(rousing music) >> Hello everyone. Welcome back to "theCUBE's" day one coverage of Cloud Native Security Con 23. This is going to be an exciting panel. I've got three great guests. I'm Lisa Martin, you know our esteemed analysts, John Furrier, and Dave Vellante well. And we're excited to welcome to "theCUBE" for the first time, Yves Sandfort, the CEO of Comdivision Group, who's coming to us from Germany. As you know, Cloud Native Security Con is a global event. Everyone welcome Yves, great to have you in particular. Welcome to "theCUBE." >> Great to be here. >> Thank you for inviting me. >> Yves, tell us a little bit, before we dig into really wanting to understand your perspectives on the event and get Dave and John's feedback as well, tell us a little bit about you. >> So yeah, talking about me, or talking about Comdivision real quick. We are in the business for over 27 years already. We started as a SaaS company, then became more like an architecture and, and Cloud Native company over the last few years. But what's interesting is, and I think that's, that's, that's really interesting when we look at our industry. It hasn't really, the requirements haven't really changed over the years. It's still security. We still have to figure out how we deal with security. We still have to figure out how we deal with compliance and everything else. And I think therefore, it's more and more important that we take these items more seriously. Also, based on the fact that when we look at it, how development and other things happen nowadays, it's, it's, everybody says it's like open source. It's great because everybody can look into the code. We, I think the last few years have shown us enough example that that's not necessarily solving all the issues, but it's also code and development has changed rapidly when we look at the Cloud Native approach, where it's far more about gluing the pieces together, versus the development pieces. When I was actually doing software development 25 years ago, and had to basically build my code because I didn't have that much internet access for it. So it has evolved, but even back then we had to deal with security and everything. >> Right. The focus on security is, is incredibly important, and the focus keeps growing as you mentioned. This is, guys, and I want to get your perspectives on this. We're going to start with John. This is the first time Cloud Native Security Con is its own event being extracted from, and amplified from KubeCon. John, I want to understand from your perspective, break down the event, what you see, what you've heard, and Cloud Native Security in general. What does this mean to companies? What does it mean to customers? Is this a reality? >> Well, I think that's the topic we want to discuss, and I think Yves background, you see the VMware certification, I love that. Because what VMware did with virtualization, was abstract that from server virtualization, kind of really changed the game on things, and you start to see Cloud Native kind of go that next level of how companies will be operating their business, not just digital transformation, as digital transformation goes to completion, it's total business transformation where IT is everywhere. And so you're starting to see the trends where, "Okay, that's happening." Now you're starting to see, that's Cloud Native Con, or KubeCon, AWS re:Invent, or whatever show, or whatever way you want to look at it. But in, in the past decade, past five years, security has always been front and center as almost a separate thing, and, in and of itself, but the same thing. So you're starting to see the breakout of security conversations around how to make things work. So a lot of operational conversations around what used to be DevOps makes infrastructure as code, and that was great, that fueled that. Then DevSecOps came. So the Cloud Native next level, is more application development at scale, developers driving the standards with developer first thinking, shifting left, I get all that. But down in the lower ends of the stack, you got real operational issues. DNS we've heard in the keynote, we heard about the Colonel, the Lennox Colonel. Things that need to be managed and taken care of at a security level. These are like, seem like in the weeds, but you're starting to see that happen. And the other thing that I think's real about Cloud Native Security Con that's going to be interesting to watch, is Amazon has pretty much canceled all their re:Invent like shows except for two; Re:Invent, which is their annual conference, and Re:Inforce, which is dedicated to securities. So Cloud Native, Linux, the Linux Foundation has now breaking out Cloud Native Con and KubeCon, and now Cloud Native Security Con. They can't call it KubeCon because it's not Kubernetes, but it's like security focus. I think this is the beginning of starting to see this new developer driving, developers driving the standards, and it has it implications, what used to be called IT ops, and that's like the VMwares of the world. You saw all the stuff that was not at developer focus, but more ops, becoming much more in the application. So I think, I think it's real. The question is where does it go? How fast does it develop? So to me, I think it's a real trend, and it's worthy of a breakout, but it's not yet clear of where the landing zone is for people to start doing it, how they get started, what are the best practices. Machine learning's going to be a big part of this. So to me it's totally cool, but I'm not yet seeing the beachhead. So that's kind of my take. >> Dave, our inventor and host of breaking analysis, what's your take? >> So when you, I think when you zoom out, there's some, there's a big macro change that's been going on. I think when you look back, let's say 10, 12 years ago, the, the need for speed far trumped the, the, the security aspect, the governance, the data privacy. It was like, "Yeah, the risks, they're not that great compared to our opportunity." That has completely changed because the risks are now so much higher. And so what's happening, I think there's a, there's a major effort amongst CIOs and CISOs to try to make security not a blocker because it use to be, it still is. "Okay, I got this great initiative." Eh, give it to the SecOps pros, and let them take it for a while before we can go to market. And so a huge challenge now is to simplify, automate, AI comes in, the whole supply chain security, so the, so the companies can not be facing so much friction. And that is non-trivial. I don't think we're anywhere close there, but I think the goal is by, within the next several years, we're going to be in a position, that security, we heard today, is, wasn't designed in to the initial internet protocols. It was bolted on. And so increasingly, the fundamental architecture of the internet, the Cloud, et cetera, is, is seeing designed in security, and, and that is an imperative, or else business is going to come to a grinding halt. >> Right. It's no longer, the bolt no longer works. Yves, what's your perspective on Cloud Native Security, where it stands today? What's in it for customers, whether we're talking about banks, or hospitals, or retailers, what do you think? >> I think when we, when we look at security in the, in the modern world, is we need to as, as Dave mentioned, we need to rethink how we apply it. Very often, security in the past has been always bolted on in the end. If we continue to do that, it'll become more and more difficult, because as companies evolve, and as companies want to bring products and software to market in a much faster and faster way, it's getting more and more difficult if we bolt on the security process at the end. It's like, developers build something and then someone checks security. That's not going to work any longer. Especially if we also consider now the changes in the industry. We had Stack Overflow over the last 10 years. If I would've had Stack Overflow 15, 20, what, 25 years ago when I was a developer, it would've changed a hell lot. Looking at it now, and looking at it what we had in the last few weeks, it's like where nearly all of my team members say is like finally I don't need any script kiddies anymore because I can't go to (indistinct) who writes the code for me. Which is on one end great, because it enables us to solve certain problems in a much higher pace. But the challenge with that is, if the people who just copy and past that code, don't understand the implications of that code, we have a much higher risk continuously. And what people thought was, is challenging with Stack Overflow. Imagine that something in one of these AI engines, is actually going ballistic, and it creates holes in nearly every one of these applications. And trust me, there will be enough developers who are going to use these tools to develop codes, the same as students in university are going to take this to write their essays and everything else. And so it's really important that every developer team basically has a security person within their team, and not a security at the end. So we build something, we check it, go through QA, and then it goes to security. Security needs to be at the forefront. And I think that's where we see Cloud Native Security Con, where we see AWS. I saw it during re:Invent already where they said is like, we have reinforced next year. I think this becomes more and more of a topic, and I think companies, as much as it is become a norm that you have a firewall and everything else, it needs to become a norm that when you are doing software development, and every development team needs to have a security person on that needs to be trained. >> I love that chat comment Dave, 'cause you and I were talking about this. And I think that is going to be the issue. Do we need security chat for the chat bot? And there's like a, like a recursive model there. The biases are built in. I think, and I think our interview with the Palo Alto Network's co-founder, Dave, when he talked about zero trust as a structured way to start things, but he was referencing that with Cloud, there's a chance to rethink or do a do-over in security. So, I think this is kind of to me, where this is all going. And I think you asked Pat Gelsinger what, year 2013, 2014, can, is security a do over? I think we're in that do over time. >> He said yes. >> He said yes. (laughing) He was right. But yeah, eight years later... But this is, how do you, zero trust gives you some structure, but how do you organize and redo security? Because to me, I think that's what's happening here. >> And John you heard, Zuk at Palo Alto Network said, "Yeah, the, the words security and architecture, they don't go together historically." And so it is a total, total retake. >> Well is that because there's too many tools out there and- >> Yeah. For sure. >> Yeah, well, first of all, a lot of hardware. And then yeah, a lot of tools. You even see IIOT and industry 40, you see IOT security coming up as another stove pipe, and that's not the right approach. And, and so- >> Well let me, let me ask you a question Dave, and Yves, if you don't mind. 'Cause I was just riffing on this yesterday about this. In the ML space, you're seeing the ML models, you're seeing proprietary models versus open source. Is security going to go down this proprietary security methods and open source? Because that's interesting, because the CNCF is run by the the Linux Foundation. So you can almost maybe see a model where there's more proprietary security methods than open source. Or is it, is that a non-issue? >> I would, I would, let me, if I, if I jump in here first, I think the last, especially last five or 10 years have clearly shown the, the whole and, and I invested early on in the, in the end 90s in several open source startups in the Bay area. So, I'm well behind the whole open source idea and, and mid (indistinct) and others back then several times. But the point is, I think what we have seen is open source is not in general, more secure or less secure, because code is too complex nowadays. You have millions of lines of code, and it's not that either one way or the other is going to solve it. The ways I think we are going to look at it is more is what's the role to market, because only because something is open source doesn't necessarily mean it's going to be available for everyone. And the same for proprietary source from that perspective, even though everybody mixes licensing and payments and all that all the time, but it doesn't necessarily have anything to do with it. But I think as we are going through it, and when we also look at the industry, security industry over the last 10 plus years has been primarily hardware focused. And a lot of these vendors have done a good business out of selling hardware boxes, putting software on top of it. Whereas in reality, those were still X86 standard boxes in the end. So it was not that we had specific security ethics or anything like that in there anymore. And so overall, the question of the market is going to change. And as we are looking into Cloud Native, think about someone like an AWS, do you really envision them to have a hardware box of every supplier in their data center, and that in every availability zone in every region? Same for Microsoft, same for Google, etc? So we need to have new ways on how we can apply security. And that applies both on the backend services, but also on the front end side. >> And if I, and if I could chime in, I think the, the good, I think the answer is, is, is no and yes. And what I mean by that is if you take, antivirus and known malware, I mean pretty much anybody today can, can solve that problem, it's the unknown malware. So I think the yes part of the answer is yes, it's, it's going to be proprietary, but in the sense we're going to use open source tooling, and then apply that in a proprietary way with, with specific algorithms and unique architectures that are going to solve problems. For example, XDR with, with unknown malware. So, and that's the, that's the hard part. As somebody said, I think this morning at the keynote, it's, it's all the stuff that, that the SecOps team couldn't find. That's the really hard part. >> (laughs) Well the question will be will, is the new IP, the ability to feed ChatGPT some magical spelled insertion query string that does the job, that's unique, that might be the new IP, the the question to ask. >> Well, that's what the hackers are going to do. And I, they're on offense. (John laughs) And the offense knows what play is coming. So, they're going to start. >> So guys, let's take this conversation up a level. I want to get your perspectives on what's in this for me as a customer? We know security is a board level conversation. We talk about this all the time. We also know that they're based on, I think David, was the conversations that you and I had, with Palo Alto Networks at Ignite in December. There's a, there's a lack of alignment between the executives and the board from a security perspective. When we talk about Cloud Native Security, we all talked about the value in that, what's in it for customers? I want to get your perspectives on should this be a board level conversation, and if so, how do you advise organizations, whether it is a hospital, or a bank, or an organization that is really affected by things like ransomware? How should they be thinking about this from an organizational perspective? >> Well, I'll start first, because we had this conversation during our Super Cloud event last month, and this comes up a lot. And this is, the CEO board level. Yes it is a board level conversation for security, as is application development as in terms of transforming their business to be competitive, not to be on the wrong side of history with this wave coming. So I think that's more of a management. But the issue is, they tell their people, "Go do it." And they're like, 'cause they get sold on the idea of, "Hey, won't you transform your business, and everything's going to be data driven, and machine learning's going to power your apps, get new customers, be profitable." "Oh, sign me up for that." When you have to implement this, it's really hard. And I think the core issue is, where are companies in their life cycle of the ability to execute and architect this thing properly as Dave said, Nick Zuk said, "You can't have architecture and security, you need platforms." So, I think the re-platforming, and the re-factoring of business is a big factor, and that's got to get down into the, the organizational shifts and the people to do it. So are there skills? Do I do a managed service? How do I architect it? Are there more services? Are there developers doing applications that are going to be more agile? So, this is not an easy thing. And to move a business from IT operations that is proven, to be positioned for this enablement, is just really difficult. And it's expensive. And if you screw it up, you could be, could be on the wrong side of things. So, to me, that's the big issue is, you sell the dream and then you got to implement it. And that's really difficult. >> Yves, give us your perspective on, based on John's comments, how do organizations shift so dramatically? There's a cultural element there as well, but there's also organizations that are, have competitive competitors in the rear view mirror, and there's time to waste. What are your thoughts on that? >> I think that's exactly the point. It's like, as an organization, you need to take the decision between the time, the risk, and all the other elements we have into this game. Because you can try to achieve 100% security, but that's exactly the same as trying to, to protect gold or anything else 100%. It's most likely not going to be from a risk perspective anyway sensible. And that's the same from a corporational perspective. When you look at building new internet services, or IOT services, or any kind of new shopping experience or whatever else, you need to balance out between the risks and the advantages out of it. And you also need to be accepting that you potentially on the way make mistakes, but then it's more important than ever that you are able to quickly fix any mistakes, and to adjust to anything what's happening in the market. Because as we are building all these new Cloud Native applications, and build up all these skill sets, one of the big scenarios is we are far more depending on individual building blocks. These building blocks come out of open source communities, which have a much different way. When we look back in software development, back then we had application servers from Oracle, Web Logic, whatsoever, they had a release cycles of every three to six months. As now we have to deal with open source, where sometimes release cycles are on a four week schedule, in between security patches. So you need to be much faster in adopting that, checking that, implementing that, getting things to work. So there is a security stretch from that perspective. There is a speech stretch on the other thing companies have to deal with, and on the other side it's always a measurement between the risk, and the security you can afford. Because reality is, you will not be 100% protected no matter what you do. So, you need to balance out what you as an organization can actually build on. But I think, coming back also to the point, it's on the bot level nowadays. It's like nearly every discussion we have with companies nowadays as they move into the Cloud, especially also here in Europe where for the last five years, it was always, it's like "It's data privacy." Data privacy is no longer, I mean, yes, for certain people, it's still the point, but for many more people it's like, "How protected is my data?" "What do we do in case of ransomware attack?" "What do we do in case of a denial of service?" All of these things become more vulnerable, where in the past you were discussing these things with a becking page, or, or like a stock exchange. They were, it's like, "What the hell is going to happen if we have a denial of service?" Now all of the sudden, this now affects nearly everyone in their storefronts and everything else, because everything is depending on it. >> Yeah, I think you're right on. You think about how cultural change occurs, it's bottom ups or, bottom up, top down or middle out. And what, what's happened with security is the people in the security team cared about it, they were the, everybody said, "Oh, it's their problem." And then it just did an end run to the board, kind of mid, early last decade. And then the board sort of pushed that down. And the line of business is realizing, "Holy cow. My business, my EBIT can be dramatically affected by this, so I care." Now it's this whole house, cultural team sport. I know it's sort of a, a cliche, but it, it's true. Everybody actually is beginning to care about security because the risks are now so high, and it's going to affect not only the bottom line of the company, the bottom line of the business, their job, it's, it's, it's virtually everywhere. It's a huge cultural shift that we're seeing. >> And that's a big challenge for organizations in any industry. And Yves, you talked about ransomware service. Every industry across the globe is vulnerable to this. But how can, maybe John, we'll start with you. How can Cloud Native Security help organizations if they're able to embrace it, operationally, culturally, dial down some of the vulnerabilities that just seem to keep growing? >> Well, I mean that's the big question. The breaches are, are critical. The governances also could be a way that anchors down growth. So I think the balance between the governance compliance piece of it is key, but making the developers faster and more productive is the key to me. And I think having the security paradigm where they're not blockers, as Dave said, is critical. So I love the whole shift left, but now that we have more data focused initiatives around how that, you can use data to understand the security issues, I think data and security are together, and I think there's a going to be a data operating system model emerging, where data and security will be almost one thing. And that will be set up by the security teams, and the data teams together. And that will feed guardrails into the developer environment. So the developer should feel no pain at all in doing this. So I think the best practice will end up being what we're seeing with supply chain, security, with making sure code's verified. And you're going to see the container, security side completely address has been, and KubeCon, we just, I asked Scott Johnson, the CEO of Docker, and I asked him directly, "Are you guys all tight on container security?" He said, yes, but other people are suggesting that's not true. There's a lot of issues with the container security. So, there's all kinds of areas where there's holes. So Cloud Native is cool on one hand, and very relevant, but if it's not shored up, it's going to be a problem. But I, so I think that's where the action will be, at the developer pipeline, in the containers, and the data. So, that will be very relevant, and if companies nail that, they'll be faster, they'll have better apps, and that'll be the differentiator. And again, if they don't on this next wave, they're going to be driftwood. >> Dave, how do they prevent becoming driftwood? >> Well, I think Cloud has had a huge impact. And a Cloud's by no means a panacea, but let's face it, it's dramatically improved a lot of companies security posture. Now there's still that shared responsibility. Even though an S3 bucket is encrypted, it's still your responsibility to make sure that it doesn't get decrypted by somebody who has access to it. So there are things like that, but to Yve's earlier point, that can be, that's done through software now, it's done through best practices. Those best practices can be shared. So the way you, you don't become driftwood, is you start to, you step back, rethink that security architecture as we were talking about earlier, take advantage of the Cloud, take advantage of Cloud Native, and all the, the rapid pace of innovation that's occurring there, and you don't use, it's called before, The audit is the last line of defense. That's no longer a check box item. "Oh yeah, we're in compliance." It's, this is a business imperative, and because we're going to reduce our expected loss and reduce our business risk. That's part of the business case today. >> Yeah. >> It's a huge, critically important part of the business case. Yves, question for you. If you're in an elevator with a CEO, a CFO, and a CISO, and they're talking about security and Cloud Native Security, what's your value proposition to them on a, on a say a 32nd elevator ride? >> Difficult story. I think at the moment, the most important part is, we need to get people to work together, and we need to train people to work more much better together. I think that's the overall most important part for all of these solutions, because in the end, security is always a person issue. If, we can have the best tools in the industry, as long as we don't get all of these teams to work together, then we have a problem. If the security team is always seen as the end of the solution to fix everything, that's not going to work because they always are the bad guys in the game. And so we need to bring the teams together. And once we have the teams work together, I think we have a far better track on, on maintaining security. >> John and Dave, I want to get your perspectives on what Yves just said. In all the experience that the two of you have as industry analysts here on "theCUBE," Wikibon, Siliconangle Media. How do you advise organizations to get those teams together? As Eve said, that alignment is critical, but John, we'll start with you, then Dave go to you. What's your advice for organizations that need to align those teams and really don't have a lot of time to wait to do it? >> (chuckling) That's a great question. I think, I think that's everyone pays hundreds of thousands of millions of dollars to get that advice from these consultants, organizations out there doing the transformations. But I think it comes down to personnel and commitment. I think if there's a C-level commitment to the effort, you'll see the institutional structure change. So you can see really getting behind it with their, with their wallet and their, and their support of either getting more personnel to support and assist, or manage services, or giving the power to the teams to execute and doing it in a way that, that's, that's well known and best practices. Start small, build out the pilots, build the platform, and then start getting it right. And I think that's the key. Not the magic wand, the old model of rolling out stuff in, in six month cycles. It's really, get the proof points, double down and change the culture, but also execute and have real metrics. And changing the architecture, like having more penetration tests as a service. Doing pen tests is like a joke now. So that doesn't make any sense. You got to have that built in almost every day, and every minute. So, these kinds of new techniques have to be implemented and have to be tried. So that's why these communities are growing. That's why I like what open source has been doing, and I like the open source as the place to have these conversations, because that's where the action will be for new stuff. And I think people will implement open source like they did before, but with different ways, better testing, better supply chain on the software side, verifying code. So, I see open source actually getting a tailwind from this, not a headwind. So, I'm bullish on the open source piece here on, on all levels, machine learning- >> Lisa, my answer is intramural sports. And it's 'cause I think it's cultural. And what I mean by that, is you take your your best and brightest security, and this is what frankly, a lot of CISOs do, an examples is Lena Smart, MongoDB. Take your best and brightest security pros, make them captains of the intramural teams, and pair them up with pods of individuals across the organization, which is most people who don't know anything about security, and put them together, so that they can, they, so that the folks that understand security can, can realize how little people know, what, what, what, how, what the worst practices that are out there in the reverse, how they can cross pollinate. And they do that on a regular basis, I know at Mongo and other companies. And that kind of cultural assimilation is a starting point for how you get security awareness up to your question around making it a team sport. >> Absolutely critical. Yves, I want to kind of wrap things with you. We've got a couple of minutes left. When you're really looking at the Cloud Native community, the growth of it, we talked about earlier in the program, Cloud Native Security Con being now extracted and elevated out of KubeCon, what are your thoughts on the groundswell that this community is generating around Cloud Native Security, the benefits that organizations will achieve from it? >> I think overall, when we have these securities conferences, or these security arms a bit spread out and separated out of the main conference, it helps to a certain degree, because especially in the security space, when you look at at other like black hat or white hat conferences and things like that in the past, although they were not focused on Cloud Native, a lot of these security folks didn't feel well taken care of in any of the other conferences because they were always these, it's like they are always blocking us, they're always making us problems, and all these kinds of things. Now that we really take the Cloud Native piece and the security piece together, or like AWS does it with re:Inforce, I think we will see more and more that people understand is that security is a permanent topic we need to cover, but we need to bring different people together, because security also has compliance and a lot of other components in there. So we will see at these conferences moving forward, also a different audience. It's not going to be only the Cloud Native developers. And if I see some of these security audiences, I can't really imagine them to really be at KubeCon because there is too much other things going on. And you couldn't really see much of that at re:Invent because re:Invent by itself has become a complete monster of a conference. It covers too many topics. And so having this very, very important security piece separated, also gives the opportunity, I think, that we can bring in the security people, but also have the type of board level discussions potentially, between the leaders of the industry, to also discuss on how we can evolve, how we can make things better, and how, how we can actually, yeah, evolve our industry for it. Because let's face it, that threat is not going to go away. It's, it's a business. And one of the last security conferences I was on, on the ransomware part, it was one of the topics someone said is like, "Look, currently on average, it takes a hacker group roughly around they said 15 to 20 K to break into a company, and they on average make 100K. It's a business, let's face it. And it's a business we don't like. And ethically, it's no discussion that this is not good, but that's something which is happening. People are making money with it. And as long as that's going to go on, and we have enough countries where these people can hide, it's going to stay and survive. And so, with that being said, it's important for us to really build an industry around this. But I also think it's good that we have separate conferences. In the past we had more the RSA conference, which tried to cover all of these areas. But that is not really fitting Cloud Native and everything else. So I think it's good that we have these new opportunities, the Cloud Native one, but also what AWS brings up for someone. >> Yves, you just nailed it. It just comes down to simple math. It's a fraction. Revenue over cost. And if you could increase the hacker's cost, increase the denominator, their ROI will go down. And that is the game. >> Great point, Dave. What I'm hearing guys, and we can talk about technology for days and days. I know all of you. But there's, there's a big component that, that the elevation of Cloud Native Security, on its own as standalone is critical, as is the people component. You guys all talked about that. We talked about the cultural change necessary for that. Hopefully what we're seeing with Cloud Native Security Con 23, this first event is going to give us more insight over the next couple of days, and the next months or so, as to how this elevation, and how the people can come together to really help organizations from a math perspective as, as Dave talked about, really dial down the risks there, understand more of the vulnerabilities so that ransomware as a service is not as lucrative as it is today. Guys, so much appreciate your time, really breaking down Cloud Native Security, the value in it from different perspectives, and what your thoughts are on where it's going. Thanks so much for your time. >> All right. Thanks. >> Thanks, Lisa. >> Thank you. >> Thanks, Yves. >> All right. For my guests, I'm Lisa Martin. You're watching theCUBE's day one coverage of Cloud Native Security Con 23. Thanks for watching. (rousing music)

(upbeat music) (upbeat music) >> Hi everybody, welcome back to our coverage of the Cloud Native Security Con. I'm Dave Vellante, here in our Boston studio. We're connecting today with Palo Alto, with John Furrier and Lisa Martin. We're also live from the show floor in Seattle. But right now, I'm here with Andy Thurai who's from Constellation Research, friend of theCUBE, and we're going to discuss the intersection of AI and security, the potential of AI, the risks and the future. Andy, welcome, good to see you again. >> Good to be here again. >> Hey, so let's get into it, can you talk a little bit about, I know this is a passion of yours, the ethical considerations surrounding AI. I mean, it's front and center in the news, and you've got accountability, privacy, security, biases. Should we be worried about AI from a security perspective? >> Absolutely, man, you should be worried. See the problem is, people don't realize this, right? I mean, the ChatGPT being a new shiny object, it's all the craze that's about. But the problem is, most of the content that's produced either by ChatGPT or even by others, it's an access, no warranties, no accountability, no whatsoever. Particularly, if it is content, it's okay. But if it is something like a code that you use for example, one of their site projects that GitHub's co-pilot, which is actually, open AI + Microsoft + GitHub's combo, they allow you to produce code, AI writes code basically, right? But when you write code, problem with that is, it's not exactly stolen, but the models are created by using the GitHub code. Actually, they're getting sued for that, saying that, "You can't use our code". Actually there's a guy, Tim Davidson, I think he's named the professor, he actually demonstrated how AI produces exact copy of the code that he has written. So right now, it's a lot of security, accountability, privacy issues. Use it either to train or to learn. But in my view, it's not ready for enterprise grade yet. >> So, Brian Behlendorf today in his keynotes said he's really worried about ChatGPT being used to automate spearfishing. So I'm like, okay, so let's unpack that a little bit. Is the concern there that it just, the ChatGPT writes such compelling phishing content, it's going to increase the probability of somebody clicking on it, or are there other dimensions? >> It could, it's not necessarily just ChatGPT for that matter, right? AI can, actually, the hackers are using it to an extent already, can use to individualize content. For example, one of the things that you are able to easily identify when you're looking at the emails that are coming in, the phishing attack is, you look at some of the key elements in it, whether it's a human or even if it's an automated AI based system. They look at certain things and they say, "Okay, this is phishing". But if you were to read an email that looks exact copy of what I would've sent to you saying that, "Hey Dave, are you on for tomorrow? Or click on this link to do whatever. It could individualize the message. That's where the volume at scale to individual to masses, that can be done using AI, which is what scares me. >> Is there a flip side to AI? How is it being utilized to help cybersecurity? And maybe you could talk about some of the more successful examples of AI in security. Like, are there use cases or are there companies out there, Andy, that you find, I know you're close to a lot of firms that are leading in this area. You and I have talked about CrowdStrike, I know Palo Alto Network, so is there a positive side to this story? >> Yeah, I mean, absolutely right. Those are some of the good companies you mentioned, CrowdStrike, Palo Alto, Darktrace is another one that I closely follow, which is a good company as well, that they're using AI for security purposes. So, here's the thing, right, when people say, when they're using malware detection systems, most of the malware detection systems that are in today's security and malware systems, use some sort of a signature and pattern scanning in the malware. You know how many identified malwares are there today in the repository, in the library? More than a billion, a billion. So, if you are to check for every malware in your repository, that's not going to work. The pattern based recognition is not going to work. So, you got to figure out a different way of identification of pattern of usage, not just a signature in a malware, right? Or there are other areas you could use, things like the usage patterns. For example, if Andy is coming in to work at a certain time, you could combine a facial recognition saying, that should he be in here at that time, and should he be doing things, what he is supposed to be doing. There are a lot of things you could do using that, right? And the AIOps use cases, which is one of my favorite areas that I work, do a lot of work, right? That it has use cases for detecting things that are anomaly, that are not supposed to be done in a way that's supposed to be, reducing the noise so it can escalate only the things what you're supposed to. So, AIOps is a great use case to use in security areas which they're not using it to an extent yet. Incident management is another area. >> So, in your malware example, you're saying, okay, known malware, pretty much anybody can deal with that now. That's sort of yesterday's problem. >> The unknown is the problem. >> It's the unknown malware really trying to understand the patterns, and the patterns are going to change. It's not like you're saying a common signature 'cause they're going to use AI to change things up at scale. >> So, here's the problem, right? The malware writers are also using AI now, right? So, they're not going to write the old malware, send it to you. They are actually creating malware on the fly. It is possible entirely in today's world that they can create a malware, drop in your systems and it'll it look for the, let me get that name right. It's called, what are we using here? It's called the TTPs, Tactics, Techniques and procedures. It'll look for that to figure out, okay, am I doing the right pattern? And then malware can sense it saying that, okay, that's the one they're detecting. I'm going to change it on the fly. So, AI can code itself on the fly, rather malware can code itself on the fly, which is going to be hard to detect. >> Well, and when you talk about TTP, when you talk to folks like Kevin Mandia of Mandiant, recently purchased by Google or other of those, the ones that have the big observation space, they'll talk about the most malicious hacks that they see, involve lateral movement. So, that's obviously something that people are looking for, AI's looking for that. And of course, the hackers are going to try to mask that lateral movement, living off the land and other things. How do you see AI impacting the future of cyber? We talked about the risks and the good. One of the things that Brian Behlendorf also mentioned is that, he pointed out that in the early days of the internet, the protocols had an inherent element of trust involved. So, things like SMTP, they didn't have security built in. So, they built up a lot of technical debt. Do you see AI being able to help with that? What steps do you see being taken to ensure that AI based systems are secure? >> So, the major difference between the older systems and the newer systems is the older systems, sadly even today, a lot of them are rules-based. If it's a rules-based systems, you are dead in the water and not able, right? So, the AI-based systems can somewhat learn from the patterns as I was talking about, for example... >> When you say rules-based systems, you mean here's the policy, here's the rule, if it's not followed but then you're saying, AI will blow that away, >> AI will blow that away, you don't have to necessarily codify things saying that, okay, if this, then do this. You don't have to necessarily do that. AI can somewhat to an extent self-learn saying that, okay, if that doesn't happen, if this is not a pattern that I know which is supposed to happen, who should I escalate this to? Who does this system belong to? And the other thing, the AIOps use case we talked about, right, the anomalies. When an anomaly happens, then the system can closely look at, saying that, okay, this is not normal behavior or usage. Is that because system's being overused or is it because somebody's trying to access something, could look at the anomaly detection, anomaly prevention or even prediction to an extent. And that's where AI could be very useful. >> So, how about the developer angle? 'Cause CNCF, the event in Seattle is all around developers, how can AI be integrated? We did a lot of talk at the conference about shift-left, we talked about shift-left and protect right. Meaning, protect the run time. So, both are important, so what steps should be taken to ensure that the AI systems are being developed in a secure and ethically sound way? What's the role of developers in that regard? >> How long do you got? (Both laughing) I think it could go for base on that. So, here's the problem, right? Lot of these companies are trying to see, I mean, you might have seen that in the news that Buzzfeed is trying to hire all of the writers to create the thing that ChatGPT is creating, a lot of enterprises... >> How, they're going to fire their writers? >> Yeah, they replace the writers. >> It's like automated automated vehicles and automated Uber drivers. >> So, the problem is a lot of enterprises still haven't done that, at least the ones I'm speaking to, are thinking about saying, "Hey, you know what, can I replace my developers because they are so expensive? Can I replace them with AI generated code?" There are a few issues with that. One, AI generated code is based on some sort of a snippet of a code that has been already available. So, you get into copyright issues, that's issue number one, right? Issue number two, if AI creates code and if something were to go wrong, who's responsible for that? There's no accountability right now. Or you as a company that's creating a system that's responsible, or is it ChatGPT, Microsoft is responsible. >> Or is the developer? >> Or the developer. >> The individual developer might be. So, they're going to be cautious about that liability. >> Well, so one of the areas where I'm seeing a lot of enterprises using this is they are using it to teach developers to learn things. You know what, if you're to code, this is a good way to code. That area, it's okay because you are just teaching them. But if you are to put an actual production code, this is what I advise companies, look, if somebody's using even to create a code, whether with or without your permission, make sure that once the code is committed, you validate that the 100%, whether it's a code or a model, or even make sure that the data what you're feeding in it is completely out of bias or no bias, right? Because at the end of the day, it doesn't matter who, what, when did that, if you put out a service or a system out there, it is involving your company liability and system, and code in place. You're going to be screwed regardless of what, if something were to go wrong, you are the first person who's liable for it. >> Andy, when you think about the dangers of AI, and what keeps you up at night if you're a security professional AI and security professional. We talked about ChatGPT doing things, we don't even, the hackers are going to get creative. But what worries you the most when you think about this topic? >> A lot, a lot, right? Let's start off with an example, actually, I don't know if you had a chance to see that or not. The hackers used a bank of Hong Kong, used a defect mechanism to fool Bank of Hong Kong to transfer $35 million to a fake account, the money is gone, right? And the problem that is, what they did was, they interacted with a manager and they learned this executive who can control a big account and cloned his voice, and clone his patterns on how he calls and what he talks and the whole name he has, after learning that, they call the branch manager or bank manager and say, "Hey, you know what, hey, move this much money to whatever." So, that's one way of kind of phishing, kind of deep fake that can come. So, that's just one example. Imagine whether business is conducted by just using voice or phone calls itself. That's an area of concern if you were to do that. And imagine this became an uproar a few years back when deepfakes put out the video of Tom Cruise and others we talked about in the past, right? And Tom Cruise looked at the video, he said that he couldn't distinguish that he didn't do it. It is so close, that close, right? And they are doing things like they're using gems... >> Awesome Instagram account by the way, the guy's hilarious, right? >> So, they they're using a lot of this fake videos and fake stuff. As long as it's only for entertainment purposes, good. But imagine doing... >> That's right there but... >> But during the election season when people were to put out saying that, okay, this current president or ex-president, he said what? And the masses believe right now whatever they're seeing in TV, that's unfortunate thing. I mean, there's no fact checking involved, and you could change governments and elections using that, which is scary shit, right? >> When you think about 2016, that was when we really first saw, the weaponization of social, the heavy use of social and then 2020 was like, wow. >> To the next level. >> It was crazy. The polarization, 2024, would deepfakes... >> Could be the next level, yeah. >> I mean, it's just going to escalate. What about public policy? I want to pick your brain on this because I I've seen situations where the EU, for example, is going to restrict the ability to ship certain code if it's involved with critical infrastructure. So, let's say, example, you're running a nuclear facility and you've got the code that protects that facility, and it can be useful against some other malware that's outside of that country, but you're restricted from sending that for whatever reason, data sovereignty. Is public policy, is it aligned with the objectives in this new world? Or, I mean, normally they have to catch up. Is that going to be a problem in your view? >> It is because, when it comes to laws it's always miles behind when a new innovation happens. It's not just for AI, right? I mean, the same thing happened with IOT. Same thing happened with whatever else new emerging tech you have. The laws have to understand if there's an issue and they have to see a continued pattern of misuse of the technology, then they'll come up with that. Use in ways they are ahead of things. So, they put a lot of restrictions in place and about what AI can or cannot do, US is way behind on that, right? But California has done some things, for example, if you are talking to a chat bot, then you have to basically disclose that to the customer, saying that you're talking to a chat bot, not to a human. And that's just a very basic rule that they have in place. I mean, there are times that when a decision is made by the, problem is, AI is a black box now. The decision making is also a black box now, and we don't tell people. And the problem is if you tell people, you'll get sued immediately because every single time, we talked about that last time, there are cases involving AI making decisions, it gets thrown out the window all the time. If you can't substantiate that. So, the bottom line is that, yes, AI can assist and help you in making decisions but just use that as a assistant mechanism. A human has to be always in all the loop, right? >> Will AI help with, in your view, with supply chain, the software supply chain security or is it, it's always a balance, right? I mean, I feel like the attackers are more advanced in some ways, it's like they're on offense, let's say, right? So, when you're calling the plays, you know where you're going, the defense has to respond to it. So in that sense, the hackers have an advantage. So, what's the balance with software supply chain? Are the hackers have the advantage because they can use AI to accelerate their penetration of the software supply chain? Or will AI in your view be a good defensive mechanism? >> It could be but the problem is, the velocity and veracity of things can be done using AI, whether it's fishing, or malware, or other security and the vulnerability scanning the whole nine yards. It's scary because the hackers have a full advantage right now. And actually, I think ChatGPT recently put out two things. One is, it's able to direct the code if it is generated by ChatGPT. So basically, if you're trying to fake because a lot of schools were complaining about it, that's why they came up with the mechanism. So, if you're trying to create a fake, there's a mechanism for them to identify. But that's a step behind still, right? And the hackers are using things to their advantage. Actually ChatGPT made a rule, if you go there and read the terms and conditions, it's basically honor rule suggesting, you can't use this for certain purposes, to create a model where it creates a security threat, as that people are going to listen. So, if there's a way or mechanism to restrict hackers from using these technologies, that would be great. But I don't see that happening. So, know that these guys have an advantage, know that they're using AI, and you have to do things to be prepared. One thing I was mentioning about is, if somebody writes a code, if somebody commits a code right now, the problem is with the agile methodologies. If somebody writes a code, if they commit a code, you assume that's right and legit, you immediately push it out into production because need for speed is there, right? But if you continue to do that with the AI produced code, you're screwed. >> So, bottom line is, AI's going to speed us up in a security context or is it going to slow us down? >> Well, in the current version, the AI systems are flawed because even the ChatGPT, if you look at the the large language models, you look at the core piece of data that's available in the world as of today and then train them using that model, using the data, right? But people are forgetting that's based on today's data. The data changes on a second basis or on a minute basis. So, if I want to do something based on tomorrow or a day after, you have to retrain the models. So, the data already have a stale. So, that in itself is stale and the cost for retraining is going to be a problem too. So overall, AI is a good first step. Use that with a caution, is what I want to say. The system is flawed now, if you use it as is, you'll be screwed, it's dangerous. >> Andy, you got to go, thanks so much for coming in, appreciate it. >> Thanks for having me. >> You're very welcome, so we're going wall to wall with our coverage of the Cloud Native Security Con. I'm Dave Vellante in the Boston Studio, John Furrier, Lisa Martin and Palo Alto. We're going to be live on the show floor as well, bringing in keynote speakers and others on the ground. Keep it right there for more coverage on theCUBE. (upbeat music) (upbeat music) (upbeat music) (upbeat music)

>>The Cube presents Ignite 22, brought to you by Palo Alto Networks. >>Welcome back everyone. Happy afternoon. It's Lisa Martin and Dave Valante of the Cube. We are live at MGM Grand. This is Palo Alto Ignite 22, our second day of coverage. Dave, we've had some amazing conversations, as we always do on the queue, but cybersecurity one of my favorite topics. So interesting to hear what Palo Alto Networks is doing, how it's differentiating itself and how it's ecosystem is >>Growing. Yeah, well one of the things I always, I often use ServiceNow as a reference example. I go back to 2013, had a kind of a tiny ecosystem and then sort of watched it grow. And one of those key signs was when the global system integrators actually began to lean in Accenture, obviously world class, one of the, you know, definitely in the top, you know, they talk about top five QBs, Accenture, you know, top five GSI easily. >>Yep. So, and in fact, Accenture, we've got Rex Stex in here, senior managing director at Accenture Security. You guys have been the GSI partner of the year for Palo Alto Networks for four years in a row, six years plus strong partnership. Give us a little flavor and history of the pan of the Palo Alto partnership with et cetera. >>I think, you know, we started early, right? And I think as they've evolved, we've evolved our partnership with them and as they've gone, you know, to more of a software footprint with, you know, around cloud security and network security and sassy, we've, we've seen a lot of growth and we're super excited about the opportunity that's ahead of us and the meaningful outcomes that we've been providing our clients as it relates to, you know, vendor consolidation, toll consolidation, tech debt reduction. You know, there's a lot of opportunity here to simplify our clients' lives with them. And that's something we're super excited about. >>Simplification, consolidation, been a theme of the last couple of days. Talk about some of the joint accomplishments that you guys have achieved. I know that you developed a lot of offers across all of Palo Alto Network's, GTMs, what are some of the highlights that come to mind? I >>Think one of the things that we're most excited about, you know, that being client specific is what we've been able to do on, on, on the network side with sasi and, and zero trust, network access. You know, as when Covid hit, there was a lot of change that happened with remote workforce and, you know, clients couldn't log in because their VPNs were crashing left and right. And so we were able to, you know, go in and help stand up, you know, this, you know, zero trust network infrastructure and help our clients get back online and get their employees back to work in a productive manner. And then it's evolved with the hybrid work model over time. And so it's, it's been a, that's probably the most gratifying cause there was a real crisis at, at a certain point in time, you know, a couple years ago were >>There Rex, were there unintended consequences of that, you know, rapid, we were forced, you know, the forced march to digital in terms of just multiple tools, plugging holes, and then sort of stepping back, you know, post isolation economy saying, okay, hey, we got through this, but now we need to take a new direction, new >>Strategy. I think that there, there isn't an intended consequence if you look at, most clients have, I saw a number 76, we counted as around 80 different security vendors and tools that they managed because a lot of people went and went after best of breed type capabilities. And, and so what we've seen now is, is the need to, you know, rationalize that, you know, their, their infrastructure and their, and their capability and, and consolidate and reduce that and, and move to, you know, more of what I would call platform providers. Cause if you may have, when you have 80 products, you have 80 integrations, 80 points of failure, and it gets very complex and, you know, there's a lot of finger pointing. And so as we're starting to see clients take a step back and say, Hey, look, if I, you know, spend the time to, you know, I call it modernization, but you know, modernize my security infrastructure and footprint focused around, you know, automation, orchestration, leveraging, you know, true ml and I know there's are buzzwords, but, you know, but you know, using 'em in, in, in the proper fashion, right? >>They, they can, you know, reduce that footprint, save a bunch of money, right? And, and, and drive that cost savings and then help scale their business. Cuz you have all these different vendors and what security is typically in the digital footprint is the slowdown, right? We, we've typically been the bottleneck in the past. And what we're seeing with, with, with what, you know, we've been very focused on is helping our clients scale their security footprints and their infrastructure and, you know, through automation orchestration, I i, I always say some folks do it your mess for less with labor arbitrage and bodies, but they're not enough security people in the world to do this. And so we're very focused on automation and orchestration and driving that into, into the market. >>Yeah. So you don't want to be in the business of, of filling those holes with labor. >>Exactly. You >>Want to actually get paid for outcomes. >>A hundred percent. And everything we've done is we've tried to simplify things not only for, you know, big Accenture, but even for our clients so that, you know, we can be focused on business outcomes, not necessarily technology outcomes. Cuz doing technology for the sake of technology. Is that unintended consequence that you described earlier, >>Speaking of transformation and outcomes I should say, what are you hearing most from CIOs and CISOs in terms of what they need now to be able to transform, to deliver the business outcomes so that they can become secure data companies regardless of industry? Yep. >>I think the, the biggest thing we're seeing right now is the need to, you know, leverage true automation and orchestration. We have to break the headcount model. There's not enough security professionals in the world to do, you know, to solve the world's problems. In order to scale that, you know, it's one of the reasons we're, you know, partnering with Palo Alto is because of, you know, the capabilities and the investments they've made in innovation to help drive that automation and orchestration through, you know, numerous capabilities from stock transformation to to to sassy cloud security, et cetera. But our clients need scale. They need to be able to go fast and net pace and they need to, they need to do it with confidence securely. And that, that's one of the big focuses. But the other focus is, is we're starting to see a need to, you know, vendor consolidation in the market. You've seen the acquisitions, I'm sure you've talked to people in over the last couple days. You know, there's, there's a, a tremendous amount of consolidation going around. And what our clients, you know, are asking for is, Hey, I need to reduce the number of vendors I interact with. I need to simplify my infrastructure, I need to focus on automation and, and orchestration from that perspective, >>What's happening with multi-cloud? What are you hearing from from customers? You know, we hear a lot of the, the, the conversations about, oh it's, you know, it's, and I agree by the way, multi-cloud is kind of a symptom of multi-vendor, you know, Chuck Whittens thing about multi-cloud by default versus design, you know, it's good, good line and I think rings true, but, but what a customer's telling you in terms of the real challenges generally and then specifically around security. >>I think it's, you know, each cloud service product has their own security capabilities and security models and, and, and being able to train the people to be able to manage those different models. I think that's where, you know, tools like, you know, Prisma Cloud for instance come in and help clients be able to manage the security and compliance of those infrastructures in, in a way to do that. And then to be able to manage applications security consistently, right? It's not just the cloud itself, but it's actually the applications that may, you know, cross, you know, be for, for resiliency but you know, be in, you know, multi-cloud, you know, multiple clouds and being able to make sure you have consistent security across those. And I think, you know, one of the things that it's permeated is, is just the, with data and identity and, and you know, cloud infrastructure and tolerance management, it's been a big problem cuz it's like the wild, wild west. I always look, when I look at identity and the cloud and how it's done, it, it looks like 1995 identity. It's, it's, it's ridiculously backwards. And so, you know, we've seen things like, you know, keem that have come into play to help manage those relationships and, and simplify it across multiple clouds consistently, if that makes sense. >>Yep. >>You, you mentioned Prisma Cloud most recently Accenture and Palo Alto developed the Secure Cloud Express. Correct. Can you talk to us a little bit about what that is and what outcomes is it gonna enable? Yeah, >>So great question and we're pretty excited about this cuz what we did with that was we manage cloud, you know, our cloud environments for numerous customers. So we've developed hundreds of policies that, you know, we implemented in Prisma Cloud to manage, you know, multiple clients, our internal infrastructure. And what we did was we said, well, most of our clients have to build those from scratch. So what we said is we will come in, in the best of week of time and come in and, and do a data-driven exercise to show our clients, you know, where where they sit from a, from a security perspective as it relates leveraging Prisma cloud and, and those policies that we've created. And what, what that has led to is another step, which is where we're focused on auto remediation. So, you know, when you, when you get, when you get the findings, then what do you do with them, right? If you have hundreds or thousands in some cases we've had clients with 1100 findings and they just sit there and they go, whoa, you know, so to speak. And so what we've done is we try to take those highest, most frequent findings and build securities code to auto remediate those for clients so they can choose to implement that and work down those, you know, findings very quickly, which helps, you know, drive more value out of, out of their prisma cloud >>Purchases. Accenture obviously has deep industry expertise around the globe. What are you seeing in terms of industries actually? So as they digitize not just their IT transformation but a business transformation, there are starting to see companies, financial services in particular bring their business to their cloud, sify their business. And specifically I'm interested in what's happening at the edge with operations technology. We just talked about healthcare and and medical devices. What's happening there? How connected or disconnected is that to the rest of the estate, the multi-cloud on-prem, et cetera? I >>Mean, I think OT is, is fairly disconnected, right? Sure. From, from that perspective, obviously, but I, I, I think what we're starting to see is an uptick, you know, on, I think secure edge and Sassy will come to OT cause it's a better way. Because what happens is if someone, you know, gets into the network, they can traverse it, right? And if they can apply those zero trust principles to ot, which is you're talking to people that have been, you know, wearing hard hats Yeah. And engineers, that's a big shift for them. And so, but I think that you'll start to see that play more prevalence, you know, with the industries like, you know, financial services, we're seeing a huge uptick in cloud adoption, right? They were, they were slow to do it, but now they're, they're going at pace and faster than most, right? Yeah, sure. And I think, you know, healthcare is a, is another big one where we've seen a lot of migration and a lot of need for multi-cloud. Cuz you know, some, they may be running their analytics on, you know, Google and, and their workloads on Azure, right? Or aws. And so you're starting to see a lot of people leveraging the best of what each cloud provider does well >>From that. And, and just an aside on that Palo Alto survey, we saw construction was one of the hardest hit industries. Yeah. Which I, I was like, what? And then of course it's because they're not really focused on security. They're focused on building stuff. No, >>It's really interesting. We're working with a large builder, I can't say the name, but one of the things that they're looking to do is, you know, they're moving to the cloud and they're building the capability to manage some of the, you know, largest skyscrapers in the world, but also manage the OT sensors and also do selling that creating another business, not only just managing those buildings, but managing other people's buildings for them and ha and selling security as a service for that because they built that capability around their devices and, and, and switches, hvac, et cetera. Do, >>Do you think that because I mean, you know, the operations technology, they're engineers and they're hardcore, like, don't touch my stuff. Exactly. And so do you feel like as, I mean I know that business has kind of done a reach around everything, you know, be becoming connected, but do you feel like they're gonna be more on top of it then, then, then sort of the, the broad commercial market has been? Or is it gonna be wild West all over again? >>My hope is that, you know, us as gsi, you know, my fellow GSIs, that we will help our clients make the better decisions this time around and, and not go to the wild, wild west. And you know, we see a lot of it in manufacturing, you know, if you saw, you know, with the, you know, the invasion Ukraine, you know, one of the big groups that was hit was manufacturing, right? There was factory shut down all over the world, you know, and, and so, you know, and that is an OT environment, but I, you know, what we've seen is them are, you know, those clients take more serious steps to protect those environments cuz they're on, you know, windows 10 servers running, you know, large machines. So we're starting to see a lot more care and feeding in into those environments as well. >>Can I ask you a question about the conversations that you're having? That survey that Dave mentioned, it's was released yesterday. There's a board behind us, what's next in cyber? That was the survey and amazing data that came from it. Like 96% of organizations have been hit by at least one attack in the last year. They were surprised that the number was that high, but we know that no industry, no company is safe. But one of the things that the survey found that, that surprised me was that we always say, oh, security is a board level conversation. We know that to some degree. But what they found was lack of alignment between the board and the executive level. In your Accenture's relationships, I know you guys have deep relationships across organizations and their boards. Can you help bring the board together with the executives and, and really not just talk about cybersecurity, but really develop a cybersecurity transformation strategy that actually delivers resilience? >>Yeah, no ab absolutely. And we've, we, we actually took a step back and, and reorganized our business this last year. And one of those areas that we focused on was within strategy and the C-suite agenda, right? And we actually published looking at gia, it was either the CEO handbook, I think it's what we called it, but they helped them and board be able to, you know, drive more meaningful conversations that relates to risk and and whatnot. And so we're very focused on that right now. And it's, we need to up-level our conversations within the organization. Cause even the buyers in these large, you know, two years ago was mainly the cso, now we're dealing with the cio, CTOs, cfo because these are, you know, meaningful business conversations, right? That are driving business outcomes and security needs to be a business enabler, not, not a a, a bottleneck >>Is the chief data officer starting to emerge as, as we see, you know, Nikesh said yesterday in his keynote and we talked about it with him when he was here, security is a data problem. >>Yep. It is. It's a huge data problem. And we're starting to, you know, I think we've talked a lot about zero trust, but zero trust data is, is a, is a significant problem, right? Because that you talk about the wild, wild west is we see clients that have people that have in, you know, they, they have access to, you know, what we call dev development environment data, right? But then you find out that they can hop four levels over into production data and this been exposed to, you know, the wrong people, you know, not focused on that least privileged aspect. I think data's a real problem, you know, per na kesha's statement in the cloud. It's something that really needs to be addressed. And I think we're starting to see a lot of innovation around that area. Cuz what typical data security has always been, I have all these problems, it creates, I call it noise, right? I got thousands of findings and then just, you know, need just sit there and they go, what do I do? Right? It's too much. And so I think there, there's gonna be more intelligence around that and more, you know, what I call auto remediation, right? Being able to remediate those findings quickly from from that >>Perspective. I've been watching this board behind us. Yeah. It's this what's next in cyber. And people come in and they write, it's just been growing, you know, all week and somebody just wrote sock transformation. Yeah. We were just sort of talking about earlier what, what, in your estimation, what percent of organizations that you target. I understand that you're not going after the, you know, mom and pop organizations, but what percent of that, you know, fat middle and the tip of the pyramid, that a euro, that's your sweet spot. What percent of those organizations don't have a sock? >>I mean, most every organization has a sock. You know, I talked to, you know, CISOs of large financial service organization, they said, do we even need a sock anymore? It could be a virtual sock so to speak, but I think, you know, am was SOC transformation. I think we could potentially head to something like that. But you know, but what's really been strange is there's been, you know, what we call soar, right? Security, you know, orchestration, automation, whatever. And what another, >>Another acronym, their >>Acronym that I security that I might brain is >>Hold apologize. >>But you know, they've, people have never really driven the value out of it because they build these automation playbooks and, and for one company to do it and build 20 of 'em or 30 of 'em to ha it doesn't pay off in the long run. And what we're starting to see is people, you know, bring to the table more crowdsource these capabilities so that they can scale those sock transformations. Cause it's really about, you know, orchestration and automation. That's where, you know, nirvana comes in because it's not about people with headsets on looking at, you know, 20 screens. It's not helpful, right? The humans, we make mistakes. And so if we can automate as much of that as possible, get rid of the false positives, leverage AI and and ML to do that. And I think we're starting to see, you know, what I would call more advanced AI and ml. I think in the early days in security, AI and ML was very nascent and, and, and now you're starting to see, you know, more powerful concepts come in better learning, better outcomes out of that. >>Well, it was a lot of modeling in the cloud still is, but it's increasingly going toward real time inference and that's, you know, game changing. >>Agreed. >>Last question for you. What's are some of the things that are next on the plate for Accenture and Palo Networks? What's next up? >>I think, you know, we're very focused on, on Sassy right now in, in the market. And I think we think that is, you know, I think both of us think that's the next big wave, right? Because I think what we learned out of, you know, these last two and a half, three years is that these concepts work, but they can actually scale out to drive significant cost savings. I mean, if you look at Accenture, you know, we don't have a a network backbone anymore. We're pure cloud wan, right? We're leveraging the internet for that. And I think that and what we're trying to do with Palo Alto and driving, you know, cloud WAN and Sassy as a service, I think will be super, super meaningful. And, and, and, and >>Well that's interesting. That has implications for a number of companies out >>There. Yeah. Well I think, you know, it's obviously the, you know, it, it's a, it is a big implication for a lot of, a lot of, you know, our customers even, right? Yeah. And so we have to be very careful and thoughtful about how we work to make that happen over time. >>Right. A lot of opportunity. Rex, thank you so much for joining us on the program and really dissecting what Accenture and Palo Alto are doing, all the value in it for organizations across industries. We appreciate your insights. Yep. >>Thank you >>For Rex Dexon and Dave Valante. I'm Lisa Martin, you're watching the Cubes stick around. Dave and I will be right back with our next guest. This is the Cube, the leader in live, emerging and enterprise tech coverage.

>> Narrator: "TheCUBE" presents Ignite 22. Brought to you by Palo Alto Networks. >> Hey everyone. Welcome back to "TheCUBE's" live coverage of Palo Alto Network's Ignite 22 from the MGM Grand in beautiful Las Vegas. I am Lisa Martin here with Dave Vellante. Dave, we just had a great conversa- First of all, we got to hear the keynote, most of it. We also just had a great conversation with the CEO and chairman of Palo Alto Networks, Nikesh Arora. You know, this is a company that was founded back in 2005, he's been there four years, a lot has happened. A lot of growth, a lot of momentum in his tenure. You were saying in your breaking analysis, that they are on track to nearly double revenues from FY 20 to 23. Lots of momentum in this cloud security company. >> Yeah, I'd never met him before. I mean, I've been following a little bit. It's interesting, he came in as, sort of, a security outsider. You know, he joked today that he, the host, I forget the guy's name on the stage, what was his name? Hassan. Hassan, he said "He's the only guy in the room that knows less about security than I do." Because, normally, this is an industry that's steeped in deep expertise. He came in and I think is given a good compliment to the hardcore techies at Palo Alto Network. The company, it's really interesting. The company started out building their own data centers, they called it. Now they look back and call it cloud, but it was their own data centers, kind of like Salesforce did, it's kind of like ServiceNow. Because at the time, you really couldn't do it in the public cloud. The public cloud was a little too unknown. And so they needed that type of control. But Palo Alto's been amazing story since 2020, we wrote about this during the pandemic. So what they did, is they began to pivot to the the true cloud native public cloud, which is kind of immature still. They don't tell you that, but it's kind of still a little bit immature, but it's working. And when they were pivoting, it was around the same time, at Fortinet, who's a competitor there's like, I call 'em a poor man's Palo Alto, and Fortinet probably hates that, but it's kind of true. It's like a value play on a comprehensive platform, and you know Fortinet a little bit. And so, but what was happening is Fortinet was executing on its cloud strategy better than Palo Alto. And there was a real divergence in the valuations of these stocks. And we said at the time, we felt like Palo Alto, being the gold standard, would get through it. And they did. And what's happened is interesting, I wrote about this two weeks ago. If you go back to the pandemic, peak of the pandemic, or just before the peak, kind of in that tech bubble, if you will. Splunk's down 44% from that peak, Okta's down, sorry, not down 44%. 44% of the peak. Okta's 22% of their peak. CrowdStrike, 41%, Zscaler, 36%, Fortinet, 71%. Not so bad. Palo Altos maintained 93% of its peak value, right? So it's a combination of two things. One is, they didn't run up as much during the pandemic, and they're executing through their cloud strategy. And that's provided a sort of softer landing. And I think it's going to be interesting to see where they go from here. And you heard Nikesh, we're going to double, and then double again. So that's 7 billion, 14 billion, heading to 30 billion. >> Lisa: Yeah, yeah. He also talked about one of the things that he's done in his tenure here, as really a workforce transformation. And we talk all the time, it's not just technology and processes, it's people. They've also seemed to have done a pretty good job from a cultural transformation perspective, which is benefiting their customers. And they're also growing- The ecosystem, we talked a little bit about the ecosystem with Nikesh. We've got Google Cloud on, we've got AWS on the program today alone, talking about the partnerships. The ecosystem is expanding, as well. >> Have you ever met Nir Zuk? >> I have not, not yet. >> He's the founder and CTO. I haven't, we've never been on "theCUBE." He was supposed to come on one day down in New York City. Stu and I were going to interview him, and he cut out of the conference early, so we didn't interview him. But he's a very opinionated dude. And you're going to see, he's basically going to come on, and I mean, I hope he is as opinionated on "TheCUBE," but he'll talk about how the industry has screwed it up. And Nikesh sort of talked about that, it's a shiny new toy strategy. Oh, there's another one, here's another one. It's the best in that category. Okay, let's get, and that's how we've gotten to this point. I always use that Optive graphic, which shows the taxonomy, and shows hundreds and hundreds of suppliers in the industry. And again, it's true. Customers have 20, 30, sometimes 40 different tool sets. And so now it's going to be interesting to see. So I guess my point is, it starts at the top. The founder, he's an outspoken, smart, tough Israeli, who's like, "We're going to take this on." We're not afraid to be ambitious. And so, so to your point about people and the culture, it starts there. >> Absolutely. You know, one of the things that you've written about in your breaking analysis over the weekend, Nikesh talked about it, they want to be the consolidator. You see this as they're building out the security supercloud. Talk to me about that. What do you think? What is a security supercloud in your opinion? >> Yeah, so let me start with the consolidator. So Palo Alto obviously is executing on that strategy. CrowdStrike as well, wants to be a consolidator. I would say Zscaler wants to be a consolidator. I would say that Microsoft wants to be a consolidator, so does Cisco. So they're all coming at it from different angles. Cisco coming at it from network security, which is Palo Alto's wheelhouse, with their next gen firewalls, network security. What Palo Alto did was interesting, was they started out with kind of a hardware based firewall, but they didn't try to shove everything into it. They put the other function in there, their cloud. Zscaler. Zscaler is the one running around saying you don't need firewalls anymore. Just run everything through our cloud, our security cloud. I would think that as Zscaler expands its TAM, it's going to start to acquire, and do similar types of things. We'll see how that integrates. CrowdStrike is clearly executing on a similar portfolio strategy, but they're coming at it from endpoint, okay? They have to partner for network security. Cisco is this big and legacy, but they've done a really good job of acquiring and using services to hide some of that complexity. Microsoft is, you know, they probably hate me saying this, but it's the just good enough strategy. And that may have hurt CrowdStrike last quarter, because the SMB was a soft, we'll see. But to specifically answer your question, the opportunity, we think, is to build the security supercloud. What does that mean? That means to have a common security platform across all clouds. So irrespective of whether you're running an Amazon, whether you're running an on-prem, Google, or Azure, the security policies, and the edicts, and the way you secure your enterprise, look the same. There's a PaaS layer, super PaaS layer for developers, so that that the developers can secure their code in a common framework across cloud. So that essentially, Nikesh sort of balked at it, said, "No, no, no, we're not, we're not really building a super cloud." But essentially they kind of are headed in that direction, I think. Although, what I don't know, like CrowdStrike and Microsoft are big competitors. He mentioned AWS and Google. We run on AWS, Google, and in their own data centers. That sounds like they don't currently run a Microsoft. 'Cause Microsoft is much more competitive with the security ecosystem. They got Identity, so they compete with Okta. They got Endpoint, so they compete with CrowdStrike, and Palo Alto. So Microsoft's at war with everybody. So can you build a super cloud on top of the clouds, the hyperscalers, and not do Microsoft? I would say no. >> Right. >> But there's nothing stopping Palo Alto from running in the Microsoft cloud. I don't know if that's a strategy, we should ask them. >> Yeah. They've done a great job in our last few minutes, of really expanding their TAM in the last few years, particularly under Nikesh's leadership. What are some of the things that you heard this morning that you think, really they've done a great job of expanding that TAM. He talked a little bit about, I didn't write the number down, but he talked a little bit about the market opportunity there. What do you see them doing as being best of breed for organizations that have 30 to 50 tools and need to consolidate that? >> Well the market opportunity's enormous. >> Lisa: It is. >> I mean, we're talking about, well north of a hundred billion dollars, I mean 150, 180, depending on whose numerator you use. Gartner, IDC. Dave's, whatever, it's big. Okay, and they've got... Okay, they're headed towards 7 billion out of 180 billion, whatever, again, number you use. So they started with network security, they put most of the network function in the cloud. They moved to Endpoint, Sassy for the edge. They've done acquisitions, the Cortex acquisition, to really bring automated threat intelligence. They just bought Cider Security, which is sort of the shift left, code security, developer, assistance, if you will. That whole shift left, protect right. And so I think a lot of opportunities to continue to acquire best of breed. I liked what Nikesh said. Keep the founders on board, sell them on the mission. Let them help with that integration and putting forth the cultural aspects. And then, sort of, integrate in. So big opportunities, do they get into Endpoint and compete with Okta? I think Okta's probably the one sort of outlier. They want to be the consolidator of identity, right? And they'll probably partner with Okta, just like Okta partners with CrowdStrike. So I think that's part of the challenge of being the consolidator. You're probably not going to be the consolidator for everything, but maybe someday you'll see some kind of mega merger of these companies. CrowdStrike and Okta, or Palo Alto and Okta, or to take on Microsoft, which would be kind of cool to watch. >> That would be. We have a great lineup, Dave. Today and tomorrow, full days, two full days of cube coverage. You mentioned Nir Zuk, we already had the CEO on, founder and CTO. We've got the chief product officer coming on next. We've got chief transformation officer of customers, partners. We're going to have great conversations, and really understand how this organization is helping customers ultimately achieve their SecOps transformation, their digital transformation. And really moved the needle forward to becoming secure data companies. So I'm looking forward to the next two days. >> Yeah, and Wendy Whitmore is coming on. She heads Unit 42, which is, from what I could tell, it's pretty much the competitor to Mandiant, which Google just bought. We had Kevin Mandia on at September at the CrowdStrike event. So that's interesting. That's who I was poking Nikesh a little bit on industry collaboration. You're tight with Google, and then he had an interesting answer. He said "Hey, you start sharing data, you don't know where it's going to go." I think Snowflake could help with that problem, actually. >> Interesting. >> Yeah, little Snowflake and some of the announcements ar Reinvent with the data clean rooms. Data sharing, you know, trusted data. That's one of the other things we didn't talk about, is the real tension in between security and regulation. So the regulators in public policy saying you can't move the data out of the country. And you have to prove to me that you have a chain of custody. That when you say you deleted something, you have to show me that you not only deleted the file, then the data, but also the metadata. That's a really hard problem. So to my point, something that Palo Alto might be able to solve. >> It might be. It'll be an interesting conversation with Unit 42. And like we said, we have a great lineup of guests today and tomorrow with you, so stick around. Lisa Martin and Dave Vellante are covering Palo Alto Networks Ignite 22 for you. We look forward to seeing you in our next segment. Stick around. (light music)

(upbeat music) >> From theCube Studios in Palo Alto in Boston, bringing you data driven insights from theCube and ETR. This is Breaking Analysis with Dave Vellante. >> While by no means a safe haven, the cybersecurity sector has outpaced the broader tech market by a meaningful margin, that is up until very recently. Cybersecurity remains the number one technology priority for the C-suite, but as we've previously reported the CISO's budget has constraints just like other technology investments. Recent trends show that economic headwinds have elongated sales cycles, pushed deals into future quarters, and just like other tech initiatives, are pacing cybersecurity investments and breaking them into smaller chunks. Hello and welcome to this week's Wikibon Cube Insights powered by ETR. In this Breaking Analysis we explain how cybersecurity trends are reverting to the mean and tracking more closely with other technology investments. We'll make a couple of valuation comparisons to show the magnitude of the challenge and which cyber firms are feeling the heat, which aren't. There are some exceptions. We'll then show the latest survey data from ETR to quantify the contraction in spending momentum and close with a glimpse of the landscape of emerging cybersecurity companies, the private companies that could be ripe for acquisition, consolidation, or disruptive to the broader market. First, let's take a look at the recent patterns for cyber stocks relative to the broader tech market as a benchmark, as an indicator. Here's a year to date comparison of the bug ETF, which comprises a basket of cyber security names, and we compare that with the tech heavy NASDAQ composite. Notice that on April 13th of this year the cyber ETF was actually in positive territory while the NAS was down nearly 14%. Now by August 16th, the green turned red for cyber stocks but they still meaningfully outpaced the broader tech market by more than 950 basis points as of December 2nd that Delta had contracted. As you can see, the cyber ETF is now down nearly 25%, year to date, while the NASDAQ is down 27% and change. Now take a look at just how far a few of the high profile cybersecurity names have fallen. Here are six security firms that we've been tracking closely since before the pandemic. We've been, you know, tracking dozens but let's just take a look at this data and the subset. We show for comparison the S&P 500 and the NASDAQ, again, just for reference, they're both up since right before the pandemic. They're up relative to right before the pandemic, and then during the pandemic the S&P shot up more than 40%, relative to its pre pandemic level, around February is what we're using for the pre pandemic level, and the NASDAQ peaked at around 65% higher than that February level. They're now down 85% and 71% of their previous. So they're at 85% and 71% respectively from their pandemic highs. You compare that to these six companies, Splunk, which was and still is working through a transition is well below its pre pandemic market value and 44, it's 44% of its pre pandemic high as of last Friday. Palo Alto Networks is the most interesting here, in that it had been facing challenges prior to the pandemic related to a pivot to the Cloud which we reported on at the time. But as we said at that time we believe the company would sort out its Cloud transition, and its go to market challenges, and sales compensation issues, which it did as you can see. And its valuation jumped from 24 billion prior to Covid to 56 billion, and it's holding 93% of its peak value. Its revenue run rate is now over 6 billion with a healthy growth rate of 24% expected for the next quarter. Similarly, Fortinet has done relatively well holding 71% of its peak Covid value, with a healthy 34% revenue guide for the coming quarter. Now, Okta has been the biggest disappointment, a darling of the pandemic Okta's communication snafu, with what was actually a pretty benign hack combined with difficulty absorbing its 7 billion off zero acquisition, knocked the company off track. Its valuation has dropped by 35 billion since its peak during the pandemic, and that's after a nice beat and bounce back quarter just announced by Okta. Now, in our view Okta remains a viable long-term leader in identity. However, its recent fiscal 24 revenue guide was exceedingly conservative at around 16% growth. So either the company is sandbagging, or has such poor visibility that it wants to be like super cautious or maybe it's actually seeing a dramatic slowdown in its business momentum. After all, this is a company that not long ago was putting up 50% plus revenue growth rates. So it's one that bears close watching. CrowdStrike is another big name that we've been talking about on Breaking Analysis for quite some time. It like Okta has led the industry in a key ETR performance indicator that measures customer spending momentum. Just last week, CrowdStrike announced revenue increased more than 50% but new ARR was soft and the company guided conservatively. Not surprisingly, the stock got absolutely crushed as CrowdStrike blamed tepid demand from smaller and midsize firms. Many analysts believe that competition from Microsoft was one factor along with cautious spending amongst those midsize and smaller customers. Notably, large customers remain active. So we'll see if this is a longer term trend or an anomaly. Zscaler is another company in the space that we've reported having great customer spending momentum from the ETR data. But even though the company beat expectations for its recent quarter, like other companies its Outlook was conservative. So other than Palo Alto, and to a lesser extent Fortinet, these companies and others that we're not showing here are feeling the economic pinch and it shows in the compression of value. CrowdStrike, for example, had a 70 billion valuation at one point during the pandemic Zscaler top 50 billion, Okta 45 billion. Now, having said that Palo Alto Networks, Fortinet, CrowdStrike, and Zscaler are all still trading well above their pre pandemic levels that we tracked back in February of 2020. All right, let's go now back to ETR'S January survey and take a look at how much things have changed since the beginning of the year. Remember, this is obviously pre Ukraine, and pre all the concerns about the economic headwinds but here's an X Y graph that shows a net score, or spending momentum on the y-axis, and market presence on the x-axis. The red dotted line at 40% on the vertical indicates a highly elevated net score. Anything above that we think is, you know, super elevated. Now, we filtered the data here to show only those companies with more than 50 responses in the ETR survey. Still really crowded. Note that there were around 20 companies above that red 40% mark, which is a very, you know, high number. It's a, it's a crowded market, but lots of companies with, you know, positive momentum. Now let's jump ahead to the most recent October survey and take a look at what, what's happening. Same graphic plotting, spending momentum, and market presence, and look at the number of companies above that red line and how it's been squashed. It's really compressing, it's still a crowded market, it's still, you know, plenty of green, but the number of companies above 40% that, that key mark has gone from around 20 firms down to about five or six. And it speaks to that compression and IT spending, and of course the elongated sales cycles pushing deals out, taking them in smaller chunks. I can't tell you how many conversations with customers I had, at last week at Reinvent underscoring this exact same trend. The buyers are getting pressure from their CFOs to slow things down, do more with less and, and, and prioritize projects to those that absolutely are critical to driving revenue or cutting costs. And that's rippling through all sectors, including cyber. Now, let's do a bit more playing around with the ETR data and take a look at those companies with more than a hundred citations in the survey this quarter. So N, greater than or equal to a hundred. Now remember the followers of Breaking Analysis know that each quarter we take a look at those, what we call four star security firms. That is, those are the, that are in, that hit the top 10 for both spending momentum, net score, and the N, the mentions in the survey, the presence, the pervasiveness in the survey, and that's what we show here. The left most chart is sorted by spending momentum or net score, and the right hand chart by shared N, or the number of mentions in the survey, that pervasiveness metric. that solid red line denotes the cutoff point at the top 10. And you'll note we've actually cut it off at 11 to account for Auth 0, which is now part of Okta, and is going through a go to market transition, you know, with the company, they're kind of restructuring sales so they can take advantage of that. So starting on the left with spending momentum, again, net score, Microsoft leads all vendors, typical Microsoft, very prominent, although it hadn't always done so, it, for a while, CrowdStrike and Okta were, were taking the top spot, now it's Microsoft. CrowdStrike, still always near the top, but note that CyberArk and Cloudflare have cracked the top five in Okta, which as I just said was consistently at the top, has dropped well off its previous highs. You'll notice that Palo Alto Network Palo Alto Networks with a 38% net score, just below that magic 40% number, is healthy, especially as you look over to the right hand chart. Take a look at Palo Alto with an N of 395. It is the largest of the independent pure play security firms, and has a very healthy net score, although one caution is that net score has dropped considerably since the beginning of the year, which is the case for most of the top 10 names. The only exception is Fortinet, they're the only ones that saw an increase since January in spending momentum as ETR measures it. Now this brings us to the four star security firms, that is those that hit the top 10 in both net score on the left hand side and market presence on the right hand side. So it's Microsoft, Palo Alto, CrowdStrike, Okta, still there even not accounting for a Auth 0, just Okta on its own. If you put in Auth 0, it's, it's even stronger. Adding then in Fortinet and Zscaler. So Microsoft, Palo Alto, CrowdStrike, Okta, Fortinet, and Zscaler. And as we've mentioned since January, only Fortinet has shown an increase in net score since, since that time, again, since the January survey. Now again, this talks to the compression in spending. Now one of the big themes we hear constantly in cybersecurity is the market is overcrowded. Everybody talks about that, me included. The implication there, is there's a lot of room for consolidation and that consolidation can come in the form of M&A, or it can come in the form of people consolidating onto a single platform, and retiring some other vendors, and getting rid of duplicate vendors. We're hearing that as a big theme as well. Now, as we saw in the previous, previous chart, this is a very crowded market and we've seen lots of consolidation in 2022, in the form of M&A. Literally hundreds of M&A deals, with some of the largest companies going private. SailPoint, KnowBe4, Barracuda, Mandiant, Fedora, these are multi billion dollar acquisitions, or at least billion dollars and up, and many of them multi-billion, for these companies, and hundreds more acquisitions in the cyberspace, now less you think the pond is overfished, here's a chart from ETR of emerging tech companies in the cyber security industry. This data comes from ETR's Emerging Technologies Survey, ETS, which is this diamond in a rough that I found a couple quarters ago, and it's ripe with companies that are candidates for M&A. Many would've liked, many of these companies would've liked to, gotten to the public markets during the pandemic, but they, you know, couldn't get there. They weren't ready. So the graph, you know, similar to the previous one, but different, it shows net sentiment on the vertical axis and that's a measurement of, of, of intent to adopt against a mind share on the X axis, which measures, measures the awareness of the vendor in the community. So this is specifically a survey that ETR goes out and, and, and fields only to track those emerging tech companies that are private companies. Now, some of the standouts in Mindshare, are OneTrust, BeyondTrust, Tanium and Endpoint, Net Scope, which we've talked about in previous Breaking Analysis. 1Password, which has been acquisitive on its own. In identity, the managed security service provider, Arctic Wolf Network, a company we've also covered, we've had their CEO on. We've talked about MSSPs as a real trend, particularly in small and medium sized business, we'll come back to that, Sneek, you know, kind of high flyer in both app security and containers, and you can just see the number of companies in the space this huge and it just keeps growing. Now, just to make it a bit easier on the eyes we filtered the data on these companies with with those, and isolated on those with more than a hundred responses only within the survey. And that's what we show here. Some of the names that we just mentioned are a bit easier to see, but these are the ones that really stand out in ERT, ETS, survey of private companies, OneTrust, BeyondTrust, Taniam, Netscope, which is in Cloud, 1Password, Arctic Wolf, Sneek, BitSight, SecurityScorecard, HackerOne, Code42, and Exabeam, and Sim. All of these hit the ETS survey with more than a hundred responses by, by the IT practitioners. Okay, so these firms, you know, maybe they do some M&A on their own. We've seen that with Sneek, as I said, with 1Password has been inquisitive, as have others. Now these companies with the larger footprint, these private companies, will likely be candidate for both buying companies and eventually going public when the markets settle down a bit. So again, no shortage of players to affect consolidation, both buyers and sellers. Okay, so let's finish with some key questions that we're watching. CrowdStrike in particular on its earnings calls cited softness from smaller buyers. Is that because these smaller buyers have stopped adopting? If so, are they more at risk, or are they tactically moving toward the easy button, aka, Microsoft's good enough approach. What does that mean for the market if smaller company cohorts continue to soften? How about MSSPs? Will companies continue to outsource, or pause on on that, as well as try to free up, to try to free up some budget? Adam Celiski at Reinvent last week said, "If you want to save money the Cloud's the best place to do it." Is the cloud the best place to save money in cyber? Well, it would seem that way from the standpoint of controlling budgets with lots of, lots of optionality. You could dial up and dial down services, you know, or does the Cloud add another layer of complexity that has to be understood and managed by Devs, for example? Now, consolidation should favor the likes of Palo Alto and CrowdStrike, cause they're platform players, and some of the larger players as well, like Cisco, how about IBM and of course Microsoft. Will that happen? And how will economic uncertainty impact the risk equation, a particular concern is increase of tax on vulnerable sectors of the population, like the elderly. How will companies and governments protect them from scams? And finally, how many cybersecurity companies can actually remain independent in the slingshot economy? In so many ways the market is still strong, it's just that expectations got ahead of themselves, and now as earnings forecast come, come, come down and come down to earth, it's going to basically come down to who can execute, generate cash, and keep enough runway to get through the knothole. And the one certainty is nobody really knows how tight that knothole really is. All right, let's call it a wrap. Next week we dive deeper into Palo Alto Networks, and take a look at how and why that company has held up so well and what to expect at Ignite, Palo Alto's big user conference coming up later this month in Las Vegas. We'll be there with theCube. Okay, many thanks to Alex Myerson on production and manages the podcast, Ken Schiffman as well, as our newest edition to our Boston studio. Great to have you Ken. Kristin Martin and Cheryl Knight help get the word out on social media and in our newsletters. And Rob Hof is our EIC over at Silicon Angle. He does some great editing for us. Thank you to all. Remember these episodes are all available as podcasts. Wherever you listen, just search Breaking Analysis podcast. I publish each week on wikibond.com and siliconangle.com, or you can email me directly David.vellante@siliconangle.com or DM me @DVellante, or comment on our LinkedIn posts. Please do checkout etr.ai, they got the best survey data in the enterprise tech business. This is Dave Vellante for theCube Insights powered by ETR. Thanks for watching, and we'll see you next time on Breaking Analysis. (upbeat music)

(gentle music) >> Good morning, fellow cloud nerds, and welcome back to day four of AWS re:Invent. We are here in fabulous Las Vegas, Nevada. I'm joined by my cohost Paul Gillin. I'm Savannah Peterson. We're on theCUBE. Paul, how you doing? You doing well? >> We're staggering to the conclusion. >> (laughing) It's almost the end then. >> And I say that only talking about my feet. This event is still going strong. The great keynote this morning by Werner Vogels about system architecture and really teaching 70,000 people how to design systems. AWS really taking advantage of this event to educate its customer base and- >> So much education here. >> Yeah, and that was a fantastic sort of cap to the keynotes we've seen this week. >> Yeah, I'm impressed Paul, our first AWS re:Invent. I think we're doing pretty good all things considered. >> Well, we're still alive. >> And our next guest actually looks like he's been sleeping this week, which is remarkable. Please welcome Ayal to the show. Ayal, how you doing today? >> I'm good, I'm good. Thank you for having me. >> It's our pleasure. You're with Anjuna. >> Yes. >> Just in case the audience isn't familiar, what's Anjuna? >> Anjuna is an enterprise security company. We focus in the space of confidential computing. And essentially we enable people to run anything they want in any environment with complete security and privacy. >> Which is a top priority for pretty much every single person here. >> Ayal: That is true. >> Now, confidential computing, I keep hearing that term. >> Yeah, let's go there. >> Is it, I mean, is there a trademark associated with it? Is there a certification? Is the concept or is it actually a set of principles and frameworks? >> Savannah: Give us the scoop. >> Yeah, so confidential computing is essentially a set of technologies that were added to the hardware itself, to the CPU, and now to GPUs by the hardware vendors. So Intel, AMD, Arm, Nvidia AWS with their own hardware solution for this. And essentially what it allows you to do is to run workloads on top of the CPU and the GPU in a way that even if somebody gets full access to the infrastructure, you know, root access, physical access, they're not going to have any access to the data and the code running on top of it. And as you can imagine in cloud environments, this is extremely, extremely (indistinct). >> And this done through encryption? >> It involves encryption. If you go one step deeper, it involves protecting the data while it's running, data and memory, when the application is processing it. Which is always been the missing piece in terms of where you protect data. >> So I got excited when I looked at the show notes because you are serving some of the most notoriously security strict customers in the market. Can you tell us about the Israeli Ministry of Defense? >> Sure. So essentially what we do with the Israel Ministry of Defense and other customers, especially on the on the government side, one of the challenges government has is that they have to, if they want security and privacy in the cloud, they have to use something like a gov cloud. And sometimes that makes sense, but sometimes either the gov cloud is not ready because of legal battles or just it takes time to set it up. In some countries, it's just not going to make financial sense for the clouds to create a gov cloud. So what we do is we enable them to run in the commercial cloud with the security and privacy of a gov cloud. >> Was that, I can imagine, so you took them to the public cloud, correct? >> Ayal: Yes. >> Was that a challenging process? When I think of national security, I can imagine a business transformation like that would be a little nerve-wracking. >> Oh, definitely. It was a long process and they went like, "This is probably one of the best security experts on the planet." And they went extremely deep in making sure that this aligns with what they would be able to do to actually move sensitive data to the commercial cloud. Which, obviously, that the requirements are higher than anything I've ever seen from anybody else. And the fact that they were willing to publicly talk about this and be a public reference for us shows the level of confidence that they have in the underlying technology, in the security and privacy that this allows them to achieve. >> We still hear reservations, particularly from heavily regulated industries, about moving into the cloud. Concerns about security, data ownership, shared responsibility. >> Ayal: Yes. >> Are those real, are those valid? Or is the technology foundation now strong enough that they should not be worried about those things? >> Yeah, this is an excellent question, because the the shared responsibility model, is exactly sort of the core of what this is about. The shared responsibility model essentially means the cloud's, sort of by definition, the cloud is somebody else managing the infrastructure for you, right? And if somebody's managing the infrastructure for you they have full access to what you do on top of that infrastructure. That's almost the definition. And that's always been sort of one of the core security problems that was never solved. Confidential computing solves this. It means that you can use the cloud without the clouds having any access to what you do on top of their infrastructure. And that means that if the clouds get hacked, your data is safe. If an employee of the cloud decides to get access to your data, they can't. They just don't have any access. Or if the government comes to the cloud with a subpoena, the clouds can't give them access to your data, which is obviously very important for European customers and other customers outside of the US. So this is essentially what confidential computing does and it allows to break that shared responsibility model, where you as the customer get full control of your data back. >> Now, do you need the hardware foundation to do that? Or are you solving this problem in software? >> No. So we do need a hardware foundation for this which is now available in every cloud. And it's part of every server CPU that Intel ship, that AMD ship. This is part of almost every data center in AWS. But what we bring to the table at Anjuna, is every time there was a fundamental shift in computer architecture, you needed a software stack on top of it to essentially make it usable. And I think the best last example was VMware, right? But virtualization was extremely powerful technology that nobody was using until VMware built a software stack to make it super simple to virtualize anything. And to some extent that was the birth of the public cloud. We would never have a public cloud without virtualization. We're seeing the same level of shift now with confidential computing on the hardware side. And all the large players are behind this. They're all part of the confidential computing consortium that pushes this. But the challenge customers are running into, is for them to go use this they have to go refactor and rebuild every application. >> Why? >> And nobody's going to go do that. And that's exactly what we help them with. >> Yeah. >> In terms of why, as part of confidential computing, what it essentially means is that the operating system is outside the cross cycle. You, you don't want to cross the operating system because you don't want somebody with root access to have any access to your data. And what this means is every application obviously communicates with the operating system pretty often, right? To send something to the network or some, you know, save something to the file system, which means you have to re-architect your application and break it into two: a confidential piece and a piece that's communicating with the operating system and build some channel for the two sides to communicate. Nobody's going to go do that for every application. We allow you to essentially do something like Anjuna run application and it just runs in a confidential computing environment. No changes. >> Let's talk a little bit more about that. So when we're thinking about, I think we've talked a little bit about it, but I think there's a myth of control when we're talking about on-prem. Everybody thinks that things are more secure. >> Right. >> It's not the case. Tell us how enterprise security changes once when a customer has adopted Anjuna. >> Yeah, so I think you're absolutely right. I think the clouds can put a lot more effort and expertise into bringing security than the data center. But you definitely have this sort of more sense of security in your data center because you own the full stack, right? It's your people, it's your servers, it's your networks in the cloud >> Savannah: It's in your house, so to speak. Yeah. >> Exactly. And the cloud is the third party managing all that for you. And people get very concerned about that, and to some extent for a good reason. Because if a breach happens regardless of whose fault it is, the customer's going to be the one sort of left holding the bag and dealing with the aftermath of the breach. So they're right to be concerned. In terms of what we do, once you run things in confidential computing, you sort of solve the core problem of security. One of the core problems of security has always been when somebody gets access to the infrastructure especially root access to the infrastructure, it's game over. They have access to everything. And a lot of how security's been built is almost like these bandaid solutions to try to solve. Like perimeter security is how do I make sure nobody gets access to the infrastructure if they don't need to, right? All these detection solutions is once they're in the infrastructure, how do I detect that they've done something they shouldn't have? A lot of the vulnerability management is how do I make sure everything is patched? Because if somebody gets access how do I make sure they don't get root access? And then they really get access to everything. And conversation computing solves all of that. It solves the root cause, the root problem. So even if somebody gets root access, even if somebody has full access to the infrastructure, they don't have access to anything, which allows you to one, essentially move anything you want to the public cloud regardless, of the sensitivity of it, but also get rid of a lot of these other sort of bandaid solutions that you use today to try to stop people from getting that access because it doesn't matter anymore. >> Okay. So cyber security is a one and a half trillion dollar industry, growing at over 10% a year. Are you saying that if organizations were to adopt confidential computing universally that industry would not be necessary? >> No, I think a lot of it will have to change with confidential computing. Exactly, like the computer industry changed with virtualization. If you had asked when VMware just got started if the data centers are going to like, "Oh, this is going to happen," I don't think anybody could have foreseen this. But this is exactly what virtualization did. Confidential computing will change the the security industry in a massive way, but it doesn't solve every security problem. What it essentially does is it moves the perimeter from the machine itself, which used to be sort of the smallest atom, to be around the workload. And what happens in the machine doesn't matter anymore. You still need to make sure that your workload is protected. So companies that make sure that you write secure code are still going to be needed. Plus you're going to need security for things like denial of service. Because if somebody runs, you know, gets access to their infrastructure, they can stop you from running but your data is going to be protected. You're not going to need any of these data protection solutions around the box anymore. >> Let's hang out there for a second. Where do you see, I mean what an exciting time to be you, quite frankly, and congratulations on all of your success so far. Where are we going in the next two to five years? >> Yeah, I think with confidential computing the first thing that this is going to enable is essentially moving everything to the public cloud. I think the number one concern with the cloud kind of like you mentioned, is security and privacy. >> Savannah: Right. >> And this essentially eliminates that need. And that's why the clouds are so excited about this. That's why AWS talks about it. And I think Steve Schmidt, the of CISO of Amazon, used to be the CISO of AWS, talks about confidential computing as the future of data security and privacy. And there's a reason why he does that. We've seen other clouds talk about this and push this. That's why the clouds are so excited about this. But even more so again, I think over time this will allow you to essentially remove a lot of the security tools that exist there, kind of reimagine security in a better way. >> Savannah: Clean it up a little bit. Yeah. >> Exactly. And over time, I think it's going to change the world of compute even more because one of the things this allows you to do is the closer you get to the edge, the more security and privacy problems you have. >> Savannah: Right. And so many variables. >> Exactly. And it's basically out there in the wild, and people can get physical access. >> Quite literally a lot of the time, yeah. >> Exactly. And what confidential computing does, it provides that complete security and privacy regardless of even if somebody has physical access, which will allow you to move workloads much closer to the edge or to the edge itself instead of sending everything back to your backend to process things. >> We have interviewed a number of security companies here during this event, and I have to say, confidential computing has never come up. They don't talk about it. Why is that? Is there an awareness problem? >> Savannah: Are they threatened? >> Yeah, so I think the biggest, and to some extent, this is exactly like I kept bringing up VMware. Like VMware's, you can think of Salesforce, when they talked about SaaS, they sort of embedded the concept of SaaS. No other company on the planet was talking about SaaS. They created a new category and now almost everything is SaaS. VMware with virtualization, right? Nobody was using it, and now, almost everything is virtualized. Confidential computing is a new way of doing things. It's basically a kind have to shift the way of how you think about security and how you think about privacy. And this is exactly what we're seeing. I don't expect other security companies to talk about this. And to some extent, one of the things I've realized that we're almost more of an infrastructure company than a security company, because we bake security to be part of the infrastructure. But we're seeing more and more the clouds talk about this. The CPU vendors talk about this. We talk to customers more and more. Like almost every large bank I talk to now has a confidential computing strategy for 2023. This is now becoming part of the mainstream. And yeah, security companies will have to adopt or die if they don't fit into that new world that it is going to create >> This is the new world order, baby, get on the train or get left behind. >> Ayal: Exactly. >> I love it. This is a really fascinating conversation and honestly what you're doing makes so much sense. Yeah, you don't need me to validate your business model, but I will, just for the sake of that. >> Thank you. >> We have a new challenge here at re:Invent on theCUBE where we are looking for your 30 second Instagram reel hot take, thought leadership. What's the biggest theme, key takeaway from the show or experience this year for you? >> Yeah, so for me, obviously focusing on confidential computing. I think this is just going to be similar to how no network was encrypted 10 years ago and today every network is encrypted with TLS and HTTPS. And how five years ago no disc was encrypted, and today every disc is encrypted with disc encryption. The one missing piece is memory. Memory is where data is exposed now. I think within a few years all memory is going to be encrypted and it's just going to change two industries: the security industry as well as the computer industry. >> Paul: Does that include cache memory? >> What's that? >> Does that include cache memory? >> That is encrypting the RAM essentially. So everything, this is the one last place where data is not encrypted, and that's exactly what confidential computing brings to the table. >> Are there any performance concerns with encrypting memory? >> That's a phenomenal question. One of the really nice things about confidential computing is that the heavy lifting is done by the hardware vendors themselves as part of the hardware and not part of the critical path in the CPU. It's very similar to the TLS acceleration cards, if you remember those, which allows us to be extremely, extremely performant. And that's why I think this is going to be for everything. Because every time we had a security solution that had no performance impact and was super simple to use it just became the default, because why wouldn't you use it for everything? >> Ayal, this has been absolutely fascinating. We could talk to you all day. Unfortunately, we're out of time. But really thank you so much for coming on the show. Now, we feel more confident in terms of our confidential computing knowledge and definitely learned a lot. Thank all of you for tuning in to our fantastic four day live stream at AWS re:Invent here in Sin City with Paul Gillin. I'm Savannah Peterson. You're watching theCUBE, the leader in high tech coverage. (gentle music)

(bright upbeat music) >> Good morning fellow cloud community nerds and welcome back to theCube's live coverage of AWS re:Invent, we're here in fabulous Las Vegas, Nevada. You can tell by my sequence. My name's Savannah Peterson and I'm delighted to be here with theCUBE. Joining me this morning is a packed house. We have three fabulous guests from AWS's global startup program. Immediately to my right is Eric. Eric, welcome to the show. >> Thank you. >> We've also got Jimmy and Jeff. Before we get into the questions, how does it feel? This is kind of a show off moment for you all. Is it exciting to be back on the show floor? >> Always, I mean, you live for this event, right? I mean, we've got 50,000. >> You live for this? >> Yeah, I mean, 50,000 customers. Like we really appreciate the fact that time, money and resources they spend to be here. So, yeah, I love it. >> Savanna: Yeah, fantastic. >> Yeah, everyone in the same place at the same time, energy is just pretty special, so, it's fun. >> It is special. And Jimmy, I know you joined the program during the pandemic. This is probably the largest scale event you've been at with AWS. >> First time at re:Invent. >> Welcome >> (mumbles) Customers, massive. And I love seeing some of the startups that I partner with directly behind me here from theCUBE set as well. >> Yeah, it's fantastic. First time on theCUBE, welcome. >> Jimmy: Thank you. >> We hope to have you back. >> Jimmy: Proud to be here. >> Jimmy, I'm going to keep it on you to get us started. So, just in case someone hasn't heard of the global startup program with AWS. Give us the lay of the land. >> Sure, so flagship program at AWS. We partner with venture backed, product market fit B2B startups that are building on AWS. So, we have three core pillars. We help them co-built, co-market, and co-sell. Really trying to help them accelerate their cloud journey and get new customers build with best practices while helping them grow. >> Savanna: Yeah, Jeff, anything to add there? >> Yeah, I would say we try our best to find the best technology out there that our customers are demanding today. And basically, give them a fast track to the top resources we have to offer to help them grow their business. >> Yeah, and not a casual offering there at AWS. I just want to call out some stats so everyone knows just how many amazing startups and businesses that you touch. We've talked a lot about unicorns here on the show, and one of Adam's quotes from the keynote was, "Of the 1200 global unicorns, 83% run on AWS." So, at what stage are most companies trying to come and partner with you? And Eric we'll go to you for that. >> Yeah, so I run the North American startup team and our mission is to get and support startups as early as inception as possible, right? And so we've got kind of three, think about three legs of stool. We've got our business development team who works really closely with everything from seed, angel investors, incubators, accelerators, top tier VCs. And then we've got a sales team, we've got a BD team. And so really, like we're even looking before customers start even building or billing, we want to find those stealth startups, help them understand kind of product, where they fit within AWS, help them understand kind of how we can support them. And then as they start to build, then we've got a commercial team of solution architects and sales professionals that work with them. So, we actually match that life cycle all the way through. >> That's awesome. So, you are looking at seed, stealth. So, if I'm a founder listening right now, it doesn't matter what stage I'm at. >> No, I mean, really we want to get, and so we have credit programs, we have enablement programs, focus everything from very beginning to hyper scale. And that's kind of how we think about it. >> That's pretty awesome. So Jeff, what are the keys to success for a startup in working with you all? >> Yeah, good question. Highly differentiated technology is absolutely critical, right? There's a lot of startups out there but finding those that have differentiated technology that meets the demands of AWS customers, by far the biggest piece right there. And then it's all about figuring out how to lean into the partnership and really embrace what Jimmy said. How do you do the co build, the co-marketing, co-sell to put the full package together to make sure that your software's going to have the greatest visibility with our customers out there. >> Yeah, I love that. Jimmy, how do you charm them? What do the startups see in working with AWS? (indistinct) >> But that aside, Jeff just alluded to it. It's that better together story and it takes a lot of buy-in from the partner to get started. It is what we say, a partner driven flywheel. And the successful partners that I work with understand that and they're committing the resources to the relationship because we manage thousands and thousands of startups and there's thousands listed on Marketplace. And then within our co-sell ISV Accelerate program, there's hundreds of startups. So startups have to, one, differentiate themselves with their technology, but then two, be able to lean in to do the tactical engagement that myself and my PDM peers help them manage. >> Awesome, yeah. So Eric. >> Yes. >> Let's say I talk to a lot of founders because I do, and how would I pitch an AWS partnership through the global startup program to them? >> Yeah, well, so this... >> Give me my sound back. >> Yeah, yeah, look for us, like it's all about scaling your business, right? And so my team, and we have a partnership. I run the North American startup team, they run the global startup program, okay? So what my job is initially is to help them build up their services and their programs and products. And then as they get to product market fit, and we see synergy with selling with Amazon, the whole idea is to lead them into the go-to market programs, right? And so really for us, that pitch is this, simply put, we're going to help you extend your reach, right? We're going to take what you know about your service and having product market fit understanding your sales cycle, understanding your customer and your value, and then we're going to amplify that voice. >> Sounds good to me, I'm sold. I like that, I mean, I doubt there's too many companies with as much reach as you have. Let's dig in there a little bit. So, how much is the concentration of the portfolio in North America versus globally? I know you've got your fingers all over the place. >> Jimmy: Yeah. >> Go for it, Jeff. >> Jimmy: Well, yeah, you start and I'll... >> On the partnership side, it's pretty balanced between North America and AMEA and APJ, et cetera, but the type of partners is very different, right? So North America, we have a high focus on infrastructure led partners, right? Where that might be a little different in other regions internationally. >> Yeah, so I have North America, I have a peer that has AMEA, a peer that has Latin America and a peer that has APJ. And so, we have the startup team which is global, and we break it up regionally, and then the global startup program, which is partnership around APN, Amazon Partner Network, is also global. So like, we work in concert, they have folks married up to our team in each region. >> Savannah, what I'm hearing is you want do a global startup showcase? >> Yeah. (indistinct) >> We're happy to sponsor. >> Are you reading my mind? We are very aligned, Jimmy. >> I love it, awesome. >> I'm going to ask you a question, since you obviously are in sync with me all ready. You guys see what you mentioned, 50,000 startups in the program? 100, 000, how many? >> Well you're talking about for the global startup program, the ISV side? >> Sure, yeah, let's do both the stats actually. >> So, the global startup program's a lot smaller than that, right? So globally, there might be around 1,000 startups that are in the program. >> Savanna: Very elite little spot. >> Now, a lot bigger world on Eric's side. >> Eric: Yeah, globally over 200,000. >> Savanna: Whoa. >> Yeah, I mean, you think about, so just think about the... >> To keep track, those all in your head? >> Yeah, I can't keep track. North America's quite large. Yeah, no, because look, startups are getting created every day, right? And then there's positive exits and negative exits, right? And so, yeah, I mean, it's impressive. And particularly over the last two years, over the last two years are a little bit crazy, bonkers with the money coming. (mumbles) And yet the creation that's going to happen right now in the market disruption is going to mirror what happened in 2008, 2009. And so, the creation is not going to slow down. >> Savanna: No, hopefully not. >> No. >> No, and our momentum, I mean everyone's doing things faster, more data, it's all that we're talking about, do more and make it easier for everybody in the same central location. Jimmy, of those thousand global startups that you're working with, can you tell us some of the trends? >> Yeah, so I think one of the big things, especially, I cover data analytics startups specifically. So, one moving from batch to real time analytics. So, whether that's IOT, gaming, leader boards, querying data where it sits in an AWS data, like companies need to make operational decisions now and not based off of historic data from a week ago or last night or a month ago. So, that's one. And then I'm going to steal one of John's lines, is data is code. That is becoming that base layer that a lot of startups are building off of and operationalizing. So, I think those are the two big things I'm seeing, but would love... >> Curious to both, Jeff, let's go to you next, I'm curious, yeah. >> Yeah, totally. I think from a broader perspective, the days of completely free money and infinite resources are coming to a close, if not already closed. >> We all work with startups, we can go ahead and just talk about all the well is just a little (indistinct)... >> So, I think it's closed, and so because of that, it's how do you deal with a lot? How do you produce the results on the go to market side with fewer resources, right? And so it's incumbent on our team to figure out how to make it an easier, simpler process to partner with AWS, knowing those constraints are very real now. >> Savanna: Yeah. >> Yeah. >> Yeah, and to build on that. I think mid stage, it's all about cash preservation, right? And it's in that runway... >> Especially right now. >> Yeah, and so part of that is getting into the right infrastructure, when you had a lot of people, suddenly you don't have as many people moving into managed services, making sure that you can scale at a cost efficient way versus at any cost. That's kind of the latter stage. Now what's really been fascinating more at the at the early stages, I call it the rise of the AIML native. And so, where you say three years ago, you saw customers bolting on AI, now they're building AI from the start, right? And that's pervasive across every industry, whether it's in FinTech, life sciences, healthcare, climate tech, you're starting to see it all the way across the board. And then of course the other thing is, yeah, the other one is just the rise of just large language models, right? And just, I think there's the hype and there's the promise, but you know, over time, like the amount of customers big and small, whom are used in large language models is pretty fascinating. >> Yeah, you must have fascinating jobs. I mean, genuinely, it's so cool to get to not only see and have your finger on the pulse of what's coming next, essentially that's what startups are, but also be able to support them and to collaborate with them. And it's clear, the commitment to community and to the customers that you're serving. Last question for each of you, and then we're talking about your DJing. >> Oh yeah, I definitely, I want to see that. >> No, we're going to close with that as a little pitch for everyone watching this show. So, we make sure the crowd's just packed for that. This is your show, as you said, you live for this show, love that. >> Yeah. >> Give us your 30 second hot take, most important soundbites, think of this as your thought leadership shining moment. What's the biggest takeaway from the show? Biggest trend, thing that has you most excited? >> Oh, that's a difficult one. There's a lot going on. >> There is a lot going on. I mean, you can say a couple things. I'll allow you more than 30 seconds if you want. >> No, I mean, look, I just think the, well, what's fascinating to me in having this is my third or fourth re:Invent is just the volume of new announcements that come out. It's impressive, right? I mean it's impressive in terms of number of services, but then the depth of those services and the building on, I think it's just really amazing. I think that the trend you're going to continue to see and there's going to be more keynotes tomorrow, so, I can't let anything out. But just the AI, ML, real excited about that, analytic space, serverless, just continue to see the maturation of that space, particularly for startups. I think that to me is what's really exciting. And just seeing folks come together, start exchanging ideas, and I think the last piece I'll do is a pitch for my own team, like we have like 18 different sessions from the North American startup team. And so, I mean, shout out to our solution architects putting those sessions together, geared towards startups for startups, and so, that's probably what I'm most excited about. >> Casual, that was good, and you pitched it in time. I think that was great. >> There you go. >> All right, Jeff, you just had a little practice time while he was going. Let's (indistinct). >> No, so it's just exciting to see all the partners that we support here, so many of them have booths here and are showcasing their technology. And being able to connect them with customers to show how advanced their capabilities are that they're bringing to the table to supplement and compliment all the new capabilities that AWS is launching. So, to be able to see all of that in the same place at the same time and really hear what they need from a partnership perspective, that's what's special for us. >> Savanna: This is special. All right, Jimmy. >> My thoughts on re:Invent or? >> Not DJ yet. >> Not DJ. Not DJ, but I mean, your first re:Invent. Probably your first time getting to interact with a lot of the people that you chat with face to face. How does it feel? What's your hot take? Your look through the crystal ball, if you want to take it farther out in front. >> I think it's finally getting FaceTime with some of the relationships that I've built purely over Chime and virtual calls over the past two years has been incredible. And then secondly, to the technical enablement piece, I can announce this 'cause it was already announced earlier, is AWS Security Lake, one of my partners, Cribl, was actually a launch partner for that service. So, a little too to the Horn for Global Startup program, one of the coolest things at the tactical level as a PDM is working with them throughout the year and my partner solution architect finding these unique alignment opportunities with native AWS services and then seeing it build all the way through fruition at the finish line, announced at re:Invent, their logo up on screen, like that's, I can sleep well tonight. >> Job well done. >> Yeah. >> Yeah. >> That's pretty cool. >> That is cool. >> So, I've already told you before you even got here that you're a DJ and you happen to be DJing at re:Invent. Where can we all go dance and see you? >> So, shout out to Mission Cloud, who has sponsored Tao, Day Beach Club on Wednesday evening. So yes, I do DJ, I appreciate AWS's flexibility work life balance. So, I'll give that plug right here as well. But no, it's something I picked up during COVID, it's a creative outlet for me. And then again, to be able to do it here is just an incredible opportunity. So, Wednesday night I hope to see all theCUBE and everyone that... >> We will definitely be there, be careful what you wish for. >> What's your stage name? >> Oh, stage name, DJ Hot Hands, so, find me on SoundCloud. >> DJ Hot Hands. >> All right, so check out DJ Hot Hands on SoundCloud. And if folks want to learn more about the Global Startup program, where do they go? >> AWS Global Startup Program. We have a website you can easily connect with. All our startups are listed on AWS Marketplace. >> Most of them are Marketplace, you can go to our website, (mumbles) global startup program and yeah, find us there. >> Fantastic. Well, Jeff, Jimmy, Eric, it was an absolute pleasure starting the day. We got startups for breakfast. I love that. And I can't wait to go dance to you tomorrow night or tonight actually. I'm here for the fist bumps. This is awesome. And you all are great. Hope to have you back on theCUBE again very soon and we'll have to coordinate on that global Startup Showcase. >> Jimmy: All right. >> I think it's happening, 2023, get ready folks. >> Jimmy: Here we go. >> Get ready. All right, well, this was our first session here at AWS re:Invent. We are live from Las Vegas, Nevada. My name is Savannah Peterson, we're theCUBE, the leader in high tech reporting. (bright upbeat music)

(upbeat music) >> We are back, approaching the finish line here at Supercomputing 22, our last interview of the day, our last interview of the show. And I have to say Dave Nicholson, my co-host, My name is Paul Gillin. I've been attending trade shows for 40 years Dave, I've never been to one like this. The type of people who are here, the type of problems they're solving, what they talk about, the trade shows are typically, they're so speeds and feeds. They're so financial, they're so ROI, they all sound the same after a while. This is truly a different event. Do you get that sense? >> A hundred percent. Now, I've been attending trade shows for 10 years since I was 19, in other words, so I don't have necessarily your depth. No, but seriously, Paul, totally, completely, completely different than any other conference. First of all, there's the absolute allure of looking at the latest and greatest, coolest stuff. I mean, when you have NASA lecturing on things when you have Lawrence Livermore Labs that we're going to be talking to here in a second it's a completely different story. You have all of the academics you have students who are in competition and also interviewing with organizations. It's phenomenal. I've had chills a lot this week. >> And I guess our last two guests sort of represent that cross section. Armando Acosta, director of HPC Solutions, High Performance Solutions at Dell. And Matt Leininger, who is the HPC Strategist at Lawrence Livermore National Laboratory. Now, there is perhaps, I don't know you can correct me on this, but perhaps no institution in the world that uses more computing cycles than Lawrence Livermore National Laboratory and is always on the leading edge of what's going on in Supercomputing. And so we want to talk to both of you about that. Thank you. Thank you for joining us today. >> Sure, glad to be here. >> For having us. >> Let's start with you, Armando. Well, let's talk about the juxtaposition of the two of you. I would not have thought of LLNL as being a Dell reference account in the past. Tell us about the background of your relationship and what you're providing to the laboratory. >> Yeah, so we're really excited to be working with Lawrence Livermore, working with Matt. But actually this process started about two years ago. So we started looking at essentially what was coming down the pipeline. You know, what were the customer requirements. What did we need in order to make Matt successful. And so the beauty of this project is that we've been talking about this for two years, and now it's finally coming to fruition. And now we're actually delivering systems and delivering racks of systems. But what I really appreciate is Matt coming to us, us working together for two years and really trying to understand what are the requirements, what's the schedule, what do we need to hit in order to make them successful >> At Lawrence Livermore, what drives your computing requirements I guess? You're working on some very, very big problems but a lot of very complex problems. How do you decide what you need to procure to address them? >> Well, that's a difficult challenge. I mean, our mission is a national security mission dealing with making sure that we do our part to provide the high performance computing capabilities to the US Department of Energy's National Nuclear Security Administration. We do that through the Advanced Simulation computing program. Its goal is to provide that computing power to make sure that the US nuclear rep of the stockpile is safe, secure, and effective. So how we go about doing that? There's a lot of work involved. We have multiple platform lines that we accomplish that goal with. One of them is the advanced technology systems. Those are the ones you've heard about a lot, they're pushing towards exit scale, the GPU technologies incorporated into those. We also have a second line, a platform line, called the Commodity Technology Systems. That's where right now we're partnering with Dell on the latest generation of those. Those systems are a little more conservative, they're right now CPU only driven but they're also intended to be the everyday work horses. So those are the first systems our users get on. It's very easy for them to get their applications up and running. They're the first things they use usually on a day to day basis. They run a lot of small to medium size jobs that you need to do to figure out how to most effectively use what workloads you need to move to the even larger systems to accomplish our mission goals. >> The workhorses. >> Yeah. >> What have you seen here these last few days of the show, what excites you? What are the most interesting things you've seen? >> There's all kinds of things that are interesting. Probably most interesting ones I can't talk about in public, unfortunately, 'cause of NDA agreements, of course. But it's always exciting to be here at Supercomputing. It's always exciting to see the products that we've been working with industry and co-designing with them on for, you know, several years before the public actually sees them. That's always an exciting part of the conference as well specifically with CTS-2, it's exciting. As was mentioned before, I've been working with Dell for nearly two years on this, but the systems first started being delivered this past August. And so we're just taking the initial deliveries of those. We've deployed, you know, roughly about 1600 nodes now but that'll ramp up to over 6,000 nodes over the next three or four months. >> So how does this work intersect with Sandia and Los Alamos? Explain to us the relationship there. >> Right, so those three laboratories are the laboratories under the National Nuclear Security Administration. We partner together on CTS. So the architectures, as you were asking, how do we define these things, it's the labs coming together. Those three laboratories we define what we need for that architecture. We have a joint procurement that is run out of Livermore but then the systems are deployed at all three laboratories. And then they serve the programs that I mentioned for each laboratory as well. >> I've worked in this space for a very long time you know I've worked with agencies where the closest I got to anything they were actually doing was the sort of guest suite outside the secure area. And sometimes there are challenges when you're communicating, it's like you have a partner like Dell who has all of these things to offer, all of these ideas. You have requirements, but maybe you can't share 100% of what you need to do. How do you navigate that? Who makes the decision about what can be revealed in these conversations? You talk about NDA in terms of what's been shared with you, you may be limited in terms of what you can share with vendors. Does that cause inefficiency? >> To some degree. I mean, we do a good job within the NSA of understanding what our applications need and then mapping that to technical requirements that we can talk about with vendors. We also have kind of in between that we've done this for many years. A recent example is of course with the exit scale computing program and some things it's doing creating proxy apps or mini apps that are smaller versions of some of the things that we are important to us. Some application areas are important to us, hydrodynamics, material science, things like that. And so we can collaborate with vendors on those proxy apps to co-design systems and tweak the architectures. In fact, we've done a little bit that with CTS-2, not as much in CTS as maybe in the ATS platforms but that kind of general idea of how we collaborate through these proxy applications is something we've used across platforms. >> Now is Dell one of your co-design partners? >> In CTS-2 absolutely, yep. >> And how, what aspects of CTS-2 are you working on with Dell? >> Well, the architecture itself was the first, you know thing we worked with them on, we had a procurement come out, you know they bid an architecture on that. We had worked with them, you know but previously on our requirements, understanding what our requirements are. But that architecture today is based on the fourth generation Intel Xeon that you've heard a lot about at the conference. We are one of the first customers to get those systems in. All the systems are interconnected together with the Cornell Network's Omni-Path Network that we've used before and are very excited about as well. And we build up from there. The systems get integrated in by the operations teams at the laboratory. They get integrated into our production computing environment. Dell is really responsible, you know for designing these systems and delivering to the laboratories. The laboratories then work with Dell. We have a software stack that we provide on top of that called TOSS, for Tri-Lab Operating System. It's based on Redhead Enterprise Linux. But the goal there is that it allows us, a common user environment, a common simulation environment across not only CTS-2, but maybe older systems we have and even the larger systems that we'll be deploying as well. So from a user perspective they see a common user interface, a common environment across all the different platforms that they use at Livermore and the other laboratories. >> And Armando, what does Dell get out of the co-design arrangement with the lab? >> Well, we get to make sure that they're successful. But the other big thing that we want to do, is typically when you think about Dell and HPC, a lot of people don't make that connection together. And so what we're trying to do is make sure that, you know they know that, hey, whether you're a work group customer at the smallest end or a super computer customer at the highest end, Dell wants to make sure that we have the right setup portfolio to match any needs across this. But what we were really excited about this, this is kind of our, you know big CTS-2 first thing we've done together. And so, you know, hopefully this has been successful. We've made Matt happy and we look forward to the future what we can do with bigger and bigger things. >> So will the labs be okay with Dell coming up with a marketing campaign that said something like, "We can't confirm that alien technology is being reverse engineered." >> Yeah, that would fly. >> I mean that would be right, right? And I have to ask you the question directly and the way you can answer it is by smiling like you're thinking, what a stupid question. Are you reverse engineering alien technology at the labs? >> Yeah, you'd have to suck the PR office. >> Okay, okay. (all laughing) >> Good answer. >> No, but it is fascinating because to a degree it's like you could say, yeah, we're working together but if you really want to dig into it, it's like, "Well I kind of can't tell you exactly how some of this stuff is." Do you consider anything that you do from a technology perspective, not what you're doing with it, but the actual stack, do you try to design proprietary things into the stack or do you say, "No, no, no, we're going to go with standards and then what we do with it is proprietary and secret."? >> Yeah, it's more the latter. >> Is the latter? Yeah, yeah, yeah. So you're not going to try to reverse engineer the industry? >> No, no. We want the solutions that we develop to enhance the industry to be able to apply to a broader market so that we can, you know, gain from the volume of that market, the lower cost that they would enable, right? If we go off and develop more and more customized solutions that can be extraordinarily expensive. And so we we're really looking to leverage the wider market, but do what we can to influence that, to develop key technologies that we and others need that can enable us in the high forms computing space. >> We were talking with Satish Iyer from Dell earlier about validated designs, Dell's reference designs for for pharma and for manufacturing, in HPC are you seeing that HPC, Armando, and is coming together traditionally and more of an academic research discipline beginning to come together with commercial applications? And are these two markets beginning to blend? >> Yeah, I mean so here's what's happening, is you have this convergence of HPC, AI and data analytics. And so when you have that combination of those three workloads they're applicable across many vertical markets, right? Whether it's financial services, whether it's life science, government and research. But what's interesting, and Matt won't brag about, but a lot of stuff that happens in the DoE labs trickles down to the enterprise space, trickles down to the commercial space because these guys know how to do it at scale, they know how to do it efficiently and they know how to hit the mark. And so a lot of customers say, "Hey we want what CTS-2 does," right? And so it's very interesting. The way I love it is their process the way they do the RFP process. Matt talked about the benchmarks and helping us understand, hey here's kind of the mark you have to hit. And then at the same time, you know if we make them successful then obviously it's better for all of us, right? You know, I want to secure nuclear stock pile so I hope everybody else does as well. >> The software stack you mentioned, I think Tia? >> TOSS. >> TOSS. >> Yeah. >> How did that come about? Why did you feel the need to develop your own software stack? >> It originated back, you know, even 20 years ago when we first started building Linux clusters when that was a crazy idea. Livermore and other laboratories were really the first to start doing that and then push them to larger and larger scales. And it was key to have Linux running on that at the time. And so we had the. >> So 20 years ago you knew you wanted to run on Linux? >> Was 20 years ago, yeah, yeah. And we started doing that but we needed a way to have a version of Linux that we could partner with someone on that would do, you know, the support, you know, just like you get from an EoS vendor, right? Security support and other things. But then layer on top of that, all the HPC stuff you need either to run the system, to set up the system, to support our user base. And that evolved into to TOSS which is the Tri-Lab Operating System. Now it's based on the latest version of Redhead Enterprise Linux, as I mentioned before, with all the other HPC magic, so to speak and all that HPC magic is open source things. It's not stuff, it may be things that we develop but it's nothing closed source. So all that's there we run it across all these different environments as I mentioned before. And it really originated back in the early days of, you know, Beowulf clusters, Linux clusters, as just needing something that we can use to run on multiple systems and start creating that common environment at Livermore and then eventually the other laboratories. >> How is a company like Dell, able to benefit from the open source work that's coming out of the labs? >> Well, when you look at the open source, I mean open source is good for everybody, right? Because if you make a open source tool available then people start essentially using that tool. And so if we can make that open source tool more robust and get more people using it, it gets more enterprise ready. And so with that, you know, we're all about open source we're all about standards and really about raising all boats 'cause that's what open source is all about. >> And with that, we are out of time. This is our 28th interview of SC22 and you're taking us out on a high note. Armando Acosta, director of HPC Solutions at Dell. Matt Leininger, HPC Strategist, Lawrence Livermore National Laboratories. Great discussion. Hopefully it was a good show for you. Fascinating show for us and thanks for being with us today. >> Thank you very much. >> Thank you for having us >> Dave it's been a pleasure. >> Absolutely. >> Hope we'll be back next year. >> Can't believe, went by fast. Absolutely at SC23. >> We hope you'll be back next year. This is Paul Gillin. That's a wrap, with Dave Nicholson for theCUBE. See here in next time. (soft upbear music)

>>The cybersecurity landscape continues to be one characterized by a series of point tools designed to do a very specific job, often pretty well, but the mosaic of tooling is grown over the years causing complexity in driving up costs and increasing exposures. So the game of Whackamole continues. Moreover, the way organizations approach security is changing quite dramatically. The cloud, while offering so many advantages, has also created new complexities. The shared responsibility model redefines what the cloud provider secures, for example, the S three bucket and what the customer is responsible for eg properly configuring the bucket. You know, this is all well and good, but because virtually no organization of any size can go all in on a single cloud, that shared responsibility model now spans multiple clouds and with different protocols. Now that of course includes on-prem and edge deployments, making things even more complex. Moreover, the DevOps team is being asked to be the point of execution to implement many aspects of an organization's security strategy. >>This extends to securing the runtime, the platform, and even now containers which can end up anywhere. There's a real need for consolidation in the security industry, and that's part of the answer. We've seen this both in terms of mergers and acquisitions as well as platform plays that cover more and more ground. But the diversity of alternatives and infrastructure implementations continues to boggle the mind with more and more entry points for the attackers. This includes sophisticated supply chain attacks that make it even more difficult to understand how to secure components of a system and how secure those components actually are. The number one challenge CISOs face in today's complex world is lack of talent to address these challenges. And I'm not saying that SecOps pros are not talented, They are. There just aren't enough of them to go around and the adversary is also talented and very creative, and there are more and more of them every day. >>Now, one of the very important roles that a technology vendor can play is to take mundane infrastructure security tasks off the plates of SEC off teams. Specifically we're talking about shifting much of the heavy lifting around securing servers, storage, networking, and other infrastructure and their components onto the technology vendor via r and d and other best practices like supply chain management. And that's what we're here to talk about. Welcome to the second part in our series, A Blueprint for Trusted Infrastructure Made Possible by Dell Technologies and produced by the Cube. My name is Dave Ante and I'm your host now. Previously we looked at what trusted infrastructure means and the role that storage and data protection play in the equation. In this part two of the series, we explore the changing nature of technology infrastructure, how the industry generally in Dell specifically, are adapting to these changes and what is being done to proactively address threats that are increasingly stressing security teams. >>Now today, we continue the discussion and look more deeply into servers networking and hyper-converged infrastructure to better understand the critical aspects of how one company Dell is securing these elements so that dev sec op teams can focus on the myriad new attack vectors and challenges that they faced. First up is Deepak rang Garage Power Edge security product manager at Dell Technologies. And after that we're gonna bring on Mahesh Nagar oim, who was consultant in the networking product management area at Dell. And finally, we're close with Jerome West, who is the product management security lead for HCI hyperconverged infrastructure and converged infrastructure at Dell. Thanks for joining us today. We're thrilled to have you here and hope you enjoy the program. Deepak Arage shoes powered security product manager at Dell Technologies. Deepak, great to have you on the program. Thank you. >>Thank you for having me. >>So we're going through the infrastructure stack and in part one of this series we looked at the landscape overall and how cyber has changed and specifically how Dell thinks about data protection in, in security in a manner that both secures infrastructure and minimizes organizational friction. We also hit on the storage part of the portfolio. So now we want to dig into servers. So my first question is, what are the critical aspects of securing server infrastructure that our audience should be aware of? >>Sure. So if you look at compute in general, right, it has rapidly evolved over the past couple of years, especially with trends toward software defined data centers and with also organizations having to deal with hybrid environments where they have private clouds, public cloud locations, remote offices, and also remote workers. So on top of this, there's also an increase in the complexity of the supply chain itself, right? There are companies who are dealing with hundreds of suppliers as part of their supply chain. So all of this complexity provides a lot of opportunity for attackers because it's expanding the threat surface of what can be attacked, and attacks are becoming more frequent, more severe and more sophisticated. And this has also triggered around in the regulatory and mandates around the security needs. >>And these regulations are not just in the government sector, right? So it extends to critical infrastructure and eventually it also get into the private sector. In addition to this, organizations are also looking at their own internal compliance mandates. And this could be based on the industry in which they're operating in, or it could be their own security postures. And this is the landscape in which servers they're operating today. And given that servers are the foundational blocks of the data center, it becomes extremely important to protect them. And given how complex the modern server platforms are, it's also extremely difficult and it takes a lot of effort. And this means protecting everything from the supply chain to the manufacturing and then eventually the assuring the hardware and software integrity of the platforms and also the operations. And there are very few companies that go to the lens that Dell does in order to secure the server. We truly believe in the notion and the security mentality that, you know, security should enable our customers to go focus on their business and proactively innovate on their business and it should not be a burden to them. And we heavily invest to make that possible for our customers. >>So this is really important because the premise that I set up at the beginning of this was really that I, as of security pro, I'm not a security pro, but if I were, I wouldn't want to be doing all this infrastructure stuff because I now have all these new things I gotta deal with. I want a company like Dell who has the resources to build that security in to deal with the supply chain to ensure the providence, et cetera. So I'm glad you you, you hit on that, but so given what you just said, what does cybersecurity resilience mean from a server perspective? For example, are there specific principles that Dell adheres to that are non-negotiable? Let's say, how does Dell ensure that its customers can trust your server infrastructure? >>Yeah, like when, when it comes to security at Dell, right? It's ingrained in our product, so that's the best way to put it. And security is nonnegotiable, right? It's never an afterthought where we come up with a design and then later on figure out how to go make it secure, right? Our security development life cycle, the products are being designed to counter these threats right from the big. And in addition to that, we are also testing and evaluating these products continuously to identify vulnerabilities. We also have external third party audits which supplement this process. And in addition to this, Dell makes the commitment that we will rapidly respond to any mitigations and vulnerability, any vulnerabilities and exposures found out in the field and provide mitigations and patches for in attacking manner. So this security principle is also built into our server life cycle, right? Every phase of it. >>So we want our products to provide cutting edge capabilities when it comes to security. So as part of that, we are constantly evaluating what our security model is done. We are building on it and continuously improving it. So till a few years ago, our model was primarily based on the N framework of protect, detect and rigor. And it's still aligns really well to that framework, but over the past couple of years, we have seen how computers evolved, how the threads have evolved, and we have also seen the regulatory trends and we recognize the fact that the best security strategy for the modern world is a zero trust approach. And so now when we are building our infrastructure and tools and offerings for customers, first and foremost, they're cyber resilient, right? What we mean by that is they're capable of anticipating threats, withstanding attacks and rapidly recurring from attacks and also adapting to the adverse conditions in which they're deployed. The process of designing these capabilities and identifying these capabilities however, is done through the zero press framework. And that's very important because now we are also anticipating how our customers will end up using these capabilities at there and to enable their own zero trust IT environments and IT zero trusts deployments. We have completely adapted our security approach to make it easier for customers to work with us no matter where they are in their journey towards zero trust option. >>So thank you for that. You mentioned the, this framework, you talked about zero trust. When I think about n I think as well about layered approaches. And when I think about zero trust, I think about if you, if you don't have access to it, you're not getting access, you've gotta earn that, that access and you've got layers and then you still assume that bad guys are gonna get in. So you've gotta detect that and you've gotta response. So server infrastructure security is so fundamental. So my question is, what is Dell providing specifically to, for example, detect anomalies and breaches from unauthorized activity? How do you enable fast and easy or facile recovery from malicious incidents, >>Right? What is that is exactly right, right? Breachers are bound to happen and given how complex our current environment is, it's extremely distributed and extremely connected, right? Data and users are no longer contained with an offices where we can set up a perimeter firewall and say, Yeah, everything within that is good. We can trust everything within it. That's no longer true. The best approach to protect data and infrastructure in the current world is to use a zero trust approach, which uses the principles. Nothing is ever trusted, right? Nothing is trusted implicitly. You're constantly verifying every single user, every single device, and every single access in your system at every single level of your ID environment. And this is the principles that we use on power Edge, right? But with an increased focus on providing granular controls and checks based on the principles of these privileged access. >>So the idea is that service first and foremost need to make sure that the threats never enter and they're rejected at the point of entry, but we recognize breaches are going to occur and if they do, they need to be minimized such that the sphere of damage cost by attacker is minimized so they're not able to move from one part of the network to something else laterally or escalate their privileges and cause more damage, right? So the impact radius for instance, has to be radius. And this is done through features like automated detection capabilities and automation, automated remediation capabilities. So some examples are as part of our end to end boot resilience process, we have what they call a system lockdown, right? We can lock down the configuration of the system and lock on the form versions and all changes to the system. And we have capabilities which automatically detect any drift from that lockdown configuration and we can figure out if the drift was caused to authorized changes or unauthorized changes. >>And if it is an unauthorize change can log it, generate security alerts, and we even have capabilities to automatically roll the firm where, and always versions back to a known good version and also the configurations, right? And this becomes extremely important because as part of zero trust, we need to respond to these things at machine speed and we cannot do it at a human speed. And having these automated capabilities is a big deal when achieving that zero trust strategy. And in addition to this, we also have chassis inclusion detection where if the chassis, the box, the several box is opened up, it logs alerts, and you can figure out even later if there's an AC power cycle, you can go look at the logs to see that the box is opened up and figure out if there was a, like a known authorized access or some malicious actor opening and chain something in your system. >>Great, thank you for that lot. Lot of detail and and appreciate that. I want to go somewhere else now cuz Dell has a renowned supply chain reputation. So what about securing the, the supply chain and the server bill of materials? What does Dell specifically do to track the providence of components it uses in its systems so that when the systems arrive, a customer can be a hundred percent certain that that system hasn't been compromised, >>Right? And we've talked about how complex the modern supply chain is, right? And that's no different for service. We have hundreds of confidence on the server and a lot of these form where in order to be configured and run and this former competence could be coming from third parties suppliers. So now the complexity that we are dealing with like was the end to end approach and that's where Dell pays a lot of attention into assuring the security approach approaching and it starts all the way from sourcing competence, right? And then through the design and then even the manufacturing process where we are wetting the personnel leather factories and wetting the factories itself. And the factories also have physical controls, physical security controls built into them and even shipping, right? We have GPS tagging of packages. So all of this is built to ensure supply chain security. >>But a critical aspect of this is also making sure that the systems which are built in the factories are delivered to the customers without any changes or any tapper. And we have a feature called the secure component verification, which is capable of doing this. What the feature does this, when the system gets built in a factory, it generates an inventory of all the competence in the system and it creates a cryptographic certificate based on the signatures presented to this by the competence. And this certificate is stored separately and sent to the customers separately from the system itself. So once the customers receive the system at their end, they can run out to, it generates an inventory of the competence on the system at their end and then compare it to the golden certificate to make sure nothing was changed. And if any changes are detected, we can figure out if there's an authorized change or unauthorize change. >>Again, authorized changes could be like, you know, upgrades to the drives or memory and ized changes could be any sort of temper. So that's the supply chain aspect of it and bill of metal use is also an important aspect to galing security, right? And we provide a software bill of materials, which is basically a list of ingredients of all the software pieces in the platform. So what it allows our customers to do is quickly take a look at all the different pieces and compare it to the vulnerability database and see if any of the vulner which have been discovered out in the wild affected platform. So that's a quick way of figuring out if the platform has any known vulnerabilities and it has not been patched. >>Excellent. That's really good. My last question is, I wonder if you, you know, give us the sort of summary from your perspective, what are the key strengths of Dell server portfolio from a security standpoint? I'm really interested in, you know, the uniqueness and the strong suit that Dell brings to the table, >>Right? Yeah. We have talked enough about the complexity of the environment and how zero risk is necessary for the modern ID environment, right? And this is integral to Dell powered service. And as part of that like you know, security starts with the supply chain. We already talked about the second component verification, which is a beneath feature that Dell platforms have. And on top of it we also have a silicon place platform mode of trust. So this is a key which is programmed into the silicon on the black service during manufacturing and can never be changed after. And this immutable key is what forms the anchor for creating the chain of trust that is used to verify everything in the platform from the hardware and software integrity to the boot, all pieces of it, right? In addition to that, we also have a host of data protection features. >>Whether it is protecting data at risk in news or inflight, we have self encrypting drives which provides scalable and flexible encryption options. And this couple with external key management provides really good protection for your data address. External key management is important because you know, somebody could physically steam the server walk away, but then the keys are not stored on the server, it stood separately. So that provides your action layer of security. And we also have dual layer encryption where you can compliment the hardware encryption on the secure encrypted drives with software level encryption. Inion to this we have identity and access management features like multifactor authentication, single sign on roles, scope and time based access controls, all of which are critical to enable that granular control and checks for zero trust approach. So I would say like, you know, if you look at the Dell feature set, it's pretty comprehensive and we also have the flexibility built in to meet the needs of all customers no matter where they fall in the spectrum of, you know, risk tolerance and security sensitivity. And we also have the capabilities to meet all the regulatory requirements and compliance requirements. So in a nutshell, I would say that you know, Dell Power Service cyber resident infrastructure helps accelerate zero tested option for customers. >>Got it. So you've really thought this through all the various things that that you would do to sort of make sure that your server infrastructure is secure, not compromised, that your supply chain is secure so that your customers can focus on some of the other things that they have to worry about, which are numerous. Thanks Deepak, appreciate you coming on the cube and participating in the program. >>Thank you for having >>You're welcome. In a moment I'll be back to dig into the networking portion of the infrastructure. Stay with us for more coverage of a blueprint for trusted infrastructure and collaboration with Dell Technologies on the cube, your leader in enterprise and emerging tech coverage. We're back with a blueprint for trusted infrastructure and partnership with Dell Technologies in the cube. And we're here with Mahesh Nager, who is a consultant in the area of networking product management at Dell Technologies. Mahesh, welcome, good to see you. >>Hey, good morning Dell's, nice to meet, meet to you as well. >>Hey, so we've been digging into all the parts of the infrastructure stack and now we're gonna look at the all important networking components. Mahesh, when we think about networking in today's environment, we think about the core data center and we're connecting out to various locations including the cloud and both the near and the far edge. So the question is from Dell's perspective, what's unique and challenging about securing network infrastructure that we should know about? >>Yeah, so few years ago IT security and an enterprise was primarily putting a wrapper around data center out because it was constrained to an infrastructure owned and operated by the enterprise for the most part. So putting a rapid around it like a parameter or a firewall was a sufficient response because you could basically control the environment and data small enough control today with the distributed data, intelligent software, different systems, multi-cloud environment and asset service delivery, you know, the infrastructure for the modern era changes the way to secure the network infrastructure In today's, you know, data driven world, it operates everywhere and data has created and accessed everywhere so far from, you know, the centralized monolithic data centers of the past. The biggest challenge is how do we build the network infrastructure of the modern era that are intelligent with automation enabling maximum flexibility and business agility without any compromise on the security. We believe that in this data era, the security transformation must accompany digital transformation. >>Yeah, that's very good. You talked about a couple of things there. Data by its very nature is distributed. There is no perimeter anymore, so you can't just, as you say, put a rapper around it. I like the way you phrase that. So when you think about cyber security resilience from a networking perspective, how do you define that? In other words, what are the basic principles that you adhere to when thinking about securing network infrastructure for your customers? >>So our belief is that cybersecurity and cybersecurity resilience, they need to be holistic, they need to be integrated, scalable, one that span the entire enterprise and with a co and objective and policy implementation. So cybersecurity needs to span across all the devices and running across any application, whether the application resets on the cloud or anywhere else in the infrastructure. From a networking standpoint, what does it mean? It's again, the same principles, right? You know, in order to prevent the threat actors from accessing changing best destroy or stealing sensitive data, this definition holds good for networking as well. So if you look at it from a networking perspective, it's the ability to protect from and withstand attacks on the networking systems as we continue to evolve. This will also include the ability to adapt and recover from these attacks, which is what cyber resilience aspect is all about. So cybersecurity best practices, as you know, is continuously changing the landscape primarily because the cyber threats also continue to evolve. >>Yeah, got it. So I like that. So it's gotta be integrated, it's gotta be scalable, it's gotta be comprehensive, comprehensive and adaptable. You're saying it can't be static, >>Right? Right. So I think, you know, you had a second part of a question, you know, that says what do we, you know, what are the basic principles? You know, when you think about securing network infrastructure, when you're looking at securing the network infrastructure, it revolves around core security capability of the devices that form the network. And what are these security capabilities? These are access control, software integrity and vulnerability response. When you look at access control, it's to ensure that only the authenticated users are able to access the platform and they're able to access only the kind of the assets that they're authorized to based on their user level. Now accessing a network platform like a switch or a rotor for example, is typically used for say, configuration and management of the networking switch. So user access is based on say roles for that matter in a role based access control, whether you are a security admin or a network admin or a storage admin. >>And it's imperative that logging is enable because any of the change to the configuration is actually logged and monitored as that. Talking about software's integrity, it's the ability to ensure that the software that's running on the system has not been compromised. And, and you know, this is important because it could actually, you know, get hold of the system and you know, you could get UND desire results in terms of say validation of the images. It's, it needs to be done through say digital signature. So, so it's important that when you're talking about say, software integrity, a, you are ensuring that the platform is not compromised, you know, is not compromised and be that any upgrades, you know, that happens to the platform is happening through say validated signature. >>Okay. And now, now you've now, so there's access control, software integrity, and I think you, you've got a third element which is i I think response, but please continue. >>Yeah, so you know, the third one is about civil notability. So we follow the same process that's been followed by the rest of the products within the Dell product family. That's to report or identify, you know, any kind of a vulnerability that's being addressed by the Dell product security incident response team. So the networking portfolio is no different, you know, it follows the same process for identification for tri and for resolution of these vulnerabilities. And these are addressed either through patches or through new reasons via networking software. >>Yeah, got it. Okay. So I mean, you didn't say zero trust, but when you were talking about access control, you're really talking about access to only those assets that people are authorized to access. I know zero trust sometimes is a buzzword, but, but you I think gave it, you know, some clarity there. Software integrity, it's about assurance validation, your digital signature you mentioned and, and that there's been no compromise. And then how you respond to incidents in a standard way that can fit into a security framework. So outstanding description, thank you for that. But then the next question is, how does Dell networking fit into the construct of what we've been talking about Dell trusted infrastructure? >>Okay, so networking is the key element in the Dell trusted infrastructure. It provides the interconnect between the service and the storage world. And you know, it's part of any data center configuration for a trusted infrastructure. The network needs to have access control in place where only the authorized nels are able to make change to the network configuration and logging off any of those changes is also done through the logging capabilities. Additionally, we should also ensure that the configuration should provide network isolation between say the management network and the data traffic network because they need to be separate and distinct from each other. And furthermore, even if you look at the data traffic network and now you have things like segmentation isolated segments and via VRF or, or some micro segmentation via partners, this allows various level of security for each of those segments. So it's important you know, that, that the network infrastructure has the ability, you know, to provide all this, this services from a Dell networking security perspective, right? >>You know, there are multiple layer of defense, you know, both at the edge and in the network in this hardware and in the software and essentially, you know, a set of rules and a configuration that's designed to sort of protect the integrity, confidentiality, and accessibility of the network assets. So each network security layer, it implements policies and controls as I said, you know, including send network segmentation. We do have capabilities sources, centralized management automation and capability and scalability for that matter. Now you add all of these things, you know, with the open networking standards or software, different principles and you essentially, you know, reach to the point where you know, you're looking at zero trust network access, which is essentially sort of a building block for increased cloud adoption. If you look at say that you know the different pillars of a zero trust architecture, you know, if you look at the device aspect, you know, we do have support for security for example, we do have say trust platform in a trusted platform models tpms on certain offer products and you know, the physical security know plain, simple old one love port enable from a user trust perspective, we know it's all done via access control days via role based access control and say capability in order to provide say remote authentication or things like say sticky Mac or Mac learning limit and so on. >>If you look at say a transport and decision trust layer, these are essentially, you know, how do you access, you know, this switch, you know, is it by plain hotel net or is it like secure ssh, right? And you know, when a host communicates, you know, to the switch, we do have things like self-signed or is certificate authority based certification. And one of the important aspect is, you know, in terms of, you know, the routing protocol, the routing protocol, say for example BGP for example, we do have the capability to support MD five authentication between the b g peers so that there is no, you know, manages attack, you know, to the network where the routing table is compromised. And the other aspect is about second control plane is here, you know, you know, it's, it's typical that if you don't have a control plane here, you know, it could be flooded and you know, you know, the switch could be compromised by city denial service attacks. >>From an application test perspective, as I mentioned, you know, we do have, you know, the application specific security rules where you could actually define, you know, the specific security rules based on the specific applications, you know, that are running within the system. And I did talk about, say the digital signature and the cryptographic check that we do for authentication and for, I mean rather for the authenticity and the validation of, you know, of the image and the BS and so on and so forth. Finally, you know, the data trust, we are looking at, you know, the network separation, you know, the network separation could happen or VRF plain old wheel Ls, you know, which can bring about sales multi 10 aspects. We talk about some microsegmentation as it applies to nsx for example. The other aspect is, you know, we do have, with our own smart fabric services that's enabled in a fabric, we have a concept of c cluster security. So all of this, you know, the different pillars, they sort of make up for the zero trust infrastructure for the networking assets of an infrastructure. >>Yeah. So thank you for that. There's a, there's a lot to unpack there. You know, one of the premise, the premise really of this, this, this, this segment that we're setting up in this series is really that everything you just mentioned, or a lot of things you just mentioned used to be the responsibility of the security team. And, and the premise that we're putting forth is that because security teams are so stretched thin, you, you gotta shift the vendor community. Dell specifically is shifting a lot of those tasks to their own r and d and taking care of a lot of that. So, cuz scop teams got a lot of other stuff to, to worry about. So my question relates to things like automation, which can help and scalability, what about those topics as it relates to networking infrastructure? >>Okay, our >>Portfolio, it enables state of the automation software, you know, that enables simplifying of the design. So for example, we do have, you know, you know the fabric design center, you know, a tool that automates the design of the fabric and you know, from a deployment and you know, the management of the network infrastructure that are simplicities, you know, using like Ansible s for Sonic for example are, you know, for a better sit and tell story. You know, we do have smart fabric services that can automate the entire fabric, you know, for a storage solution or for, you know, for one of the workloads for example. Now we do help reduce the complexity by closely integrating the management of the physical and the virtual networking infrastructure. And again, you know, we have those capabilities using Sonic or Smart Traffic services. If you look at Sonic for example, right? >>It delivers automated intent based secure containerized network and it has the ability to provide some network visibility and Avan has and, and all of these things are actually valid, you know, for a modern networking infrastructure. So now if you look at Sonic, you know, it's, you know, the usage of those tools, you know, that are available, you know, within the Sonic no is not restricted, you know, just to the data center infrastructure is, it's a unified no, you know, that's well applicable beyond the data center, you know, right up to the edge. Now if you look at our north from a smart traffic OS 10 perspective, you know, as I mentioned, we do have smart traffic services which essentially, you know, simplifies the deployment day zero, I mean rather day one, day two deployment expansion plans and the lifecycle management of our conversion infrastructure and hyper and hyper conversion infrastructure solutions. And finally, in order to enable say, zero touch deployment, we do have, you know, a VP solution with our SD van capability. So these are, you know, ways by which we bring down the complexity by, you know, enhancing the automation capability using, you know, a singular loss that can expand from a data center now right to the edge. >>Great, thank you for that. Last question real quick, just pitch me, what can you summarize from your point of view, what's the strength of the Dell networking portfolio? >>Okay, so from a Dell networking portfolio, we support capabilities at multiple layers. As I mentioned, we're talking about the physical security for examples, say disabling of the unused interface. Sticky Mac and trusted platform modules are the things that to go after. And when you're talking about say secure boot for example, it delivers the authenticity and the integrity of the OS 10 images at the startup. And Secure Boot also protects the startup configuration so that, you know, the startup configuration file is not compromised. And Secure port also enables the workload of prediction, for example, that is at another aspect of software image integrity validation, you know, wherein the image is data for the digital signature, you know, prior to any upgrade process. And if you are looking at secure access control, we do have things like role based access control, SSH to the switches, control plane access control that pre do tags and say access control from multifactor authentication. >>We do have various tech ads for entry control to the network and things like CSE and PRV support, you know, from a federal perspective we do have say logging wherein, you know, any event, any auditing capabilities can be possible by say looking at the clog service, you know, which are pretty much in our transmitter from the devices overts for example, and last we talked about say network segment, you know, say network separation and you know, these, you know, separation, you know, ensures that are, that is, you know, a contained say segment, you know, for a specific purpose or for the specific zone and, you know, just can be implemented by a, a micro segmentation, you know, just a plain old wheel or using virtual route of framework VR for example. >>A lot there. I mean I think frankly, you know, my takeaway is you guys do the heavy lifting in a very complicated topic. So thank you so much for, for coming on the cube and explaining that in in quite some depth. Really appreciate it. >>Thank you indeed. >>Oh, you're very welcome. Okay, in a moment I'll be back to dig into the hyper-converged infrastructure part of the portfolio and look at how when you enter the world of software defined where you're controlling servers and storage and networks via software led system, you could be sure that your infrastructure is trusted and secure. You're watching a blueprint for trusted infrastructure made possible by Dell Technologies and collaboration with the cube, your leader in enterprise and emerging tech coverage, your own west product management security lead at for HCI at Dell Technologies hyper-converged infrastructure. Jerome, welcome. >>Thank you Dave. >>Hey Jerome, in this series of blueprint for trusted infrastructure, we've been digging into the different parts of the infrastructure stack, including storage servers and networking, and now we want to cover hyperconverged infrastructure. So my first question is, what's unique about HCI that presents specific security challenges? What do we need to know? >>So what's unique about hyper-converge infrastructure is the breadth of the security challenge. We can't simply focus on a single type of IT system. So like a server or storage system or a virtualization piece of software, software. I mean HCI is all of those things. So luckily we have excellent partners like VMware, Microsoft, and internal partners like the Dell Power Edge team, the Dell storage team, the Dell networking team, and on and on. These partnerships in these collaborations are what make us successful from a security standpoint. So let me give you an example to illustrate. In the recent past we're seeing growing scope and sophistication in supply chain attacks. This mean an attacker is going to attack your software supply chain upstream so that hopefully a piece of code, malicious code that wasn't identified early in the software supply chain is distributed like a large player, like a VMware or Microsoft or a Dell. So to confront this kind of sophisticated hard to defeat problem, we need short term solutions and we need long term solutions as well. >>So for the short term solution, the obvious thing to do is to patch the vulnerability. The complexity is for our HCI portfolio. We build our software on VMware, so we would have to consume a patch that VMware would produce and provide it to our customers in a timely manner. Luckily VX rail's engineering team has co engineered a release process with VMware that significantly shortens our development life cycle so that VMware would produce a patch and within 14 days we will integrate our own code with the VMware release we will have tested and validated the update and we will give an update to our customers within 14 days of that VMware release. That as a result of this kind of rapid development process, VHA had over 40 releases of software updates last year for a longer term solution. We're partnering with VMware and others to develop a software bill of materials. We work with VMware to consume their software manifest, including their upstream vendors and their open source providers to have a comprehensive list of software components. Then we aren't caught off guard by an unforeseen vulnerability and we're more able to easily detect where the software problem lies so that we can quickly address it. So these are the kind of relationships and solutions that we can co engineer with effective collaborations with our, with our partners. >>Great, thank you for that. That description. So if I had to define what cybersecurity resilience means to HCI or converged infrastructure, and to me my takeaway was you gotta have a short term instant patch solution and then you gotta do an integration in a very short time, you know, two weeks to then have that integration done. And then longer term you have to have a software bill of materials so that you can ensure the providence of all the components help us. Is that a right way to think about cybersecurity resilience? Do you have, you know, a additives to that definition? >>I do. I really think that's site cybersecurity and resilience for hci because like I said, it has sort of unprecedented breadth across our portfolio. It's not a single thing, it's a bit of everything. So really the strength or the secret sauce is to combine all the solutions that our partner develops while integrating them with our own layer. So let me, let me give you an example. So hci, it's a, basically taking a software abstraction of hardware functionality and implementing it into something called the virtualized layer. It's basically the virtual virtualizing hardware functionality, like say a storage controller, you could implement it in hardware, but for hci, for example, in our VX rail portfolio, we, our Vxl product, we integrated it into a product called vsan, which is provided by our partner VMware. So that portfolio of strength is still, you know, through our, through our partnerships. >>So what we do, we integrate these, these security functionality and features in into our product. So our partnership grows to our ecosystem through products like VMware, products like nsx, Horizon, Carbon Black and vSphere. All of them integrate seamlessly with VMware and we also leverage VMware's software, part software partnerships on top of that. So for example, VX supports multifactor authentication through vSphere integration with something called Active Directory Federation services for adfs. So there's a lot of providers that support adfs including Microsoft Azure. So now we can support a wide array of identity providers such as Off Zero or I mentioned Azure or Active Directory through that partnership. So we can leverage all of our partners partnerships as well. So there's sort of a second layer. So being able to secure all of that, that provides a lot of options and flexibility for our customers. So basically to summarize my my answer, we consume all of the security advantages of our partners, but we also expand on them to make a product that is comprehensively secured at multiple layers from the hardware layer that's provided by Dell through Power Edge to the hyper-converged software that we build ourselves to the virtualization layer that we get through our partnerships with Microsoft and VMware. >>Great, I mean that's super helpful. You've mentioned nsx, Horizon, Carbon Black, all the, you know, the VMware component OTH zero, which the developers are gonna love. You got Azure identity, so it's really an ecosystem. So you may have actually answered my next question, but I'm gonna ask it anyway cuz you've got this software defined environment and you're managing servers and networking and storage with this software led approach, how do you ensure that the entire system is secure end to end? >>That's a really great question. So the, the answer is we do testing and validation as part of the engineering process. It's not just bolted on at the end. So when we do, for example, VxRail is the market's only co engineered solution with VMware, other vendors sell VMware as a hyper converged solution, but we actually include security as part of the co-engineering process with VMware. So it's considered when VMware builds their code and their process dovetails with ours because we have a secure development life cycle, which other products might talk about in their discussions with you that we integrate into our engineering life cycle. So because we follow the same framework, all of the, all of the codes should interoperate from a security standpoint. And so when we do our final validation testing when we do a software release, we're already halfway there in ensuring that all these features will give the customers what we promised. >>That's great. All right, let's, let's close pitch me, what would you say is the strong suit summarize the, the strengths of the Dell hyper-converged infrastructure and converged infrastructure portfolio specifically from a security perspective? Jerome? >>So I talked about how hyper hyper-converged infrastructure simplifies security management because basically you're gonna take all of these features that are abstracted in in hardware, they're now abstracted in the virtualization layer. Now you can manage them from a single point of view, whether it would be, say, you know, in for VX rail would be b be center, for example. So by abstracting all this, you make it very easy to manage security and highly flexible because now you don't have limitations around a single vendor. You have a multiple array of choices and partnerships to select. So I would say that is the, the key to making it to hci. Now, what makes Dell the market leader in HCI is not only do we have that functionality, but we also make it exceptionally useful to you because it's co engineered, it's not bolted on. So I gave the example of spo, I gave the example of how we, we modify our software release process with VMware to make it very responsive. >>A couple of other features that we have specific just to HCI are digitally signed LCM updates. This is an example of a feature that we have that's only exclusive to Dell that's not done through a partnership. So we digitally signed our software updates so the user can be sure that the, the update that they're installing into their system is an authentic and unmodified product. So we give it a Dell signature that's invalidated prior to installation. So not only do we consume the features that others develop in a seamless and fully validated way, but we also bolt on our own a specific HCI security features that work with all the other partnerships and give the user an exceptional security experience. So for, for example, the benefit to the customer is you don't have to create a complicated security framework that's hard for your users to use and it's hard for your system administrators to manage it all comes in a package. So it, it can be all managed through vCenter, for example, or, and then the specific hyper, hyper-converged functions can be managed through VxRail manager or through STDC manager. So there's very few pains of glass that the, the administrator or user ever has to worry about. It's all self contained and manageable. >>That makes a lot of sense. So you've got your own infrastructure, you're applying your best practices to that, like the digital signatures, you've got your ecosystem, you're doing co-engineering with the ecosystems, delivering security in a package, minimizing the complexity at the infrastructure level. The reason Jerome, this is so important is because SecOps teams, you know, they gotta deal with cloud security, they gotta deal with multiple clouds. Now they have their shared responsibility model going across multiple cl. They got all this other stuff that they have to worry, they gotta secure the containers and the run time and and, and, and, and the platform and so forth. So they're being asked to do other things. If they have to worry about all the things that you just mentioned, they'll never get, you know, the, the securities is gonna get worse. So what my takeaway is, you're removing that infrastructure piece and saying, Okay guys, you now can focus on those other things that is not necessarily Dell's, you know, domain, but you, you know, you can work with other partners to and your own teams to really nail that. Is that a fair summary? >>I think that is a fair summary because absolutely the worst thing you can do from a security perspective is provide a feature that's so unusable that the administrator disables it or other key security features. So when I work with my partners to define, to define and develop a new security feature, the thing I keep foremost in mind is, will this be something our users want to use and our administrators want to administer? Because if it's not, if it's something that's too difficult or onerous or complex, then I try to find ways to make it more user friendly and practical. And this is a challenge sometimes because we are, our products operate in highly regulated environments and sometimes they have to have certain rules and certain configurations that aren't the most user friendly or management friendly. So I, I put a lot of effort into thinking about how can we make this feature useful while still complying with all the regulations that we have to comply with. And by the way, we're very successful in a highly regulated space. We sell a lot of VxRail, for example, into the Department of Defense and banks and, and other highly regulated environments and we're very successful there. >>Excellent. Okay, Jerome, thanks. We're gonna leave it there for now. I'd love to have you back to talk about the progress that you're making down the road. Things always, you know, advance in the tech industry and so would appreciate that. >>I would look forward to it. Thank you very much, Dave. >>You're really welcome. In a moment I'll be back to summarize the program and offer some resources that can help you on your journey to secure your enterprise infrastructure. I wanna thank our guests for their contributions in helping us understand how investments by a company like Dell can both reduce the need for dev sec up teams to worry about some of the more fundamental security issues around infrastructure and have greater confidence in the quality providence and data protection designed in to core infrastructure like servers, storage, networking, and hyper-converged systems. You know, at the end of the day, whether your workloads are in the cloud, on prem or at the edge, you are responsible for your own security. But vendor r and d and vendor process must play an important role in easing the burden faced by security devs and operation teams. And on behalf of the cube production content and social teams as well as Dell Technologies, we want to thank you for watching a blueprint for trusted infrastructure. Remember part one of this series as well as all the videos associated with this program and of course today's program are available on demand@thecube.net with additional coverage@siliconangle.com. And you can go to dell.com/security solutions dell.com/security solutions to learn more about Dell's approach to securing infrastructure. And there's tons of additional resources that can help you on your journey. This is Dave Valante for the Cube, your leader in enterprise and emerging tech coverage. We'll see you next time.

(upbeat electronic music) >> Welcome back to everyone, to "theCUBE's" coverage here in Seattle, Washington for Amazon Web Services Partner Marketplace Seller Conference, combining their partner network with Marketplace forming a new organization called AWS Partner Organization. This is "theCUBE" coverage. I'm John Furrier, your host. We've got great "Cube" alumni here from Zscaler, a very successful cloud company doing great work. Stelio D'Alo, senior director of cloud business development and Raveesh Chugh, VP of Public Cloud Partnerships at Zscaler. Welcome back to "theCUBE." Good to see you guys. Thanks for coming on. >> Thank you. >> Thanks having us, John. >> So we've been doing a lot of coverage of Zscaler, what a great success story. I mean, the numbers are great. The business performance, it's in the top two, three, one, two, three in all metrics on public companies, SaaS. So you guys, check. Good job. >> Yes, thank you. >> So you guys have done a good job. Now you're here, selling through the Marketplace. You guys are a world class performing company in cloud SaaS, so you're in the front lines doing well. Now, Marketplace is a procurement front end opportunity for people to buy. Hey, self-service, buy and put things together. Sounds novel, what a great concept. Great cloud life. >> Yes. >> You guys are participating and now sellers are coming together. The merger of the public, the partner network with Marketplace. It feels like this is a second act for AWS to go to the next level. They got their training wheels done with partners. Now they're going to the next level. What do you guys think about this? >> Well, I think you're right, John. I think it is very much something that is in keeping with the way AWS does business. Very Amazonian, they're working back from the customer. What we're seeing is, our customers and in general, the market is gravitating towards purchase mechanisms and route to market that just are lower friction. So in the same way that companies are going through their digital transformations now, really modernizing the way they host applications and they reach the internet. They're also modernizing on the purchasing side, which is super exciting, because we're all motivated to help customers with that agility. >> You know, it's fun to watch and again I'm being really candid and props to you guys as a company. Now, everyone else is kind of following that. Okay, lift and shift, check, doing some things. Now they go, whoa, I can really build on this. People are building their own apps for their companies. Going to build their own stuff. They're going to use piece parts. They're going to put it together in a really scalable way. That's the new normal. Okay, so now they go okay, I'm going to just buy through the market, I get purchasing power. So you guys have been a real leader with AWS. Can you share what you guys are doing in the Marketplace? I think you guys are a nice example of how to execute the Marketplace. Take us through. What are you guys offering there? What's the contract look like? Is it multi-pronged? What's the approach? What do customers get if they go to the marketplace for Zscaler? >> Yeah, so it's been a very exciting story and been a very pleasing one for us with AWS marketplace. We see a huge growth potentially. There are more than 350,000 customers that are actively buying through Marketplace today. We expect that number to grow to around a million customers by the next, I would say, five to ten years and we want to be part of this wave. We see AWS Marketplace to be a channel where not only our resalers or our channel partners can come and transact, but also our GSIs like Accenture want to transact through this channel. We are doing a lot, in terms of bringing new customers through Marketplace, who want to not only close their deals, but close it in the next few hours. That's the beauty of Marketplace, the agility, the flexibility in terms of pricing that it provides to ISVs like us. If a customer wants to delay their payments by a couple of quarters, Marketplace supports that. If a customer wants to do monthly payments, Marketplace supports that. We are seeing lot of customers, big customers, that have signed EDPs, enterprise discount plans with AWS. These are multi-year cloud commits coming to us and saying we can retire our EDPs with AWS if we transact your solution through AWS Marketplace. So what we have done, as of today, we have all of our production services enabled through AWS Marketplace. What that means for customers, they can now retire their EDPs by buying Zscaler products through AWS Marketplace and in return get the full benefit of maximizing their EDP commits with AWS. >> So you guys are fully committed, no toe on the water, as we heard. You guys are all in. >> Absolutely, that's exactly the way to put it. We're all in, all of our solutions are available in the marketplace. As you mentioned, we're a SaaS provider. So we're one of the vendors in the Marketplace that have SaaS solutions. So unlike a lot of customers and even the market in general, associate the Marketplace for historical reasons, the way it started with a lot of monthly subscriptions and just dipping your toe in it from a consumer perspective. Whereas we're doing multimillion dollar, multi-year SaaS contracts. So the most complicated kinds of transactions you'd normally associate with enterprise software, we're doing in very low friction ways. >> On the Zscaler side going in low friction. >> Yep, yeah, that's right. >> How about the customer experience? >> So it is primarily the the customer that experiences. >> Driving it? >> Yeah, they're driving it and it's because rather than traditional methods of going through paperwork, purchase orders- >> What are some of the things that customers are saying about this, bcause I see two benefits, I'll say that. The friction, it's a channel, okay, for Zscaler. Let's be clear, but now you have a customer who's got a lot of Amazon. They're a trusted partner too. So why wouldn't they want to have one point of contact to use their purchasing power and you guys are okay with that. >> We're absolutely okay with it. The reason being, we're still doing the transaction and we can do the transaction with our... We're a channel first company, so that's another important distinction of how people tend to think of the Marketplace. We go through channel. A lot of our transactions are with traditional channel partners and you'd be surprised the kinds of, even the Telcos, carrier providers, are starting to embrace Marketplace. So from a customer perspective, it's less paperwork, less legal work. >> Yeah, I'd love to get your reaction to something, because I think this highlights to me what we've been reporting on with "theCUBE" with super cloud and other trends that are different in a good way. Taking it to the next level and that is that if you look at Zscaler, SaaS, SaaS is self-service, the scale, there's efficiencies. Marketplace first started out as a self-service catalog, a website, you know, click and choose, but now it's a different. He calls it a supply chain, like the CICD pipeline of buying software. He mentions that, there's also services. He put the Channel partners can come in. The GSIs, global system integrators can come in. So it's more than just a catalog now. It's kind of self-service procurement more than it is just a catalog of buy stuff. >> Yes, so yeah, I feel CEOs, CSOs of today should understand what Marketplace brings to the bear in terms of different kinds of services or Zscaler solutions that they can acquire through Marketplace and other ISV solutions, for that matter. I feel like we are at a point, after the pandemic, where there'll be a lot of digital exploration and companies can do more in terms of not just Marketplace, but also including the channel partners as part of deals. So you talked about channel conflict. AWS addressed this by bringing a program called CPPO in the picture, Channel Partner Private Offers. What that does is, we are not only bringing all our channel partners into deals. For renewals as well, they're the partner of record and they get paid alongside with the customer. So AWS does all the heavy lifting, in terms of disbursements of payments to us, to the channel partner, so it's a win-win situation for all. >> I mean, private offers and co-sale has been very popular. >> It has been, and that is our bread and butter in the Marketplace. Again, we do primarily three year contracts and so private offers work super well. A nice thing for us as a vendor is it provides a great amount of flexibility. Private Offer gives you a lot of optionality, in terms of how the constructs of the deal and whether or not you're working with a partner, how the partner is utilizing as well to resell to the end user. So, we've always talked about AWS giving IT agility. This gives purchasing and finance business agility. >> Yeah, and I think this comes up a lot. I just noticed this happening a lot more, where you see dedicated sessions, not just on DevOps and all the goodies of the cloud, financial strategy. >> Yeah. >> Seeing a lot more conversation around how to operationalize the business transactions in the cloud. >> Absolutely. >> This is the new, I mean it's not new, it's been thrown around, but not at a tech conference. You don't see that. So I got to ask you guys, what's the message to the CISOs and executives watching the business people about Zscaler in the Marketplace? What should they be looking at? What is the pitch for Zscaler for the Marketplace buyer? >> So I would say that we are a cloud-delivered network security service. We have been in this game for more than a decade. We have years of early head start with lots of features and functionality versus our competitors. If customers were to move into AWS Cloud, they can get rid of their next-gen firewalls and just have all the traffic routed through our Zscaler internet access and use Zscaler private access for accessing their private applications. We feel we have done everything in our capacity, in terms of enabling customers through Marketplace and will continue to participate in more features and functionality that Marketplace has to offer. We would like these customers to take advantage of their EDPs as well as their retirement and spend for the multi-commit through AWS Marketplace. Learn about what we have to offer and how we can really expedite the motion for them, if they want to procure our solutions through Marketplace >> You know, we're seeing an ability for them to get more creative, more progressive in terms of the purchasing. We're also doing, we're really excited about the ability to serve multiple markets. So we've had an immense amount of success in commercial. We also are seeing increasing amount of public sector, US federal government agencies that want to procure this way as well for the same reasons. So there's a lot of innovation going on. >> So you have the FedRAMP going on, you got all those certifications. >> Exactly right. So we are the first cloud-native solution to provide IL5 ATO, as well as FedRAMP pie and we make that all available, GSA schedule pricing through the AWS Marketplace, again through FSIs and other resellers. >> Public private partnerships have been a big factor, having that span of capability. I got to ask you about, this is a cool conversation, because now you're like, okay, I'm selling through the Marketplace. Companies themselves are changing how they operate. They don't just buy software that we used to use. So general purpose, bundled stuff. Oh yeah, I'm buying this product, because this has got a great solution and I have to get forced to use this firewall, because I bought this over here. That's not how companies are architecting and developing their businesses. It's no longer buying IT. They're building their company digitally. They have to be the application. So they're not sitting around, saying hey, can I get a solution? They're building and architecting their solution. This is kind of like the new enterprise that no one's talking about. They kind of, got to do their own work. >> Yes. >> There's no general purpose solution that maps every company. So they got to pick the best piece parts and integrate them. >> Yes and I feel- >> Do you guys agree with that? >> Yeah, I agree with that and customers don't want to go for point solutions anymore. They want to go with a platform approach. They want go with a vendor that can not only cut down their vendors from multi-dozens to maybe a dozen or less and that's where, you know, we kind of have pivoted to the platform-centric approach, where we not only help customers with Cloud Network Security, but we also help customers with Cloud Native Application Protection Platform that we just recently launched. It's going by the name of the different elements, including Cloud Security Posture Management, Cloud Identity Event Management and so we are continuously doing more and more on the configuration and vulnerability side space. So if a customer has an AWS S3 bucket that is opened it can be detected and can be remediated. So all of those proactive steps we are taking, in terms of enhancing our portfolio, but we have come a long way as a company, as a platform that we have evolved in the Marketplace. >> What's the hottest product? >> The hottest product? >> In Marketplace right now. >> Well, the fastest growing products include our digital experience products and we have new Cloud Protection. So we've got Posture and Workload Protection as well and those are the fastest growing. For AWS customers a strong affinity also for ZPA, which provides you zero trust access to your workloads on AWS. So those are all the most popular in Marketplace. >> Yeah. >> So I would like to add that we recently launched and this has been a few years, a couple of years. We launched a product called Zscaler Digital X, the ZDX. >> Mm-hmm. >> What that product does is, let's say you're making a Zoom call and your WiFi network is laggy or it's a Zoom server that's laggy. It kind of detects where is the problem and it further tells the IT department you need to fix either the server on which Zoom is running, or fix your home network. So that is the beauty of the product. So I think we are seeing massive growth with some of our new editions in the portfolio, which is a long time coming. >> Yeah and certainly a lot of growth opportunities for you guys, as you come in. Where do you see Zscaler's big growth coming from product-wise? What's the big push? Actually, this is great upside for you here. >> Yeah. >> On the go to market side. Where's the big growth for Zscaler right now? So I think we are focused as a company on zero trust architecture. We want to securely connect users to apps, apps to apps, workloads to workloads and machines to machines. We want to give customers an experience where they have direct access to the apps that's hidden from the outside world and they can securely connect to the apps in a very succinct fashion. The user experience is second to none. A lot of customers use us on the Microsoft Office 365 side, where they see a lag in connecting to Microsoft Office 365 directly. They use the IE service to securely connect. >> Yeah, latency kills. >> Microsoft Office 365. >> Latency kills, as we always say, you know and security, you got to look at the pattern, you want to see that data. >> Yeah, and emerging use cases, there is an immense amount of white space and upside for us as well in emerging use cases, like OT, 5G, IOT. >> Yeah. >> Federal government, DOD. >> Oh god, tactical edge government. >> Security at the edge, absolutely, yeah. >> Where's the big edge? What's the edge challenge right now, if you have to put your finger on the edge, because right now that's the hot area, we're watching that. It's going to be highly contested. It's not yet clear, I mean certainly hybrid is the operating model, cloud, distributing, computing, but edge has got unique things that you can't really point to on premises that's the same. It's highly dynamic, you need high bandwidth, low latency, compute at the edge. The data has to be processed right there. What's the big thing at the edge right now? >> Well, so that's probably an emerging answer. I mean, we're working with our customers, they're inventing and they're kind of finding the use cases for those edge, but one of the good things about Zscaler is that we are able to, we've got low latency at the edge. We're able to work as a computer at the edge. We work on Outpost, Snowball, Snowcone, the Snow devices. So we can be wherever our customers need us. Mobile devices, there are a lot of applications where we've got to be either on embedded devices, on tractors, providing security for those IOT devices. So we're pretty comfortable with where we are being the- >> So that's why you guys are financially doing so well, performance wise. I got to ask you though, because I think that brings up the great point. If this is why I like the Marketplace, if I'm a customer, the edge is highly dynamic. It's changing all the time. I don't want to wait to buy something. If I got my solution architects on a product, I need to know I'm going to have zero trust built in and I need to push the button on Zscaler. I don't want to wait. So how does the procurement side impact? What have you guys seen? Share your thoughts on how Marketplace is working from the procurement standpoint, because it seems to me to be fast. Is that right, or is it still slow on their side? On the buyer side, because this to me would be a benefit to developers, if we say, hey, the procurement can just go really fast. I don't want to go through a bunch of PO approvals or slow meetings. >> It can be, that manifests itself in several ways, John. It can be, for instance, somebody wants to do a POC and traditionally you could take any amount of time to get budget approval, take it through. What if you had a pre-approved cloud budget and that was spent primarily through AWS Marketplace, because it's consolidated data on your AWS invoice. The ability to purchase a POC on the Marketplace could be done literally within minutes of the decision being made to go forward with it. So that's kind of a front end, you know, early stage use case. We've got examples we didn't talk about on our recent earnings call of how we have helped customers bring in their procurement with large million dollar, multimillion dollar deals. Even when a resaler's been involved, one of our resaler partners. Being able to accelerate deals, because there's so much less legal work and traditional bureaucratic effort. >> Agility. >> That agility purchasing process has allowed our customers to pull into the quarter, or the end of month, or end of quarter for them, deals that would've otherwise not been able to be done. >> So this is a great example of where you can set policy and kind of create some guard rails around innovation and integration deals, knowing if it's something that the edge is happening, say okay, here's some budget. We approved it, or Amazon gives credits and partnership going on. Then I'd say, hey, well green light this, not to exceed a million dollars, or whatever number in their range and then let people have the freedom to execute. >> You're absolutely right, so from the purchasing side, it does give them that agility. It eliminates a lot of the processes that would push out a purchase in actual execution past when the business decision is made and quite frankly, to be honest, AWS has been very accommodative. They're a great partner. They've invested a lot in Marketplace, Marketplace programs, to help customers do the right thing and do it more quickly as well as vendors like us to help our customers make the decisions they need to. >> Rising tide, a rising tide floats all boats and you guys are a great example of an independent company. Highly successful on your own. >> Yep. >> Certainly the numbers are clear. Wall Street loves Zscaler and economics are great. >> Our customer CSAT numbers are off the scale as well. >> Customers are great and now you've got the Marketplace. This is again, a new normal. A new kind of ecosystem is developing where it's not like the old monolithic ecosystems. The value creation and extraction is happening differently now. It's kind of interesting. >> Yes and I feel we have a long way to go, but what I can tell you is that Zscaler is in this for the long run. We are seeing some of the competitors erupt in the space as well, but they have a long way to go. What we have built requires years worth of R&D and features and thousands of customer's use cases which kind of lead to something what Zscaler has come up with today. What we have is very unique and is going to continuously be an innovation in the market in the years to come. In terms of being more cloud-savvy or more cloud-focused or more cloud-native than what the market has seen so far in the form of next-gen firewalls. >> I know you guys have got a lot of AI work. We've had many conversations with Howie over there. Great stuff and really appreciate you guys participating in our super cloud event we had and we'll see more of that where we're talking about the next generation clouds, really enabling that new disruptive, open-spanning capabilities across multiple environments to run cloud-native modern applications at scale and secure. Appreciate your time to come on "theCUBE". >> Thank you. >> Thank you very much. >> Thanks for having us. >> Thanks, I totally appreciate it. Zscaler, leading company here on "theCUBE" talking about their relationship with Marketplace as they continue to grow and succeed as technology goes to the next level in the cloud. Of course "theCUBE's" covering it here in Seattle. I'm John Furrier, your host. Thanks for watching. (peaceful electronic music)

(upbeat electronic music) >> Welcome back to everyone, to "theCUBE's" coverage here in Seattle, Washington for Amazon Web Services Partner Marketplace Seller Conference, combining their partner network with Marketplace forming a new organization called AWS Partner Organization. This is "theCUBE" coverage. I'm John Furrier, your host. We've got great "Cube" alumni here from Zscaler, a very successful cloud company doing great work. Stelio D'Alo, senior director of cloud business development and Raveesh Chugh, VP of Public Cloud Partnerships at Zscaler. Welcome back to "theCUBE." Good to see you guys. Thanks for coming on. >> Thank you. >> Thanks having us, John. >> So we've been doing a lot of coverage of Zscaler, what a great success story. I mean, the numbers are great. The business performance, it's in the top two, three, one, two, three in all metrics on public companies, SaaS. So you guys, check. Good job. >> Yes, thank you. >> So you guys have done a good job. Now you're here, selling through the Marketplace. You guys are a world class performing company in cloud SaaS, so you're in the front lines doing well. Now, Marketplace is a procurement front end opportunity for people to buy. Hey, self-service, buy and put things together. Sounds novel, what a great concept. Great cloud life. >> Yes. >> You guys are participating and now sellers are coming together. The merger of the public, the partner network with Marketplace. It feels like this is a second act for AWS to go to the next level. They got their training wheels done with partners. Now they're going to the next level. What do you guys think about this? >> Well, I think you're right, John. I think it is very much something that is in keeping with the way AWS does business. Very Amazonian, they're working back from the customer. What we're seeing is, our customers and in general, the market is gravitating towards purchase mechanisms and route to market that just are lower friction. So in the same way that companies are going through their digital transformations now, really modernizing the way they host applications and they reach the internet. They're also modernizing on the purchasing side, which is super exciting, because we're all motivated to help customers with that agility. >> You know, it's fun to watch and again I'm being really candid and props to you guys as a company. Now, everyone else is kind of following that. Okay, lift and shift, check, doing some things. Now they go, whoa, I can really build on this. People are building their own apps for their companies. Going to build their own stuff. They're going to use piece parts. They're going to put it together in a really scalable way. That's the new normal. Okay, so now they go okay, I'm going to just buy through the market, I get purchasing power. So you guys have been a real leader with AWS. Can you share what you guys are doing in the Marketplace? I think you guys are a nice example of how to execute the Marketplace. Take us through. What are you guys offering there? What's the contract look like? Is it multi-pronged? What's the approach? What do customers get if they go to the marketplace for Zscaler? >> Yeah, so it's been a very exciting story and been a very pleasing one for us with AWS marketplace. We see a huge growth potentially. There are more than 350,000 customers that are actively buying through Marketplace today. We expect that number to grow to around a million customers by the next, I would say, five to ten years and we want to be part of this wave. We see AWS Marketplace to be a channel where not only our resalers or our channel partners can come and transact, but also our GSIs like Accenture want to transact through this channel. We are doing a lot, in terms of bringing new customers through Marketplace, who want to not only close their deals, but close it in the next few hours. That's the beauty of Marketplace, the agility, the flexibility in terms of pricing that it provides to ISVs like us. If a customer wants to delay their payments by a couple of quarters, Marketplace supports that. If a customer wants to do monthly payments, Marketplace supports that. We are seeing lot of customers, big customers, that have signed EDPs, enterprise discount plans with AWS. These are multi-year cloud commits coming to us and saying we can retire our EDPs with AWS if we transact your solution through AWS Marketplace. So what we have done, as of today, we have all of our production services enabled through AWS Marketplace. What that means for customers, they can now retire their EDPs by buying Zscaler products through AWS Marketplace and in return get the full benefit of maximizing their EDP commits with AWS. >> So you guys are fully committed, no toe on the water, as we heard. You guys are all in. >> Absolutely, that's exactly the way to put it. We're all in, all of our solutions are available in the marketplace. As you mentioned, we're a SaaS provider. So we're one of the vendors in the Marketplace that have SaaS solutions. So unlike a lot of customers and even the market in general, associate the Marketplace for historical reasons, the way it started with a lot of monthly subscriptions and just dipping your toe in it from a consumer perspective. Whereas we're doing multimillion dollar, multi-year SaaS contracts. So the most complicated kinds of transactions you'd normally associate with enterprise software, we're doing in very low friction ways. >> On the Zscaler side going in low friction. >> Yep, yeah, that's right. >> How about the customer experience? >> So it is primarily the the customer that experiences. >> Driving it? >> Yeah, they're driving it and it's because rather than traditional methods of going through paperwork, purchase orders- >> What are some of the things that customers are saying about this, bcause I see two benefits, I'll say that. The friction, it's a channel, okay, for Zscaler. Let's be clear, but now you have a customer who's got a lot of Amazon. They're a trusted partner too. So why wouldn't they want to have one point of contact to use their purchasing power and you guys are okay with that. >> We're absolutely okay with it. The reason being, we're still doing the transaction and we can do the transaction with our... We're a channel first company, so that's another important distinction of how people tend to think of the Marketplace. We go through channel. A lot of our transactions are with traditional channel partners and you'd be surprised the kinds of, even the Telcos, carrier providers, are starting to embrace Marketplace. So from a customer perspective, it's less paperwork, less legal work. >> Yeah, I'd love to get your reaction to something, because I think this highlights to me what we've been reporting on with "theCUBE" with super cloud and other trends that are different in a good way. Taking it to the next level and that is that if you look at Zscaler, SaaS, SaaS is self-service, the scale, there's efficiencies. Marketplace first started out as a self-service catalog, a website, you know, click and choose, but now it's a different. He calls it a supply chain, like the CICD pipeline of buying software. He mentions that, there's also services. He put the Channel partners can come in. The GSIs, global system integrators can come in. So it's more than just a catalog now. It's kind of self-service procurement more than it is just a catalog of buy stuff. >> Yes, so yeah, I feel CEOs, CSOs of today should understand what Marketplace brings to the bear in terms of different kinds of services or Zscaler solutions that they can acquire through Marketplace and other ISV solutions, for that matter. I feel like we are at a point, after the pandemic, where there'll be a lot of digital exploration and companies can do more in terms of not just Marketplace, but also including the channel partners as part of deals. So you talked about channel conflict. AWS addressed this by bringing a program called CPPO in the picture, Channel Partner Private Offers. What that does is, we are not only bringing all our channel partners into deals. For renewals as well, they're the partner of record and they get paid alongside with the customer. So AWS does all the heavy lifting, in terms of disbursements of payments to us, to the channel partner, so it's a win-win situation for all. >> I mean, private offers and co-sale has been very popular. >> It has been, and that is our bread and butter in the Marketplace. Again, we do primarily three year contracts and so private offers work super well. A nice thing for us as a vendor is it provides a great amount of flexibility. Private Offer gives you a lot of optionality, in terms of how the constructs of the deal and whether or not you're working with a partner, how the partner is utilizing as well to resell to the end user. So, we've always talked about AWS giving IT agility. This gives purchasing and finance business agility. >> Yeah, and I think this comes up a lot. I just noticed this happening a lot more, where you see dedicated sessions, not just on DevOps and all the goodies of the cloud, financial strategy. >> Yeah. >> Seeing a lot more conversation around how to operationalize the business transactions in the cloud. >> Absolutely. >> This is the new, I mean it's not new, it's been thrown around, but not at a tech conference. You don't see that. So I got to ask you guys, what's the message to the CISOs and executives watching the business people about Zscaler in the Marketplace? What should they be looking at? What is the pitch for Zscaler for the Marketplace buyer? >> So I would say that we are a cloud-delivered network security service. We have been in this game for more than a decade. We have years of early head start with lots of features and functionality versus our competitors. If customers were to move into AWS Cloud, they can get rid of their next-gen firewalls and just have all the traffic routed through our Zscaler internet access and use Zscaler private access for accessing their private applications. We feel we have done everything in our capacity, in terms of enabling customers through Marketplace and will continue to participate in more features and functionality that Marketplace has to offer. We would like these customers to take advantage of their EDPs as well as their retirement and spend for the multi-commit through AWS Marketplace. Learn about what we have to offer and how we can really expedite the motion for them, if they want to procure our solutions through Marketplace >> You know, we're seeing an ability for them to get more creative, more progressive in terms of the purchasing. We're also doing, we're really excited about the ability to serve multiple markets. So we've had an immense amount of success in commercial. We also are seeing increasing amount of public sector, US federal government agencies that want to procure this way as well for the same reasons. So there's a lot of innovation going on. >> So you have the FedRAMP going on, you got all those certifications. >> Exactly right. So we are the first cloud-native solution to provide IL5 ATO, as well as FedRAMP pie and we make that all available, GSA schedule pricing through the AWS Marketplace, again through FSIs and other resellers. >> Public private partnerships have been a big factor, having that span of capability. I got to ask you about, this is a cool conversation, because now you're like, okay, I'm selling through the Marketplace. Companies themselves are changing how they operate. They don't just buy software that we used to use. So general purpose, bundled stuff. Oh yeah, I'm buying this product, because this has got a great solution and I have to get forced to use this firewall, because I bought this over here. That's not how companies are architecting and developing their businesses. It's no longer buying IT. They're building their company digitally. They have to be the application. So they're not sitting around, saying hey, can I get a solution? They're building and architecting their solution. This is kind of like the new enterprise that no one's talking about. They kind of, got to do their own work. >> Yes. >> There's no general purpose solution that maps every company. So they got to pick the best piece parts and integrate them. >> Yes and I feel- >> Do you guys agree with that? >> Yeah, I agree with that and customers don't want to go for point solutions anymore. They want to go with a platform approach. They want go with a vendor that can not only cut down their vendors from multi-dozens to maybe a dozen or less and that's where, you know, we kind of have pivoted to the platform-centric approach, where we not only help customers with Cloud Network Security, but we also help customers with Cloud Native Application Protection Platform that we just recently launched. It's going by the name of the different elements, including Cloud Security Posture Management, Cloud Identity Event Management and so we are continuously doing more and more on the configuration and vulnerability side space. So if a customer has an AWS S3 bucket that is opened it can be detected and can be remediated. So all of those proactive steps we are taking, in terms of enhancing our portfolio, but we have come a long way as a company, as a platform that we have evolved in the Marketplace. >> What's the hottest product? >> The hottest product? >> In Marketplace right now. >> Well, the fastest growing products include our digital experience products and we have new Cloud Protection. So we've got Posture and Workload Protection as well and those are the fastest growing. For AWS customers a strong affinity also for ZPA, which provides you zero trust access to your workloads on AWS. So those are all the most popular in Marketplace. >> Yeah. >> So I would like to add that we recently launched and this has been a few years, a couple of years. We launched a product called Zscaler Digital X, the ZDX. >> Mm-hmm. >> What that product does is, let's say you're making a Zoom call and your WiFi network is laggy or it's a Zoom server that's laggy. It kind of detects where is the problem and it further tells the IT department you need to fix either the server on which Zoom is running, or fix your home network. So that is the beauty of the product. So I think we are seeing massive growth with some of our new editions in the portfolio, which is a long time coming. >> Yeah and certainly a lot of growth opportunities for you guys, as you come in. Where do you see Zscaler's big growth coming from product-wise? What's the big push? Actually, this is great upside for you here. >> Yeah. >> On the go to market side. Where's the big growth for Zscaler right now? So I think we are focused as a company on zero trust architecture. We want to securely connect users to apps, apps to apps, workloads to workloads and machines to machines. We want to give customers an experience where they have direct access to the apps that's hidden from the outside world and they can securely connect to the apps in a very succinct fashion. The user experience is second to none. A lot of customers use us on the Microsoft Office 365 side, where they see a lag in connecting to Microsoft Office 365 directly. They use the IE service to securely connect. >> Yeah, latency kills. >> Microsoft Office 365. >> Latency kills, as we always say, you know and security, you got to look at the pattern, you want to see that data. >> Yeah, and emerging use cases, there is an immense amount of white space and upside for us as well in emerging use cases, like OT, 5G, IOT. >> Yeah. >> Federal government, DOD. >> Oh god, tactical edge government. >> Security at the edge, absolutely, yeah. >> Where's the big edge? What's the edge challenge right now, if you have to put your finger on the edge, because right now that's the hot area, we're watching that. It's going to be highly contested. It's not yet clear, I mean certainly hybrid is the operating model, cloud, distributing, computing, but edge has got unique things that you can't really point to on premises that's the same. It's highly dynamic, you need high bandwidth, low latency, compute at the edge. The data has to be processed right there. What's the big thing at the edge right now? >> Well, so that's probably an emerging answer. I mean, we're working with our customers, they're inventing and they're kind of finding the use cases for those edge, but one of the good things about Zscaler is that we are able to, we've got low latency at the edge. We're able to work as a computer at the edge. We work on Outpost, Snowball, Snowcone, the Snow devices. So we can be wherever our customers need us. Mobile devices, there are a lot of applications where we've got to be either on embedded devices, on tractors, providing security for those IOT devices. So we're pretty comfortable with where we are being the- >> So that's why you guys are financially doing so well, performance wise. I got to ask you though, because I think that brings up the great point. If this is why I like the Marketplace, if I'm a customer, the edge is highly dynamic. It's changing all the time. I don't want to wait to buy something. If I got my solution architects on a product, I need to know I'm going to have zero trust built in and I need to push the button on Zscaler. I don't want to wait. So how does the procurement side impact? What have you guys seen? Share your thoughts on how Marketplace is working from the procurement standpoint, because it seems to me to be fast. Is that right, or is it still slow on their side? On the buyer side, because this to me would be a benefit to developers, if we say, hey, the procurement can just go really fast. I don't want to go through a bunch of PO approvals or slow meetings. >> It can be, that manifests itself in several ways, John. It can be, for instance, somebody wants to do a POC and traditionally you could take any amount of time to get budget approval, take it through. What if you had a pre-approved cloud budget and that was spent primarily through AWS Marketplace, because it's consolidated data on your AWS invoice. The ability to purchase a POC on the Marketplace could be done literally within minutes of the decision being made to go forward with it. So that's kind of a front end, you know, early stage use case. We've got examples we didn't talk about on our recent earnings call of how we have helped customers bring in their procurement with large million dollar, multimillion dollar deals. Even when a resaler's been involved, one of our resaler partners. Being able to accelerate deals, because there's so much less legal work and traditional bureaucratic effort. >> Agility. >> That agility purchasing process has allowed our customers to pull into the quarter, or the end of month, or end of quarter for them, deals that would've otherwise not been able to be done. >> So this is a great example of where you can set policy and kind of create some guard rails around innovation and integration deals, knowing if it's something that the edge is happening, say okay, here's some budget. We approved it, or Amazon gives credits and partnership going on. Then I'd say, hey, well green light this, not to exceed a million dollars, or whatever number in their range and then let people have the freedom to execute. >> You're absolutely right, so from the purchasing side, it does give them that agility. It eliminates a lot of the processes that would push out a purchase in actual execution past when the business decision is made and quite frankly, to be honest, AWS has been very accommodative. They're a great partner. They've invested a lot in Marketplace, Marketplace programs, to help customers do the right thing and do it more quickly as well as vendors like us to help our customers make the decisions they need to. >> Rising tide, a rising tide floats all boats and you guys are a great example of an independent company. Highly successful on your own. >> Yep. >> Certainly the numbers are clear. Wall Street loves Zscaler and economics are great. >> Our customer CSAT numbers are off the scale as well. >> Customers are great and now you've got the Marketplace. This is again, a new normal. A new kind of ecosystem is developing where it's not like the old monolithic ecosystems. The value creation and extraction is happening differently now. It's kind of interesting. >> Yes and I feel we have a long way to go, but what I can tell you is that Zscaler is in this for the long run. We are seeing some of the competitors erupt in the space as well, but they have a long way to go. What we have built requires years worth of R&D and features and thousands of customer's use cases which kind of lead to something what Zscaler has come up with today. What we have is very unique and is going to continuously be an innovation in the market in the years to come. In terms of being more cloud-savvy or more cloud-focused or more cloud-native than what the market has seen so far in the form of next-gen firewalls. >> I know you guys have got a lot of AI work. We've had many conversations with Howie over there. Great stuff and really appreciate you guys participating in our super cloud event we had and we'll see more of that where we're talking about the next generation clouds, really enabling that new disruptive, open-spanning capabilities across multiple environments to run cloud-native modern applications at scale and secure. Appreciate your time to come on "theCUBE". >> Thank you. >> Thank you very much. >> Thanks for having us. >> Thanks, I totally appreciate it. Zscaler, leading company here on "theCUBE" talking about their relationship with Marketplace as they continue to grow and succeed as technology goes to the next level in the cloud. Of course "theCUBE's" covering it here in Seattle. I'm John Furrier, your host. Thanks for watching. (peaceful electronic music)

(upbeat music) >> We're back with a Blueprint for Trusted Infrastructure in partnership with Dell Technologies and theCUBE. And we're here with Mahesh Nagarathnam who is a consultant in the area of networking product management at Dell technologies. Mahesh, welcome, good to see you. >> Hey, good morning, Dave. It's nice to meet you as well. >> Hey, so we've been digging into all the parts of the infrastructure stack, and now we're going to look at the all important networking components. Mahesh, when we think about networking in today's environment, we think about the core data center and we're connecting out to various locations including the cloud and both the near and the far edge. So the question is from Dell's perspective what's unique and challenging about securing network infrastructure that we should know about? >> Yeah, so a few years ago, IT security in an enterprise was primarily putting a wrapper around the data center because IT was constrained to an infrastructure owned and operated by the enterprise for the most part. So putting a wrapper around it like a perimeter or a firewall was a sufficient response because you could basically control the enormous data into small enough control. Today, with the distributed data intelligent software different systems, multi-cloud environment and asset service delivery. The infrastructure for the modern era changes the way to secure the network infrastructure. In today's data driven world, IT operates everywhere and data is created and accessed everywhere. So far from the centralized mono data centers of the past. The biggest challenge is how do we build the network infrastructure of the modern era that are intelligent, with automation, enabling maximum flexibility and business agility without any compromise on the security. We believe that in this data era, the security transformation must accompany digital transformation. >> Yeah, that's very good. You talked about a couple of things there. Data by its very nature is distributed, there is no perimeter anymore. So you can't just, as you say, put a wrapper around it, I like the way you phrase that. So when you think about cyber security resilience from a networking perspective, how do you define that? In other words, what are the basic principles that you adhere to when thinking about securing network infrastructure for your customers? >> So our belief is that cybersecurity and cybersecurity resilience, they need to be holistic. They need to be integrated, scalable, one that spans the enterprise and with a consistent and objective and policy implementation. So cybersecurity needs to span across all the devices and running across any application whether the application resets on the cloud or anywhere else in the infrastructure. From a networking standpoint, what does it mean? It's again, the same principles. In order to prevent the threat actors from accessing, changing, destroying or stealing sensitive data, this definition holds good for networking as well. So if you look at it from a networking perspective it's the ability to protect from and withstand attacks on the networking systems. As we continue to evolve, this will also include the ability to adapt and recover from these attacks which is what cyber resilience aspect is all about. So cybersecurity, best practices as you know is continuously changing the landscape primarily because the cyber threats also continue to evolve. >> Yeah, got it. I like that. So, it's got to be integrated. It's got to be scalable. It's got to be comprehensive and adaptable. You're saying it can't be static. >> Right. So I think, you had a second part of the question that says, what are the basic principles when you're thinking about securing network infrastructure. When you are looking at securing the network infrastructure it revolves around core security capability of the devices that form the network. And what are these security capabilities? These are access control, software integrity and vulnerability response. When you look at access control it's to ensure that only the authenticated users are able to access the platform and they're able to access only the kind of the assets that they're authorized to, based on their user level. Now accessing a network platform like a switch or a router, for example, is typically used for configuration and management of the networking switch. So user access is based on roles for that matter role based access control, whether you are security admin or a network admin or a storage admin. And it's imperative that logging is enabled because any of the change to the configuration is actually logged and monitored as well. When we're talking about software's integrity, it's the ability to ensure that the software that's running on the system has not been compromised. And this is important because it could actually get hold of the system and you could get undesired results. In terms of validation of the images, it needs to be done through digital signature. So it's important that when you're talking about software integrity, A, you are ensuring that the platform is not compromised and B, that any upgrades that happens to the platform is happening through validated signature. >> Okay. And now you've, so there's access control, software integrity and I think you got a third element, which is, I think response, but please continue. >> Yeah. So, the third one about vulnerability. So we follow the same process that's been followed by the rest of the products within the Dell Product family that's to report or identify any kind of vulnerability that's being addressed by the Dell Product Security Incident Response Team. So the networking portfolio is no different. It follows the same process for identification for triage and for resolution of these vulnerabilities. And this address either through patches or through new resource via networking software. >> Yeah, got it. I mean, you didn't say zero trust but when you were talking about access control you're really talking about access to only those assets that people are authorized to access. I know zero trust sometimes is a buzzword, but you, I think gave it some clarity there. Software integrity, it's about assurance, validation, your digital signature, you mentioned, and that there's been no compromise. And then how you respond to incidents in a standard way that can fit into a security framework. So outstanding description. Thank you for that. But then the next question is how does Dell Networking fit into the construct of what we've been talking about, Dell Trusted Infrastructure? >> So networking is the key element in the Dell Trusted Infrastructure. It provides the interconnect between the server and the storage world and it's part of any data center configuration. For a trusted infrastructure, the network needs to have access control in place where only the authorized personals are able to make change to the network configuration and logging of any of those changes is also done through the logging capabilities. Additionally, we should also ensure that the configuration should provide network isolation between the management network and the data traffic network because they need to be separate and distinct from each other. And furthermore, even if you look at the data traffic network, you have things like segmentation, isolated segments and via VRFs or micro-segmentation via partners. This allows various level of security for each of those segments. So it's important that the network infrastructure has the ability to provide all these services. From a Dell networking security perspective, there are multiple layers of defense, both at the edge and in the network, in the hardware and in the software. And essentially, a set of rules and a configuration that's designed to sort of protect the integrity, confidentiality and accessibility of the network assets. So each network security layer, it implements policies and controls, as I said, including network segmentation, we do have capabilities, resources, centralized management, automation, and capability and scalability for that matter. Now you add all of these things with the open networking standards or software different principles, and you essentially reach to the point where you're looking at zero trust network access which is essentially sort of a building block for increased cloud adoption. If you look at the different pillars of a zero touch architecture, if you look at the device aspect, we do have support for secure boot, for example, we do have trusted platform, trusted platform models, TPMs on certain offer products. And the physical security, plain simple old WLAN port enable disable. From a user trust perspective, we know it's all done via access control base via role based access control and capability in order to provide remote authentication or things like sticky MAC or MAC learning limit and so on. If you look at a transport and a session trust layer, these are essentially, how do you access this switch. Is it by plain old Telnet, or is it like secure SSH. And when a host communicates to the switch, we do have things like self-signed or a certificate authority based certification. And one of the important aspect is, in terms of the routing protocol the routing protocol, for example, BGP, for example, we do have the capability to support MD5 authentication between the BGP peers so that there is no malicious attack to the network where the routing table is compromised. And the other aspect is about control plain ESL. It's typical that if you don't have a control plane Azure, it could be flooded and the switch could be compromised by denial of service attacks. From an application test perspective, as I mentioned, we do have the application specific security rules where you could actually define the specific security rules based on the specific applications that are running within the system. And I did talk about the digital signature and the cryptographic checks and that we do for authentication and, I mean rather for the authenticity and the validation of the image and the boundary and so on and so forth. Finally the data trust, we are looking at the network separation. The network separation could happen over VRF, plain old VLANs which can bring about multitenancy aspects. We talk about micro-segmentation as it applies to NSX, for example. The other aspect is we do have with our own smart fabric services, that's enabled in a fabric, we have a concept of cluster security. So all of this, the different pillars, they sort of make up for the zero trust infrastructure for the networking assets of an infrastructure. >> Yeah, so thank you for that. There's a lot to unpack there. One of the premise, the premise really this segment that we're setting up in this series, is really that everything you just mentioned, or a lot of things you just mentioned used to be the responsibility of the security team and the premise that we're putting forth is that because security teams are so stretched thin, you got to shift a vendor community, Dell specifically is shifting a lot of those tasks to their own R&D and taking care of a lot of that. 'cause SecOps teams got a lot of other stuff to worry about. So my question relates to things like automation which can help and scalability. What about those topics as it relates to networking infrastructure? >> Our portfolio, it enables state of the automation software that enables simplifying of the design. So for example, we do have the fabric design center, a tool that automates the design of the entire fabric and from a deployment and the management of the network infrastructure, there are simplicities using like Ansible playbooks for SONiC, for example. Or for a better storage, we do have smart fabric services that can automate the entire fabric for a storage solution or for one of the workloads, for example. Now we do help reduce the complexity by closely integrating the management of the physical and the virtual networking infrastructure. And again, we have those capabilities using SONiC or smart traffic services. If you look at SONiC for example, it delivers automated intent based secure containerized network. And it has the ability to provide network visibility and awareness and of these things are actually valid for a modern networking infrastructure. So now if you look at SONiC, the usage of those tools that are available within the SONiC NAS is not restricted just to the data center infrastructure, it's a unified NAS that's well applicable beyond the data center, right up to the edge. Now, if you look at our NAS from a smart traffic OS10 perspective, as I mentioned, we do have smart traffic services, which essentially simplifies the deployment, day one day two deployment expansion plans and the life cycle management of our converged infrastructure and hyperconverged infrastructure solutions. And finally, in order to enable zero touch deployment, we do have a VEP solution with our SD-WAN capability. So these are in a ways by which we bring down the complexity by enhancing the automation capability using a singular NAS that can expand from a data center now, right to the edge. >> Great, thank you for that. Last question real quick. Pitch me, can you summarize from your point of view what's the strength of the Dell networking portfolio? >> So from a Dell networking portfolio we support the capabilities at multiple layers, as I mentioned. We've talking about the physical security, for example, let's say disabling of the unused interface, sticky MAC and trusted platform modules are the things that to go after. And when you're talking about secure boot, for example, it delivers the authenticity and the integrity of the OS10 images at the startup. And secure boot also protects the startup configuration so that the startup configuration file is not compromised. And secure boot also enables the bootloader protection, for example. That is at another aspect of software image, integrity validation, wherein the image is validated for the digital signature prior to any upgrade process. And if you are looking at secure access control we do have things like role-based access control, SSH to the switches, control plane, access control, that pre-onset attacks and access control through multifactor authentication. We do have Radius Tech ads for entry control to the network and things like CSE and PRV support from a federal perspective. We do have logging wherein any event, any auditing capabilities can be possible by looking at the syslog servers which are pretty much in our transmitter from the devices ORTS, for example. And last we talked about network separation. And this separation ensures that that is a contained segment for a specific purpose or for the specific zone. And this can be implemented by a micro-segmentation, just a plain old WLAN or using virtual route of framework VRF, for example. >> A lot there. I mean, I think frankly, my takeaway is you guys do the heavy lifting in a very complicated topic. So thank you so much for coming on theCUBE and explaining that in quite some depth. Really appreciate it. >> Thank you, Dave. >> Oh, you're very welcome. Okay in a moment, I'll be back to dig into the hyperconverged infrastructure part of the portfolio, and look at how, when you enter the world of software defined where you're controlling servers and storage and networks via software led system, you could be sure that your infrastructure is trusted and secure. You're watching a Blueprint for Trusted Infrastructure made possible by Dell technologies and collaboration with theCUBE, your leader in enterprise and emerging tech coverage. (soft upbeat music)

(bright music) >> Welcome back everyone. theCube's live coverage here. Day two, of two sets, three days of theCube coverage here at VMware Explore. This is our 12th year covering VMware's annual conference, formerly called VM World. I'm John Furrier, with Dave Vellante. We'd love seeing the progress and we've got great security comes Tom Gill, senior vices, president general manager, networking and advanced security business group at VMware. Great to see you. Thanks for coming on. >> Thanks. for having me. >> Yeah, really happy we could have you on. >> I think this is my sixth edition on the theCube. Do I get frequent flyer points or anything? >> Yeah. >> You first get the VIP badge. We'll make that happen. You can start getting credits. >> Okay, there we go. >> We won't interrupt you. Seriously, you got a great story in security here. The security story is kind of embedded everywhere, so it's not called out and blown up and talked specifically about on stage. It's kind of in all the narratives in the VM World for this year. But you guys have an amazing security story. So let's just step back and to set context. Tell us the security story for what's going on here at VMware and what that means to this supercloud, multi-cloud and ongoing innovation with VMware. >> Yeah, sure thing. So probably the first thing I'll point out is that security's not just built in at VMware. It's built differently. So, we're not just taking existing security controls and cut and pasting them into our software. But we can do things because of our platform, because of the virtualization layer that you really can't do with other security tools. And where we're very, very focused is what we call lateral security or East-West movement of an attacker. 'Cause frankly, that's the name of the game these days. Attackers, you've got to assume that they're already in your network. Already assume that they're there. Then how do we make it hard for them to get to the stuff that you really want? Which is the data that they're going after. And that's where we really should. >> All right. So we've been talking a lot, coming into VMware Explore, and here, the event. About two things. Security, as a state. >> Yeah. >> I'm secure right now. >> Yeah. >> Or I think I'm secure right now, even though someone might be in my network or in my environment. To the notion of being defensible. >> Yeah. >> Meaning I have to defend and be ready at a moment's notice to attack, fight, push back, red team, blue team. Whatever you're going to call it. But something's happening. I got to be able to defend. >> Yeah. So what you're talking about is the principle of Zero Trust. When I first started doing security, the model was we have a perimeter. And everything on one side of the perimeter is dirty, ugly, old internet. And everything on this side, known good, trusted. What could possibly go wrong. And I think we've seen that no matter how good you make that perimeter, bad guys find a way in. So Zero Trust says, you know what? Let's just assume they're already in. Let's assume they're there. How do we make it hard for them to move around within the infrastructure and get to the really valuable assets? 'Cause for example, if they bust into your laptop, you click on a link and they get code running on your machine. They might find some interesting things on your machine. But they're not going to find 250 million credit cards. >> Right. >> Or the script of a new movie or the super secret aircraft plans. That lives in a database somewhere. And so it's that movement from your laptop to that database. That's where the damage is done and that's where VMware shines. >> So if they don't have the right to get to that database, they're not in. >> And it's not even just the right. So they're so clever and so sneaky that they'll steal a credential off your machine, go to another machine, steal a credential off of that. So, it's like they have the key to unlock each one of these doors. And we've gotten good enough where we can look at that lateral movement, even though it has a credential and a key, we're like wait a minute. That's not a real CIS Admin making a change. That's ransomware. And that's where you. >> You have to earn your way in. >> That's right. That's right. Yeah. >> And we're all kinds of configuration errors. But also some user problems. I've heard one story where there's so many passwords and username and passwords and systems that the bad guys scour, the dark web for passwords that have been exposed. >> Correct. >> And go test them against different accounts. Oh one hit over here. >> Correct. >> And people don't change their passwords all the time. >> Correct. >> That's a known vector. >> Just the idea that users are going to be perfect and never make a mistake. How long have we been doing this? Humans are the weakest link. So people are going to make mistakes. Attackers are going to be in. Here's another way of thinking about it. Remember log4j? Remember that whole fiasco? Remember that was at Christmas time. That was nine months ago. And whoever came up with that vulnerability, they basically had a skeleton key that could access every network on the planet. I don't know if a single customer that said, "Oh yeah, I wasn't impacted by log4j." So here's some organized entity had access to every network on the planet. What was the big breach? What was that movie script that got stolen? So there wasn't one, right? We haven't heard anything. So the point is, the goal of attackers is to get in and stay in. Imagine someone breaks into your house, steals your laptop and runs. That's a breach. Imagine someone breaks into your house and stays for nine months. It's untenable, in the real world, right? >> Right. >> We don't know in there, hiding in the closet. >> They're still in. >> They're watching everything. >> Hiding in your closet, exactly. >> Moving around, nibbling on your cookies. >> Drinking your beer. >> Yeah. >> So let's talk about how this translates into the new reality of cloud-native. Because now you hear about automated pentesting is a new hot thing right now. You got antivirus on data is hot within APIs, for instance. >> Yeah. >> API security. So all kinds of new hot areas. Cloud-native is very iterative. You know, you can't do a pentest every week. >> Right. >> You got to do it every second. >> So this is where it's going. It's not so much simulation. It's actually real testing. >> Right. Right. >> How do you view that? How does that fit into this? 'cause that seems like a good direction to me. >> Yeah. If it's right in, and you were talking to my buddy, Ahjay, earlier about what VMware can do to help our customers build cloud native applications with Tanzu. My team is focused on how do we secure those applications? So where VMware wants to be the best in the world is securing these applications from within. Looking at the individual piece parts and how they talk to each other and figuring out, wait a minute, that should never happen. By almost having an x-ray machine on the innards of the application. So we do it for both for VMs and for container based applications. So traditional apps are VM based. Modern apps are container based. And we have a slightly different insertion mechanism. It's the same idea. So for VMs, we do it with a hypervisor with NSX. We see all the inner workings. In a container world we have this thing called a service mesh that lets us look at each little snippet of code and how they talk to each other. And once you can see that stuff, then you can actually apply. It's almost like common sense logic of like, wait a minute. This API is giving back credit card numbers and it gives five an hour. All of a sudden, it's now asking for 20,000 or a million credit cards. That doesn't make any sense. The anomalies stick out like a sore thumb. If you can see them. At VMware, our unique focus in the infrastructure is that we can see each one of these little transactions and understand the conversation. That's what makes us so good at that East-West or lateral security. >> You don't belong in this room, get out or that that's some weird call from an in memory database, something over here. >> Exactly. Where other security solutions won't even see that. It's not like there algorithms aren't as good as ours or better or worse. It's the access to the data. We see the inner plumbing of the app and therefore we can protect the app from. >> And there's another dimension that I want to get in the table here. 'Cause to my knowledge only AWS, Google, I believe Microsoft and Alibaba and VMware have this. >> Correct >> It's Nitro. The equivalent of a Nitro. >> Yes. >> Project Monterey. >> Yeah. >> That's unique. It's the future of computing architectures. Everybody needs a Nitro. I've written about this. >> Yeah. >> Right. So explain your version. >> Yeah. >> It's now real. >> Yeah. >> It's now in the market, right? >> Yeah. >> Or soon will be. >> Here's our mission. >> Salient aspects. >> Yeah. Here's our mission of VMware. Is that we want to make every one of our enterprise customers. We want their private cloud to be as nimble, as agile, as efficient as the public cloud. >> And secure. >> And secure. In fact, I'll argue, we can make it actually more secure because we're thinking about putting security everywhere in this infrastructure. Not just on the edges of it. Okay. How do we go on that journey? As you pointed out, the public cloud providers realized five years ago that the right way to build computers was not just a CPU and a graphics process unit, GPU. But there's this third thing that the industry's calling a DPU, data processing unit. And so there's kind of three pieces of a computer. And the DPU is sometimes called a Smartnic. It's the network interface card. It does all that network handling and analytics and it takes it off the CPU. So they've been building and deploying those systems themselves. That's what Nitro is. And so we have been working with the major Silicon vendors to bring that architecture to everybody. So with vSphere 8, we have the ability to take the network processing, that East-West inspection I talked about, take it off of the CPU and put it into this dedicated processing element called the DPU and free up the CPU to run the applications that Ahjay and team are building. >> So no performance degradation at all? >> Correct. To CPU offload. >> So even the opposite, right? I mean you're running it basically Bare Metal speeds. >> Yes, yes and yes. >> And you're also isolating the storage from the security, the management, and. >> There's an isolation angle to this, which is that firewall, that we're putting everywhere. Not just that the perimeter, but we put it in each little piece of the server is running when it runs on one of these DPUs it's a different memory space. So even if an attacker gets to root in the OS, they it's very, very, never say never, but it's very difficult. >> So who has access to that resource? >> Pretty much just the infrastructure layer, the cloud provider. So it's Amazon, Google, Microsoft, and the enterprise. >> Application can't get in. >> Can't get in there. Cause you would've to literally bridge from one memory space to another. Never say never, but it would be very. >> But it hasn't earned the trust to get. >> It's more than barbwire. It's multiple walls. >> Yes. And it's like an air gap. It puts an air gap in the server itself so that if the server is compromised, it's not going to get into the network. Really powerful. >> What's the big thing that you're seeing with this supercloud transition. We're seeing multi-cloud and this new, not just SaaS hosted on the cloud. >> Yeah. >> You're seeing a much different dynamic of, combination of large scale CapEx, cloud-native, and then now cloud-native drills on premises and edge. Kind of changing what a cloud looks like if the cloud's on a cloud. >> Yeah. >> So we're the customer, I'm building on a cloud and I have on premise stuff. So, I'm getting scale CapEx relief from the hyperscalers. >> I think there's an important nuance on what you're talking about. Which is in the early days of the cloud customers. Remember those first skepticism? Oh, it'll never work. Oh, that's consumer grade. Oh, that's not really going to work. Oh some people realize. >> It's not secure. >> Yeah. It's not secure. >> That one's like, no, no, no it's secure. It works. And it's good. So then there was this sort of over rush. Let's put everything on the cloud. And I had a lot of customers that took VM based applications said, I'm going to move those onto the cloud. You got to take them all apart, put them on the cloud and put them all back together again. And little tiny details like changing an IP address. It's actually much harder than it looks. So my argument is, for existing workloads for VM based workloads, we are VMware. We're so good at running VM based workloads. And now we run them on anybody's cloud. So whether it's your east coast data center, your west coast data center, Amazon, Google, Microsoft, Alibaba, IBM keep going. We pretty much every. >> And the benefit of the customer is what. >> You can literally VMotion and just pick it up and move it from private to public, public to private, private to public, Back and forth. >> Remember when we called Vmotion BS, years ago? >> Yeah. Yeah. >> VMotion is powerful. >> We were very skeptical. We're like, that'll never happen. I mean we were. This supposed to be pat ourselves on the back. >> Well because alchemy. It seems like what you can't possibly do that. And now we do it across clouds. So it's not quite VMotion, but it's the same idea. You can just move these things over. I have one customer that had a production data center in the Ukraine. Things got super tense, super fast and they had to go from their private cloud data center in the Ukraine, to a public cloud data center out of harm's way. They did it over a weekend. 48 hours. If you've ever migrated a data center, that's usually six months. Right. And a lot of heartburn and a lot of angst. Boop. They just drag and dropped and moved it on over. That's the power of what we call the cloud operating model. And you can only do this when all your infrastructures defined in software. If you're relying on hardware, load balancers, hardware, firewalls, you can't move those. They're like a boat anchor. You're stuck with them. And by the way, they're really, really expensive. And by the way, they eat a lot of power. So that was an architecture from the 90's. In the cloud operating model your data center. And this comes back to what you were talking about is just racks and racks of X86 with these magic DPUs, or smart nics, to make any individual node go blisteringly fast and do all the functions that you used to do in network appliances. >> We just had Ahjay taking us to school, and everyone else to school on applications, middleware, abstraction layer. And Kit Culbert was also talking about this across cloud. We're talking supercloud, super pass. If this continues to happen, which we would think it will happen. What does the security posture look like? It feels to me, and again, this is your wheelhouse. If supercloud happens with this kind of past layer where there's vMotioning going on. All kinds of spanning applications and data across environments. >> Yeah. Assume there's an operating system working on behind the scenes. >> Right. >> What's the security posture in all this? >> Yeah. So remember my narrative about the bad guys are getting in and they're moving around and they're so sneaky that they're using legitimate pathways. The only way to stop that stuff, is you've got to understand it at what we call Layer 7. At the application layer. Trying to do security to the infrastructure layer. It was interesting 20 years ago, kind of less interesting 10 years ago. And now it's becoming irrelevant because the infrastructure is oftentimes not even visible. It's buried in some cloud provider. So Layer 7 understanding, application awareness, understanding the APIs and reading the content. That's the name of the game in security. That's what we've been focused on. Nothing to do with the infrastructure. >> And where's the progress bar on that paradigm. One to ten. Ten being everyone's doing it. >> Right now. Well, okay. So we as a vendor can do this today. All the stuff I talked about, reading APIs, understanding the individual services looking at, Hey, wait a minute this credit card anomalies, that's all shipping production code. Where is it in customer adoption life cycle? Early days 10%. So there's a whole lot of headroom for people to understand, Hey, I can put these controls in place. They're software based. They don't require appliances. It's Layer 7, so it has contextual awareness and it's works on every single cloud. >> We talked about the pandemic being an accelerator. It really was a catalyst to really rethink. Remember we used to talk about Pat as a security do over. He's like, yes, if it's the last thing I do, I'm going to fix security. Well, he decided to go try to fix Intel instead. >> He's getting some help from the government. >> But it seems like CISOs have totally rethought their security strategy. And at least in part, as a function of the pandemic. >> When I started at VMware four years ago, Pat sat me down in his office and he said to me what he said to you, which is like, "Tom," he said, "I feel like we have fundamentally changed servers. We fundamentally change storage. We fundamentally change networking. The last piece of the puzzle of security. I want you to go fundamentally change it." And I'll argue that the work that we're doing with this horizontal security, understanding the lateral movement. East- West inspection. It fundamentally changes how security works. It's got nothing to do with firewalls. It's got nothing to do with Endpoint. It's a unique capability that VMware is uniquely suited to deliver on. And so Pat, thanks for the mission. We delivered it and it's available now. >> Those WET web applications firewall for instance are around, I mean. But to your point, the perimeter's gone. >> Exactly. >> And so you got to get, there's no perimeter. so it's a surface area problem. >> Correct. And access. And entry. >> Correct. >> They're entering here easy from some manual error, or misconfiguration or bad password that shouldn't be there. They're in. >> Think about it this way. You put the front door of your house, you put a big strong door and a big lock. That's a firewall. Bad guys come in the window. >> And then the windows open. With a ladder. >> Oh my God. Cause it's hot, bad user behavior trumps good security every time. >> And then they move around room to room. We're the room to room people. We see each little piece of the thing. Wait, that shouldn't happen. Right. >> I want to get you a question that we've been seeing and maybe we're early on this or it might be just a false data point. A lot of CSOs and we're talking to are, and people in industry in the customer environment are looking at CISOs and CSOs, two roles. Chief information security officer, and then chief security officer. Amazon, actually Steven Schmidt is now CSO at Reinforce. They actually called that out. And the interesting point that he made, we had some other situations that verified this, is that physical security is now tied to online, to your point about the service area. If I get a password, I still got the keys to the physical goods too. >> Right. So physical security, whether it's warehouse for them or store or retail. Digital is coming in there. >> Yeah. So is there a CISO anymore? Is it just CSO? What's the role? Or are there two roles you see that evolving? Or is that just circumstance. >> I think it's just one. And I think that the stakes are incredibly high in security. Just look at the impact that these security attacks are having on. Companies get taken down. Equifax market cap was cut 80% with a security breach. So security's gone from being sort of a nuisance to being something that can impact your whole kind of business operation. And then there's a whole nother domain where politics get involved. It determines the fate of nations. I know that sounds grand, but it's true. And so companies care so much about it they're looking for one leader, one throat to choke. One person that's going to lead security in the virtual domain, in the physical domain, in the cyber domain, in the actual. >> I mean, you mention that, but I mean, you look at Ukraine. I mean that cyber is a component of that war. I mean, it's very clear. I mean, that's new. We've never seen. this. >> And in my opinion, the stuff that we see happening in the Ukraine is small potatoes compared to what could happen. >> Yeah. >> So the US, we have a policy of strategic deterrence. Where we develop some of the most sophisticated cyber weapons in the world. We don't use them. And we hope never to use them. Because our adversaries, who could do stuff like, I don't know, wipe out every bank account in North America. Or turn off the lights in New York City. They know that if they were to do something like that, we could do something back. >> This is the red line conversation I want to go there. So, I had this discussion with Robert Gates in 2016 and he said, "We have a lot more to lose." Which is really your point. >> So this brand. >> I agree that there's to have freedom and liberty, you got to strike back with divorce. And that's been our way to balance things out. But with cyber, the red line, people are already in banks. So they're are operating below the red line line. Red line meaning before we know you're in there. So do we move the red line down because, hey, Sony got hacked. The movie. Because they don't have their own militia. >> Yeah. >> If their were physical troops on the shores of LA breaking into the file cabinets. The government would've intervened. >> I agree with you that it creates tension for us in the US because our adversaries don't have the clear delineation between public and private sector. Here you're very, very clear if you're working for the government. Or you work for an private entity. There's no ambiguity on that. >> Collaboration, Tom, and the vendor community. I mean, we've seen efforts to try to. >> That's a good question. >> Monetize private data and private reports. >> So at VMware, I'm very proud of the security capabilities we've built. But we also partner with people that I think of as direct competitors. We've got firewall vendors and Endpoint vendors that we work with and integrate. And so coopetition is something that exists. It's hard. Because when you have these kind of competing. So, could we do more? Of course we probably could. But I do think we've done a fair amount of cooperation, data sharing, product integration, et cetera. And as the threats get worse, you'll probably see us continue to do more. >> And the government is going to trying to force that too. >> And the government also drives standards. So let's talk about crypto. Okay. So there's a new form of encryption coming out called processing quantum. >> Quantum. Quantum computers have the potential to crack any crypto cipher we have today. That's bad. Okay. That's not good at all because our whole system is built around these private communications. So the industry is having conversations about crypto agility. How can we put in place the ability to rapidly iterate the ciphers in encryption. So, when the day quantum becomes available, we can change them and stay ahead of these quantum people. >> Well, didn't NIST just put out a quantum proof algo that's being tested right now by the community? >> There's a lot of work around that. Correct. And NIST is taking the lead on this, but Google's working on it. VMware's working on it. We're very, very active in how do we keep ahead of the attackers and the bad guys? Because this quantum thing is a, it's an x-ray machine. It's like a dilithium crystal that can power a whole ship. It's a really, really, really powerful tool. >> Bad things will happen. >> Bad things could happen. >> Well, Tom, great to have you on the theCube. Thanks for coming on. Take the last minute to just give a plug for what's going on for you here at VMWorld this year, just VMware Explore this year. >> Yeah. We announced a bunch of exciting things. We announced enhancements to our NSX family, with our advanced load balancer. With our edge firewall. And they're all in service of one thing, which is helping our customers make their private cloud like the public cloud. So I like to say 0, 0, 0. If you are in the cloud operating model, you have zero proprietary appliances. You have zero tickets to launch a workload. You have zero network taps and Zero Trust built into everything you do. And that's what we're working on. Pushing that further and further. >> Tom Gill, senior vices president, head of the networking at VMware. Thanks for coming on. We do appreciate it. >> Thanks for having us. >> Always getting the security data. That's killer data and security of the two ops that get the most conversations around DevOps and Cloud Native. This is The theCube bringing you all the action here in San Francisco for VMware Explore 2022. I'm John Furrier with Dave Vellante. Thanks for watching. (bright music)

>>Welcome back everyone Cube's live coverage here. Day two, two sets, three days of cube coverage here at VMware Explorer. This is our 12th year covering VMware's annual conference, formally called world I'm Jean Dave ante. We'd love seeing the progress and we've got great security comes Tom Gill, senior rights, president general manager, networking and advanced security business group at VMware. Great to see you. Thanks for coming on. Thanks >>For having me. Yeah, really happy we could have you on, you know, I think, I think this is my sixth edition on the cube. Like, do I get freaking flyer points or anything? >>Yeah, you get first get the VIP badge. We'll make that happen. You can start getting credits. >>Okay. There we go. >>We won't interrupt you. No, seriously, you got a great story in security here. The security story is kind of embedded everywhere, so it's not like called out and, and blown up and talked specifically about on stage. It's kind of in all the narratives in, in the VM world for this year. Yeah. But you guys have an amazing security story. So let's just step back into set context. Tell us the security story for what's going on here at VMware and what that means to this super cloud multi-cloud and ongoing innovation with VMware. Yeah, >>Sure thing. So, so probably the first thing I'll point out is that, that security's not just built in at VMware it's built differently, right? So we're not just taking existing security controls and cut and pasting them into, into our software. But we can do things because of our platform because of the virtualization layer that you really can't do with other security tools and where we're very, very focused is what we call lateral security or east west movement of an attacker. Cuz frankly, that's the name of the game these days. Right? Attackers, you gotta assume that they're already in your network. Okay. Already assume that they're there, then how do we make it hard for them to get to what the, the stuff that you really want, which is the data that they're, they're going after. Right. And that's where we, >>We really should. All right. So we've been talking a lot coming into world VMware Explorer and here the event about two things security as a state. Yeah. I'm secure right now. Yeah. Or I, I think I'm secure right now, even though someone might be in my network or in my environment to the notion of being defensible. Yeah. Meaning I have to defend and be ready at a moment's notice to attack, fight, push back red team, blue team, whatever you're gonna call it, but something's happening. I gotta be a to defend. Yeah. >>So you, what you're talking about is the principle of zero trust. So the, the, when we, when I first started doing security, the model was we have a perimeter and everything on one side of the perimeter is dirty, ugly, old internet and everything on this side known good, trusted what could possibly go wrong. And I think we've seen that no matter how good you make that perimeter, bad guys find a way in. So zero trust says, you know what? Let's just assume they're already in. Let's assume they're there. How do we make it hard for them to move around within the infrastructure and get to the really valuable assets? Cuz for example, if they bust into your laptop, you click on a link and they get code running on your machine. They might find some interesting things on your machine, but they're not gonna find 250 million credit cards. Right. Or the, the script of a new movie or the super secret aircraft plans, right. That lives in a database somewhere. And so it's that movement from your laptop to that database. That's where the damage is done. Yeah. And that's where VMware shines. If they don't >>Have the right to get to that database, they're >>Not >>In and it's not even just the right, like, so they're so clever. And so sneaky that they'll steal a credential off your machine, go to another machine, steal a credential off of that. So it's like they have the key to unlock each one of these doors and we've gotten good enough where we can look at that lateral movement, even though it has a credential and a key where like, wait a minute, that's not a real CIS admin making a change. That's ransomware. Yeah. Right. And that's, that's where we, you have to earn your way in. That's right. That's >>Right. Yeah. And we're all, there's all kinds of configuration errors. But also some, some I'll just user problems. I've heard one story where there's so many passwords and username and passwords and systems that the bad guy's scour, the dark web for passwords that have been exposed. Correct. And go test them against different accounts. Oh one hit over here. Correct. And people don't change their passwords all the time. Correct? Correct. That's a known, known vector. We, >>We just, the idea that users are gonna be perfect and never make mistake. Like how long have we been doing this? Like humans with the weakest link. Right. So, so, so people are gonna make mistakes. Attackers are gonna be in here's another way of thinking about it. Remember log for J. Remember that whole ago, remember that was a Christmas time. That was nine months ago. And whoever came up with that, that vulnerability, they basically had a skeleton key that could access every network on the planet. I don't know if a single customer that was said, oh yeah, I wasn't impacted by log for J. So seers, some organized entity had access to every network on the planet. What was the big breach? What was that movie script that got stolen? So there wasn't one. Right? We haven't heard anything. So the point is the goal of attackers is to get in and stay in. Imagine someone breaks into your house, steals your laptop and runs. That's a breach. Imagine someone breaks into your house and stays for nine months. Like it's untenable, the real world. Right, right. >>We don't even go in there. They're still in there >>Watching your closet. Exactly. Moving around, nibbling on your ni line, your cookies. You know what I mean? Drinking your beer. >>Yeah. So, so let's talk about how this translates into the new reality of cloud native, because now know you hear about, you know, automated pen testing is a, a new hot thing right now you got antivirus on data. Yeah. Is hot is hot within APIs, for instance. Yeah. API security. So all kinds of new hot areas, cloud native is very iterative. You know, you, you can't do a pen test every week. Right. You gotta do it every second. Right. So this is where it's going. It's not so much simulation. It's actually real testing. Right. Right. How do you view that? How does that fit into this? Cuz that seems like a good direction to me. >>Yeah. It, it, it fits right in. And you were talking to my buddy AJ earlier about what VMware can do to help our customers build cloud native applications with, with Zu, my team is focused on how do we secure those applications? So where VMware wants to be the best in the world is securing these applications from within looking at the individual piece parts and how they talk to each other and figuring out, wait a minute. That, that, that, that, that should never happen by like almost having an x-ray machine on the ins of the application. So we do it for both for VMs and for container based applications. So traditional apps are VM based. Modern apps are container based and we, and we have a slightly different insertion mechanism. It's the same idea. So for VMs, we do it with the hypervisor, with NSX, we see all the inner workings in a container world. >>We have this thing called a service me that lets us look at each little snippet of code and how they talk to each other. And once you can see that stuff, then you can actually apply. It's almost like common sense logic of like, wait a minute. You know, this API is giving back credit card numbers and it gives five an hour. All of a sudden, it's now asking for 20,000 or a million credit card that doesn't make any sense. Right? The anomalies stick out like a sore thumb. If you can see them. And VMware, our unique focus in the infrastructure is that we can see each one of these little transactions and understand the conversation. That's what makes us so good at that east west or lateral >>Security. Yeah. You don't belong in this room, get out or that that's right. Some weird call from an in-memory database, something over >>Here. Exactly. Where other, other security solutions won't even see that. Right. It's not like there algorithms aren't as good as ours or, or better or worse. It's that, it's the access to the data. We see the, the, the, the inner plumbing of the app. And therefore we can protect >>The app from, and there's another dimension that I wanna get in the table here, cuz to my knowledge only AWS, Google, I, I believe Microsoft and Alibaba and VMware have this, it nitro the equivalent of a nitro. Yes. Project Monterey. Yeah. That's unique. It's the future of computing architectures. Everybody needs a nitro. I've I've written about this. Yeah. Right. So explain your version. Yeah. Project. It's now real. It's now in the market right. Or soon will be. Yeah. Here. Here's our mission salient aspects. Yeah. >>Here's our mission of VMware is that we wanna make every one of our enterprise customers. We want their private cloud to be as nimble, as agile, as efficient as the public cloud >>And secure >>And secure. In fact, I'll argue, we can make it actually more secure because we're thinking about putting security everywhere in this infrastructure. Right. Not just on the edges of it. So, so, so, okay. How do we go on that journey? As you pointed out, the public cloud providers realized, you know, five years ago that the right way to build computers was not just a CPU and a GPU graphics process, unit GPU, but there's this third thing that the industry's calling a DPU data processing unit. So there's kind of three pieces of a computer. And the DPU is sometimes called a smart Nick it's the network interface card. It does all that network handling and analytics and it takes it off the CPU. So they've been building and deploying those systems themselves. That's what nitro is. And so we have been working with the major Silicon vendors to bring that architecture to everybody. So, so with vSphere eight, we have the ability to take the network processing that east west inspection. I talked about, take it off of the CPU and put it into this dedicated processing element called the DPU and free up the CPU to run the applications that AJ and team are building. >>So no performance degradation at all, correct. >>To CPU >>Offload. So even the opposite, right? I mean you're running it basically bare metal speeds. >>Yes, yes. And yes. >>And, and, and you're also isolating the, the storage right from the, from the, the, the security, the management. And >>There's an isolation angle to this, which is that firewall that we're putting everywhere. Not just that the perimeter, we put it in each little piece of the server is running when it runs on one of these DPU, it's a different memory space. So even if, if an attacker gets to root in the OS, they it's very, very, never say never, but it's very difficult. >>So who has access to that? That, that resource >>Pretty much just the infrastructure layer, the cloud provider. So it's Google Microsoft, you know, and the enterprise, the >>Application can't get in, >>Can't get in there. Cause it, you would've to literally bridge from one memory space to another, never say never, but it would be very, very, >>It hasn't earned the trust >>To get it's more than Bob wire. It's, it's, it's multiple walls and, and >>It's like an air gap. It puts an air gap in the server itself so that if the server's compromised, it's not gonna get into the network really powerful. >>What's the big thing that you're seeing with this super cloud transition we're seeing, we're seeing, you know, multicloud and this new, not just SAS hosted on the cloud. Yeah. You're seeing a much different dynamic of combination of large scale CapEx, cloud native. And then now cloud native develops on premises and edge kind of changing what a cloud looks like if the cloud's on a cloud. So rubber customer, I'm building on a cloud and I have on-prem stuff. So I'm getting scale CapEx relief from the, from the cap, from the hyperscalers. >>I, I think there's an important nuance on what you're talking about, which is, is in the early days of the cloud customers. Remember those first skepticism? Oh, it'll never work. Oh, that's consumer grade. Oh, that's not really gonna work. And some people realize >>It's not secure. Yeah. >>It, it's not secure that one's like, no, no, no, it's secure. It works. And it, and it's good. So then there was this sort of over rush. Like let's put everything on the cloud. And I had a lot of customers that took VM based applications said, I'm gonna move those onto the cloud. You gotta take 'em all apart, put 'em on the cloud and put 'em all back together again. And little tiny details, like changing an IP address. It's actually much harder than it looks. So my argument is for existing workloads for VM based workloads, we are VMware. We're so good at running VM based workloads. And now we run them on anybody's cloud. So whether it's your east coast data center, your west coast data center, Amazon, Google, Microsoft, Alibaba, IBM keep going. Right. We pretty much every, and >>The benefit of the customer is what you >>Can literally vMotion and just pick it up and move it from private to public public, to private, private, to public, public, back and forth. >>Remember when we called VMO BS years ago. Yeah, yeah, yeah. >>We were really, skeptic is >>Powerful. We were very skeptical. We're like, that'll never happen. I mean, we were, I mean, it's supposed to be pat ourselves on the back. We, well, >>Because it's alchemy, it seems like what you can't possibly do that. Right. And so, so, so, and now we do it across clouds, right? So we can, you know, it's not quite VMO, but it's the same idea. You can just move these things over. I have one customer that had a production data center in the Ukraine, things got super tense, super fast, and they had to go from their private cloud data center in the Ukraine to a public cloud data center outta harm's way. They did it over a weekend, 48 hours. If you've ever migrated data, that's usually six months, right? And a lot of heartburn and a lot of angst, boom. They just drag and drop, moved it on over. That's the power of what we call the cloud operating model. And you can only do this when all your infrastructure's defined in software. >>If you're relying on hardware, load, balancers, hardware, firewalls, you can't move those. They're like a boat anchor. You're stuck with them. And by the way, really, really expensive. And by the way, they eat a lot of power, right? So that was an architecture from the nineties in the cloud operating model, your data center. And this goes back to what you were talking about is just racks and racks of X 86 with these magic DPU or smart necks to make any individual node go blisteringly fast and do all the functions that you used to do in network appliances. >>We just said, AJ taking us to school and everyone else to school on applications, middleware abstraction layer. Yeah. And kit Culver was also talking about this across cloud. We're talking super cloud, super pass. If this continues to happen, which we would think it will happen. What does the security posture look like? It has. It feels to me. And again, this is, this is your wheelhouse. If super cloud happens with this kind of past layer where there's B motioning going on, all kinds of yeah. Spanning applications and data. Yeah. Across environments. Yeah. Assume there's an operating system working on behind the scenes. Right. What's the security posture in all this. Yeah. >>So remember my narrative about like VA guys are getting in and they're moving around and they're so sneaky that they're using legitimate pathways. The only way to stop that stuff is you've gotta understand it at what, you know, we call layer seven at the application layer the in, you know, trying to do security, the infrastructure layer. It was interesting 20 years ago, kind of less interesting 10 years ago. And now it's becoming irrelevant because the infrastructure is oftentimes not even visible, right. It's buried in some cloud provider. So layer seven, understanding, application awareness, understanding the APIs and reading the content. That's the name of the game in security. That's what we've been focused on. Right. Nothing to do with >>The infras. And where's the progress bar on that, that paradigm early one at the 10, 10 being everyone's doing it >>Right now. Well, okay. So we, as a vendor can do this today. All the stuff I talked about about reading APIs, understanding the, the individual services looking at, Hey, wait a minute. This credit card anomalies, that's all shipping production code. Where is it in customer adoption life cycle, early days, 10%. So, so there's a whole lot of headroom. We, for people to understand, Hey, I can put these controls in place. There's software based. They don't require appliances. It's layer seven. So it has contextual awareness and it's works on every single cloud. >>You know, we talk about the pandemic. Being an accelerator really was a catalyst to really rethink. Remember we used to talk about pat his security a do over. He's like, yes, if it's the last thing I'm due, I'm gonna fix security. Well, he decided to go try to fix Intel instead, but, >>But, but he's getting some help from the government, >>But it seems like, you know, CISOs have totally rethought, you know, their security strategy. And, and at least in part is a function of the pandemic. >>When I started at VMware four years ago, pat sat me down in his office and he said to me what he said to you, which is like Tom, he said, I feel like we have fundamentally changed servers. We fundamentally changed storage. We fundamentally changed networking. The last piece of the puzzle of security. I want you to go fundamentally change it. And I'll argue that the work that we're doing with this, this horizontal security understanding the lateral movement east west inspection, it fundamentally changes how security works. It's got nothing to do with firewalls. It's got nothing to do with endpoint. It's a unique capability that VMware is uniquely suited to deliver on. And so pat, thanks for the mission. We delivered it and available >>Those, those wet like web applications firewall for instance are, are around. I mean, but to your point, the perimeter's gone. Exactly. And so you gotta get, there's no perimeter. So it's a surface area problem. Correct. And access and entry, correct. They're entering here easy from some manual error or misconfiguration or bad password that shouldn't be there. They're >>In. Think about it this way. You put the front door of your house, you put a big strong door and a big lock. That's a firewall bad guys, come in the window. Right. And >>Then the window's open and the window with a ladder room. Oh my >>God. Cause it's hot, bad user behavior. Trump's good security >>Every time. And then they move around room to room. We're the room to room people. Yeah. We see each little piece of the thing. Wait, that shouldn't happen. Right. >>I wanna get you a question that we've been seeing and maybe we're early on this, or it might be just a, a false data point. A lot of CSOs and we're talking to are, and people in industry in the customer environment are looking at CSOs and CSOs, two roles, chief information security officer, and then chief security officer Amazon, actually, Steven Schmidt is now CSO at reinforced. They actually called that out. Yeah. And the, and the interesting point that he made, we've had some other situations that verified. This is that physical security is now tied to online to your point about the service area. If I get a password, I still at the keys to the physical goods too. Right. Right. So physical security, whether it's warehouse for them is, or store or retail digital is coming in there. Yeah. So is there a CSO anymore? Is it just CSO? What's the role or are there two roles you see that evolving or is that just, >>Well, >>I circumstance, >>I, I think it's just one. And I think that, that, you know, the stakes are incredibly high in security. Just look at the impact that these security attacks are having on it. It, you know, companies get taken down, Equifax market cap was cut, you know, 80% with a security breach. So security's gone from being sort of a nuisance to being something that can impact your whole kind of business operation. And then there's a whole nother domain where politics get involved. Right. It determines the fate of nations. I know that sounds grand, but it's true. Yeah. And so, so, so companies care so much about it. They're looking for one liter, one throat to choke, you know, one person that's gonna lead security in the virtual domain, in the physical domain, in the cyber domain, in, in, you know, in the actual, well, it is, >>I mean, you mentioned that, but I mean, mean you look at Ukraine. I mean the, the, that, that, that cyber is a component of that war. I mean, that's very clear. I mean, that's, that's new, we've never seen >>This. And in my opinion, the stuff that we see happening in the Ukraine is small potatoes compared to what could happen. Yeah, yeah. Right. So the us, we have a policy of, of strategic deterrents where we develop some of the most sophisticated cyber weapons in the world. We don't use them and we hope never to use them because the, the, our adversaries who could do stuff like, oh, I don't know, wipe out every bank account in north America, or turn off the lights in New York city. They know that if they were to do something like that, we could do something back. >>I, this discuss, >>This is the red line conversation I wanna go there. So >>I had this discussion with Robert Gates in 2016 and he said, we have a lot more to lose, which is really >>Your point. So this brand, so I agree that there's the, to have freedom and Liberty, you gotta strike back with divorce and that's been our way to, to balance things out. Yeah. But with cyber, the red line, people are already in banks. So they're addresses are operating below the red line, red line, meaning before we know you're in there. So do we move the red line down because Hey, Sony got hacked the movie because they don't have their own militia. Yeah. If they were physical troops on the shores of LA breaking into the file cabinets. Yeah. The government would've intervened. >>I, I, I agree with you that it creates, it creates tension for us in the us because our, our adversaries don't have the clear delineation between public and private sector here. You're very, very clear if you're working for the government or you work for an private entity, there's no ambiguity on that. And so, so we have different missions in each department. Other countries will use the same cyber capabilities to steal intellectual, you know, a car design as they would to, you know, penetrate a military network. And that creates a huge hazard for us on the us. Cause we don't know how to respond. Yeah. Is that a civil issue? Is that a, a, a military issue? And so, so it creates policy ambiguity. I still love the clarity of separation of, you know, sort of the various branches of government separation of government from, >>But that, but, but bureau on multinational corporation, you then have to, your cyber is a defensible. You have to build the defenses >>A hundred percent. And I will also say that even though there's a clear D mark between government and private sector, there's an awful lot of cooperation. So, so our CSO, Alex toshe is actively involved in the whole intelligence community. He's on boards and standards and we're sharing because we have a common objective, right? We're all working together to fight these bad guys. And that's one of the things I love about cyber is that that even direct competitors, two big banks that are rivals on the street are working together to share security information and, and private, is >>There enough? Is collaboration Tom in the vendor community? I mean, we've seen efforts to try to, that's a good question, monetize private data, you know? Yeah. And private reports and, >>And, you know, like, so at VMware, we, we, I'm very proud of the security capabilities we've built, but we also partner with people that I think of as direct competitors, we've got firewall vendors and endpoint vendors that we work with and integrate. And so cooperation is something that exists. It's hard, you know, because when you have these kind of competing, you know, so could we do more? Of course we probably could, but I do think we've done a fair amount of cooperation, data sharing, product integration, et cetera, you know, and, you know, as the threats get worse, you'll probably see us continue to do more. >>And the governments is gonna trying to force that too. >>And, and the government also drives standards. So let's talk about crypto. Okay. So there's a new form of encryption coming out called quantum processing, calling out. Yeah. Yeah. Quantum, quantum computers have the potential to crack any crypto cipher we have today. That's bad. Okay. Right. That's not good at all because our whole system is built around these private communications. So, so the industry is having conversations about crypto agility. How can we put in place the ability to rapidly iterate the ciphers in encryption? So when the day quantum becomes available, we can change them and stay ahead of these quantum people. Well, >>Didn't this just put out a quantum proof algo that's being tested right now by the, the community. >>There's a lot of work around that. Correct. And, and, and this is taking the lead on this, but you know, Google's working on it, VMware's working on it. We're very, very active in how do we keep ahead of the attackers and the bad guys? Because this quantum thing is like a, it's a, it's a x-ray machine. You know, it's like, it's like a, a, a di lithium crystal that can power a whole ship. Right. It's a really, really, really powerful >>Tool. It's bad. Things will happen. >>Bad things could happen. >>Well, Tom, great to have you on the cube. Thanks for coming. Take the last minute to just give a plug for what's going on for you here at world this year, VMware explore this year. Yeah. >>We announced a bunch of exciting things. We announced enhancements to our, our NSX family, with our advanced load balancer, with our edge firewall. And they're all in service of one thing, which is helping our customers make their private cloud like the public cloud. So I like to say 0, 0, 0. If you are in the cloud operating model, you have zero proprietary appliances. You have zero tickets to launch a workload. You have zero network taps and zero trust built into everything you do. And that's, that's what we're working on and pushing that further and further. >>Tom Gill, senior vices president head of the networking at VMware. Thanks for coming up for you. Appreciate >>It. Yes. Thanks for having guys >>Always getting the security data. That's killer data and security of the two ops that get the most conversations around dev ops and cloud native. This is the queue bringing you all the action here in San Francisco for VMware. Explore 2022. I'm John furrier with Dave, Alan. Thanks for watching.

(upbeat music) >> Hey everyone. Welcome back to theCUBE's live coverage of Women in Data Science, WiDS 2022, coming to live from Stanford University. I'm Lisa Martin. My next guest is here. Nandi Leslie, Doctor Nandi Leslie, Senior Engineering Fellow at Raytheon Technologies. Nandi, it's great to have you on the program. >> Oh it's my pleasure, thank you. >> This is your first WiDS you were saying before we went live. >> That's right. >> What's your take so far? >> I'm absolutely loving it. I love the comradery and the community of women in data science. You know, what more can you say? It's amazing. >> It is. It's amazing what they built since 2015, that this is now reaching 100,000 people 200 online event. It's a hybrid event. Of course, here we are in person, and the online event going on, but it's always an inspiring, energy-filled experience in my experience of WiDS. >> I'm thoroughly impressed at what the organizers have been able to accomplish. And it's amazing, that you know, you've been involved from the beginning. >> Yeah, yeah. Talk to me, so you're Senior Engineering Fellow at Raytheon. Talk to me a little bit about your role there and what you're doing. >> Well, my role is really to think about our customer's most challenging problems, primarily at the intersection of data science, and you know, the intersectional fields of applied mathematics, machine learning, cybersecurity. And then we have a plethora of government clients and commercial clients. And so what their needs are beyond those sub-fields as well, I address. >> And your background is mathematics. >> Yes. >> Have you always been a math fan? >> I have, I actually have loved math for many, many years. My dad is a mathematician, and he introduced me to, you know mathematical research and the sciences at a very early age. And so, yeah, I went on, I studied in a math degree at Howard undergrad, and then I went on to do my PhD at Princeton in applied math. And later did a postdoc in the math department at University of Maryland. >> And how long have you been with Raytheon? >> I've been with Raytheon about six years. Yeah, and before Raytheon, I worked at a small to midsize defense company, defense contracting company in the DC area, systems planning and analysis. And then prior to that, I taught in a math department where I also did my postdoc, at University of Maryland College Park. >> You have a really interesting background. I was doing some reading on you, and you have worked with the Navy. You've worked with very interesting organizations. Talk to the audience a little bit about your diverse background. >> Awesome yeah, I've worked with the Navy on submarine force security, and submarine tracking, and localization, sensor performance. Also with the Army and the Army Research Laboratory during research at the intersection of machine learning and cyber security. Also looking at game theoretic and graph theoretic approaches to understand network resilience and robustness. I've also supported Department of Homeland Security, and other government agencies, other governments, NATO. Yeah, so I've really been excited by the diverse problems that our various customers have you know, brought to us. >> Well, you get such great experience when you are able to work in different industries and different fields. And that really just really probably helps you have such a much diverse kind of diversity of thought with what you're doing even now with Raytheon. >> Yeah, it definitely does help me build like a portfolio of topics that I can address. And then when new problems emerge, then I can pull from a toolbox of capabilities. And, you know, the solutions that have previously been developed to address those wide array of problems, but then also innovate new solutions based on those experiences. So I've been really blessed to have those experiences. >> Talk to me about one of the things I heard this morning in the session I was able to attend before we came to set was about mentors and sponsors. And, you know, I actually didn't know the difference between that until a few years ago. But it's so important. Talk to me about some of the mentors you've had along the way that really helped you find your voice in research and development. >> Definitely, I mean, beyond just the mentorship of my my family and my parents, I've had amazing opportunities to meet with wonderful people, who've helped me navigate my career. One in particular, I can think of as and I'll name a number of folks, but Dr. Carlos Castillo-Chavez was one of my earlier mentors. I was an undergrad at Howard University. He encouraged me to apply to his summer research program in mathematical and theoretical biology, which was then at Cornell. And, you know, he just really developed an enthusiasm with me for applied mathematics. And for how it can be, mathematics that is, can be applied to epidemiological and theoretical immunological problems. And then I had an amazing mentor in my PhD advisor, Dr. Simon Levin at Princeton, who just continued to inspire me, in how to leverage mathematical approaches and computational thinking for ecological conservation problems. And then since then, I've had amazing mentors, you know through just a variety of people that I've met, through customers, who've inspired me to write these papers that you mentioned in the beginning. >> Yeah, you've written 55 different publications so far. 55 and counting I'm sure, right? >> Well, I hope so. I hope to continue to contribute to the conversation and the community, you know, within research, and specifically research that is computationally driven. That really is applicable to problems that we face, whether it's cyber security, or machine learning problems, or others in data science. >> What are some of the things, you're giving a a tech vision talk this afternoon. Talk to me a little bit about that, and maybe the top three takeaways you want the audience to leave with. >> Yeah, so my talk is entitled "Unsupervised Learning for Network Security, or Network Intrusion Detection" I believe. And essentially three key areas I want to convey are the following. That unsupervised learning, that is the mathematical and statistical approach, which tries to derive patterns from unlabeled data is a powerful one. And one can still innovate new algorithms in this area. Secondly, that network security, and specifically, anomaly detection, and anomaly-based methods can be really useful to discerning and ensuring, that there is information confidentiality, availability, and integrity in our data >> A CIA triad. >> There you go, you know. And so in addition to that, you know there is this wealth of data that's out there. It's coming at us quickly. You know, there are millions of packets to represent communications. And that data has, it's mixed, in terms of there's categorical or qualitative data, text data, along with numerical data. And it is streaming, right. And so we need methods that are efficient, and that are capable of being deployed real time, in order to detect these anomalies, which we hope are representative of malicious activities, and so that we can therefore alert on them and thwart them. >> It's so interesting that, you know, the amount of data that's being generated and collected is growing exponentially. There's also, you know, some concerning challenges, not just with respect to data that's reinforcing social biases, but also with cyber warfare. I mean, that's a huge challenge right now. We've seen from a cybersecurity perspective in the last couple of years during the pandemic, a massive explosion in anomalies, and in social engineering. And companies in every industry have to be super vigilant, and help the people understand how to interact with it, right. There's a human component. >> Oh, for sure. There's a huge human component. You know, there are these phishing attacks that are really a huge source of the vulnerability that corporations, governments, and universities face. And so to be able to close that gap and the understanding that each individual plays in the vulnerability of a network is key. And then also seeing the link between the network activities or the cyber realm, and physical systems, right. And so, you know, especially in cyber warfare as a remote cyber attack, unauthorized network activities can have real implications for physical systems. They can, you know, stop a vehicle from running properly in an autonomous vehicle. They can impact a SCADA system that's, you know there to provide HVAC for example. And much more grievous implications. And so, you know, definitely there's the human component. >> Yes, and humans being so vulnerable to those social engineering that goes on in those phishing attacks. And we've seen them get more and more personal, which is challenging. You talking about, you know, sensitive data, personally identifiable data, using that against someone in cyber warfare is a huge challenge. >> Oh yeah, certainly. And it's one that computational thinking and mathematics can be leveraged to better understand and to predict those patterns. And that's a very rich area for innovation. >> What would you say is the power of computational thinking in the industry? >> In industry at-large? >> At large. >> Yes, I think that it is such a benefit to, you know, a burgeoning scientist, if they want to get into industry. There's so many opportunities, because computational thinking is needed. We need to be more objective, and it provides that objectivity, and it's so needed right now. Especially with the emergence of data, and you know, across industries. So there are so many opportunities for data scientists, whether it's in aerospace and defense, like Raytheon or in the health industry. And we saw with the pandemic, the utility of mathematical modeling. There are just so many opportunities. >> Yeah, there's a lot of opportunities, and that's one of the themes I think, of WiDS, is just the opportunities, not just in data science, and for women. And there's obviously even high school girls that are here, which is so nice to see those young, fresh faces, but opportunities to build your own network and your own personal board of directors, your mentors, your sponsors. There's tremendous opportunity in data science, and it's really all encompassing, at least from my seat. >> Oh yeah, no I completely agree with that. >> What are some of the things that you've heard at this WiDS event that inspire you going, we're going in the right direction. If we think about International Women's Day tomorrow, "Breaking the Bias" is the theme, do you think we're on our way to breaking that bias? >> Definitely, you know, there was a panel today talking about the bias in data, and in a variety of fields, and how we are, you know discovering that bias, and creating solutions to address it. So there was that panel. There was another talk by a speaker from Pinterest, who had presented some solutions that her, and her team had derived to address bias there, in you know, image recognition and search. And so I think that we've realized this bias, and, you know, in AI ethics, not only in these topics that I've mentioned, but also in the implications for like getting a loan, so economic implications, as well. And so we're realizing those issues and bias now in AI, and we're addressing them. So I definitely am optimistic. I feel encouraged by the talks today at WiDS that you know, not only are we recognizing the issues, but we're creating solutions >> Right taking steps to remediate those, so that ultimately going forward. You know, we know it's not possible to have unbiased data. That's not humanly possible, or probably mathematically possible. But the steps that they're taking, they're going in the right direction. And a lot of it starts with awareness. >> Exactly. >> Of understanding there is bias in this data, regardless. All the people that are interacting with it, and touching it, and transforming it, and cleaning it, for example, that's all influencing the veracity of it. >> Oh, for sure. Exactly, you know, and I think that there are for sure solutions are being discussed here, papers written by some of the speakers here, that are driving the solutions to the mitigation of this bias and data problem. So I agree a hundred percent with you, that awareness is you know, half the battle, if not more. And then, you know, that drives creation of solutions >> And that's what we need the creation of solutions. Nandi, thank you so much for joining me today. It was a pleasure talking with you about what you're doing with Raytheon, what you've done and your path with mathematics, and what excites you about data science going forward. We appreciate your insights. >> Thank you so much. It was my pleasure. >> Good, for Nandi Leslie, I'm Lisa Martin. You're watching theCUBE's coverage of Women in Data Science 2022. Stick around, I'll be right back with my next guest. (upbeat flowing music)