa Martin, with Dave ante. We're here in Las Vegas with snowflake at the snowflake summit 22. This is the fourth annual there's close to 10,000 people here. Lots going on. Customers, partners, analysts, cross media, everyone talking about all of this news. We've got a couple of guests joining us. We're gonna unpack snow park. Torston grabs the director of product management at snowflake and Joe. No NTY AI and MDM architect at Allegis group. Guys. Welcome to the program. Thank >>You so much for having >>Us. Isn't it great to be back in person? It is. >>Oh, wonderful. Yes, it >>Is. Indeed. Joe, talk to us a little bit about Allegis group. What do you do? And then tell us a little bit about your role specifically. >>Well, Allegis group is a collection of OPCA operating companies that do staffing. We're one of the biggest staffing companies in north America. We have a presence in AMEA and in the APAC region. So we work to find people jobs, and we help get 'em staffed and we help companies find people and we help individuals find >>People incredibly important these days, excuse me, incredibly important. These days. It is >>Very, it very is right >>There. Tell me a little bit about your role. You are the AI and MDM architect. You wear a lot of hats. >>Okay. So I'm a architect and I support both of those verticals within the company. So I work, I have a set of engineers and data scientists that work with me on the AI side, and we build data science models and solutions that help support what the company wants to do, right? So we build it to make business business processes faster and more streamlined. And we really see snow park and Python helping us to accelerate that and accelerate that delivery. So we're very excited about it. >>Explain snow park for, for people. I mean, I look at it as this, this wonderful sandbox. You can bring your own developer tools in, but, but explain in your words what it >>Is. Yeah. So we got interested in, in snow park because increasingly the feedback was that everybody wants to interact with snowflake through SQL. There are other languages that they would prefer to use, including Java Scala and of course, Python. Right? So then this led down to the, our, our work into snow park where we're building an infrastructure that allows us to host other languages natively on the snowflake compute platform. And now here, what we're, what we just announced is snow park for Python in public preview. So now you have the ability to natively run Python code on snowflake and benefit from the thousands of packages and libraries that the open source community around Python has contributed over the years. And that's a huge benefit for data scientists. It is ML practitioners and data engineers, because those are the, the languages and packages that are popular with them. So yeah, we very much look forward to working with the likes of you and other data scientists and, and data engineers around the Python ecosystem. >>Yeah. And, and snow park helps reduce the architectural footprint and it makes the data pipelines a little easier and less complex. We have a, we had a pipeline and it works on DMV data. And we converted that entire pipeline from Python, running on a VM to directly running down on snowflake. Right. We were able to eliminate code because you don't have to worry about multi threading, right? Because we can just set the warehouse size through a task, no more multi threading, throw that code away. Don't need to do it anymore. Right. We get the same results, but the architecture to run that pipeline gets immensely easier because it's a store procedure that's already there. And implementing that calling to that store procedure is very easy. The architecture that we use today uses six different components just to be able to run that Python code on a VM within our ecosystem to make sure that it runs on time and is scheduled and all of that. Right. But with snowflake, with snowflake and snow park and snowflake Python, it's two components. It's the store procedure and our ETL tool calling it. >>Okay. So you've simplified that, that stack. Yes. And, and eliminated all the other stuff that you had to do that now Snowflake's doing, am I correct? That you're actually taking the application development stack and the analytics stack and bringing them together? Are they merging? >>I don't know. I think in a way I'm not real sure how I would answer that question to be quite honest. I think with stream lit, there's a little bit of application that's gonna be down there. So you could maybe start to say that I'd have to see how that carries out and what we do and what we produce to really give you an answer to that. But yeah, maybe in a >>Little bit. Well, the reason I asked you is because you talk, we always talk about injecting data into apps, injecting machine intelligence and ML and AI into apps, but there are two separate stacks today. Aren't they >>Certainly the two are getting closer >>To Python Python. It gets a little better. Explain that, >>Explain, explain how >>That I just like in the keynote, right? The other day was SRE. When she showed her sample application, you can start to see that cuz you can do some data pipelining and data building and then throw that into a training module within Python, right down inside a snowflake and have it sitting there. Then you can use something like stream lit to, to expose it to your users. Right? We were talking about that the other day, about how do you get an ML and AI, after you have it running in front of people, we have a model right now that is a Mo a predictive and prescriptive model of one of our top KPIs. Right. And right now we can show it to everybody in the company, but it's through a Jupyter notebook. How do I deliver it? How do I get it in the front of people? So they can use it well with what we saw was streamlet, right? It's a perfect match. And then we can compile it. It's right down there on snowflake. And it's completely easier time to delivery to production because since it's already part of snowflake, there's no architectural review, right. As long as the code passes code review, and it's not poorly written code and isn't using a library that's dangerous, right. It's a simple deployment to production. So because it's encapsulated inside of that snowflake environment, we have approval to just use it. However we see fit. >>It's very, so that code delivery, that code review has to occur irrespective of, you know, not always whatever you're running it on. Okay. So I get that. And, and, but you, it's a frictionless environment you're saying, right. What would you have had to do prior to snowflake that you don't have to do now? >>Well, one, it's a longer review process to allow me to push the solution into production, right. Because I have to explain to my InfoSec people, right? My other it's not >>Trusted. >>Well, well don't use that word. No. Right? It got, there are checks and balances in everything that we do, >>It has to be verified. And >>That's all, it's, it's part of the, the, what I like to call the good bureaucracy, right? Those processes are in place to help all of us stay protected. >>It's the checklist. Yeah. That you >>Gotta go to. >>That's all it is. It's like fly on a plane. You, >>But that checklist gets smaller. And sometimes it's just one box now with, with Python through snow park, running down on the snowflake platform. And that's, that's the real advantage because we can do things faster. Right? We can do things easier, right? We're doing some mathematical data science right now and we're doing it through SQL, but Python will open that up much easier and allow us to deliver faster and more accurate results and easier not to mention, we're gonna try to bolt on the hybrid tables to that afterwards. >>Oh, we had talk about that. So can you, and I don't, I don't need an exact metric, but when you say faster talking 10% faster, 20% faster, 50% path >>Faster, it really depends on the solution. >>Well, gimme a range of, of the worst case, best case. >>I, I really don't have that. I don't, I wish I did. I wish I had that for you, but I really don't have >>It. I mean, obviously it's meaningful. I mean, if >>It is meaningful, it >>Has a business impact. It'll >>Be FA I think what it will do is it will speed up our work inside of our iterations. So we can then, you know, look at the code sooner. Right. And evaluate it sooner, measure it sooner, measure it faster. >>So is it fair to say that as a result, you can do more. Yeah. That's to, >>We be able do more well, and it will enable more of our people because they're used to working in Python. >>Can you talk a little bit about, from an enablement perspective, let's go up the stack to the folks at Allegis who are on the front lines, helping people get jobs. What are some of the benefits that having snow park for Python under the hood, how does it facilitate them being able to get access to data, to deliver what they need to, to their clients? >>Well, I think what we would use snowflake for a Python for there is when we're building them tools to let them know whether or not a user or a piece of talent is already within our system. Right. Things like that. Right. That's how we would leverage that. But again, it's also new. We're still figuring out what solutions we would move to Python. We are, we have some targeted, like we're, I have developers that are waiting for this and they're, and they're in private preview. Now they're playing around with it. They're ready to start using it. They're ready to start doing some analytical work on it, to get some of our analytical work out of, out of GCP. Right. Because that's where it is right now. Right. But all the data's in snowflake and it just, but we need to move that down now and take the data outta the data wasn't in snowflake before. So there, so the dashboards are up in GCP, but now that we've moved all of that data down in, down in the snowflake, the team that did that, those analytical dashboards, they want to use Python because that's the way it's written right now. So it's an easier transformation, an easier migration off of GCP and get us into snow, doing everything in snowflake, which is what we want. >>So you're saying you're doing the visualization in GCP. Is that righting? >>It's just some dashboarding. That's all, >>Not even visualization. You won't even give for. You won't even give me that. Okay. Okay. But >>Cause it's not visualization. It's just some D boardings of numbers and percentages and things like that. It's no graphic >>And it doesn't make sense to run that in snowflake, in GCP, you could just move it into AWS or, or >>No, we, what we'll be able to do now is all that data before was in GCP and all that Python code was running in GCP. We've moved all that data outta GCP, and now it's in snowflake and now we're gonna work on taking those Python scripts that we thought we were gonna have to rewrite differently. Right. Because Python, wasn't available now that Python's available, we have an easier way of getting those dashboards back out to our people. >>Okay. But you're taking it outta GCP, putting it to snowflake where anywhere, >>Well, the, so we'll build the, we'll build those, those, those dashboards. And they'll actually be, they'll be displayed through Tableau, which is our enterprise >>Tool for that. Yeah. Sure. Okay. And then when you operationalize it it'll go. >>But the idea is it's an easier pathway for us to migrate our code, our existing code it's in Python, down into snowflake, have it run against snowflake. Right. And because all the data's there >>Because it's not a, not a going out and coming back in, it's all integrated. >>We want, we, we want our people working on the data in snowflake. We want, that's our data platform. That's where we want our analytics done. Right. We don't want, we don't want, 'em done in other places. We when get all that data down and we've, we've over our data cloud journey, we've worked really hard to move all of that data. We use out of existing systems on prem, and now we're attacking our, the data that's in GCP and making sure it's down. And it's not a lot of data. And we, we fixed it with one data. Pipeline exposes all that data down on, down in snowflake now. And we're just migrating our code down to work against the snowflake platform, which is what we want. >>Why are you excited about hybrid tables? What's what, what, what's the >>Potential hybrid tables I'm excited about? Because we, so some of the data science that we do inside of snowflake produces a set of results and there recommendations, well, we have to get those recommendations back to our people back into our, our talent management system. And there's just some delays. There's about an hour delay of delivering that data back to that team. Well, with hybrid tables, I can just write it to the hybrid table. And that hybrid table can be directly accessed from our talent management system, be for the recruiters and for the hiring managers, to be able to see those recommendations and near real time. And that that's the value. >>Yep. We learned that access to real time. Data it in recent years is no longer a nice to have. It's like a huge competitive differentiator for every industry, including yours guys. Thank you for joining David me on the program, talking about snow park for Python. What that announcement means, how Allegis is leveraging the technology. We look forward to hearing what comes when it's GA >>Yeah. We're looking forward to, to it. Nice >>Guys. Great. All right guys. Thank you for our guests and Dave ante. I'm Lisa Martin. You're watching the cubes coverage of snowflake summit 22 stick around. We'll be right back with our next guest.

>>Okay, welcome back everyone. This is the cubes coverage here in San Francisco, California, a Davis summit, 2022, the beginning of the event season, as it comes back, little smaller footprint, a lot of hybrid events going on, but this is actually a physical event to his summit in new York's coming in the summer. We'll be there too with the cube on the set. We're getting back in the Groove's psych to be back. We were at reinvent, uh, as well, and we'll see more and more cube, but you're can see a lot of virtual cube outta hybrid cube. We wanna get all those conversations, try to get more interviews, more flow going. But right now I'm excited to have Corey Quinn here on the back on the cube chief cloud economists with duct bill, a group, he's the founder, uh, and chief content person always got great angles, fun comedy, authoritative Corey. Great to see you. Thank >>You. Thanks. Coming on. Sure is a lot of words to describe is shit posting, which is how I describe what I tend to do. Most days, >>Shit posting is an art form now. And if you look at mark, Andrew's been doing a lot of shit posting lately. All a billionaires are shit posting, but they don't know how to do it. Like they're not >>Doing it right. There's something opportunity there. It's like, here's how to be even more obnoxious and incisive. It's honestly the most terrifying scenario for anyone is if I have that kind of budget to throw at my endeavors, it's like, I get excited with a nonsense I can do with a $20 gift card for an AWS credit compared to, oh well, if I could buy a midsize island to in doing this from, oh, then we're having fun. >>This shit posting trend. Interesting. I was watching a thread go on about, saw someone didn't get a job because of their shit posting and the employer didn't get it. And then someone on this side, I'll hire the guy cuz I get that's highly intelligent shit posting. So for the audience that doesn't know what shit posting is, what is shit posting? >>It's more or less talking about the world of enterprise technology, which even that sentence is hard to finish without falling asleep and toppling out of my chair in front of everyone on the livestream, but it's doing it in such a way that brings it to life that says the quiet part. A lot of the audience is thinking, but generally doesn't say either because they're polite or not a jackass or more prosaically are worried about getting fired for better or worse. I don't have have that particular constraint, >>Which is why people love you. So let's talk about what you, what you think is, uh, worthy and not worthy in the industry right now, obviously, uh, coupons coming up in Spain, which they're having a physical event, you see the growth of cloud native Amazon's evolving Adams, especially new CEO. Andy's move on to be the chief of all Amazon. Just so I, the cover of was it time magazine, um, he's under a lot of stress. Amazon's changed. Invoice has changed. What's working. What's not, what's rising, what's falling. What's hot. What's not, >>It's easy to sit here and criticize almost anything. These folks do. They're they're effectively in a fishbowl, but I have trouble imagining the logistics. It takes to wind up handling the catering for a relat a downscale event like this one this year, let alone running a 1.7 million employee company having to balance all the competing challenges and pressures and the rest. I, I just can't fathom what it would be like to look at all of AWS. And it's, it's sprawling immense that dominates our entire industry and say, okay, this is a good start, but I, I wanna focus on something with a broader remit. What is that? How do you even get into that position? And you can't win once you're there. All you can do is hold onto the tiger and hope you don't get mold. Well, >>There's a lot of force for good conversations. Seeing a lot of that going on, Amazon's trying to port eight of us is trying to portray themselves as you know, the Pathfinder, you know, you're the pioneer, um, force for good. And I get that. I think that's a good angle as cloud goes mainstream. It's still the question of, we had a guy on just earlier, who was a skydiving instructor and we were joking about the early days of cloud. Like that was like skydiving, build a parachute open, you know, and now it's saying kind of thing, as you move to edge, things are like reliable in some areas, but still new, new fringe, new areas. That's crazy. Well, >>Since the last time we've spoken, uh, Steve Schmidt is now the CISO for all of Amazon and his backfill replacement. The AWS CISO is CJ. Moses who as a hobby race as a semi-pro race car driver to my understanding, which either, I don't know what direction to take that in either. This is what he does to relax or ultimately, or ultimately it's. Huh? That, that certainly says something about risk assessment. I'm not entirely sure what, but okay. Either way, sounds like more exciting, like better >>Have a replacement ready <laugh> in case something gonna was wrong on the track, >>Highly available >>CSOs. I gotta say one of the things I do like in the recent trend is that the tech companies are getting into the formula one, which I was never a fan of until I watched that Netflix series. But when you look at the formula one, it's pretty cool. Cause it's got some tech angles, I get the whole data instrumentation thing, but the most coolest thing about formula one is they have these new rigs out. Yeah. Where you can actually race in e-sports with, there are people in pure simulation of the race car. You gotta get the latest and video graphics card, but it's basically a tricked out PC with amazing monitors and you have all the equipment of F1 and you're basically simulating racing. >>Oh, it's great too. And I can see the appeal of these tech companies getting into it because these things are basically rocket chips. When those cars go like they're sitting there, we cans instrument every last part of what is going on inside that vehicle. And then AWS crops up. And we can bill on every one of those dimensions too. And it's like slow down their hasty pudding one step at a time. But I do see the appeal. >>So I gotta ask you about, uh, what's going on in your world. I know you have a lot of great success. We've been following you in the queue for many, many years. Got a great newsletter, check out Corey Quinn's newsletter, uh, screaming in the cloud program. Uh, you're on the cutting edge and you've got a great balance between really being snarky and, and, and really being delivering content. That's exciting, uh, for people, uh, with a little bit of an edge, um, how's that going? Uh, what's the blowback, any blowback lately? Has there been uptick? What was, what are some of the things you're hearing from your audience, more Corey or Corey, and then of course the, the PR team's calling you >>The weird thing about having an audience beyond a certain size is far and away as a landslide. The most common response I get is silence where it's huh? I'm emailing an awful lot of people at last week in AWS every week and okay. They must not have heard me it. That is not actually true. People just generally don't respond to email because who responds to email newsletters, that sounds like something, a lunatic might do same story with response to live streams and podcasts. It's like, I'm gonna call into that am radio show and give them a piece of my mind. People generally don't do that. >>We should do that. Actually. I think sure would call in. Oh, I, >>I think >>I guarantee we had that right now. People would call in and say, Cory, what do you think about X? >>Yeah. It not, everyone understands the full context of what I do. And in fact, increasingly few people do and that's fine. I, I keep forgetting that sometimes people do not see what I'm doing in the same light that I do. And that's fine. Blowback has been largely minimal. Honestly, I am surprised anything about how little I have gotten over the last five years of doing this, but it would be easier to dismiss me if I weren't generally. Right. When, okay, so you launch this new service and it seems pretty crappy to me cuz when I try and build something, it falls over and begs for help. And people might not like hearing that, but it's what customers are finding too. Yeah. I really am the voice of the customer. >>You know, I always joke with Dave ante about how John Fort's always at, uh, um, reinvent getting the interview with jazzy now, Andy we're there, you're there. And so we have these rituals at the events. It's all cool. Um, one of the rituals I like about your, um, your content is you like to get on the naming product names. Um, and, and, and, and, and kind of Google from that. Now why I like is because I used to work at ETT Packard where they used to name things as like engineers, HP 1 0 5, or we can't call, we >>Have a new monitor. How are we gonna name it? Throw the wireless keyboard down the stairs again. And there you go. Yeah. >>It's and the old joke at HP was if they, if they invented SU uh, sushi, they'd say, yeah, we can't call sushi. It's cold, dead fish. That's what it is. And so the joke was cold. Dead fish is a better name than sushi. So, you know, fun. So what's the, what are the, how's the Amazon doing in there? Have they changed their naming, uh, strategy, uh, on some of their, their >>Producting. So they're going in different directions. When they named Amazon Aurora, they decided to explore a new theme of Disney princesses as they go down those paths. And some things are more descriptive. Some people are clearly getting bonused on a number of words. They can shove into it. Like the better a service is the longer it's name. Like AWS systems manager, session manager is a great one. I love the service ridiculous name. They have a systems manager, parameter store, which is great. They have secrets manager, which does the same thing. It's two words less, but that one costs my in a way that systems manage through parameter store does not. It's fun. >>What's your, what's your favorite combination of acronyms >>Combination >>Of you got E Ks. You got EMR, you got EC two, you got S3 SQS. Well, RedShift's not an acronym. You >>Gots is one of my personal favorites because it's either elastic block store or elastic bean stock, depending into highly on the context of the conversation. They still >>Up Beanstalk or is that still around? >>Oh, they never turn anything off. They like the Antigo, Google turns things off while they're still building it. Whereas Amazon is like, well, we built this thing in 2005 and everyone hates it, but while we certainly can't change it, now it has three customers on it. John three <laugh>. Okay. Simple DV still haunts our dreams. >>I, I actually got an email on, I saw one of my, uh, servers, all these C twos were being deprecated and I got an email. I'm like, couldn't figure out. Why can you just like roll it over? Why, why are you telling me just like, give me something else. Right. Okay. So let me talk about, uh, the other things I want to ask you is that like, okay, so as Amazon gets better, so areas where do they need more work in your opinion? Because obviously they're all interested in new stuff and they tend to like put it out there for their end to end customers. But then they've got ecosystem partners who actually have the same product. Yes. And, and this has been well documented. So it's, it's not controversial. It's just that Amazon's got a database, Snowflake's got a database service. So, you know, Redshift, snowflake 80 is out there. So you got this co-op petition. Yes. How's that going? And what are you hearing about the reaction to any of that stuff? >>Depends on who you ask. They love to basically trot out a bunch of their partners who will say nice things about them. And it very much has heirs of, let's be honest, a hostage video, but okay. Cuz these companies do partner with Amazon and they cannot afford to rock the boat too far. I'm not partnered with anyone. I can say what I want. And they're basically restricted to taking away my birthday at worse so I can live with that. >>All right. So I gotta ask about multi-cloud cause obviously the other cloud shows are coming up. Amazon hated that word. Multi-cloud um, a lot of people are saying, you know, it's not a real good marketing word. Like multi-cloud sounds like, you know, root canal. Mm-hmm <affirmative> right. So is there a better description for multi-cloud >>Multiple single, which >>Davey loves that term. Yeah. >>You know, you're building in multiple single points of failure, do it for the right reasons or don't do it as a default. I believe not doing it is probably the right answer. However, and if I were, if I were Amazon, I wouldn't want to talk about multi-cloud either as industry leader, let's talk about other clouds, bad direction to go in from a market cap perspective. It doesn't end well for you, but regardless of what they want to talk about, or don't want to talk about what they say, what they don't say, I tune all of it out. And I look at what customers are doing and multi-cloud exists in a variety of forms. Some brilliant, some brain dead. It depends a lot on context. But my general response is when someone gets on stage from a company and tells me to do a thing that directly benefits their company. I am skeptical at best. Yeah. When customers get on stage and say, this is what we're doing because it solves problems. That's when I shut up and listen. >>Yeah. Cool. Awesome. Corey, I gotta ask you a question cause I know you we've been, you know, fellow journeymen in the, and the cloud journey, going to all the events and then the pandemic hit. Of course, we're now in the third year, who knows what it's gonna gonna end? Certainly events are gonna look different. They're gonna be either changing footprint with the virtual piece, new group formations. Community's gonna emerge. You've got a pretty big community growing and it's growing like crazy. What's the weirdest or coolest thing, or just big changes you've seen with the pandemic, uh, from your perspective. Cause you've been in the you're in the middle of the whitewater rafting. Seeing the event you circle offline, you saw the online piece, come in, you're commentating, you're calling balls and strikes in the industry. You got a great team developing over there. Duck bill group. What's the big aha moment that you saw with the pandemic. Weird, funny, serious, real in the industry and with customers what's >>Accessibility. Reinvent is a great example. When in the before times it's open to anyone who wants to attend, who can pony up two grand and a week in Las Vegas and get to Las Vegas and wherever they happen to be by moving virtually suddenly it, it embraces the reality that talent is evenly. Distributed. Opportunity is not. And that means that suddenly these things are accessible to a wide swath of audience and potential customer base and the rest that hadn't been invited to the table previously, it's imperative that we not lose that. It's nice to go out and talk to people and have people come up and try and smell my hair from time to time, I smell delightful. Let me assure you. But it was, but it's also nice to be. >>I have some product for you if you want, you know? Oh, >>Oh excellent. I look forward to it. What is it? Pudding? Why not? <laugh> >>What else have you seen? So when accessibility for talent, yes. Which by the way is totally home run. What weird things have happened that you've seen? Um, that's >>Uh, it's, it's weird, but it's good that an awful lot of people giving presentations have learned to tight their message and get to the damn point because most people are not gonna get up from a front row seat in a conference hall, midway through your Aing talk and go somewhere else. But they will change a browser tab and you won't get them back. You've gotta be on point. You've gotta be compelling if it's going to be a virtual discussion. Yeah. >>And also turn off your iMessage too. >>Oh yes. It's always fun in the, in the meetings when you're talking to someone and colleague is messaging them about, should we tell 'em about this? And I'm sitting there reading it and it's >>This guy is really weird. Like, >>Yes I am and I bring it into the conversation and then everyone's uncomfortable. It goes, wow. Why >>Not? I love when my wife yells at me over I message. When I'm on a business call, like, do you wanna take that about no, I'm good. >>No, no. It's better off. I don't the only encourager. It's fine. >>Kids texting you. That's fun. Again. That's another weird thing. And, and then group behavior is weird. Now people are looking at, um, communities differently. Yes. Very much so, because if you're fatigued on content, people are looking for the personal aspect. You're starting to see much more of like yeah. Another virtual event. They gotta get better. One and two who's there. >>Yeah. >>The person >>That's a big part of it too is the human stories are what are being more and more interesting. Don't get up here and tell me about your product and how brilliant you are and how you built it. That's great. If I'm you, or if I wanna work with you or I want to compete with you, or I wanna put on my engineering hat and build it myself. Cause why would I buy anything? That's more than $8. But instead, tell me about the problem. Tell me me about the painful spot that you specialize in. Yeah. Tell me a story there. >>I, I think >>That gets a glimpse in a hook and makes >>More, more, I think you nailed it. Scaling storytelling. Yes. And access to better people because they don't have to be there in person. I just did a thing. I never, we never would've done the queue. We did. Uh, Amazon stepped up in sponsors. Thank you, Amazon for sponsoring international women's day, we did 30 interviews, APAC. We did five regions and I interviewed this, these women in Asia, Pacific eight, PJ, they call for in this world. And they're amazing. I never would've done those interviews cuz I never, would've seen 'em at an event. I never would've been in Japan or Singapore, uh, to access them. And now they're in the index. They're in the network. They're collaborating on LinkedIn. So a threads are developing around connections that I've never seen before. Yes. Around the content. >>Absolutely >>Content value plus network >>Effecting. And that is the next big revelation of this industry is going to realize you have different companies. And in Amazon's case, different service teams, all competing with each other, but you have the container group and you have the database group and you have the message cuing group. But customers don't really want to build things from spare parts. They want a solution to a problem. I want to build an app that does Twitter for pets or whatever it is I'm trying to do. I don't wanna basically have to pick and choose and fill my shopping cart with all these different things. I want something that's gonna basically give me what I'm trying to get as close to turnkey as possible. Moving up the stack. That is the future. And just how it gets here is gonna be >>Well we're here with Corey Quinn, the master of the master of content here in the a ecosystem. Of course we we've been following up from the beginning. It's great guy. Check out his blog, his site, his newsletter screaming podcast. Corey, final question for you. Uh, what do you hear doing what's on your agenda this week in San Francisco and give a plug for the duck build group. What are you guys doing? I know you're hiring some people what's on the table for the company. What's your focus this week and put a plug in for the group. >>I'm here as a customer and basically getting outta my cage cuz I do live here. It's nice to actually get out and talk to folks who are doing interesting things at the duck build group. We solve one problem. We fixed the horrifying AWS bill, both from engineering and architecture, advising as well as negotiating AWS contracts because it turns out those things are big and complicated. And of course my side media projects last week in aws.com, we are it's more or less a content operation where I indulge my continual and love affair with the sound of my own voice. >><laugh> and you're good. It's good content it's on, on point fun, Starky and relevant. So thanks for coming on the cube and sharing with us. Appreciate it. No, >>Thank you. Fun. >>Okay. This cube covers here in San Francisco, California, the cube is back going to events. These are the summits, Amazon web services summits that happen all over the world. We'll be in New York and obviously we're here in San Francisco this week. I'm John fur. Keep, keep it right here. We'll be back with more coverage after this short break.

>>Here you are new. Welcome back to the cubes. Continuing coverage of AWS reinvent 2021 live from Las Vegas. Lisa Martin, with John farrier, John, we have two live sets. There's a dueling set right across from us two remote studios over 100 guests on the cube at AWS reinvent 2021. Been great. We've had great conversations. We're talking about the next generation of cloud innovation and we're pleased to welcome one of our alumni back to the program. Lisa Bernays here, the CEO and co-founder of D L Z P group. Lisa. Welcome. >>Hi, thank you. I appreciate the opportunity to be here with you and John. It's a great opportunity >>And John's lucky he gets to lease us for the price of London. One second. Talk to me about da DLDP. This is a woman and minority owned company. Congratulations. That's awesome. But talk to us about your organization and then we'll kind of dig into your partnership with AWS. >>Sure. So DLC P group, we found it in 2012. Um, and for us, we were at the time we were just looking for a way to offer a value added service to our customers. We wanted to always make sure that we were giving them the best quality, but what I also wanted to do is I wanted to create an environment for my employees, where they felt valued, and we kind of built these core values back then about respect, flat hierarchy, um, team, team learning, mentorship, and we incorporated, so everybody can do this remotely from around the world. So we've always made sure that our employees and customers are getting the best value. >>Well, what kind of customers, what target market, what kind of customers do you guys work with? >>Well, we've actually made sure that we're diverse. We make sure that we have 50% in public sector and 50% in private sector, but it's been very, very interesting journey for us because once we started one sec, like we started with cities and then a number of cities started contacting us to do more business. So it's always been this hurdle to make sure we're diverse enough to make sure we offer the best solutions. >>And you jumped in with AWS back in 2012 when most folks were still to your point. I saw your interview earlier this summer, thinking about Amazon as a bookstore, why a debit? What did you see as the opportunity back in 2012 with them? >>Well, when we first heard about AWS, my first thought is, well, it's amazon.com. What is AWS? And then once we started talking to them, we saw the capabilities and the potential there. We saw what it could do. So we partnered with them to actually have the first working PeopleSoft customer on AWS. So that's a large ERP application and that helped build the foundation to prove what could actually run on the cloud. And since then, we've been able to prove so much more about the technology and what AWS is accomplishing. >>Was it a hard sell back in the day? >>It was a little bit hard, but it was interesting because we were speaking with one of our customers they're on premise and they're like, well, you know, we're going to have to re do a whole data center. We're talking about millions of dollars. We don't really have the budget to redo this. And that's when we're like, well, we have this great partnership with Amazon. We think this would be the perfect opportunity to let you try the cloud and see how successful it was. >>At least I want to point out you got your, one of the Pathfinders that Adams Leschi pointed out because back in 2012, getting PeopleSoft onto the cloud, which is really big effort, but that's what everyone's doing now. I just saw the news here. SAP is running their application on graviton too, right? So you start to see and public sector during the pandemic, we saw a ton of connect. So you were really on this whole ERP. ERP is our big applications. It's not small, but now it's, everyone's kind of going that way. What's the current, uh, you feel how you feel about that one? And what's the current update relative to the kind of projects you got going on? >>Well, we've, we've evolved quite a bit. I mean, PeopleSoft is always going to be in our DNA. A lot of my employees are ex or Oracle employees. They have developed a lot of the foundations for PeopleSoft, but since then, like we've worked with serverless technology when that was released a number of years ago, we, we asked our team, okay, AWS just talked about Lambda, serverless technology, go figure out what is the best solution. We ended up running ours, our website serverless. We were one of the first. And from that, we brought our website costs down from hundreds of dollars to pennies a month. So it's a huge savings. And then we started, um, about two years ago, we spoke with our utility company. Um, there were saying how with machine learning, they were only going to be able to get a 75% accuracy for their wind turbines. And we said, well, let us take a shot at it. We have some great solutions on AWS that we think might work. We were able to redo their algorithm using AWS cloud native tools, open source data to get a 97 to 99% accuracy on a daily basis. And that saves them millions of dollars each day. >>Don's right. And as Adam was saying with some of the folks, customers, he was highlighting on main stage the other day, you are a Pathfinder. How did you get the confidence? Especially as a female minority owned business. I'd love to just get maybe for some of those younger viewers out there. How did you get the confidence to, you know what? I think we can do this. >>I think for me, I, I, I don't like to take no for an answer. There's always a solution. So we're always looking at technology, seeing how we can use it to get a better answer. >>What do you think about reinvent this year? A lot of goodies here every year, there's always new creative juices flowing because it's a learning conference, but it's also feels like a futuristic kind of conference. What's your take this year? >>I don't know if you happen to attend midnight madness when they were talking about robotics and the future with that. I mean, we've been talking about that for a number of years of what could be created with robotics. Like even my son back in middle school was talking about creating a robot Butler. He just, everybody knows what the future is. And it's so great that we finally have the foundation in technology to be able to create these >>Well, if you're someone that doesn't like to say, no, does your son actually have a robot Butler these >>Days? He's still working on it. >>That's a good answer to say, Hey, sorry, your mom's not going to be there to get the robot. The latency thing. This is the robot. First of all, we'd love the robotics, I think is huge. We just had George on who's the fraught PM for ECE to edge and late, the wavelength stuff looks really promising for the robotics stuff. Super exciting. >>Yes. We can't wait to start playing with it more. I mean, it's something that our team has been dabbling. We spent probably about 30% of our time on R and D. So we're looking at the future and what we can invent next because >>You guys can affect such dramatic changes for customers. You talked about that wind turbine customer going from 75% accuracy to 97, 90 8%. Where are your customer conversations? Cause that's, is, are they at the C level with showing organizations that dramatic reduction in costs and workforce productivity increased that they can get? >>We talk with everyone it's it could be the solution architect. It could be an intern. It could, and we're just sharing our ideas with them. And we also talk with the C level. Um, it's just, it's everybody is interested in and they have different, different ideas that they want to share. So with the solution architect, we can share with them the code and how we're going to architect it. While the C level, we just pointed out black and white, this is your cost. Now this is what your cost is going to be. And everybody is happy. They, they jump on board with it. >>Lisa, you mentioned 30% R and D by the way, it's awesome. By the way, that's well above most averages, what are you working on? Because I totally think companies should have a big R and D play around budget, get a sandbox, going get some tinkering. Cause you never know where the real discoveries we had. David Brown who runs NC to nitro, came out of a card on the network. So you'd never know where the next innovation comes from. What's the, what are you guys doing for R and D? What's the fun projects are what endeavors. >>So there's two of them. One is actually a product, which is a little bit out of our comfort zone, but we're, we're, we're looking to develop something that will be able to help, um, NASA. So that's the goal where, you know, we've been working on it since they released their ma their mission to Mars projection. So it's something that we're very passionate about, but then we're also building a software. Uh, we've been working on it for about three years now and we actually have two customers prototyping it. So we're hoping to be able to launch it to the public within the next year. >>You mentioned NASA and I just about jumped out of my chair. That was my first job out of grad school was really the space program. Can you tell us a little bit more about what you're helping them do? I love how forward-thinking that they are, obviously they always have been, but tell me a little bit more about that. >>So I can't share too much because it's one of those things is a common sense thing. Once you think about a little bit more, it's kind of like why didn't anybody never think about this? So we're using new technology and old technology together to combine the solution. >>Ooh, I can't wait to learn more. Talk to us about these. Think big for small business TB SB program at AWS. How long have you guys been a part of that and what is it enabling? What is it going to enable you to do in 2022? So >>The think big for small business program was the brainchild is Sandy Carter. And I am always, always going to be grateful to her. Um, I met with her in 2019. I shared her journey, our journey with her about how we started out being a premier partner and then over time, because there's so many other partners, we were downgraded. And because just because we're a small business, and even if I had every employee, even my admin staff certified, we would never have enough employees to be to the next level, even though we had the customers, the references. So she listened to us and other small businesses and created the program. And it's been a great opportunity for us because we're, we're gaining access to capital, you know, funding for opportunities. We're getting resources for training. So it, for us, it's been a huge advantage. >>It sounds like a part of that AWS flywheel that we always talk about. John Sandy Carter being one of our famous Cuba alumni. She was just on yesterday with you. Okay. >>And there's so many opportunities for all businesses because you can, you can tackle these problems. You don't have to be a large partner. You can have specialty in AI works really well in these specialized environments. And even technically single-threaded multithreaded applications, which is a technical CS term is actually better to have a single threaded. If you have too many cores, it's actually bad technically. So the world's changing like big time on how technology. So I'm a huge fan of the program. And I think like it's just one of those things where people can get it from cloud and be successful. >>Yes. And that's the goal. I mean, there is so much opportunity in the cloud and we bring interns on all the time, just so they can learn. And what, what resonated with me the most was we brought a high school senior in, he goes, I was with you guys for three months. I learned more in three months, I did four years of high school. And he's like, you set me up for the future. >>Oh my gosh. If there's not validation for you doing in that statement alone. My goodness. Well, you know, some of the things that, that are so many exciting announcements that have come out of this reinvent, so great to be back in person one. Um, but also, you know, being able to help AWS customers become data companies. Because as we were been talking about the last couple of days, every company has to be a data company. You gotta figure it out. If you're, if you haven't by now, there's a competitor right back here, who's ready to take your spot. Talk to us about what excites you about enabling companies to become data companies as we head into 2020. >>Well, for us, everybody has so much data nowadays. You know, I mean even think about cell phones, how much data is stored in that. So each device has so much information, but what do you do with it? So it's great because a lot of these companies are trying to figure out what, how can we use this data to prove that improve the experience for our customers? So that's where we've been coming in and showing them, okay, well, you can take that data. You look at Lisa and John cell phone. You see that they, they love to look up where they're going to go on their next vacation. You can start creating algorithms to make sure that they get the best experience one for the next vacation to make sure it's not a won't Rob the bank. >>Awesome. And going on vacation tomorrow. So I'll be, I'll be expecting some help from you on that. It's been great to have you on the program. Yeah. Congratulations on the success, the partnership, and where can folks go if if young or old years are watching and are interested in working with you, it's the website where they, where can they go to learn more >>Information? So they can go to D L Z P group.com >>DLZ P group.com. Awesome. Lisa, thanks so much for coming back on the program. Great >>To see you. Thank you so much. All >>Right. For John furrier, I'm Lisa Martin and you're watching the cube, the global leader in live tech coverage.

>>mm we are back and with us now is Alan welcome from the 65 oh Group 650 is a market research company and their specialty focus areas are cloud and IOT. They look at growth markets, They also look at the broader communications and information technology industries. Alan has been a leading data center researcher for over a decade and an enterprise class switch designer. So he's got the chops in that in that sense. Alan, welcome to the cubes. Great to see you. >>Great. No thanks so much for having me looking forward to discussing this with you. >>Okay, so let's get right into it. I mean what is your initial reaction to this announcement? The news? What do we need to know about it? >>I think this is an amazing product. We're heading into a whole new class of product here. Something that can address future designs. So if we look at kind of data center switching in the market, we've been looking at market where we created a new class of category about 15 years ago in data center switching. And we're at a point where we need to start looking forward in the market to address new use cases and sort of customer pain points out there. >>So how should we think about this new category? What's your take on why this is necessary. Why now? >>Well, I think again, if we go back in time, about 15 years ago we created data center switching as a category and the reason for that was we had purpose built products to address a unique use case. When we look at now we have a new use case forming whether it's sort of multi cloud Or how we're deploying applications and security things are different and we need a new class of product in order to address that. And if we look at kind of the opportunity here, we're talking about a market and a class of product that's going to do north of $10 billion dollars in just a couple years. So we have a magnitude and sort of a market category that makes sense to kind of be differentiated and unique from the way we've been looking at the markets in the past. How >>should we think about sort of a follow up on this? If I may, how should we think about, you know, the history of whether it's F P G A or a C X. You're seeing a lot of more program ability built into the system on chip these days. How do you see that trend fitting in and is that an important trend that you would note? >>Yeah, absolutely. So if we look at kind of the way the servers evolved, we have F P G A S a six smart nick now we call them Gpus and it's really been to address these pain points via hardware and software out there and to a certain extent the server has been a little bit ahead with that smart nick and now DPU category and this creates a great opportunity for the network to embrace the same sort of technology and accelerate how we're deploying workloads and really sort of solve those customer pain points, right. The human just can't scale relative to what we've been doing in the past. Got >>it. So how do you think customers are gonna react to this used to be a designer of this type of equipment? How and why might a customer adopt this type of solution and maybe what are some of the barriers that they'll need to consider when, when moving to this approach? >>Yeah, I think customers are going to be excited, right? If you look at it again, they can't scale, they have application Creep, they have security creep, they have data creep out there and this class of product allows them to kind of look at the network a little bit differently and maybe build the network kind of on a go forward 10 year basis than sort of in the past out there. And that's why they're going to look at it in terms of deployments hurdles, I'd say not so much out there. Right. The hybrid cloud and enterprise is moving so fast these days, whether it's because we're working from home or just sort of the agility factor that I think they'll be quick to embrace this because it will enable them to move faster and be more agile or just say more cloud like >>so is that really the use case here? It's kind of cloud slash hybrid cloud on prem cloud and then ultimately connecting to the edge. >>It is, yeah, absolutely. So everyone uses a different term for hybrid cloud or co location or things like that. But ultimately this is the part of the market that's growing very rapidly for enterprises as they try to move their applications, their workflows and their data to more hybrid environment out there. And some of that is as simple as just moving the data. And some of that is kind of going into security and sort of questioning how you move that data around and secure it on a forward basis. A lot >>a lot of customers we talked to tell us, look, the security in the cloud is fine. It's just may be somewhat different and we want to have greater flexibility. So we either want to do this on prem or the other big trend that we see. And I wonder if you could talk about this is we see people putting infrastructure into a Coehlo uh to offer to allow themselves to maybe not get locked into a single cloud provider, expand their optionality building their own sort of infrastructure layer, their own sort of internal cloud, if you will. Can you comment on that? >>Yeah. Co location is a very big trend out there. As you said. It enables you to not be locked into your particular cloud provider. It also gives you proximity to all cloud providers, all staffs providers out there. Uh so deploying and polo makes a lot of sense out there and that creates another pool of data or pool of information that the IT managers need to think about in terms of managing out there. >>So what's the sweet spot for this? And thinking in terms of a business cases that consolidating sort of legacy infrastructure simplification, enabling people to transfer skills up up the stack if you will to support their digital transformation. How do you see the business case evolving here? Alan, >>yeah, it really is simplification and that digitization journey that all enterprises are on the human just simply can't scale with the number of applications or the complexity of those applications and as you get more complex, your costs go up. So this is really about simplification, reducing costs and again, kind of building and taking that journey Forward for the next 10 years vs doing things the same way you've been doing it there, which allows you to move up stack. How do you >>see this partnership, HP Ruba Pensando. Do you see it as unique in the business or the ahead of the game in your opinion? How do you sort of handicap that? >>Yeah, it is unique and it is ahead of the game. So there is a first mover advantage going on here, but I think this partnership shows how the data center is going to be different 5, 10 years in the future and we're starting to create purpose built products to address that change. We simply can't build the way we've been building in the past. Again, whether it's the device not scaling or the human not scaling, we need to look at this differently for many, many reasons. >>Awesome. Okay, alan, we got to leave it there really. Thanks for bringing the analyst perspective. We'll give you the last word. If there's any kind of research you've got, that's worth noting or any last thoughts, please bring it home. >>Yeah, we've been tracking this space for over, You know, 15 years personally. Uh, and there's a lot of new research we have in this area, whether it's this class of product data center switching, uh, location types out there, verticals. So we're really excited to kind of be at the forefront. Well, thanks vision on the future. >>Well, thanks for that, appreciate it. Look, we've been covering this announcement and the initiatives around disrupting the traditional space and uh we thank everybody for watching. Remember all this content is available on demand. If you want more information. Just hit up your HP Aruba rep, you know, I'm sure they'll be eager to help you out. So, again on demand, we will be available immediately. Appreciate you watching the cubes, coverage of the HP, Aruba Pensando announcements, appreciate it. >>Mm

>>From the Bellagio hotel in Las Vegas, it's the cube covering UI path forward for brought to you by UI path >>Live from Las Vegas. It's the cube. We are here with UI path at forward for I'm Lisa Martin, with Dave Volante and a lovely setting at the Bellagio. We're going to be talking about automation from the CFO's perspective. Our next guest is our jet guard group financial officer at landmark group, or just welcome to the program. >>Thank you so much. Thank >>You. Before we dig into your transformation strategy and how automation is a key to that, help the audience understand a little bit about landmark. >>Absolutely. So landmark is one of the largest, uh, non-food primarily retailer in the middle east and Asia, India, and now increasingly in Southeast Asia. So we've got about 50 brands, uh, more than half of them, which are homegrown our own brands and some franchise brands. So about 2,200 stores, uh, across 20 countries, 55,000 employees. Um, so 30 million square feet of retail space >>They company. When was the company founded, >>Uh, 48 years ago, >>Legacy institution you were mentioning before we went live that you guys have been working with UI path since 2017. So talk to me about that legacy institution, embracing cloud digital transformation and automation as a, from a visionary strategic perspective. >>Yeah. So look, I mean, you know, you get so many technologies that are being thrown at you. So I would say you have packed or robotic process automation was just another one like that. So I wouldn't say it was like part of a grand strategy. You know, it comes as it looks like, Hey, this is cool. You know, in the, in the back office, when somebody showed me first 10 desks with nobody sitting on them, it's kind of spooky. So he said, Hey, this, this looks very interesting. So it started off like that, but then it has just grown because we've stayed with it. So we've amongst things in the early part of your parts customers and, and it's been phenomenal, you know, what, uh, what we're able to do with, uh, with, uh, robotic process automation. Uh, I mean, you know, I've been in this industry with my past employers, like Proctor and gamble and Cadbury, Schweppes, and all, and essentially we used to follow the part of, you know, you eliminate all the non-value add you, then try and automate whatever your ERP system, then all allowed you to automate. >>Then what's left, you consolidate, and then you find the right shore, right. It can be offshore or wherever. So that was the sequence. But I think a lot could not be automated because there are huge gaps in the systems that are being offered and you have a mosaic of systems, every company will have. Right. Um, and then we would end up doing lot more offshore or, you know, other kinds of tactics, but then once RPA showed up on the scene, it's suddenly disrupted everything because now whatever the systems can do, or when you have to move data from one system to the other or make sense out of it, that's where this technology sits. And so that's, so that's very, I, you know, we've now got a pretty large, uh, robotic process automation practice. And, and, you know, we are touching started with finance and now we are pretty much enterprise wide. So all the, >>These technologies are coming together, automation, RPA, cloud AI, they're all sort of converging. And as a retailer, I'm curious as to what your cloud strategy is and how that fits and all, there's always a lot of sensitivity from retailers that don't want to be on Amazon, maybe some do. And they say, Hey, we've, we've we compete in other ways, what's your posture in that? >>So we've also been an early adopter of cloud, both. If I talk within the UI path thing, we were, I think the first ones to put it on the cloud, because we just saw, even before you are part, uh, we saw how people could tamper with it, you know, attended robots, you know, on the desktop one. So we went on the cloud and that was good, uh, way back. But overall, the company also has a very pro you know, Val defined cloud strategy. So we are, you know, pretty much all a large part of our systems are on the cloud with Azure. >>Yeah. So, which makes sense, right. As a retailer, go, go with Azure, plus somebody, Microsoft, you know, X, such a lot of Microsoft expertise out there that you can leverage. And I got to ask you because everybody's freaked out on wall street about power automate, you know, competing with UI path. And I've told people they kind of different parts of the spectrum, but I've talked to a lot of customers this week. So yeah, we use both. We use UI path for end-to-end automation. We use power automate for a lot of our personal productivity stuff. How do you guys, do you use, uh, the power automate? How do you see those two? Yeah, >>No, I think, look, it's inevitable. A lot of technologies will keep evolving. I think Microsoft is a fantastic company. I mean, the way they perfected teams right in time, you know, and pretty, always hit, uh, a year before COVID hit teams was not ready, you know? So I think I know power automate is good. We use it, but not as you know, it's not ready for enterprise wide. So I think more, I'm not an expert in power automate yet. Um, you know, what, it kind of seemed more like when it's linked to the office automation versus linking major enterprise wide or >>Which is really where you're headed. Yeah. Talk about the results that you've seen, the higher you're measuring the return and the whole business case. When you evaluate it as CFO, >>See it being a CFO, I wear two hats. Right. I'm trying to help digital transformation. Although I must say I'm not the only one our company has. Every function is these days talking digital. Right. Because it's almost like table stakes. Yeah. Uh, you, you can't be in business a leader and we are like a leader in all the markets we are, and there's no choice, but to be fully digital. Right. Uh, but being a CFO absolutely. You know, you do look at the hard dollars. Right. Um, and initially when you're pushing any technology to any functional head or your colleague or the CEO or the board, they do want to see the dollars because a lot of softwares talk about the soft benefits. Um, I think they gotta pay for themselves. So I think it's like, yes, if I can get the hard dollars and then I can demonstrate softer benefits, whether it is the quality of work, less errors, better compliance, right. >>Or I think employee, uh, work work-life balance, right. I mean, in, in, uh, we are, uh, in a growing company we've been growing for the last four decades and there's a constant struggle to help colleagues maintain better work life balance. So I think once the basic return is off the table, everyone's talking about the quality of work enabling. And I think now we've, we are proudly talking, you know, that, Hey, we've got a lot of people, um, we've hired them. But what we are using of them is their fingers, their eyes, ears, and that's about it. Can we now get them to use their brain? So it's like, Hey, it's a freebie. You got so many people let's start using the gray matter. And that's, I think what this technology does, it takes away the Gronk and you can then tell them, Hey, analyze the data, look at it, better business outcomes. And I think that's where the real value is. >>That is, so we've heard a lot about time saved hours saved. That's kind of the key, a key metric. And you look at that as hard dollars. How, how do you translate that to the income statement? >>So, so let's put it, uh, you know, I was looking at applied science, applied materials presentation, and they had a 150,000 hours saved. Uh, I just did our math. I mean, so we've so far saved 342,000 hours per annum removed out of the system. Right. But I would say not all I can say, I took them to the bottom line. So probably 70% of that, because the rest is probably gone back to people doing more value added stuff. >>So how does it hit the income statement? Is it hit it as new revenue or cost savings or savings reduction in >>Yeah. Or are you don't hire as many as you needed to? Uh, >>Yes. That's the missing link. Yeah. Okay. Absolutely. Is I was going to need to hire or what 1,100 people hire 10 or whatever it is. Okay. Now I'm sorry. Does that, is that, does that get into a debate? Like, cause I can see a lot of people, if we don't do this, we're going to, you know, and then as a CFO, you might say let's defend that a little bit. >>Seek cost avoidance is always debated. Yep. And that's why I said, as long as you can prove that the hard dollars taken to the bottom line are visible and you can put your finger on them, then people become more comfortable saying, okay, as long as you know, I've got my payback, I've got something I can, you know, make sure that my cost line is not going up because it's very easy to do, you know, kind of say, Hey look, all this soft benefits and now your cost has also gone up. So I think once the, the, the hard dollars that you can bank are out of the way, then you can talk about costs avoided, and then you can talk about the softer benefits. Are there, there is no doubt because you try and what we do is we tell people if they're in a cell, okay, we'll shut, shut it down. >>I say, Hey, wait, well, right then, you know, but so you have four years of data on this, so you can prove it. And by the way, soft dollars are where the real money is. I don't mean to denigrate that, but I get into a lot of discussions with CFO's like, okay, show me the hard dollars first and then the hard, the soft dollars or telephone numbers. Yeah. >>Yeah. I think I look at it as an inverted pyramid. Yeah. Where you start with the cost saved, which is the smaller part of the pyramid. And then you get speed, right. Because speed is actually a big thing, which is very difficult to measure. Right? I mean, I'll give you an example in none of our largest markets, right. In the middle of COVID, they announced all products that are being imported, which is for us about 80,000 of them, um, uh, need to have a whole bunch of compliance forms on the government portal, import certifications. And you got like a month to do all that work. So now you'll get an army of 20, 30 people train them. We did nothing. We built the barns and we were ready ahead of competition. And I think, and, and life continues. Now the supply chain officer will sign on the dotted line for you saying he would have had to hire 30 people. And he, it's not easy to hire suddenly, but we were compliant and, and now that's cost avoided. But I would say a big business benefit because we were the first ones to have all our products compliant with the market requirements. That's a >>Great example. >>I think about some of the IDC data that was, did you see that that was presented this morning, looking at, you know, the positive outlook as, as RPA being a jobs creator over time. Talk to me a little bit about how you've navigated that through the organization and even done upskilling of some of those folks so that they're not losing, but they're gaining. >>I think there is, you know, you have to take all these projections with a pinch of salt, you know, I mean, saying you will, the world will save $150 billion and all, I mean, if you add all the soft dollars. Yes. But in reality, you know, I lose joke about it. If you take all the technology initiatives in a company and you add all the MPVs and that they have submitted, that would be larger than the market cap of the company. >>It's true. All the projects add up to more value. >>I think, I think, you know, we don't get carried away by these major projections, but I think some of it is true. I mean, you know, I kind of talk about the Luddites, right? I mean, when the first, you know, weaving machines game in, in Northern England, near Manchester and these Luddites, they were called, they were going around breaking down these machines because they were supposed to take away jobs. Now reality is a lot of people did lose jobs who could not make the transition, could not retrain themselves. It is inevitable. It will happen. But over time I would say yes, there have been lot more employment. So I think both go hand in hand. Um, but yes, the more one can help retrain people, get them to, you know, say, Hey, you don't need to spend the rest of your life. Copy pasting and just doing data entry. Uh, you can look at the data and make sense out of it. How much >>Of that was a part of your strategic vision years ago? >>I think years ago we knew it, but it was more, let's get these, you know, simple. When you have hundreds of people in a, in a back office, how do I get them to do more work or have slate or meet my, you know, my productivity goals? I would say it starts with that. Okay. Uh, if you start, uh, deep down because I, I am, you know, I believe in technology, I knew it, it would happen that we would eventually go from, let's say, robotic process automation to intelligent process automation. Right. Which is coming for us. It's we are able to see it, you try and sell that as the lead in and people shut down >>Because they're seen by intelligent process automation. W what do you mean? And, and >>So it's look, if I've got, uh, my robots and the tech, the RP infrastructure, which is processing whole bunch of transactions right now, if I'm able to add in some machine learning or AI, or what have you on top of it, and then I can read the patterns I can, for example, you know, we, we now have built on top of all the various security in our payment systems. If you've got a bot, which then does a final check, which goes and checks the history of that particular vendor as to what is the typical payments being done to that. And then it flags, if it's V out and it stops the payment, for example, right? So, or it goes and does a whole bunch of tests. We're building constantly building tools. So that's kind of, you know, a bit more intelligent than just a simple copy paste or, or doing a transaction >>Because why that's their job or because they it's a black box. They don't know how that decision is made. Or >>I think a lot of these have been sold previously similar technologies and things that would be, you know, the next best thing since sliced water and people have lost fit. So you got to show them the money and then take them along the journey. If you go too fast and try and give this whole, you know, people are smart enough and it, it turns them off. >>It's one of the failures of the tech industry is the broken promises. I can, I can rattle many off >>Cultural shift. It is. It is. How did you help facilitate that? See, I mean, we, we took, you know, the bottoms up and top down approach, uh, you know, the top down was, uh, I have my whole leadership team and as a joke, we locked them up in the boardroom and we got them to build bonds a long ago. And we said, let each of you, you know, download your bank statement and send yourself, uh, you know, if you say any transaction above 10,000, whatever, um, send, send an email to yourself. So as simple as that, or download the electricity bill and, and send it to your wife, you know, something like that. And half of them were able to build a bot in that couple of hours. The other half looked at it, and obviously are, you know, many of them are not as tech savvy, but it helped build the kind of it's aha moment three years ago that, wow, you know, I can build a bot. Um, for some people it was like, oh, they taught these metallic 10 bots are going to walk into the room. >>I love it. The bottom who's responsible for governance. >>So we've got a, we've got a team across it and finance. Um, I mean, somehow I have kind of, you know, created the skunkworks team. The S the center of excellence sits with me. Um, uh, but overall it's a combination and they now run governance, uh, you know, 24 7, >>Uh, you know, sorry, I got to get my crypto question. I ask every CFO's, when are you going to put crypto in the balance sheet? I know I'm teasing, but what you see companies doing this? Has it ever come up in conversation? Is it sort of tongue in cheek joke? Or what do you make of the crypto? >>Yeah, I think personally I'm a big believer, uh, but not for, uh, for a company. I think the, the benefit case of a company, we are not that, you know, we have enough other face too, you know? Um, uh, I think, uh, it's a bit further out for a company to start taking balance sheet position because that's then a speculation, right? Because, so I'm a believer in the benefit of the blockchain technology. We actually did a blockchain experiment a couple of years ago, moving goods, uh, from China to Dubai and also making the payments through a blockchain to, um, so we see huge benefits. We are working with our bankers on certain other initiatives, but I think on the balance sheet sounds like speculation and use of capital. So yeah, if it brings efficiency, if it brings transparency, which is what blockchains do, uh, I think absolutely it's, it is here to stay >>Last question. And then the last 30 seconds, or so for your peers in any industry who are it was, we saw some of the stats yesterday, the amount of percentage of processes that are automateable that aren't automated. What's your advice, recommendations to peers about pulling automation into their digital transformation strategy? >>I think, um, digital transformation can be hugely aided and accelerated if you first put RPLs, because that is the layer, which goes between the humans and whatever technology is out there or whatever you keep buying. So I think because they will be in every area, new technologies coming up, it's better to put RPA first because you can then get more benefit from whatever other technologies you're bolting on. So I would say it's a predecessor to your broader digital transformation, rather than just a part of it. >>Got it. A predecessor, or just thank you for joining Dave and me on the program today, talking about what you're, how you're transforming landmark. Good luck in your presentation this afternoon. I'm sure a lot of folks will get some great takeaways from your talk. >>Thank you so much. It's been >>Great. Our pleasure for Dave Volante. I'm Lisa Martin live in Las Vegas UI path forward for it. We'll be right back after a break.

>>it is time to take a look at what piers up to from a slightly different perspective to help us do that as scott Sinclair, who is a senior analyst at the enterprise strategy group and scott, thanks for joining us here on the cube. Good to see you today. >>Great to see you >>All right. So let's let's jump into this first. We'll get to the announcement just a little bit first off. In terms of pure strategy as you've been watching this company evolve over over years now. How has it evolved? And and and then we'll move to the announcements and how that fits into the strategy. First off, let's just take them from your point of view. Where have they been and how are they doing? >>Yeah. You know, you know many people know a pure, maybe they don't know of their history is an all flash array. I think Pure has always been ever since they entered the I. T. Industry as as a pioneer. They're one of the early ones that said look we're going all in on the all flash array business and a focus on flash technology. Then there were early pioneers and things like evergreen and things like storage as a service capabilities for on premises storage and the entire time they've had a really you know almost streamlined focus on ease of use, which you know from the outside. I think everyone talks about ease of use and making things simple for I. T. But Pure has really made that almost like core as part of not only their product and they're designed but also part of their culture and one of the things and we'll get into this a little bit as we talk about the announcements but you know if you look at these announcements of where Pure is going there trying to expand that culture that DNA around ease of use or simplicity and expanding it beyond just storage or I. T. Operations and really trying to see okay how do we make the entire digital initiative process or the larger I. T. Operations journey simpler. And I think that's part of where pure is going is not just storage but focusing more on operations and data and making it easier for the entire experience. >>So so how do the announcements we're talking about uh whether three phases here and again we'll unpack those separately but just in general how did the announcements and you think fit into that strategy and fit into their view and your view really of of the market trends. >>You know I think one of the big trends is you know I. T. In terms for most businesses is it's not just an enabler anymore. It is actually in the driver's seat. Uh You know we see in our research at TsG we just did this study and I'm going to glance over my notes as I'm kind of talking but we see one of the things is more than half of businesses are identifying some portion of the revenue is coming from digital products for digital services. So data is part of the revenue chain for a majority of organizations according to what we're seeing in our research and so what that does is it puts I. T. Right in that core you know that core delivery model of where the faster I can operate the faster organizations can realize these revenue opportunities. So what what is that doing to tighty organizations? Well first off it makes your life a lot harder. It makes demands continue to increase. But also this old this old adage or this old narrative that I thi is about availability it's about resiliency, it's about keeping the lights on and ensuring that the business doesn't go down. Well none of that goes away but now I. T. Organizations are being measured on their ability to accelerate operations and in this world where everything is becoming more and more complex they're more demands, organizations are becoming more distributed. Application demands are becoming more diverse and they're growing and breath all of this means that more pressure is falling not only on the I. T. Operations but also on the instructor providers like pure storage to step up and make things even simpler with things like automation and supplication which again we're going to talk about but to help accelerate those operations. >>Yeah I mean if your devops these days I mean and you're talking about kind of these quandaries that people are in. Um but I mean what are what are these specific challenges do you think? I mean on the enterprise level here that that that pure is addressing? >>Yeah well so for example you talked about developers and you know dr going into you know that in particular I want to say let's say you know glancing my notes here, about two thirds of organizations say they're they're under pressure to accelerate their I. T. Initiatives due to pressures from specifically from devops teams as well as line of business teams. So what does that mean? It means that as organizations build up and try to accelerate either their revenue creation via the creation of software or products or things that that drive that support a devops team maybe it's improving customer experience for example as well as other line of business teams such as analytics and and trying to provide better insights and better decision making off of data. What that means is this traditional process of I. T. Operations of where you submit a trouble ticket and then it takes you know after a few days something happens. And they started doing analysis in terms of basically what ends up being multiple days or multiple weeks to end up to basically provision storage just takes too long. And so in these announcements what we're seeing is pure delivering solutions that are all about automating the back end services and delivering storage in a way that is designed to be easily and quickly consumed by the new consumers of I. T. The developers the line of business teams via a. P. S. Where you can write to a standard api and it goes across basically lots of different technologies and happens very quickly where a lot of the back end processes are automated and essentially making the storage invisible uh to these to these new consumers and all of that just delivers value because what what these groups are doing is now they can access that get the resources that they need and they don't have to know about what's happening behind the scenes which candidly they don't really know much about right now and they don't really care >>right. You know what I what I don't see what I don't know won't hurt me. Exactly and as we know it can. Um All right so let's let's look at the announcements Pure fusion. Um I think we're hearing about that just a little bit before earlier in the interview that day was conducting. But let's talk about pure fusion and your thoughts on that. >>Yeah confusion is what I was talking about a little bit where they're they're abstracting a lot of the storage capabilities and presenting it as an A P. I a consistent api that allows developers to provision things very quickly and where a lot of the back end services are automated and you know essentially invisible to developer and that is I mean it's it addresses where you know I kind of talked about this with some of the data that we just you know, some of our research stats that we just discussed but it's where a lot of organizations are going. The bottom line is you know we used to you know in a world where it services weren't growing as fast and where everything had to be resilient available, you could put a lot of personnel power or personal hours focused on okay, making sure every box and everything was checked prior to doing a new implementation and all that was designed to reduce risk and possibly optimize the environment, reduced costs. Now in this world of acceleration, what we've seen is organizations um need faster responsiveness from their I. T. Organizations. Well that's all well and good. But the problem is it's difficult to do all those back end processes and make sure that data is fully being protected or making sure that everything is happening behind the scenes the way it should be. And so this is again just mounting more and more pressure so with things like pure fusion, what they're doing is they're essentially automating a lot of that on the back end and really simplifying it and making so storage or I. T. Administrators can provide access to um to their line of business to development teams to leverage infrastructure a lot faster while still ensuring that that all those back end services, all those operations still happen. >>Port works, data services also announced and hearing from Dave from that perspective, maybe a game changer in terms of storage. So your take on that import works. >>I really liked what works. I've been following them ever since prior to the acquisition. Um, you know, one of the things that they were very early on is understanding the impact of microservices on the industry and really the importance of designing infrastructure around for that for that environment. I think what they're doing around data services is really intriguing. I think it's really intriguing first off for Pure as a company because it elevates their visibility to a new audience in the new persona that may not have been familiar with them. Right? As organizations are looking at one of the things that they're doing with this um, with this data services is essentially delivering a database as a service platform where you can go provision, you know, and stand up databases very quickly and again, similar to, we talked about fusion a lot of those back end processes are automated um really fascinating, again aligns directly with this acceleration need that we talked about, so, you know, huge value but it's really fascinating for Pure because it opens them up to, you know, hey, there's this whole new world of possible consumers that where there's, you know, that where they can get experience to really the ease of use of Pure is known for a lot of the capability. Support works is known for, but also just, you know, increase, you know, really the value that pure is able to deliver to some of these modern enterprises >>and just did briefly on the enhancements to Pure one also being announced today. Your take on those >>um you know, I like that as well. I think one of the things if I kind of go through the through the list is a lot of insights and intelligence in terms of uh new app, you know, sizing applications for the environment if I remember correctly um and more, you know, better capabilities to help ensure that your environment is optimized, which candidly is a is a top challenge around the organizations we talked about again, I keep hitting on this need to move faster faster, faster. One of the big disconnect what we've seen and we saw it very early when organizations were moving to for example public cloud services is this disconnect towards for this individual app. How many resources do I really need? And I think that's something that you know, vendors like Pure need to start integrating more and more intelligence and that's what my understanding is they're doing with Pure One, which is really impressive. >>Well, solid takes scott, we appreciate the time, thank you for your insights and what has been a big day for pure storage but thank you again for the time scott some clarity and her enterprise strategy group senior analyst there, let's go back to day Volonte now with more on the cube. >>Thanks for watching this cube program made possible by pure storage? I want to say in summary. You know, sometimes it's hard to squint through all the vendor noise on cloud and as a service and all the buzz words and acronyms in the market place. But as we said at the top, the cloud is changing. It's evolving, it's expanding to new locations. The operating model is increasingly defining the cloud. There's so much opportunity to build value on top of the massive infrastructure build out from the hyper scale is $200 billion dollars in Capex last year alone. This is not just true for technology vendors but organizations are building their own layer to take advantage of the cloud? Now of course technology is critical. So when you're evaluating technology solutions, look for the following first the ability of the solution to simplify your life. Can it abstract the underlying complexity of a cloud multiple clouds connect to on prem workloads in an experience that is substantially identical irrespective of location. Does the solution leverage cloud native technologies and innovations and primitives and a P. I. S. Or is it just a hosted stack? That's really not on the latest technology curve whether that's processor technology or virtualization or machine learning streaming? Open source tech et cetera. 3rd, How Programmable is the infrastructure? Does it make developers more productive? Does it accelerate time to value? Does it minimize rework and increase the quality of your output for? What's the business impact? Will customers stand up and talk about the solution and how it contributed to their digital transformation? By flexibly supporting emerging emerging data intensive workloads and evolving as their business rapidly changed. These are some of the important markers that we would suggest you monitor pure is obviously driving hard to optimize these and other areas. So watch closely and make your own assessment as to how what they and others are building will fit into your business Now as always, this content is available on demand at the cube dot net. So definitely check that out. This is day Volonte for jOHN walls and the entire cube team. Thanks for watching everybody. We'll see you next time.

>> Narrator: From theCUBES studios in Palo Alto in Boston connecting with thought leaders all around the world. This is theCUBE conversation. >> Hello and welcome to the 2021 AWS global public sector partner awards. I'm your host Natalie Erlich. Today we're going to highlight the most valuable valuable Amazon connect appointment. And we are now joined by Steve Careful, adult social care expert PA consulting group and Graham Allen, the director of adults health and care at Hampshire county council. Welcome gentlemen to today's session. >> Thank you Natalie >> I love you Natalie. >> Well by now we are really familiar the call to shelter in place and how it especially affected the most vulnerable of people. Give us some experience or some insight on your experience with that, especially in light of some of the technology that was deployed. Let's start with you, Graham. >> Yeah, Thank you. So just by way of context, Hampshire county council is one of the largest areas of local government in England. So we have a population of 1.4 million people. And when a lockdown was imposed by the national government of England in the 23rd of March 2020. Shortly thereafter the evidence in terms of vulnerabilities around COVID-19 strongly identified that people with a range of clinical conditions were most vulnerable and needed to shield and self issolate. And for the size of our population, we quickly were advised that roughly some 30,000 people in the initial carts because of political vulnerabilities needed to sheild and receive a variety of support shortly after that through the summer of 2020 that number increased some 50,000. And then by January of this year that number further increased based on the scientific and medical evidence to 83,000 people in total. So that represented a huge challenge for us in terms of offering support, being able to make sure that not only practical tasks related to obtaining shopping food and so on and so forth, but also medications but also the real risks of self isolation. Many of the people that we were needing to support when here the two known to us as a social care provider. They were being advised through clinical medical evidence needs and many of those people lived alone. So the real risk of self isolation not seeing anyone potentially for an extended period of time and the risks of their wellbeing was something very significant to us. So we needed very rapidly to develop a solution in terms of making contact, being able to offer that support. >> Yeah and I'd love it now to get your take Steve on how PA consulting group helped deliver on that call on that need. >> True so we have an existing relationship with Graham and the council, we've been working together for number of years, delivering care technology solutions to service users around the county. We were obviously aware there was a major issue as COVID and lockdown began. So we sat down with Graham and his colleagues to ask what we could do to help. We used our relationship with AWS and our knowledge of the connect platform to suggest a mechanism for making outbound calls really at scale. And that was the beginning of the process. We were very quickly in a position where we were able to actually get that service running live. In fact, we had a working prototype within four days and a live service in seven days. And from that point on of those many thousands of people that Graham's alluded to, we were calling up to two and a half thousand a day to ask them did they need any help? Were they okay? If they did need help, If they responded yes, to those, to that question we were then able to put them through to a conventional call handler in our call center where a conversation could take place about what their needs were. And as Graham said, in many cases that was people who couldn't get out to get food shopping, people who were running short of clinical medical supplies, people who needed actually some interesting things pet care came up quite often people who couldn't leave the house home and look after their dog, they just needed some help locally. So we had to integrate with local voluntary services to get those those kinds of results and support delivered to them across the whole of Hampshire and ultimately throughout the whole of the COVID experience. So coming right up until March of this year. >> Right well, as the COVID pandemic progressed and, you know evolved in different stages, you know, with variants and a variety of different issues that came up over the last year or so, you know how did the technology develop how did the relationship develop and, you know tell us about that process that you had with each other. >> So the base service remained very consistent that different points in the year, when there were different issues that may be needed to be communicated to to the service users we were calling we would change and update the script. We would improve the logistics of the service make it simpler for colleagues in the council to get the data into the system, to make the calls. And basically we did that through a constant series of meetings checkpoint, staying in touch and really treating this as a very collaborative exercise. So I don't think for all of us COVID was a constant stream of surprises. Nobody could really predict what was going to happen in a week or a month. So we just have to all stay on our toes keep in touch and be flexible. And I think that's where our preferred way of working and that of AWS and the Hampshire team we were working with we really were able to do something that was special and I'm very fleet of foot and responsive to needs. >> Right and I'd also love to get Graham's insight on this as well. What of results have you seen, you know do you have any statistics on the impact that it made on people? Did you receive any qualitative feedback from the people that use the service? >> Yeah, no, absolutely. We did. And one of the things we were very conscious of from day one was using a system which may have been unfamiliar to people when the first instance in terms of receiving calls, the fact that we were able to use human voice within the call technology, I think really, really assisted. We also did a huge amount of work within a Hampshire county council. Clearly in terms of the work we do day in, day out we're well-known to our local population. We have a huge range of different responsibilities ranging from maintenance of the roads through to the provision of local services, like libraries and so on and so forth, and also social care support. So we were able to use all of that to cover last. And Steve has said through working very collaboratively together with a trusted brand Hampshire county council working with new technology. And the feedback that we received was both very much data-driven in real time, in terms of successful calls and also those going through to call handlers and then the outcomes being delivered through those call handlers to live services out and about around the county but also that qualitative impact that we had. So across Hampshire county council we have some 76 elected members believe me they were very active. They were very interested in the work that we were doing in supporting our most vulnerable residents. And they were receiving literally dozens of phone calls as a thank you by way of congratulating. But as I say, thanking us and our partners PA at district council partners and also the voluntary community sector in terms of the very real support that was being offered to residents. So we had a very fully resolved picture of precisely what was happening literally minute by minute on a live dashboard. In terms of outgoing calls calls going through the call handlers and then successful call completion in terms of the outcomes that were being delivered on the ground around the County of Hampshire. So a phenomenally successful approach well appreciated and well, I think applauded by all those receiving calls. >> Terrific insight. Well, Steve, I'd love to hear from you more about the technology and how you put the focus on the patient on the person really made it more people focused and you know, obviously that's so critical in such a time of need. >> Yeah, you're absolutely right, Natalie. We, I think what we were able to do because I myself and my immediate team have worked with Hampshire and other local authorities on the social care side for so long. We understood the need to be very person focused. I think sometimes with technology, it comes in with it with a particular way of operating that isn't necessarily sensitive to the audience. And we knew we had to get this right from day one. So Graham's already mentioned the use of human voice invoicing the bulk call. that was very, very important. We selected a voice actress who had a very reassuring clear tone recognizing that many of the individuals we were calling would have been would have been older people maybe a little hard of hearing. We needed to have the volume in the call simple things like this were very important. One of the of the debates I remember having very early on was the choice as to whether the response that somebody would give to the question, do you need this? Or that could be by pressing a digital on the phone. We understood that again, because potentially of frailty maybe a little lack of dexterity amongst some of the people we'd be calling that might be a bit awkward for them to take the phone away from their face and find the button and press the button in time. So we pursued the idea of an oral response. So if you want this say, yes if you don't want it to say no and those kinds of small choices around how the technology was deployed I think made a really big difference in terms of of acceptance and adoption and success in the way the service run. >> Terrific. Well Graham I'd like to shift it to you. Could you give us some insight on the lessons that you learned as a result of this pandemic and also trying to move quickly to help people in your community? >> Yeah, I think the lessons in some of the lessons that we've, again learned through our response to the pandemic, are lessons that to a degree have traveled with us over a number of years in terms of the way that we've used technology over a period, working with PA, which is be outcome focused. It's sometimes very easy to get caught up in a brilliant new piece of technology. But as Steve has just said, if it's not meeting the need if we're not thinking about that human perspective and thinking about the humanity and the outcomes that we're seeking to deliver then to some degree it's going to fail And this might certainly did not fail in any way shape or form because of the thoughtfulness that was brought forward. I think what we learned from it is how we can apply that as we go forward to the kinds of work that we do. So, as I've already said we've got a large population, 1.4 million people. We are moving from some really quite traditional ways of responding to that population, accelerated through our response to COVID through using AI technologies. Thinking about how we embed that more generally would a service offer not only in terms of supporting people with social care needs but that interface between ourselves and colleagues within the health sector, the NHS to make sure that we're thinking about outcomes and becoming much more intuitive in terms of how we can engage with our population. It's also, I think about thinking across wider sectors in terms of meeting people's needs. One of the, I think probably unrealized things pre COVID was the using virtual platforms of various kinds of actually increased engagement with people. We always thought in very traditional ways in order to properly support our population we must go out and meet them face to face. What COVID has taught us is actually for many people the virtual world connecting online, having a variety of different technologies made available to support them in their daily living is something that they've absolutely welcomed and actually feel much safer through being able to do the access is much more instant. You're not waiting for somebody to call. You're able to engage with a trusted partner, you know face-to-face over a virtual platform and get an answer more or less then and there. So I think there's a whole range of opportunities that we've learned, some of which we're already embedding into our usual practice. If I can describe anything over the last 15 months as usual but we're taking it forward and we hope to expand upon that at scale and at pace. >> Yeah, that's a really excellent point about the rise of hybrid care, both in the virtual and physical world. What can we expect to see now, moving forward like to shift over to our other guests, you know, what do you see next for technology as a result of the pandemic? >> Well, there's certainly been an uptake in the extent to which people are comfortable using these technologies. And again, if you think about the kind of target group that Graham and his colleagues in the social care world are dealing with these are often older people people with perhaps mobility issues, people with access issues when it comes to getting into their GP or getting into hospital services. The ability for those services to go out to them and interact with them in a much more immediate way in a way that isn't as intrusive. It isn't as time consuming. It doesn't involve leaving the house and finding a ways on public transport to get to see a person who you're going to see for five minutes in a unfamiliar building. I think that that in a sense COVID has accelerated the acceptance that that's actually pretty good for some people. It won't suit everybody and it doesn't work in every context, but I think where it's really worked well and works is a great example of that. Is in triaging and prioritizing. Ultimately the kinds of resources Graham's talked about the people need to access the GPs and the nurses and the care professionals are in short supply. Demand will outstrip will outstrip supply. therefore being able to triage and prioritize in that first interaction, using a technology ruse enables you to ensure you're focusing your efforts on those who've got the most urgent or the greatest need. So it's a kind of win all around. I think there's definitely been a sea change and it's hard to see hard to see people going back just as the debate about, will everybody eventually go back to offices, having spent a working at home? You know, I think the answer is invariably going to be no, some will but many won't. And it's the same with technology. Some will continue to interact through a technology channel. They won't go back to the face-to-face option that they had previously. >> Terrific. Well, thank you both very much. Steve Careful PA consulting group and Graham Allen Hampshire county council really appreciate your, your insights on how this important technology helped people who were suffering in the midst of the pandemic. Thank you. >> Steve: You're welcome. >> Graham: Thank you. >> Well, that's all for this session. Thank you so much for watching. (upbeat music)

(upbeat music) >> Hello, and welcome to today's session at the 2021, AWS Global Public Sector Partner Awards, for the award for the best, Think Big for Small Business Partner. I'm your host Natalie Erlich, and we are now joined by our very special guest, Lisa Brunet, a managing Partner and President of the DLZP Group. Welcome to today's session. Now, I'd love to talk with you about how you got to partner with AWS. >> Sure, I think Natalie, thank you so much for your time today. So we started a journey with AWS back in 2012, we ran into an AWS rep at another conference, and he was talking about how he would love to do some innovative technology, because one of my reps were actually wearing gold glass, and he's like, I need something creative, I need something different. Because right now AWS, Amazon is just known for selling online books, while the cloud is only known for storing photos. So we spent a little bit of time working with them, and we came up with this idea of doing creating the test drive, where people could actually go and try a different product, like we actually did PeopleSoft on AWS. So we were able to prove that large ERP applications could run on the cloud. And that was actually faster and more resilient than having it on premise, and from there, it's been a whirlwind journey with AWS. >> Now terrific, well, how does TBSP open doors for companies and help them understand all of the tools available to them through AWS, as well as APN. >> With the Think Big for Small Business program, what it does, it gives us the opportunity to play with the big guys. So a lot of small businesses have the capabilities, they're very agile, and they have the connections, they have the capabilities. But because of our size, we have limitations on getting the number of certifications, getting the network competencies. So with this program, it evens the playing field for everybody. So now I'm able to like... I've been turned away projects because of my size, because they're like, well you're not certified by AWS at this level. But now I'm at the same level, as some of my some of the larger primes, and I'm able to compete with them head to head now. >> So has this kind of like democratizing effect. >> Yes, it does. >> Terrific. Well, to expand a bit more on how, the Think Big program has helped us overcome other kind of obstacles. >> For us, a big obstacle was always with the competencies and the certifications. So before, we would never eligible to get a competency, even though we were the ones that proved that PeopleSoft could run on the clouds. So we had the competency for Oracle Applications, we had the competency from Microsoft, but we could never, we're never eligible to actually get the competency because we were not advanced partner. And then also with the training, we were always being hindered, because we couldn't get all the discounts available at a certain level for the trading, so we had to pay full retail price. Now we get a discount, so I can send everybody for training to make sure that everybody is up to date on their certifications. >> And how do you assess your experience as an AWS partner? >> I love it, I love being an AWS partner, and that's I think what really makes the difference is the employees at AWS, they stand by us for everything. We know, of course we do give a lot of benefits to them, but anytime I have a need, I have everybody's number, I can reach out to anybody on their team and say, I need assistance with this, I'm looking to try to accomplish this, and they'll do anything they can to help us. >> And do you have any advice for other companies who might be interested in moving in that direction as well. >> For any small business, I think that Think Big for Small Business program is a great idea, just as long as you're willing to put the hard work in, and you can prove to AWS that you're willing to work hard, they'll reciprocate and work with you to create this great, to make you a great partner. >> And I'd love to hear more about your company, DLZP Group, tell us about your core market. >> So we actually were split between three different main markets. We try to be equal between public sector, private sector and federal. We are just starting our federal journey. We recently became AA certified, so we're looking to expand in the federal journey, but for us, we try to make sure that we are, we don't have too strong, we don't have more than like 33% of our income coming from any one sector, just because if there's a crisis like with the federal, when they shut down for six months, I don't want to have to layoff my employees, I value my employees too much have to say, I'm sorry, I have to lay you off. So we made sure we're resilient, and we're able to handle any customer at any given time. >> Well, let's talk about resilience, I mean, how do you ensure that you're resilient? Obviously, you've had some really tough time, in the last year or so with a pandemic, I mean, what's your advice for companies that are looking to become even more resilient in the years ahead? >> For us, I think a big thing is we've always worked hard to make sure that we offer a quality product for our customers. So that really helped us on the downtime's. When everybody was struggling, keep the doors open, our customers stood by us, because we've had a proven track record to make sure that we offer them the best solution, were there for them when they need us. So they came to rely on us and they would use this with during the past year during the pandemic. >> And if you could outline just in further detail your business model for our viewers. >> So we actually are 100% remote, and I have staff around the world. We purposely, strategically, like have everybody around the world, because some of our customers are global. We have to offer 24/7 support for them, especially nowadays. But another part was because of disaster recovery. I'm based in Houston, Texas. So we're known for getting hurricanes, that means sometimes I can be without power for three weeks. But I don't want that to affect my customers, I don't want them to feel that they can't come to us, but knowing that if a hurricane comes through, I might know my employees are going to be able to work. So we made sure that we have a great disaster recovery plan, we have where no matter what happens, manmade or natural disaster, we're able to support our customers, without any with any without a pause. And then we also make sure that all of our employees, they have a quality work life balance, and I think that also helps because that shows the clients, that we value our employees, and it makes them want to work with us more, because our employees are happy, they're happy to work with us, because they know that well (crackling drowns out speaker) >> And describe to us in greater detail, the core technology and its key benefits. >> Well, a lot we do is around AWS. So, when we first started with them, as I mentioned, we started with them with the test drive and ERP applications, but then we expanded our services, we started working with serverless, when we first heard about serverless, we were like this is a game changer. We can do almost anything on serverless and save so much money. So we years ago, we went and built our website, so it's 100% serverless. So it costs us a couple pennies a month to run, versus if you think about a traditional website, that's a couple hundred dollars a month to run, and then we started playing with machine learning. So we're now developing internal projects, where we're using machine learning for a number of applications, and we're going to keep expanding, where we're going to have a full suite of applications to give to our customers that will be run at 100% serverless using machine learning. >> Yeah, really terrific. What are your goals for the next year? What is your vision for 2021? >> My goal is to do a little bit more than federal, we're actually expanding to Canada as well. So we have officially launched there, we have employees in Canada that are working in different areas in different provinces and with the federal government to try to help AWS grow there. >> Terrific, and I thought it was just so fascinating, how you're mitigating disaster, and you know, really pushing your business forward, you know, thinking geographically, and that's something that we kind of had to all figured out with a pandemic. So in a way your business has been like a bit of step ahead of the others, and what other ways are you trying to kind of be a step ahead of the curve from the competition. >> So we're looking to stay ahead of the curve by making sure we have the right resources in place, so we do a lot, making sure that when we bring somebody on, we make sure that they're aware that this is a team based company, you're not going to be working individually on one project. We were very big on spec, so we're always making sure that, no matter what level you come in, even if you're just an intern here for the summer, you're running a project, you're getting that real world experience, you're going to even have times where I'm reporting to you, when you have to make sure I'm a accountable for the work. And that helps also build respect amongst the peers, because they know what it takes to run a project, and they're going to make sure that they do a good job, because nobody wants to see their peers if you fail. >> Yeah, well excellent insights, I agree with you. Lisa Brunet, a managing partner and president of the DLZP Group. That's all for this session, I'm your host Natalie Erlich, thank you so much for watching. (upbeat music)

(upbeat music) >> We just compressed about a decade of online commerce progress into about 13 or 14 months. So now we're going to look at how one retailer navigated through the pandemic and what the future of their business looks like. And with me is Alan Jensen who is the chief information officer and senior vice president of the Salling Group. Hello, Alan, how are you? >> Fine, thank you. >> Good to see you. Look, you know, when I look at the hundred year history plus of your company, I mean, it's a marked by transformations and some of them are quite dramatic. So you're Denmark's largest retailer. I wonder if you could share a little bit more about the company its history and how it continues to improve the customer experience while at the same time keeping costs under control so vital in your business. >> Yeah, the company founded approximately 100 year ago with a department store in Denmark. And I think in the 60s we founded the first supermarket in Denmark with the self-service and combined textile and food in the same store. And in the beginning 70s, we found that the first hypermarket in Denmark and then the discounter came from Germany early in 1980 and we started a discount chain. And so we are actually building department store in hypermarket in supermarket, and in the discount sector. And today we are more than 1,500 stores in three different countries in Denmark, Poland, and Germany. And especially for the Danish market we have a approximately 38% market share and it is the leader. We have over the last 10 years developed further into online first in non-food and now in food with home delivery with Clayton Calais. And we have done some acquisition in the convenience with me box solutions to our customers. And we have today also some restaurant burger chain and we are running the Starbucks in Denmark. So you can see a full plate of different opportunities for our customer in especially Denmark. >> It's an awesome story. And of course the founder's name is still on the masthead. What a great legacy. Now, of course the pandemic has forced many changes quite dramatic including the behaviors of retail customers. Maybe you could talk a little bit about how your digital transformation at the Salling Group prepared you for this shift in consumption patterns and any other challenges that you faced. >> I think luckily as for some of the you can say the coati solution in 19 we just roll out using our computers. We are direct access, so you can work from anywhere whether you are traveling from home and so on. We introduced a new age from delivery model and we just finalized the rolling out teams in January, February 20. And that was some very strong thing for suddenly moving all our employees from office to home and more or less overnight we succeed continuing our work and for IT We have not missed any deadline or task for the business in 2020. So I think that was a pretty awesome to see. And for the business, of course the pandemic changed a lot as the change in customer behavior, more or less overnight with plus 50, 80% on the online solution forced us to do some different priorities as we were looking at food home delivery and originally expected to start rolling out in 2022 but took a fast decision in April last year to launch immediately. And we have been developing that over the last eight months and has been live for the last three months now in the market. So you can say the pandemic really front-loaded some of our strategic actions for two to three years. >> What's that saying? Luck is the by-product of great planning and preparation. So let's talk about... what happened? >> And when you are in a company with some strong financial situation that you can move immediately with investment when you take such a decision, then it's really failing yeah. >> Right, awesome. Two-part question. Talk about how you leverage data to support the Solent group's mission and you know drive value for customers. And maybe you could talk about some of the challenges you face with just the amount of data, the speed of data, et cetera. >> Yeah, I said data is everything when you are in retail, as retail is detail as you need to monitor your operation down to each store each department. And if you can say, we have challenged that data is just growing rapidly as a year by year it's growing more and more because you're able to be more detailed, you're able to capture more data. And for a company like ours we need to be updated every morning as our fully updated sales for all unit department single skew selling in the stores is updated three o'clock in the night and send out to all top management and our managers all over the company. It's actually 8,000 reports going out before six o'clock every day in the morning. We have introduced a loyalty program and we are capturing a lot of data on customer behavior. What is their preferred of us? What is their preferred time in the week for buying different things. And all these data is now used to personalize our offers to our value customers. So we can be exactly hitting the best time and convert it to sales. Data is also now used for what we call intelligent price reductions so instead of just reducing prices with 50% if it's a close to running out of date now the system automatically calculate whether a store has just enough to finish with full price before end of day, or actually have too much and need to maybe reduce by 80% before. So being able to sell. So these automated solutions build on data is bringing efficiency into our operation. >> Wow, you make it sound easy. These are non-trivial items. So congratulations on that. I wonder if we could close HPE was kind enough to introduce us, tell us a little bit about the infrastructure of the solutions you're using how they differentiate you in the market. And I'm interested in you know why HPE what distinguishes them, why they choose there. >> When you look out a lot is looking at moving data to the cloud, but we still believe that due to performance, due to the availability, more or less on demand, we still don't see the cloud strong enough for Salling Group capturing all our data. We have been quite successfully having one data truth across the whole company and having one just one single BI solution and having that huge amount of data. I think we have one of the 10 largest sub business warehouses global. And on the other hand we also want to be agile and want to scale when needed. So getting close to a cloud solution, we saw it be GreenLake as a solution, getting close to the cloud but still being on-prem and could deliver what we need to have fast performance on data, but still in a high quality and still very secure for us to run. >> Great, thank you for that. Alan thanks so much for your time really appreciate your insights and congratulations on the progress and best of luck in the future. >> Thank you. >> All right, keep it right there. We have tons more content coming. You're watching Accelerating Next from HPE. (upbeat music)

>>from around the globe. It's >>the Cube with digital coverage of Dev >>Ops Virtual Forum Brought to You by Broadcom. Welcome to Broadcom, Step Ups, Virtual Forum I and Lisa Martin and I'm joined by another Martin very socially. Distance from me all the way. Coming from Birmingham, England, is Glynn Martin, head of Q. A transformation at BT Glenn. It's great to have you on the program. >>Thank you, Lisa. I'm looking forward, Toa. >>As we said before, we went live to Martin's for the price of one in one segment. So this is gonna be an interesting segment, Guesses. What we're gonna do is Glen's gonna give us a really kind of deep inside out view of Dev ops. From an evolution perspective, Soglo's Let's start transformation is at the heart of what you dio. It's obviously been a very transformative year. How have the events of this year affected the transformation that you are so responsible for driving? >>Yeah. Thank you, Leigh. So I mean, yeah, it has been a difficult year Bond, although working for BT, which is ah, global telecommunications company. Relatively resilient, I suppose, as an industry through covert, it obviously still has been affected and has got its challenges on bond. If anything is actually caused us to accelerate of our transformation journey, you know, we had to do some great things during this time around. You know, in the UK for our emergency and health workers give them unlimited data and for vulnerable people to support them and that spent that we've had to deliver changes quickly. Um, but what? We want to be able to do it, deliver those kind of changes quickly, but sustainably for everything that we do, not just because there's an emergency eso we were already on the kind of journey to by John, but ever so ever more important now that we are what we're able to do, those that kind of work, do it more quickly on. But it works because the implications of it not working is could be terrible in terms of, you know, we've been supporting testing centers, new hospitals to treat covert patients, so we need to get it right and therefore the coverage of what we do, the quality of what we do and how quickly we do. It really has taken on a new scowling what was already a very competitive market within the telco industry within the UK. Um, you know, what I would say is that you know, we are under pressure to deliver more value, but we have small cost challenges. We have to obviously deal with the fact that you know, Cove in 19 has hit most industries kind of revenues and profits. So we've got this kind of paradox between having less cost, but they're having to deliver more value quicker on bond, you know, to higher quality. So, yeah, certainly the finances is on our minds. And that's why we need flexible models, cost models that allow us to kind of do growth. But we get that growth by showing that we're delivering value, especially in, you know, these times when there are financial challenges on companies. >>So one of the things that I want to ask you about again looking at, develops from the inside out on the evolution that you've seen you talked about the speed of things really accelerating in this last nine months or so. When we think Dev ops, we think speed. But one of the things I love to get your perspective on we've talked about in a number of the segments that we've done for this event is cultural change. What are some of the things that scene there as as needing to get, as you said, get things right but done so quickly to support essential businesses, essential workers? How have you seen that cultural shift? >>Yeah, I think you know, before, you know, test test team saw themselves of this part of the software delivery cycle. Andi, actually, now, really, our customers were expecting their quality and to deliver for our customers what they want. Quality has to be ingrained throughout the life cycle. Obviously that you know, there's lots of buzzwords like shift left. How do you do? Shift left testing. But for me, that's really instilling quality and given capabilities shared capabilities throughout the life cycle. That Dr you know, Dr Automation drive improvements. I always say that you know, you're only as good as your lowest common denominator on one thing that we're finding on our Dev Ops Journey Waas that we were you know, we would be trying thio do certain things quicker and had automated build automated tests. But if we were taking weeks to create test scripts or we were taking weeks to manly craft data, and even then when we had taken so long to do it that the coverage was quite poor and that led to lots of defects later in the lifecycle or even in in our production environment, we just couldn't afford to do that. And actually, you know, focusing on continuous testing over the last 9 to 12 months has really given us the ability Thio delivered quickly across the the whole life cycle and therefore actually go from doing a kind of semi agile kind of thing where we did you use the stories we did a few of the kind of, you know, as our ceremonies. But we weren't really deploying any quicker into production because, you know, our stakeholders were scared that we didn't have the same control that we had when we had more water for releases. And, you know, when way didn't think ourselves. So we've done a lot of work on every aspect, especially from a testing point of view, every aspect of every activity, rather than just looking at automated test, you know, whether it is actually creating the test in the first place, Whether it's doing security testing earlier in the light and performance testing. Learn the life cycle, etcetera. So, yeah, it Z It's been a riel key thing that for for C T for us to drive, develops, >>talk to me a little bit about your team. What are some of the shifts in terms of expectations that you're experiencing and how your team interacts with the internal folks from pipeline through life cycle? >>Yeah, we've done a lot of work on this, you know, there's a thing. I think people were pretty quiet. Customer experience. Gap. It reminds me of a cart, a Gilbert cartoon where, you know, we start with the requirements here on Do you know, we almost like a Chinese whisper effects and what we deliver eyes completely, completely different. So we think the testing team or the the delivery team, you know, you know, you think they've done a great job. This is what it said in the acceptance criteria, but then our customers the same Well, actually, that's not working. This isn't working, you know, on there's this kind of gap Way had a great launched this year of actual Requirement Society, one of the board common tools Onda that for the first time in in since I remember actually working within B. T, I had customers saying to may, Wow, you know, we want more of this. We want more projects, um, to have a actual requirements design on it because it allowed us to actually work with the business collaboratively. I mean, we talk about collaboration, but how do you actually, you know, do that have something that both the business on technical people can understand? And we've actually been working with the business using at our requirement. Designer Thio, you know, really look about what the requirements are. Tease out requirements to the hadn't even thought off and making sure that we've got high levels of test coverage. And so what we actually deliver at the end of it, not only have you been able Thio generate test more quickly, but we've got much higher test coverage and also can more smartly, you're using the kind of AI within the tour and with some of the other kind of pipeline tools actually deliver to choose the right tests on the bar, still actually doing a risk based testing approach. So that's been a great launched this year, but just the start of many kind of things that we're >>doing. But what I hear in that Glenn is a lot of positives that have come out of a very challenging situation. Uh, talk to me about it and I like that perspective. This is a very challenging time for everybody in the world, but it sounds like from a collaboration, perspective is you're right. We talk about that a lot critical with Dev Ops. But those challenges there you guys were able to overcome those pretty quickly. What other challenges did you face and figure out quickly enough to be able to pit it so fast? >>I mean, you talked about culture. I mean, you know, Bt is like most come countries companies. So, um, is very siloed. You know, we're still trying to work to become closer as a company. So I think there's a lot of challenges around. How do you integrate with other tools? How do you integrate with you know, the various different technologies and bt we have 58 different whitey stacks? That's not systems that stacks all of those stacks of can have, you know, hundreds of systems on we're trying to. We're gonna drive at the moment a simplified program where we're trying Thio, you know, reduce that number 2 14 stacks. And even then they'll be complexity behind the scenes that that we will be challenged. Maurin Mawr As we go forward, how do you actually hired that to our users on as an I T organization? How do we make ourselves Lena so that even when we you know, we've still got some of that legacy and we'll never fully get rid of it on that's the kind of trade off that we have to make. How do we actually deal with that and and hide that for my users a say and and and drive those programs so we can actually accelerate change. So we take, you know, reduce that kind of waste, and that kind of legacy costs out of our business. You know, the other thing is, well, beating. And I'm sure you know telecoms probably no difference to insurance or finance we've got You know, when you take the number of products that we do and then you combine them, the permutations are tens and hundreds of thousands of products. So we as a business to trying to simplify. We are trying Thio do that in a natural way and haven't trying to do agile in the proper way, you know, and really actually work it paste really deliver value. So I think what we're looking Maura, Maura, at the moment is actually, um is more value focus? Before we used to deliver changes, sometimes into production, someone had a great idea or it was a great idea nine months ago or 12 months ago. But actually, then we end up deploying it. And then we look at the the the users, you know, the usage of that product of that application or whatever it is on. It's not being used for six months, so we're getting much we haven't got, you know, because of the last 12 months, we certainly haven't got room for that kind of waste and you know, the for not really understanding the value of changes that we we are doing. So I think that's the most important thing at the moment is really taken that waste out. You know, there's lots of focus on things like flow management. What bits of the our process are actually taking too long, and we've We've started on that journey, but we've got a hell of a long way to go, you know, But that that involves looking every aspect off the kind of software delivery cycle. >>What are some? Because that that going from, what, 58 i t stocks down to 14 or whatever it's going to be go simplifying is sounds magical. Took everybody. It's a big challenge. What are some of the core technology capabilities that you see really as kind of essential for enabling that with this new way that you're working? >>Yeah. I mean, I think we've started on a continuous testing journey, and I think that's just the start. I mean, that's really, as I say, looking at every aspect off, you know, from a Q, a point of view. It's every aspect of what we dio. But it's also looking at, you know, we're starting to branch into more like a AI ops and, you know, really, the full life cycle on. But, you know, that's just a stepping stone onto, you know, I think oughta Nomics is the way forward, right? You know all of this kind of stuff that happens um, you know, monitoring, you know, monitoring systems, what's happening in production had to be feed that back. How do you get to a point where actually we think about a change on then suddenly it's in production safely. Or if it's not going to safety, it's automatically backing out. So, you know, it's a very, very long journey. But if we want Thio, you know, in a world where the pace is ever increasing the demands of the team and you know, with the pressures on at the moment where with we're being asked to do things, you know more efficiently Ondas leaving as possible. We need to be, you know, thinking about every part of the process. And how do we put the kind of stepping stones in players to lead us to a more automated kind of, you know, their future? >>Do you feel that that plant outcomes are starting to align with what's delivered? Given this massive shift that you're experiencing, >>I think it's starting to, and I think you know, Azzawi. Look at more of a value based approach on. Do you know a Zeiss? A princess was a kind of flight management. I think that's that will become ever evermore important. So I think it's starting to people. Certainly realized that, you know, people teams need to work together. You know, the kind of the cousin between business and ICT, especially as we go Teoh Mawr kind of sad space solutions, low cold solutions. You know there's not such a gap anymore. Actually, some of our business partners expects to be much more tech savvy. Eso I think you know, this is what we have to kind of appreciate. What is I ts role? How do we give the capabilities become more for centers of excellence rather than actually doing Mount amount of work And for May and from a testing point of view, you know, amount, amount of testing, actually, how do we automate that? How do we actually generate that instead of created? I think that's the kind of challenge going forward. >>What are some? As we look forward, what are some of the things that you would like to see implemented or deployed in the next say, 6 to 12 months as we hopefully round a corner with this pandemic? >>Yeah, I think you know, certainly for for where we are as a company from a Q A perspective. We are. Yeah, there's certain bits that we do Well, you know, we've started creating continuous delivery. A day evokes pipelines. Um, there's still manual aspects of that. So, you know, certainly for May I I've challenged my team with saying, How do we do an automated journey? So if I, you know, I put a requirement injera or value whoever it is, that's why. Then click a button on bond, you know, with either zero touch of one touch, then put that into production and have confidence that that has been done safely on that it works. And what happens if it doesn't work? So you know, that's that's the next in the next few months, that's what our concentration is about. But it's also about decision making, you know, how do we actually understand those value judgements? And I think there's lots of the things Dev ops, ai ops, kind of always that aspects of business operations. I think it's about having the information in one place to make those kind of decisions. How does it all tied together, as I say, even still with kind of Dev ops, we've still got elements within my company where we've got lots of different organizations doing some doing similar kind of things but the walking of working in silos Still. So I think, having a eye ops Aziz becomes more and more to the fore as we go to the cloud. And that's what we need to. You know, we're still very early on in our cloud journey, you know. So we need to make sure the technologies work with Cloud as well as you kind of legacy systems. But it's about bringing that all together and having a full visible pipeline. Everybody can see and make decisions against >>you said the word confidence, which jumped out at me right away. Because absolutely, you've gotta have be able to have confidence in what your team is delivering and how it's impacting the business and those customers. Last question for you is how would you advise your peers in a similar situation to leverage technology automation, for example, dev ops to be able to gain the confidence that they're making the right decisions for their business? >>Yeah, I mean, I think the the approach that we've taken actually is not started with technology we've actually taken human centered design a za core principle of what we dio within the i t part of BT. So by using humans tend to design. That means we talked to our customers. We understand their pain points, we map out their current processes on. But when we mapped out, those processes also understand their aspirations as well, you know, Where do they want to be in six months? You know, Do they want to be more agile and you know, or do they want Teoh? Is this apart their business that they want thio run better? We have to Then look at why that's not running well and then see what solutions are out there. We've been lucky that, you know, with our partnership with Broadcom within the P l. A. A lot of the tortures and the P l. A have directly answered some of the businesses problems. But I think by having those conversations and actually engaging with the business, um, you know, especially if the business hold the purse strings, which is you know, in some companies, including as they do there is that kind of, you know, almost by understanding their their pain points and then saying This is how we can solve your problem We've tended to be much more successful than trying Thio impose something and say We're here to technology that they don't quite understand doesn't really understand how it could have resonate with their problems. So I think that's the heart of it is really about, you know, getting looking at the data, looking at the processes, looking at where the kind of waste is on. Then actually then looking at the right solutions. And as I say, continuous testing is a massive for us. We've also got a good relationship with capitals looking at visual ai on. Actually, there's a common theme through that, and I mean, AI is becoming more and more prevalent, and I know yeah, sometimes what is A I and people have kind of the semantics of it. Is it true, ai or not? But yes, certainly, you know, AI and machine learning is becoming more and more prevalent in the way that we work, and it's allowing us to be much more effective, the quicker and what we do on being more accurate. You know, whether it's finding defects, running the right tests or, you know, being able to anticipate problems before they're happening in a production environment. >>Welcome. Thank you so much for giving us this sort of insight. Outlook at Dev Ops, sharing the successes that you're having taking those challenges, converting them toe opportunities and forgiving folks who might be in your shoes or maybe slightly behind advice. I'm sure they appreciate it. We appreciate your time. >>It's been an absolute pleasure, Really. Thank you for inviting me of Extremely enjoyed it. So thank you ever so much. >>Excellent. Me too. I've learned a lot for Glynn Martin and Lisa Martin. You're watching the Cube?

>>from the Cube Studios in Palo Alto in Boston, connecting with thought leaders around the globe. These are cloud native insights. Hi, I'm stew Minimum and the host of Cloud Native Insights. And the threat that we've been pulling on with Cloud Native is that we needed to be able to take advantage of the innovation and agility that cloud in the ecosystem around it can bring, not just the location. It's It's not just the journey, but how do I take advantage of something today and keep being able to move for Happy to welcome back to the program one of our regulars and someone that I've had lots of discussion about? Cloud Cloud. Native Serverless So Cory Quinn, the Keith Cloud economists at the Duck Bill Group. Corey, always good to see you. Thanks for joining us. >>It is great to see me. And I always love having the opportunity to share my terrible opinions with people who then find themselves tarred by the mere association. And there's certainly no exception to use, too. Thanks for having me back. Although I question your judgment. >>Yeah, you know, what was that? Pandora's box. I open when I was like Hey, Corey, let's try you on video so much. And if people go out, they can look at your feet and you've spent lots of money on equipment. You have a nice looking set up. I guess you missed that one window of opportunity to get your hair cut in San Francisco during the pandemic. But be doesn't may Corey, why don't you give our audience just the update You went from a solo or mentor of the cloud? First you have a partner and a few other people, and you're now you've got economists. >>Yes, it comes down to separating out. What I'm doing with my nonsense from other people's other people's careers might very well be impacted by it considered tweet of mine. When you start having other clouds, economists and realize, okay, this is no longer just me we're talking about here. It forces a few changes. I was told one day that I would not be the chief economist. I smile drug put on a backlog item to order a new business cards because it's not like we're going to a lot of events these days, and from my perspective, things continue mostly a base. The back. To pretend people now means that there's things that my company does that I'm no longer directly involved with, which is a relief, that absolutely, ever. But it's been an interesting right. It's always strange. Is the number one thing that people who start businesses say is that if they knew what they were getting into, they'd never do it again. I'm starting to understand that. >>Yeah, well, Corey, as I mentioned you, and I have had lots of discussions about Cloud about multi Cloud server. Listen, like when you wrote an article talking about multi cloud is a worse practice. One of the things underneath is when I'm using cloud. I should really be able to leverage that cloud. One of the concerns that when you and I did a cube con and cloud native con is does multi cloud become a least common denominator? And a comment that I heard you say was if I'm just using cloud and the very basic services of it, you know, why don't I go to an AWS or an azure which have hundreds of services? Maybe I could just find something that is, you know, less expensive because I'm basically thinking of it as my server somewhere else. Which, of course, cloud is much more than so you do with a lot of very large companies that help them with their bills. What difference there differentiates the companies that get advantage from the cloud versus those that just kind of fit in another location, >>largely the stories that they tell themselves internally and how they wind up adapting to cloud. If the reason I got into my whole feel about why multi cloud is a worst practice is that of you best practices a sensible defaults, I view multi cloud as a ridiculous default. Sure, there are cases where it's important, and so I don't say I'm not suggesting for a second that those people who are deciding to go down that are necessarily making wrong decisions. But when you're building something from scratch with this idea toward taking a single workload and deploying it anywhere in almost every case, it's the wrong decision. Yes, there are going to be some workloads that are better suited. Other places. If we're talking about SAS, including that in the giant wrapper of cloud definition in terms of what was then, sure you would be nuts to wind of running on AWS and then decide you're also going to go with codecommit instead of git Hub. That's not something sensible people to use get up or got sick. But when I am suggesting, is that the idea of building absolutely every piece of infrastructure in a way that avoids any of the differentiated offerings that your primary cloud provider uses is just generally not a great occasionally you need to. But that's not the common case, and people are believing that it is >>well, and I'd like to dig a little deeper. Some of those differentiated services out there there are concerned, but some that said, You know, I think back to the past model. I want to build something. I can have it live ever anywhere. But those differentiated services are something that I should be able to get value out of it. So do you have any examples, or are there certain services that you have his favorites that you've seen customers use? And they say, Wow, it's it's something that is effective. It's something that is affordable, and I can get great value out of this because I didn't have to build it. And all of these hyper scaler have lots of engineers built, building lots of cool things. And I want to take advantage of that innovation. >>Sure, that's most of them. If we're being perfectly honest, there are remarkably few services that have no valid use cases for no customer anywhere. A lot of these solve an awful lot of pain that customers have. Dynamodb is a good example of this Is that one a lot of folks can relate to. It's super fast, charges you for what you use, and that is generally yet or a provision Great. But you don't have to worry about instances. You have to worry about scaling up or scaling down in the traditional sense. And that's great. The problem is, is great. How do I migrate off of this on to something else? Well, that's a good question. And if that is something that you need to at least have a theoretical exodus for, maybe Dynamo DV is the wrong service for you to pick your data store personally. If I have to build for a migration in mind on no sequel basis, I'll pick mongo DB every time, not because it's any easier to move it, but because it's so good at losing data, that'll have remarkably little bit left. Migrate. >>Yeah, Corey, of course. One of the things that you help customers with quite a bit is on the financial side of it. And one of the challenges if I moved from my environment and I move to the public cloud, is how do I take advantage not only of the capability to the cloud but the finances of the cloud. I've talked to many customers that when you modernize your pull things apart, maybe you start leveraging serverless capabilities. And if I tune things properly, I can have a much more affordable solution versus that. I just took my stuff and just shoved it all in the cloud kind of a traditional lift and shift. I might not have good economics. When I get to the cloud. What do you see along those lines? >>I'd say you're absolutely right with that assessment. If you are looking at hitting break even on your cloud migration in anything less than five years, it's probably wrong. The reason to go to Cloud is not to save money. There are edge cases where it makes sense, Sure, but by and large you're going to wind up spending longer in the in between state that you would believe eventually you're going to give up and call it hybrid game over. And at some point, if you stall long enough, you'll find that the cloud talent starts reaching out of your company. At which point that Okay, great. Now we're stuck in this scenario because no one wants to come in and finish the job is harder than we thought we landed. But it becomes this story of not being able to forecast what the economics are going to look like in advanced, largely because people don't understand where their workloads start and stop what the failure modes look like and how that's going to manifest itself in a cloud provider environment. That's why lift and shift is popular. People hate, lift and ship. It's a terrible direction to go in. Yeah, so are all the directions you can go in as far as migrating, short of burning it to the ground for insurance money and starting over, you've gotta have a way to get from where you are, where you're going. Otherwise, migration to be super simple. People with five weeks of experience and a certification consult that problem. It's but how do you take what's existing migrated end without causing massive outages or cost of fronts? It's harder than it looks. >>Well, okay, I remember Corey a few years ago when I talk to customers that were using AWS. Ah, common complaint was we had to dedicate an engineer just to look at the finances of what's happening. One of the early episodes I did of Cloud Native Insights talked to a company that was embracing this term called Been Ops. We have the finance team and the engineering team, not just looking back at the last quarter, but planning understanding what the engineering impacts were going forward so that the developers, while they don't need tohave all the spreadsheets and everything else, they understand what they architect and what the impact will be on the finance side. What are you hearing from your customers out there? What guidance do you give from an organizational standpoint as to how they make sure that their bill doesn't get ridiculous? >>Well, the term fin ops is a bit of a red herring in there because people immediately equate it back to cloud ability before their app. Geo acquisitions where the fin ops foundation vendors are not allowed to join except us, and it became effectively a marketing exercise that was incredibly poorly executed in sort of poisoned the well. Now the finance foundations been handed off to the Cloud Native Beauty Foundation slash Lennox Foundation. Maybe that's going to be rehabilitated, but we'll have to find out. One argument I made for a while was that developers do not need to know what the economic model in the cloud is going to be. As a general rule, I would stand by that. Now someone at your company needs to be able to have those conversations of understanding the ins and outs of various costs models. At some point you hit a point of complexity we're bringing in. Experts solve specific problems because it makes sense. But every developer you have does not need to sit with 3 to 5 days course understanding the economics of the cloud. Most of what they need to know if it's on a business card, it's on an index card or something small that is carplay and consult business and other index ramos. But the point is, is great. Big things cost more than small things. You're not charged for what you use your charger for. What you forget to turn off and being able to predict your usage model in advance is important and save money. Data transfers Weird. There are a bunch of edge cases, little slice it and ribbons, but inbound data transfer is generally free. Outbound, generally Austin arm and a leg and architect accordingly. But by and large for most development product teams, it's built something and see if it works first. We can always come back later and optimize costs as you wind up maturing the product offering. >>Yeah, Cory, it's some of those sharp edges I've love learning about in your newsletter or some of your online activities there, such as you talked about those egress fees. I know you've got a nice diagram that helps explain if you do this, it costs a lot of money. If you do this, it's gonna cost you. It cost you a lot less money. Um, you know, even something like serverless is something that in general looks like. It should be relatively expensive, but if you do something wrong, it could all of a sudden cost you a lot of money. You feel that companies are having a better understanding so that they don't just one month say, Oh my God, the CFO called us up because it was a big mistake or, you know, where are we along that maturation of cloud being a little bit more predictable? >>Unfortunately, no. Where near I'd like us to be it. The story that I think gets missed is that when you're month over, month span is 20% higher. Finance has a bunch of questions, but if they were somehow 20% lower, they have those same questions. They're trying to build out predictive models that align. They're not saying you're spending too much money, although by the time the issues of the game, yeah, it's instead help us understand and predict what's happening now. Server less is a great story around that, because you can tie charges back to individual transactions and that's great. Except find me a company that's doing that where the resulting bill isn't hilariously inconsequential. A cloud guru Before they bought Lennox, I can't get on stage and talk about this. It serverless kind of every year, but how? They're spending $600 a month in Lambda, and they have now well, over 100 employees. Yeah, no one cares about that money. You can trace the flow of capital all you want, but it grounds up to No one cares at some point that changes. But there's usually going to be far bigger fish to front with their case, I would imagine, given, you know, stream video, they're probably gonna have some data transfer questions that come into play long before we talk about their compute. >>Yeah, um, what else? Cory, when you look at the innovation in the cloud, are there things that common patterns that you see that customers are missing? Some of the opportunities there? How does the customers that you talk to, you know, other than reading your newsletter, talking Teoh their systems integrator or partner? How are they doing it? Keeping up with just the massive amount of change that happens out >>there. Get customers. AWS employees follow the newsletter specifically to figure out what's going on. We've long since passed a Rubicon where I can talk incredibly convincingly about services that don't really exist. And Amazon employees won't call me out on the joke that I've worked in there because what the world could ever say that and then single. It's well beyond any one person's ability to keep it all in their head. So what? We're increasingly seeing even one provider, let alone the rest. Their events are outpacing them and no one is keeping up. And now there's the persistent, never growing worry that there's something that just came out that could absolutely change your business for the better. And you'll never know about it because you're too busy trying to keep up with all the other number. Every release the cloud provider does is important to someone but none of its important everyone. >>Yeah, Corey, that's such a good point. When you've been using tools where you understand a certain way of doing things, how do you know that there's not a much better way of doing it? So, yeah, I guess the question is, you know, there's so much out there. How do people make sure that they're not getting left behind or, you know, keep their their their understanding of what might be able to be used >>the right answer. There, frankly, is to pick a direction and go in it. You can wind up in analysis paralysis issues very easily. And if you talk about what you've done on the Internet, the number one responsible to get immediately is someone suggesting an alternate approach you could have taken on day one. There is no one path forward for any six, and you can second guess yourself that the problem is that you have to pick a direction and go in it. Make sure it makes sense. Make sure the lines talk to people who know what's going on in the space and validate it out. But you're going to come up with a plan right head in that direction, I assure you, you are probably not the only person doing it unless you're using. Route 53 is a database. >>You know, it's an interesting thing. Corey used to be said that the best time to start a project was a year ago. But you can't turn back time, so you should start it now. I've been saying for the last few years the best time to start something would be a year from now, so you can take advantage of the latest things, but you can't wait a year, so you need to start now. So how how do you make sure you maintain flexibility but can keep moving projects moving forward? E think you touched on that with some of the analysis paralysis, Anything else as to just how do you make sure you're actually making the right bets and not going down? Some, you know, odd tangent that ends up being a debt. >>In my experience, the biggest problem people have with getting there is that they don't stop first to figure out alright a year from now. If this project has succeeded or failed, how will we know they wind up building these things and keeping them in place forever, despite the fact that cost more money to run than they bring in? In many cases, it's figure out what success looks like. Figure out what failure looks like. And if it isn't working, cut it. Otherwise, you're gonna wind up, went into this thing that you've got to support in perpetuity. One example of that one extreme is AWS. They famously never turn anything off. Google on the other spectrum turns things off as a core competence. Most folks wind up somewhere in the middle, but understand that right now between what? The day I start building this today and the time that this one's of working down the road. Well, great. There's a lot that needs to happen to make sure this is a viable business, and none of that is going to come down to, you know, build it on top of kubernetes. It's going to come down. Is its solving a problem for your customers? Are people they're people in to pay for the enhancement. Anytime you say yes to that project, you're saying no to a bunch of others. Opportunity Cost is a huge thing. >>Yeah, so it's such an important point, Cory. It's so fundamental when you look at what what cloud should enable is, I should be able to try more things. I should be able to fail fast on, and I shouldn't have to think about, you know, some cost nearly as much as I would in the past. We want to give you the final word as you look out in the cloud. Any you know, practices, guidelines, you can give practitioners out there as to make sure that they are taking advantage of the innovation that's available out there on being able to move their company just a little bit faster. >>Sure, by and large, for the practitioners out there, if you're rolling something out that you do not understand, that's usually a red flag. That's been my problem, to be blunt with kubernetes or an awful lot of the use cases that people effectively shove it into. What are you doing? What if the business problem you're trying to solve and you understand all of its different ways that it can fail in the ways that will help you succeed? In many cases, it is stupendous overkill for the scale of problem most people are throwing. It is not a multi cloud answer. It is not the way that everyone is going to be doing it or they'll make fun of you under resume. Remember, you just assume your own ego. In this sense, you need to deliver an outcome. You don't need to improve your own resume at the expense of your employer's business. One would hope, >>Well, Cory, always a pleasure catching up with you. Thanks so much for joining me on the cloud. Native insights. Thank you. Alright. Be sure to check out silicon angle dot com if you click on the cloud. There's a whole second for cloud Native insights on your host to minimum. And I look forward to hearing more from you and your cloud Native insights Yeah, yeah, yeah, yeah, yeah.