(upbeat intro music) >> Hello everyone. Welcome to theCUBE's coverage of International Women's Day. I'm your host, John Furrier, here in Palo Alto, California. Got a special remote guest coming in. Teresa Carlson, President and Chief Commercial Officer at Flexport, theCUBE alumni, one of the first, let me go back to 2013, Teresa, former AWS. Great to see you. Thanks for coming on. >> Oh my gosh, almost 10 years. That is unbelievable. It's hard to believe so many years of theCUBE. I love it. >> It's been such a great honor to interview you and follow your career. You've had quite the impressive run, executive level woman in tech. You've done such an amazing job, not only in your career, but also helping other women. So I want to give you props to that before we get started. Thank you. >> Thank you, John. I, it's my, it's been my honor and privilege. >> Let's talk about Flexport. Tell us about your new role there and what it's all about. >> Well, I love it. I'm back working with another Amazonian, Dave Clark, who is our CEO of Flexport, and we are about 3,000 people strong globally in over 90 countries. We actually even have, we're represented in over 160 cities and with local governments and places around the world, which I think is super exciting. We have over 100 network partners and growing, and we are about empowering the global supply chain and trade and doing it in a very disruptive way with the use of platform technology that allows our customers to really have visibility and insight to what's going on. And it's a lot of fun. I'm learning new things, but there's a lot of technology in this as well, so I feel right at home. >> You quite have a knack from mastering growth, technology, and building out companies. So congratulations, and scaling them up too with the systems and processes. So I want to get into that. Let's get into your personal background. Then I want to get into the work you've done and are doing for empowering women in tech. What was your journey about, how did it all start? Like, I know you had a, you know, bumped into it, you went Microsoft, AWS. Take us through your career, how you got into tech, how it all happened. >> Well, I do like to give a shout out, John, to my roots and heritage, which was a speech and language pathologist. So I did start out in healthcare right out of, you know, university. I had an undergraduate and a master's degree. And I do tell everyone now, looking back at my career, I think it was super helpful for me because I learned a lot about human communication, and it has done me very well over the years to really try to understand what environments I'm in and what kind of individuals around the world culturally. So I'm really blessed that I had that opportunity to work in healthcare, and by the way, a shout out to all of our healthcare workers that has helped us get through almost three years of COVID and flu and neurovirus and everything else. So started out there and then kind of almost accidentally got into technology. My first small company I worked for was a company called Keyfile Corporation, which did workflow and document management out of Nashua, New Hampshire. And they were a Microsoft goal partner. And that is actually how I got into big tech world. We ran on exchange, for everybody who knows that term exchange, and we were a large small partner, but large in the world of exchange. And those were the days when you would, the late nineties, you would go and be in the same room with Bill Gates and Steve Ballmer. And I really fell in love with Microsoft back then. I thought to myself, wow, if I could work for a big tech company, I got to hear Bill on stage about saving, he would talk about saving the world. And guess what my next step was? I actually got a job at Microsoft, took a pay cut and a job downgrade. I tell this story all the time. Took like three downgrades in my role. I had been a SVP and went to a manager, and it's one of the best moves I ever made. And I shared that because I really didn't know the world of big tech, and I had to start from the ground up and relearn it. I did that, I just really loved that job. I was at Microsoft from 2000 to 2010, where I eventually ran all of the U.S. federal government business, which was a multi-billion dollar business. And then I had the great privilege of meeting an amazing man, Andy Jassy, who I thought was just unbelievable in his insights and knowledge and openness to understanding new markets. And we talked about government and how government needed the same great technology as every startup. And that led to me going to work for Andy in 2010 and starting up our worldwide public sector business. And I pinch myself some days because we went from two people, no offices, to the time I left we had over 10,000 people, billions in revenue, and 172 countries and had done really amazing work. I think changing the way public sector and government globally really thought about their use of technology and Cloud computing in general. And that kind of has been my career. You know, I was there till 2020, 21 and then did a small stint at Splunk, a small stint back at Microsoft doing a couple projects for Microsoft with CEO, Satya Nadella, who is also an another amazing CEO and leader. And then Dave called me, and I'm at Flexport, so I couldn't be more honored, John. I've just had such an amazing career working with amazing individuals. >> Yeah, I got to say the Amazon One well-documented, certainly by theCUBE and our coverage. We watched you rise and scale that thing. And like I said at a time, this will when we look back as a historic run because of the build out. I mean as a zero to massive billions at a historic time where government was transforming, I would say Microsoft had a good run there with Fed, but it was already established stuff. Federal business was like, you know, blocking and tackling. The Amazon was pure build out. So I have to ask you, what was your big learnings? Because one, you're a Seattle big tech company kind of entrepreneurial in the sense of you got, here's some working capital seed finance and go build that thing, and you're in DC and you're a woman. What did you learn? >> I learned that you really have to have a lot of grit. You, my mom and dad, these are kind of more southern roots words, but stick with itness, you know. you can't give up and no's not in your vocabulary. I found no is just another way to get to yes. That you have to figure out what are all the questions people are going to ask you. I learned to be very patient, and I think one of the things John, for us was our secret sauce was we said to ourselves, if we're going to do something super transformative and truly disruptive, like Cloud computing, which the government really had not utilized, we had to be patient. We had to answer all their questions, and we could not judge in any way what they were thinking because if we couldn't answer all those questions and prove out the capabilities of Cloud computing, we were not going to accomplish our goals. And I do give so much credit to all my colleagues there from everybody like Steve Schmidt who was there, who's still there, who's the CISO, and Charlie Bell and Peter DeSantis and the entire team there that just really helped build that business out. Without them, you know, we would've just, it was a team effort. And I think that's the thing I loved about it was it was not just sales, it was product, it was development, it was data center operations, it was legal, finance. Everybody really worked as a team and we were on board that we had to make a lot of changes in the government relations team. We had to go into Capitol Hill. We had to talk to them about the changes that were required and really get them to understand why Cloud computing could be such a transformative game changer for the way government operates globally. >> Well, I think the whole world and the tech world can appreciate your work and thank you later because you broke down those walls asking those questions. So great stuff. Now I got to say, you're in kind of a similar role at Flexport. Again, transformative supply chain, not new. Computing wasn't new when before Cloud came. Supply chain, not a new concept, is undergoing radical change and transformation. Online, software supply chain, hardware supply chain, supply chain in general, shipping. This is a big part of our economy and how life is working. Similar kind of thing going on, build out, growth, scale. >> It is, it's very much like that, John, I would say, it's, it's kind of a, the model with freight forwarding and supply chain is fairly, it's not as, there's a lot of technology utilized in this global supply chain world, but it's not integrated. You don't have a common operating picture of what you're doing in your global supply chain. You don't have easy access to the information and visibility. And that's really, you know, I was at a conference last week in LA, and it was, the themes were so similar about transparency, access to data and information, being able to act quickly, drive change, know what was happening. I was like, wow, this sounds familiar. Data, AI, machine learning, visibility, common operating picture. So it is very much the same kind of themes that you heard even with government. I do believe it's an industry that is going through transformation and Flexport has been a group that's come in and said, look, we have this amazing idea, number one to give access to everyone. We want every small business to every large business to every government around the world to be able to trade their goods, think about supply chain logistics in a very different way with information they need and want at their fingertips. So that's kind of thing one, but to apply that technology in a way that's very usable across all systems from an integration perspective. So it's kind of exciting. I used to tell this story years ago, John, and I don't think Michael Dell would mind that I tell this story. One of our first customers when I was at Keyfile Corporation was we did workflow and document management, and Dell was one of our customers. And I remember going out to visit them, and they had runners and they would run around, you know, they would run around the floor and do their orders, right, to get all those computers out the door. And when I think of global trade, in my mind I still see runners, you know, running around and I think that's moved to a very digital, right, world that all this stuff, you don't need people doing this. You have machines doing this now, and you have access to the information, and you know, we still have issues resulting from COVID where we have either an under-abundance or an over-abundance of our supply chain. We still have clogs in our shipping, in the shipping yards around the world. So we, and the ports, so we need to also, we still have some clearing to do. And that's the reason technology is important and will continue to be very important in this world of global trade. >> Yeah, great, great impact for change. I got to ask you about Flexport's inclusion, diversity, and equity programs. What do you got going on there? That's been a big conversation in the industry around keeping a focus on not making one way more than the other, but clearly every company, if they don't have a strong program, will be at a disadvantage. That's well reported by McKinsey and other top consultants, diverse workforces, inclusive, equitable, all perform better. What's Flexport's strategy and how are you guys supporting that in the workplace? >> Well, let me just start by saying really at the core of who I am, since the day I've started understanding that as an individual and a female leader, that I could have an impact. That the words I used, the actions I took, the information that I pulled together and had knowledge of could be meaningful. And I think each and every one of us is responsible to do what we can to make our workplace and the world a more diverse and inclusive place to live and work. And I've always enjoyed kind of the thought that, that I could help empower women around the world in the tech industry. Now I'm hoping to do my little part, John, in that in the supply chain and global trade business. And I would tell you at Flexport we have some amazing women. I'm so excited to get to know all. I've not been there that long yet, but I'm getting to know we have some, we have a very diverse leadership team between men and women at Dave's level. I have some unbelievable women on my team directly that I'm getting to know more, and I'm so impressed with what they're doing. And this is a very, you know, while this industry is different than the world I live in day to day, it's also has a lot of common themes to it. So, you know, for us, we're trying to approach every day by saying, let's make sure both our interviewing cycles, the jobs we feel, how we recruit people, how we put people out there on the platforms, that we have diversity and inclusion and all of that every day. And I can tell you from the top, from Dave and all of our leaders, we just had an offsite and we had a big conversation about this is something. It's a drum beat that we have to think about and live by every day and really check ourselves on a regular basis. But I do think there's so much more room for women in the world to do great things. And one of the, one of the areas, as you know very well, we lost a lot of women during COVID, who just left the workforce again. So we kind of went back unfortunately. So we have to now move forward and make sure that we are giving women the opportunity to have great jobs, have the flexibility they need as they build a family, and have a workplace environment that is trusted for them to come into every day. >> There's now clear visibility, at least in today's world, not withstanding some of the setbacks from COVID, that a young girl can look out in a company and see a path from entry level to the boardroom. That's a big change. A lot than even going back 10, 15, 20 years ago. What's your advice to the folks out there that are paying it forward? You see a lot of executive leaderships have a seat at the table. The board still underrepresented by most numbers, but at least you have now kind of this solidarity at the top, but a lot of people doing a lot more now than I've seen at the next levels down. So now you have this leveled approach. Is that something that you're seeing more of? And credit compare and contrast that to 20 years ago when you were, you know, rising through the ranks? What's different? >> Well, one of the main things, and I honestly do not think about it too much, but there were really no women. There were none. When I showed up in the meetings, I literally, it was me or not me at the table, but at the seat behind the table. The women just weren't in the room, and there were so many more barriers that we had to push through, and that has changed a lot. I mean globally that has changed a lot in the U.S. You know, if you look at just our U.S. House of Representatives and our U.S. Senate, we now have the increasing number of women. Even at leadership levels, you're seeing that change. You have a lot more women on boards than we ever thought we would ever represent. While we are not there, more female CEOs that I get an opportunity to see and talk to. Women starting companies, they do not see the barriers. And I will share, John, globally in the U.S. one of the things that I still see that we have that many other countries don't have, which I'm very proud of, women in the U.S. have a spirit about them that they just don't see the barriers in the same way. They believe that they can accomplish anything. I have two sons, I don't have daughters. I have nieces, and I'm hoping someday to have granddaughters. But I know that a lot of my friends who have granddaughters today talk about the boldness, the fortitude, that they believe that there's nothing they can't accomplish. And I think that's what what we have to instill in every little girl out there, that they can accomplish anything they want to. The world is theirs, and we need to not just do that in the U.S., but around the world. And it was always the thing that struck me when I did all my travels at AWS and now with Flexport, I'm traveling again quite a bit, is just the differences you see in the cultures around the world. And I remember even in the Middle East, how I started seeing it change. You've heard me talk a lot on this program about the fact in both Saudi and Bahrain, over 60% of the tech workers were females and most of them held the the hardest jobs, the security, the architecture, the engineering. But many of them did not hold leadership roles. And that is what we've got to change too. To your point, the middle, we want it to get bigger, but the top, we need to get bigger. We need to make sure women globally have opportunities to hold the most precious leadership roles and demonstrate their capabilities at the very top. But that's changed. And I would say the biggest difference is when we show up, we're actually evaluated properly for those kind of roles. We have a ways to go. But again, that part is really changing. >> Can you share, Teresa, first of all, that's great work you've done and I wan to give you props of that as well and all the work you do. I know you champion a lot of, you know, causes in in this area. One question that comes up a lot, I would love to get your opinion 'cause I think you can contribute heavily here is mentoring and sponsorship is huge, comes up all the time. What advice would you share to folks out there who were, I won't say apprehensive, but maybe nervous about how to do the networking and sponsorship and mentoring? It's not just mentoring, it's sponsorship too. What's your best practice? What advice would you give for the best way to handle that? >> Well yeah, and for the women out there, I would say on the mentorship side, I still see mentorship. Like, I don't think you can ever stop having mentorship. And I like to look at my mentors in different parts of my life because if you want to be a well-rounded person, you may have parts of your life every day that you think I'm doing a great job here and I definitely would like to do better there. Whether it's your spiritual life, your physical life, your work life, you know, your leisure life. But I mean there's, and there's parts of my leadership world that I still seek advice from as I try to do new things even in this world. And I tried some new things in between roles. I went out and asked the people that I respected the most. So I just would say for sure have different mentorships and don't be afraid to have that diversity. But if you have mentorships, the second important thing is show up with a real agenda and questions. Don't waste people's time. I'm very sensitive today. If you're, if you want a mentor, you show up and you use your time super effectively and be prepared for that. Sponsorship is a very different thing. And I don't believe we actually do that still in companies. We worked, thank goodness for my great HR team. When I was at AWS, we worked on a few sponsorship programs where for diversity in general, where we would nominate individuals in the company that we felt that weren't, that had a lot of opportunity for growth, but they just weren't getting a seat at the table. And we brought 'em to the table. And we actually kind of had a Chatham House rules where when they came into the meetings, they had a sponsor, not a mentor. They had a sponsor that was with them the full 18 months of this program. We would bring 'em into executive meetings. They would read docs, they could ask questions. We wanted them to be able to open up and ask crazy questions without, you know, feeling wow, I just couldn't answer this question in a normal environment or setting. And then we tried to make sure once they got through the program that we found jobs and support and other special projects that they could go do. But they still had that sponsor and that group of individuals that they'd gone through the program with, John, that they could keep going back to. And I remember sitting there and they asked me what I wanted to get out of the program, and I said two things. I want you to leave this program and say to yourself, I would've never had that experience if I hadn't gone through this program. I learned so much in 18 months. It would probably taken me five years to learn. And that it helped them in their career. The second thing I told them is I wanted them to go out and recruit individuals that look like them. I said, we need diversity, and unless you all feel that we are in an inclusive environment sponsoring all types of individuals to be part of this company, we're not going to get the job done. And they said, okay. And you know, but it was really one, it was very much about them. That we took a group of individuals that had high potential and a very diverse with diverse backgrounds, held 'em up, taught 'em things that gave them access. And two, selfishly I said, I want more of you in my business. Please help me. And I think those kind of things are helpful, and you have to be thoughtful about these kind of programs. And to me that's more sponsorship. I still have people reach out to me from years ago, you know, Microsoft saying, you were so good with me, can you give me a reference now? Can you talk to me about what I should be doing? And I try to, I'm not pray 100%, some things pray fall through the cracks, but I always try to make the time to talk to those individuals because for me, I am where I am today because I got some of the best advice from people like Don Byrne and Linda Zecker and Andy Jassy, who were very honest and upfront with me about my career. >> Awesome. Well, you got a passion for empowering women in tech, paying it forward, but you're quite accomplished and that's why we're so glad to have you on the program here. President and Chief Commercial Officer at Flexport. Obviously storied career and your other jobs, specifically Amazon I think, is historic in my mind. This next chapter looks like it's looking good right now. Final question for you, for the few minutes you have left. Tell us what you're up to at Flexport. What's your goals as President, Chief Commercial Officer? What are you trying to accomplish? Share a little bit, what's on your mind with your current job? >> Well, you kind of said it earlier. I think if I look at my own superpowers, I love customers, I love partners. I get my energy, John, from those interactions. So one is to come in and really help us build even a better world class enterprise global sales and marketing team. Really listen to our customers, think about how we interact with them, build the best executive programs we can, think about new ways that we can offer services to them and create new services. One of my favorite things about my career is I think if you're a business leader, it's your job to come back around and tell your product group and your services org what you're hearing from customers. That's how you can be so much more impactful, that you listen, you learn, and you deliver. So that's one big job. The second job for me, which I am so excited about, is that I have an amazing group called flexport.org under me. And flexport.org is doing amazing things around the world to help those in need. We just announced this new funding program for Tech for Refugees, which brings assistance to millions of people in Ukraine, Pakistan, the horn of Africa, and those who are affected by earthquakes. We just took supplies into Turkey and Syria, and Flexport, recently in fact, just did sent three air shipments to Turkey and Syria for these. And I think we did over a hundred trekking shipments to get earthquake relief. And as you can imagine, it was not easy to get into Syria. But you know, we're very active in the Ukraine, and we are, our goal for flexport.org, John, is to continue to work with our commercial customers and team up with them when they're trying to get supplies in to do that in a very cost effective, easy way, as quickly as we can. So that not-for-profit side of me that I'm so, I'm so happy. And you know, Ryan Peterson, who was our founder, this was his brainchild, and he's really taken this to the next level. So I'm honored to be able to pick that up and look for new ways to have impact around the world. And you know, I've always found that I think if you do things right with a company, you can have a beautiful combination of commercial-ity and giving. And I think Flexport does it in such an amazing and unique way. >> Well, the impact that they have with their system and their technology with logistics and shipping and supply chain is a channel for societal change. And I think that's a huge gift that you have that under your purview. So looking forward to finding out more about flexport.org. I can only imagine all the exciting things around sustainability, and we just had Mobile World Congress for Big Cube Broadcast, 5Gs right around the corner. I'm sure that's going to have a huge impact to your business. >> Well, for sure. And just on gas emissions, that's another thing that we are tracking gas, greenhouse gas emissions. And in fact we've already reduced more than 300,000 tons and supported over 600 organizations doing that. So that's a thing we're also trying to make sure that we're being climate aware and ensuring that we are doing the best job we can at that as well. And that was another thing I was honored to be able to do when we were at AWS, is to really cut out greenhouse gas emissions and really go global with our climate initiatives. >> Well Teresa, it's great to have you on. Security, data, 5G, sustainability, business transformation, AI all coming together to change the game. You're in another hot seat, hot roll, big wave. >> Well, John, it's an honor, and just thank you again for doing this and having women on and really representing us in a big way as we celebrate International Women's Day. >> I really appreciate it, it's super important. And these videos have impact, so we're going to do a lot more. And I appreciate your leadership to the industry and thank you so much for taking the time to contribute to our effort. Thank you, Teresa. >> Thank you. Thanks everybody. >> Teresa Carlson, the President and Chief Commercial Officer of Flexport. I'm John Furrier, host of theCUBE. This is International Women's Day broadcast. Thanks for watching. (upbeat outro music)

(upbeat music) >> Hello and welcome to theCube's coverage of International Women's Day. I'm John Furrier, your host of "theCUBE." We've got great two remote guests coming into our Palo Alto Studios, some tech athletes, as we say, people that've been in the trenches, years of experience, Lena Smart, CISO at MongoDB, Cube alumni, and Tara Hernandez, VP of Developer Productivity at MongoDB as well. Thanks for coming in to this program and supporting our efforts today. Thanks so much. >> Thanks for having us. >> Yeah, everyone talk about the journey in tech, where it all started. Before we get there, talk about what you guys are doing at MongoDB specifically. MongoDB is kind of gone the next level as a platform. You have your own ecosystem, lot of developers, very technical crowd, but it's changing the business transformation. What do you guys do at Mongo? We'll start with you, Lena. >> So I'm the CISO, so all security goes through me. I like to say, well, I don't like to say, I'm described as the ones throat to choke. So anything to do with security basically starts and ends with me. We do have a fantastic Cloud engineering security team and a product security team, and they don't report directly to me, but obviously we have very close relationships. I like to keep that kind of church and state separate and I know I've spoken about that before. And we just recently set up a physical security team with an amazing gentleman who left the FBI and he came to join us after 26 years for the agency. So, really starting to look at the physical aspects of what we offer as well. >> I interviewed a CISO the other day and she said, "Every day is day zero for me." Kind of goofing on the Amazon Day one thing, but Tara, go ahead. Tara, go ahead. What's your role there, developer productivity? What are you focusing on? >> Sure. Developer productivity is kind of the latest description for things that we've described over the years as, you know, DevOps oriented engineering or platform engineering or build and release engineering development infrastructure. It's all part and parcel, which is how do we actually get our code from developer to customer, you know, and all the mechanics that go into that. It's been something I discovered from my first job way back in the early '90s at Borland. And the art has just evolved enormously ever since, so. >> Yeah, this is a very great conversation both of you guys, right in the middle of all the action and data infrastructures changing, exploding, and involving big time AI and data tsunami and security never stops. Well, let's get into, we'll talk about that later, but let's get into what motivated you guys to pursue a career in tech and what were some of the challenges that you faced along the way? >> I'll go first. The fact of the matter was I intended to be a double major in history and literature when I went off to university, but I was informed that I had to do a math or a science degree or else the university would not be paid for. At the time, UC Santa Cruz had a policy that called Open Access Computing. This is, you know, the late '80s, early '90s. And anybody at the university could get an email account and that was unusual at the time if you were, those of us who remember, you used to have to pay for that CompuServe or AOL or, there's another one, I forget what it was called, but if a student at Santa Cruz could have an email account. And because of that email account, I met people who were computer science majors and I'm like, "Okay, I'll try that." That seems good. And it was a little bit of a struggle for me, a lot I won't lie, but I can't complain with how it ended up. And certainly once I found my niche, which was development infrastructure, I found my true love and I've been doing it for almost 30 years now. >> Awesome. Great story. Can't wait to ask a few questions on that. We'll go back to that late '80s, early '90s. Lena, your journey, how you got into it. >> So slightly different start. I did not go to university. I had to leave school when I was 16, got a job, had to help support my family. Worked a bunch of various jobs till I was about 21 and then computers became more, I think, I wouldn't say they were ubiquitous, but they were certainly out there. And I'd also been saving up every penny I could earn to buy my own computer and bought an Amstrad 1640, 20 meg hard drive. It rocked. And kind of took that apart, put it back together again, and thought that could be money in this. And so basically just teaching myself about computers any job that I got. 'Cause most of my jobs were like clerical work and secretary at that point. But any job that had a computer in front of that, I would make it my business to go find the guy who did computing 'cause it was always a guy. And I would say, you know, I want to learn how these work. Let, you know, show me. And, you know, I would take my lunch hour and after work and anytime I could with these people and they were very kind with their time and I just kept learning, so yep. >> Yeah, those early days remind me of the inflection point we're going through now. This major C change coming. Back then, if you had a computer, you had to kind of be your own internal engineer to fix things. Remember back on the systems revolution, late '80s, Tara, when, you know, your career started, those were major inflection points. Now we're seeing a similar wave right now, security, infrastructure. It feels like it's going to a whole nother level. At Mongo, you guys certainly see this as well, with this AI surge coming in. A lot more action is coming in. And so there's a lot of parallels between these inflection points. How do you guys see this next wave of change? Obviously, the AI stuff's blowing everyone away. Oh, new user interface. It's been called the browser moment, the mobile iPhone moment, kind of for this generation. There's a lot of people out there who are watching that are young in their careers, what's your take on this? How would you talk to those folks around how important this wave is? >> It, you know, it's funny, I've been having this conversation quite a bit recently in part because, you know, to me AI in a lot of ways is very similar to, you know, back in the '90s when we were talking about bringing in the worldwide web to the forefront of the world, right. And we tended to think in terms of all the optimistic benefits that would come of it. You know, free passing of information, availability to anyone, anywhere. You just needed an internet connection, which back then of course meant a modem. >> John: Not everyone had though. >> Exactly. But what we found in the subsequent years is that human beings are what they are and we bring ourselves to whatever platforms that are there, right. And so, you know, as much as it was amazing to have this freely available HTML based internet experience, it also meant that the negatives came to the forefront quite quickly. And there were ramifications of that. And so to me, when I look at AI, we're already seeing the ramifications to that. Yes, are there these amazing, optimistic, wonderful things that can be done? Yes. >> Yeah. >> But we're also human and the bad stuff's going to come out too. And how do we- >> Yeah. >> How do we as an industry, as a community, you know, understand and mitigate those ramifications so that we can benefit more from the positive than the negative. So it is interesting that it comes kind of full circle in really interesting ways. >> Yeah. The underbelly takes place first, gets it in the early adopter mode. Normally industries with, you know, money involved arbitrage, no standards. But we've seen this movie before. Is there hope, Lena, that we can have a more secure environment? >> I would hope so. (Lena laughs) Although depressingly, we've been in this well for 30 years now and we're, at the end of the day, still telling people not to click links on emails. So yeah, that kind of still keeps me awake at night a wee bit. The whole thing about AI, I mean, it's, obviously I am not an expert by any stretch of the imagination in AI. I did read (indistinct) book recently about AI and that was kind of interesting. And I'm just trying to teach myself as much as I can about it to the extent of even buying the "Dummies Guide to AI." Just because, it's actually not a dummies guide. It's actually fairly interesting, but I'm always thinking about it from a security standpoint. So it's kind of my worst nightmare and the best thing that could ever happen in the same dream. You know, you've got this technology where I can ask it a question and you know, it spits out generally a reasonable answer. And my team are working on with Mark Porter our CTO and his team on almost like an incubation of AI link. What would it look like from MongoDB? What's the legal ramifications? 'Cause there will be legal ramifications even though it's the wild, wild west just now, I think. Regulation's going to catch up to us pretty quickly, I would think. >> John: Yeah, yeah. >> And so I think, you know, as long as companies have a seat at the table and governments perhaps don't become too dictatorial over this, then hopefully we'll be in a good place. But we'll see. I think it's a really interest, there's that curse, we're living in interesting times. I think that's where we are. >> It's interesting just to stay on this tech trend for a minute. The standards bodies are different now. Back in the old days there were, you know, IEEE standards, ITF standards. >> Tara: TPC. >> The developers are the new standard. I mean, now you're seeing open source completely different where it was in the '90s to here beginning, that was gen one, some say gen two, but I say gen one, now we're exploding with open source. You have kind of developers setting the standards. If developers like it in droves, it becomes defacto, which then kind of rolls into implementation. >> Yeah, I mean I think if you don't have developer input, and this is why I love working with Tara and her team so much is 'cause they get it. If we don't have input from developers, it's not going to get used. There's going to be ways of of working around it, especially when it comes to security. If they don't, you know, if you're a developer and you're sat at your screen and you don't want to do that particular thing, you're going to find a way around it. You're a smart person. >> Yeah. >> So. >> Developers on the front lines now versus, even back in the '90s, they're like, "Okay, consider the dev's, got a QA team." Everything was Waterfall, now it's Cloud, and developers are on the front lines of everything. Tara, I mean, this is where the standards are being met. What's your reaction to that? >> Well, I think it's outstanding. I mean, you know, like I was at Netscape and part of the crowd that released the browser as open source and we founded mozilla.org, right. And that was, you know, in many ways kind of the birth of the modern open source movement beyond what we used to have, what was basically free software foundation was sort of the only game in town. And I think it is so incredibly valuable. I want to emphasize, you know, and pile onto what Lena was saying, it's not just that the developers are having input on a sort of company by company basis. Open source to me is like a checks and balance, where it allows us as a broader community to be able to agree on and enforce certain standards in order to try and keep the technology platforms as accessible as possible. I think Kubernetes is a great example of that, right. If we didn't have Kubernetes, that would've really changed the nature of how we think about container orchestration. But even before that, Linux, right. Linux allowed us as an industry to end the Unix Wars and as someone who was on the front lines of that as well and having to support 42 different operating systems with our product, you know, that was a huge win. And it allowed us to stop arguing about operating systems and start arguing about software or not arguing, but developing it in positive ways. So with, you know, with Kubernetes, with container orchestration, we all agree, okay, that's just how we're going to orchestrate. Now we can build up this huge ecosystem, everybody gets taken along, right. And now it changes the game for what we're defining as business differentials, right. And so when we talk about crypto, that's a little bit harder, but certainly with AI, right, you know, what are the checks and balances that as an industry and as the developers around this, that we can in, you know, enforce to make sure that no one company or no one body is able to overly control how these things are managed, how it's defined. And I think that is only for the benefit in the industry as a whole, particularly when we think about the only other option is it gets regulated in ways that do not involve the people who actually know the details of what they're talking about. >> Regulated and or thrown away or bankrupt or- >> Driven underground. >> Yeah. >> Which would be even worse actually. >> Yeah, that's a really interesting, the checks and balances. I love that call out. And I was just talking with another interview part of the series around women being represented in the 51% ratio. Software is for everybody. So that we believe that open source movement around the collective intelligence of the participants in the industry and independent of gender, this is going to be the next wave. You're starting to see these videos really have impact because there are a lot more leaders now at the table in companies developing software systems and with AI, the aperture increases for applications. And this is the new dynamic. What's your guys view on this dynamic? How does this go forward in a positive way? Is there a certain trajectory you see? For women in the industry? >> I mean, I think some of the states are trying to, again, from the government angle, some of the states are trying to force women into the boardroom, for example, California, which can be no bad thing, but I don't know, sometimes I feel a bit iffy about all this kind of forced- >> John: Yeah. >> You know, making, I don't even know how to say it properly so you can cut this part of the interview. (John laughs) >> Tara: Well, and I think that they're >> I'll say it's not organic. >> No, and I think they're already pulling it out, right. It's already been challenged so they're in the process- >> Well, this is the open source angle, Tara, you are getting at it. The change agent is open, right? So to me, the history of the proven model is openness drives transparency drives progress. >> No, it's- >> If you believe that to be true, this could have another impact. >> Yeah, it's so interesting, right. Because if you look at McKinsey Consulting or Boston Consulting or some of the other, I'm blocking on all of the names. There has been a decade or more of research that shows that a non homogeneous employee base, be it gender or ethnicity or whatever, generates more revenue, right? There's dollar signs that can be attached to this, but it's not enough for all companies to want to invest in that way. And it's not enough for all, you know, venture firms or investment firms to grant that seed money or do those seed rounds. I think it's getting better very slowly, but socialization is a much harder thing to overcome over time. Particularly, when you're not just talking about one country like the United States in our case, but around the world. You know, tech centers now exist all over the world, including places that even 10 years ago we might not have expected like Nairobi, right. Which I think is amazing, but you have to factor in the cultural implications of that as well, right. So yes, the openness is important and we have, it's important that we have those voices, but I don't think it's a panacea solution, right. It's just one more piece. I think honestly that one of the most important opportunities has been with Cloud computing and Cloud's been around for a while. So why would I say that? It's because if you think about like everybody holds up the Steve Jobs, Steve Wozniak, back in the '70s, or Sergey and Larry for Google, you know, you had to have access to enough credit card limit to go to Fry's and buy your servers and then access to somebody like Susan Wojcicki to borrow the garage or whatever. But there was still a certain amount of upfrontness that you had to be able to commit to, whereas now, and we've, I think, seen a really good evidence of this being able to lease server resources by the second and have development platforms that you can do on your phone. I mean, for a while I think Africa, that the majority of development happened on mobile devices because there wasn't a sufficient supply chain of laptops yet. And that's no longer true now as far as I know. But like the power that that enables for people who would otherwise be underrepresented in our industry instantly opens it up, right? And so to me that's I think probably the biggest opportunity that we've seen from an industry on how to make more availability in underrepresented representation for entrepreneurship. >> Yeah. >> Something like AI, I think that's actually going to take us backwards if we're not careful. >> Yeah. >> Because of we're reinforcing that socialization. >> Well, also the bias. A lot of people commenting on the biases of the large language inherently built in are also problem. Lena, I want you to weigh on this too, because I think the skills question comes up here and I've been advocating that you don't need the pedigree, college pedigree, to get into a certain jobs, you mentioned Cloud computing. I mean, it's been around for you think a long time, but not really, really think about it. The ability to level up, okay, if you're going to join something new and half the jobs in cybersecurity are created in the past year, right? So, you have this what used to be a barrier, your degree, your pedigree, your certification would take years, would be a blocker. Now that's gone. >> Lena: Yeah, it's the opposite. >> That's, in fact, psychology. >> I think so, but the people who I, by and large, who I interview for jobs, they have, I think security people and also I work with our compliance folks and I can't forget them, but let's talk about security just now. I've always found a particular kind of mindset with security folks. We're very curious, not very good at following rules a lot of the time, and we'd love to teach others. I mean, that's one of the big things stem from the start of my career. People were always interested in teaching and I was interested in learning. So it was perfect. And I think also having, you know, strong women leaders at MongoDB allows other underrepresented groups to actually apply to the company 'cause they see that we're kind of talking the talk. And that's been important. I think it's really important. You know, you've got Tara and I on here today. There's obviously other senior women at MongoDB that you can talk to as well. There's a bunch of us. There's not a whole ton of us, but there's a bunch of us. And it's good. It's definitely growing. I've been there for four years now and I've seen a growth in women in senior leadership positions. And I think having that kind of track record of getting really good quality underrepresented candidates to not just interview, but come and join us, it's seen. And it's seen in the industry and people take notice and they're like, "Oh, okay, well if that person's working, you know, if Tara Hernandez is working there, I'm going to apply for that." And that in itself I think can really, you know, reap the rewards. But it's getting started. It's like how do you get your first strong female into that position or your first strong underrepresented person into that position? It's hard. I get it. If it was easy, we would've sold already. >> It's like anything. I want to see people like me, my friends in there. Am I going to be alone? Am I going to be of a group? It's a group psychology. Why wouldn't? So getting it out there is key. Is there skills that you think that people should pay attention to? One's come up as curiosity, learning. What are some of the best practices for folks trying to get into the tech field or that's in the tech field and advancing through? What advice are you guys- >> I mean, yeah, definitely, what I say to my team is within my budget, we try and give every at least one training course a year. And there's so much free stuff out there as well. But, you know, keep learning. And even if it's not right in your wheelhouse, don't pick about it. Don't, you know, take a look at what else could be out there that could interest you and then go for it. You know, what does it take you few minutes each night to read a book on something that might change your entire career? You know, be enthusiastic about the opportunities out there. And there's so many opportunities in security. Just so many. >> Tara, what's your advice for folks out there? Tons of stuff to taste, taste test, try things. >> Absolutely. I mean, I always say, you know, my primary qualifications for people, I'm looking for them to be smart and motivated, right. Because the industry changes so quickly. What we're doing now versus what we did even last year versus five years ago, you know, is completely different though themes are certainly the same. You know, we still have to code and we still have to compile that code or package the code and ship the code so, you know, how well can we adapt to these new things instead of creating floppy disks, which was my first job. Five and a quarters, even. The big ones. >> That's old school, OG. There it is. Well done. >> And now it's, you know, containers, you know, (indistinct) image containers. And so, you know, I've gotten a lot of really great success hiring boot campers, you know, career transitioners. Because they bring a lot experience in addition to the technical skills. I think the most important thing is to experiment and figuring out what do you like, because, you know, maybe you are really into security or maybe you're really into like deep level coding and you want to go back, you know, try to go to school to get a degree where you would actually want that level of learning. Or maybe you're a front end engineer, you want to be full stacked. Like there's so many different things, data science, right. Maybe you want to go learn R right. You know, I think it's like figure out what you like because once you find that, that in turn is going to energize you 'cause you're going to feel motivated. I think the worst thing you could do is try to force yourself to learn something that you really could not care less about. That's just the worst. You're going in handicapped. >> Yeah and there's choices now versus when we were breaking into the business. It was like, okay, you software engineer. They call it software engineering, that's all it was. You were that or you were in sales. Like, you know, some sort of systems engineer or sales and now it's,- >> I had never heard of my job when I was in school, right. I didn't even know it was a possibility. But there's so many different types of technical roles, you know, absolutely. >> It's so exciting. I wish I was young again. >> One of the- >> Me too. (Lena laughs) >> I don't. I like the age I am. So one of the things that I did to kind of harness that curiosity is we've set up a security champions programs. About 120, I guess, volunteers globally. And these are people from all different backgrounds and all genders, diversity groups, underrepresented groups, we feel are now represented within this champions program. And people basically give up about an hour or two of their time each week, with their supervisors permission, and we basically teach them different things about security. And we've now had seven full-time people move from different areas within MongoDB into my team as a result of that program. So, you know, monetarily and time, yeah, saved us both. But also we're showing people that there is a path, you know, if you start off in Tara's team, for example, doing X, you join the champions program, you're like, "You know, I'd really like to get into red teaming. That would be so cool." If it fits, then we make that happen. And that has been really important for me, especially to give, you know, the women in the underrepresented groups within MongoDB just that window into something they might never have seen otherwise. >> That's a great common fit is fit matters. Also that getting access to what you fit is also access to either mentoring or sponsorship or some sort of, at least some navigation. Like what's out there and not being afraid to like, you know, just ask. >> Yeah, we just actually kicked off our big mentor program last week, so I'm the executive sponsor of that. I know Tara is part of it, which is fantastic. >> We'll put a plug in for it. Go ahead. >> Yeah, no, it's amazing. There's, gosh, I don't even know the numbers anymore, but there's a lot of people involved in this and so much so that we've had to set up mentoring groups rather than one-on-one. And I think it was 45% of the mentors are actually male, which is quite incredible for a program called Mentor Her. And then what we want to do in the future is actually create a program called Mentor Them so that it's not, you know, not just on the female and so that we can live other groups represented and, you know, kind of break down those groups a wee bit more and have some more granularity in the offering. >> Tara, talk about mentoring and sponsorship. Open source has been there for a long time. People help each other. It's community-oriented. What's your view of how to work with mentors and sponsors if someone's moving through ranks? >> You know, one of the things that was really interesting, unfortunately, in some of the earliest open source communities is there was a lot of pervasive misogyny to be perfectly honest. >> Yeah. >> And one of the important adaptations that we made as an open source community was the idea, an introduction of code of conducts. And so when I'm talking to women who are thinking about expanding their skills, I encourage them to join open source communities to have opportunity, even if they're not getting paid for it, you know, to develop their skills to work with people to get those code reviews, right. I'm like, "Whatever you join, make sure they have a code of conduct and a good leadership team. It's very important." And there are plenty, right. And then that idea has come into, you know, conferences now. So now conferences have codes of contact, if there are any good, and maybe not all of them, but most of them, right. And the ideas of expanding that idea of intentional healthy culture. >> John: Yeah. >> As a business goal and business differentiator. I mean, I won't lie, when I was recruited to come to MongoDB, the culture that I was able to discern through talking to people, in addition to seeing that there was actually women in senior leadership roles like Lena, like Kayla Nelson, that was a huge win. And so it just builds on momentum. And so now, you know, those of us who are in that are now representing. And so that kind of reinforces, but it's all ties together, right. As the open source world goes, particularly for a company like MongoDB, which has an open source product, you know, and our community builds. You know, it's a good thing to be mindful of for us, how we interact with the community and you know, because that could also become an opportunity for recruiting. >> John: Yeah. >> Right. So we, in addition to people who might become advocates on Mongo's behalf in their own company as a solution for themselves, so. >> You guys had great successful company and great leadership there. I mean, I can't tell you how many times someone's told me "MongoDB doesn't scale. It's going to be dead next year." I mean, I was going back 10 years. It's like, just keeps getting better and better. You guys do a great job. So it's so fun to see the success of developers. Really appreciate you guys coming on the program. Final question, what are you guys excited about to end the segment? We'll give you guys the last word. Lena will start with you and Tara, you can wrap us up. What are you excited about? >> I'm excited to see what this year brings. I think with ChatGPT and its copycats, I think it'll be a very interesting year when it comes to AI and always in the lookout for the authentic deep fakes that we see coming out. So just trying to make people aware that this is a real thing. It's not just pretend. And then of course, our old friend ransomware, let's see where that's going to go. >> John: Yeah. >> And let's see where we get to and just genuine hygiene and housekeeping when it comes to security. >> Excellent. Tara. >> Ah, well for us, you know, we're always constantly trying to up our game from a security perspective in the software development life cycle. But also, you know, what can we do? You know, one interesting application of AI that maybe Google doesn't like to talk about is it is really cool as an addendum to search and you know, how we might incorporate that as far as our learning environment and developer productivity, and how can we enable our developers to be more efficient, productive in their day-to-day work. So, I don't know, there's all kinds of opportunities that we're looking at for how we might improve that process here at MongoDB and then maybe be able to share it with the world. One of the things I love about working at MongoDB is we get to use our own products, right. And so being able to have this interesting document database in order to put information and then maybe apply some sort of AI to get it out again, is something that we may well be looking at, if not this year, then certainly in the coming year. >> Awesome. Lena Smart, the chief information security officer. Tara Hernandez, vice president developer of productivity from MongoDB. Thank you so much for sharing here on International Women's Day. We're going to do this quarterly every year. We're going to do it and then we're going to do quarterly updates. Thank you so much for being part of this program. >> Thank you. >> Thanks for having us. >> Okay, this is theCube's coverage of International Women's Day. I'm John Furrier, your host. Thanks for watching. (upbeat music)

>> Now we're recording. >> All right. >> Appreciate that, Hannah. >> Yeah, so I mean, I think in general we continue to do very, very well as a company. I think like everybody, there's economic headwinds today that are unavoidable, but I think we have a couple things going for us. One, we're in the cyberspace, which I think is, for the most part, recession proof as an industry. I think the impact of a recession will impact some vendors and some categories, but in general, I think the industry is pretty resilient. It's like the power industry, no? Recession or not, you still need electricity to your house. Cybersecurity is almost becoming a utility like that as far as the needs of companies go. I think for us, we also have the ability to do the security, the security operations, for a lot of companies, and if you look at the value proposition, the ROI for the cost of less than one to maybe two or three, depending on how big you are as a customer, what you'd have to pay for half to three security operations people, we can give you a full security operations. And so the ROI is is almost kind of brain dead simple, and so that keeps us going pretty well. And I think the other areas, we remove all that complexity for people. So in a world where you got other problems to worry about, handling all the security complexity is something that adds to that ROI. So for us, I think what we're seeing is mostly is some of the larger deals are taking a little bit longer than they have, some of the large enterprise deals, 'cause I think they are being a little more cautious about how they spend it, but in general, business is still kind of cranking along. >> Anything you can share with me that you guys have talked about publicly in terms of any metrics, or what can you tell me other than cranking? >> Yeah, I mean, I would just say we're still very, very high growth, so I think our financial profile would kind of still put us clearly in the cyber unicorn position, but I think other than that, we don't really share business metrics as a private- >> Okay, so how about headcount? >> Still growing. So we're not growing as fast as we've been growing, but I don't think we were anyway. I think we kind of, we're getting to the point of critical mass. We'll start to grow in a more kind of normal course and speed. I don't think we overhired like a lot of companies did in the past, even though we added, almost doubled the size of the company in the last 18 months. So we're still hiring, but very kind of targeted to certain roles going forward 'cause I do think we're kind of at critical mass in some of the other functions. >> You disclose headcount or no? >> We do not. >> You don't, okay. And never have? >> Not that I'm aware of, no. >> Okay, on the macro, I don't know if security's recession proof, but it's less susceptible, let's say. I've had Nikesh Arora on recently, we're at Palo Alto's Ignite, and he was saying, "Look," it's just like you were saying, "Larger deal's a little harder." A lot of times customers, he was saying customers are breaking larger deals into smaller deals, more POCs, more approvals, more people to get through the approval, not whole, blah, blah, blah. Now they're a different animal, I understand, but are you seeing similar trends, and how are you dealing with that? >> Yeah, I think the exact same trends, and I think it's just in a world where spending a dollar matters, I think a lot more oversight comes into play, a lot more reviewers, and can you shave it down here? Can you reduce the scope of the project to save money there? And I think it just caused a lot of those things. I think, in the large enterprise, I think most of those deals for companies like us and Palo and CrowdStrike and kind of the upper tier companies, they'll still go through. I think they'll just going to take a lot longer, and, yeah, maybe they're 80% of what they would've been otherwise, but there's still a lot of business to be had out there. >> So how are you dealing with that? I mean, you're talking about you double the size of the company. Is it kind of more focused on go-to-market, more sort of, maybe not overlay, but sort of SE types that are going to be doing more handholding. How have you dealt with that? Or have you just sort of said, "Hey, it is what it is, and we're not going to, we're not going to tactically respond to. We got long-term direction"? >> Yeah, I think it's more the latter. I think for us, it's we've gone through all these things before. It just takes longer now. So a lot of the steps we're taking are the same steps. We're still involved in a lot of POCs, we're involved in a lot of demos, and I don't think that changed. It's just the time between your POC and when someone sends you the PO, there's five more people now got to review things and go through a budget committee and all sorts of stuff like that. I think where we're probably focused more now is adding more and more capabilities just so we continue to be on the front foot of innovation and being relevant to the market, and trying to create more differentiators for us and the competitors. That's something that's just built into our culture, and we don't want to slow that down. And so even though the business is still doing extremely, extremely well, we want to keep investing in kind of technology. >> So the deal size, is it fair to say the initial deal size for new accounts, while it may be smaller, you're adding more capabilities, and so over time, your average contract values will go up? Are you seeing that trend? Or am I- >> Well, I would say I don't even necessarily see our average deal size has gotten smaller. I think in total, it's probably gotten a little bigger. I think what happens is when something like this happens, the old cream rises to the top thing, I think, comes into play, and you'll see some organizations instead of doing a deal with three or four vendors, they may want to pick one or two and really kind of put a lot of energy behind that. For them, they're maybe spending a little less money, but for those vendors who are amongst those getting chosen, I think they're doing pretty good. So our average deal size is pretty stable. For us, it's just a temporal thing. It's just the larger deals take a little bit longer. I don't think we're seeing much of a deal velocity difference in our mid-market commercial spaces, but in the large enterprise it's a little bit slower. But for us, we have ambitious plans in our strategy or on how we want to execute and what we want to build, and so I think we want to just continue to make sure we go down that path technically. >> So I have some questions on sort of the target markets and the cohorts you're going after, and I have some product questions. I know we're somewhat limited on time, but the historical focus has been on SMB, and I know you guys have gone in into enterprise. I'm curious as to how that's going. Any guidance you can give me on mix? Or when I talk to the big guys, right, you know who they are, the big managed service providers, MSSPs, and they're like, "Poo poo on Arctic Wolf," like, "Oh, they're (groans)." I said, "Yeah, that's what they used to say about the PC. It's just a toy. Or Microsoft SQL Server." But so I kind of love that narrative for you guys, but I'm curious from your words as to, what is that enterprise? How's the historical business doing, and how's the entrance into the enterprise going? What kind of hurdles are you having, blockers are you having to remove? Any color you can give me there would be super helpful. >> Yeah, so I think our commercial S&B business continues to do really good. Our mid-market is a very strong market for us. And I think while a lot of companies like to focus purely on large enterprise, there's a lot more mid-market companies, and a much larger piece of the IT puzzle collectively is in mid-market than it is large enterprise. That being said, we started to get pulled into the large enterprise not because we're a toy but because we're quite a comprehensive service. And so I think what we're trying to do from a roadmap perspective is catch up with some of the kind of capabilities that a large enterprise would want from us that a potential mid-market customer wouldn't. In some case, it's not doing more. It's just doing it different. Like, so we have a very kind of hands-on engagement with some of our smaller customers, something we call our concierge. Some of the large enterprises want more of a hybrid where they do some stuff and you do some stuff. And so kind of building that capability into the platform is something that's really important for us. Just how we engage with them as far as giving 'em access to their data, the certain APIs they want, things of that nature, what we're building out for large enterprise, but the demand by large enterprise on our business is enormous. And so it's really just us kind of catching up with some of the kind of the features that they want that we lack today, but many of 'em are still signing up with us, obviously, and in lieu of that, knowing that it's coming soon. And so I think if you look at the growth of our large enterprise, it's one of our fastest growing segments, and I think it shows anything but we're a toy. I would be shocked, frankly, if there's an MSSP, and, of course, we don't see ourself as an MSSP, but I'd be shocked if any of them operate a platform at the scale that ours operates. >> Okay, so wow. A lot I want to unpack there. So just to follow up on that last question, you don't see yourself as an MSSP because why, you see yourselves as a technology platform? >> Yes, I mean, the vast, vast, vast majority of what we deliver is our own technology. So we integrate with third-party solutions mostly to bring in that telemetry. So we've built our own platform from the ground up. We have our own threat intelligence, our own detection logic. We do have our own agents and network sensors. MSSP is typically cobbling together other tools, third party off-the-shelf tools to run their SOC. Ours is all homegrown technology. So I have a whole group called Arctic Wolf Labs, is building, just cranking out ML-based detections, building out infrastructure to take feeds in from a variety of different sources. We have a full integration kind of effort where we integrate into other third parties. So when we go into a customer, we can leverage whatever they have, but at the same time, we produce some tech that if they're lacking in a certain area, we can provide that tech, particularly around things like endpoint agents and network sensors and the like. >> What about like identity, doing your own identity? >> So we don't do our own identity, but we take feeds in from things like Okta and Active Directory and the like, and we have detection logic built on top of that. So part of our value add is we were XDR before XDR was the cool thing to talk about, meaning we can look across multiple attack surfaces and come to a security conclusion where most EDR vendors started with looking just at the endpoint, right? And then they called themselves XDR because now they took in a network feed, but they still looked at it as a separate network detection. We actually look at the things across multiple attack surfaces and stitch 'em together to look at that from a security perspective. In some cases we have automatic detections that will fire. In other cases, we can surface some to a security professional who can go start pulling on that thread. >> So you don't need to purchase CrowdStrike software and integrate it. You have your own equivalent essentially. >> Well, we'll take a feed from the CrowdStrike endpoint into our platform. We don't have to rely on their detections and their alerts, and things of that nature. Now obviously anything they discover we pull in as well, it's just additional context, but we have all our own tech behind it. So we operate kind of at an MSSP scale. We have a similar value proposition in the sense that we'll use whatever the customer has, but once that data kind of comes into our pipeline, it's all our own homegrown tech from there. >> But I mean, what I like about the MSSP piece of your business is it's very high touch. It's very intimate. What I like about what you're saying is that it's software-like economics, so software, software-like part of it. >> That's what makes us the unicorn, right? Is we do have, our concierges is very hands-on. We continue to drive automation that makes our concierge security professionals more efficient, but we always want that customer to have that concierge person as, is almost an extension to their security team, or in some cases, for companies that don't even have a security team, as their security team. As we go down the path, as I mentioned, one of the things we want to be able to do is start to have a more flexible model where we can have that high touch if you want it. We can have the high touch on certain occasions, and you can do stuff. We can have low touch, like we can span the spectrum, but we never want to lose our kind of unique value proposition around the concierge, but we also want to make sure that we're providing an interface that any customer would want to use. >> So given that sort of software-like economics, I mean, services companies need this too, but especially in software, things like net revenue retention and churn are super important. How are those metrics looking? What can you share with me there? >> Yeah, I mean, again, we don't share those metrics publicly, but all's I can continue to repeat is, if you looked at all of our financial metrics, I think you would clearly put us in the unicorn category. I think very few companies are going to have the level of growth that we have on the amount of ARR that we have with the net revenue retention and the churn and upsell. All those aspects continue to be very, very strong for us. >> I want to go back to the sort of enterprise conversation. So large enterprises would engage with you as a complement to their existing SOC, correct? Is that a fair statement or not necessarily? >> It's in some cases. In some cases, they're looking to not have a SOC. So we run into a lot of cases where they want to replace their SIEM, and they want a solution like Arctic Wolf to do that. And so there's a poll, I can't remember, I think it was Forrester, IDC, one of them did it a couple years ago, and they found out that 70% of large enterprises do not want to build the SOC, and it's not 'cause they don't need one, it's 'cause they can't afford it, they can't staff it, they don't have the expertise. And you think about if you're a tech company or a bank, or something like that, of course you can do it, but if you're an international plumbing distributor, you're not going to (chuckles), someone's not going to graduate from Stanford with a cybersecurity degree and go, "Cool, I want to go work for a plumbing distributor in their SOC," right? So they're going to have trouble kind of bringing in the right talent, and as a result, it's difficult to go make a multimillion-dollar investment into a SOC if you're not going to get the quality people to operate it, so they turn to companies like us. >> Got it, so, okay, so you're talking earlier about capabilities that large enterprises require that there might be some gaps, you might lack some features. A couple questions there. One is, when you do some of those, I inferred some of that is integrations. Are those integrations sort of one-off snowflakes or are you finding that you're able to scale those across the large enterprises? That's my first question. >> Yeah, so most of the integrations are pretty straightforward. I think where we run into things that are kind of enterprise-centric, they definitely want open APIs, they want access to our platform, which we don't do today, which we are going to be doing, but we don't do that yet today. They want to do more of a SIEM replacement. So we're really kind of what we call an open XDR platform, so there's things that we would need to build to kind of do raw log ingestion. I mean, we do this today. We have raw log ingestion, we have log storage, we have log searching, but there's like some of the compliance scenarios that they need out of their SIEM. We don't do those today. And so that's kind of holding them back from getting off their SIEM and going fully onto a solution like ours. Then the other one is kind of the level of customization, so the ability to create a whole bunch of custom rules, and that ties back to, "I want to get off my SIEM. I've built all these custom rules in my SIEM, and it's great that you guys do all this automatic AI stuff in the background, but I need these very specific things to be executed on." And so trying to build an interface for them to be able to do that and then also simulate it, again, because, no matter how big they are running their SIEM and their SOC... Like, we talked to one of the largest financial institutions in the world. As far as we were told, they have the largest individual company SOC in the world, and we operate almost 15 times their size. So we always have to be careful because this is a cloud-based native platform, but someone creates some rule that then just craters the performance of the whole platform, so we have to build kind of those guardrails around it. So those are the things primarily that the large enterprises are asking for. Most of those issues are not holding them back from coming. They want to know they're coming, and we're working on all of those. >> Cool, and see, just aside, I was talking to CISO the other day, said, "If it weren't for my compliance and audit group, I would chuck my SIEM." I mean, everybody wants to get rid of their SIEM. >> I've never met anyone who likes their SIEM. >> Do you feel like you've achieved product market fit in the larger enterprise or is that still something that you're sorting out? >> So I think we know, like, we're on a path to do that. We're on a provable path to do that, so I don't think there's any surprises left. I think everything that we know we need to do for that is someone's writing code for it today. It's just a matter of getting it through the system and getting into production. So I feel pretty good about it. I think that's why we are seeing such a high growth rate in our large enterprise business, 'cause we share that feedback with some of those key customers. We have a Customer Advisory Board that we share a lot of this information with. So yeah, I mean, I feel pretty good about what we need to do. We're certainly operate at large enterprise scales, so taking in the amount of the volume of data they're going to have and the types of integrations they need. We're comfortable with that. It's just more or less the interfaces that a large enterprise would want that some of the smaller companies don't ask for. >> Do you have enough tenure in the market to get a sense as to stickiness or even indicators that will lead toward retention? Have you been at it long enough in the enterprise or you still, again, figuring that out? >> Yeah, no, I think we've been at it long enough, and our retention rates are extremely high. If anything, kind of our net retention rates, well over 100% 'cause we have opportunities to upsell into new modules and expanding the coverage of what they have today. I think the areas that if you cornered enterprise that use us and things they would complain about are things I just told you about, right? There's still some things I want to do in my Splunk, and I need an API to pull my data out and put it in my Splunk and stuff like that, and those are the things we want to enable. >> Yeah, so I can't wait till you guys go public because you got Snowflake up here, and you got Veritas down here, and I'm very curious as to where you guys go. When's the IPO? You want to tell me that? (chuckling) >> Unfortunately, it's not up to us right now. You got to get the markets- >> Yeah, I hear you. Right, if the market were better. Well, if the market were better, you think you'd be out? >> Yeah, I mean, we'd certainly be a viable candidate to go. >> Yeah, there you go. I have a question for you because I don't have a SOC. I run a small business with my co-CEO. We're like 30, 40 people W-2s, we got another 50 or so contractors, and I'm always like have one eye, sleep with one eye open 'cause of security. What is your ideal SMB customer? Think S. >> Yeah. >> Would I fit? >> Yeah, I mean you're you're right in the sweet spot. I think where the company started and where we still have a lot of value proposition, which is companies like, like you said it, you sleep with one eye open, but you don't have necessarily the technical acumen to be able to do that security for yourself, and that's where we fit in. We bring kind of this whole security, we call it Security Operations Cloud, to bear, and we have some of the best professionals in the world who can basically be your SOC for less than it would cost you to hire somebody right out of college to do IT stuff. And so the value proposition's there. You're going to get the best of the best, providing you a kind of a security service that you couldn't possibly build on your own, and that way you can go to bed at night and close both eyes. >> So (chuckling) I'm sure something else would keep me up. But so in thinking about that, our Amazon bill keeps growing and growing and growing. What would it, and I presume I can engage with you on a monthly basis, right? As a consumption model, or how's the pricing work? >> Yeah, so there's two models that we have. So typically the kind of the monthly billing type of models would be through one of our MSP partners, where they have monthly billing capabilities. Usually direct with us is more of a longer term deal, could be one, two, or three, or it's up to the customer. And so we have both of those engagement models. Were doing more and more and more through MSPs today because of that model you just described, and they do kind of target the very S in the SMB as well. >> I mean, rough numbers, even ranges. If I wanted to go with the MSP monthly, I mean, what would a small company like mine be looking at a month? >> Honestly, I do not even know the answer to that. >> We're not talking hundreds of thousands of dollars a month? >> No. God, no. God, no. No, no, no. >> I mean, order of magnitude, we're talking thousands, tens of thousands? >> Thousands, on a monthly basis. Yeah. >> Yeah, yeah. Thousands per month. So if I were to budget between 20 and $50,000 a year, I'm definitely within the envelope. Is that fair? I mean, I'm giving a wide range >> That's fair. just to try to make- >> No, that's fair. >> And if I wanted to go direct with you, I would be signing up for a longer term agreement, correct, like I do with Salesforce? >> Yeah, yeah, a year. A year would, I think, be the minimum for that, and, yeah, I think the budget you set aside is kind of right in the sweet spot there. >> Yeah, I'm interested, I'm going to... Have a sales guy call me (chuckles) somehow. >> All right, will do. >> No, I'm serious. I want to start >> I will. >> investigating these things because we sell to very large organizations. I mean, name a tech company. That's our client base, except for Arctic Wolf. We should talk about that. And increasingly they're paranoid about data protection agreements, how you're protecting your data, our data. We write a lot of software and deliver it as part of our services, so it's something that's increasingly important. It's certainly a board level discussion and beyond, and most large organizations and small companies oftentimes don't think about it or try not to. They just put their head in the sand and, "We don't want to be doing that," so. >> Yeah, I will definitely have someone get in touch with you. >> Cool. Let's see. Anything else you can tell me on the product side? Are there things that you're doing that we talked about, the gaps at the high end that you're, some of the features that you're building in, which was super helpful. Anything in the SMB space that you want to share? >> Yeah, I think the biggest thing that we're doing technically now is really trying to drive more and more automation and efficiency through our operations, and that comes through really kind of a generous use of AI. So building models around more efficient detections based upon signal, but also automating the actions of our operators so we can start to learn through the interface. When they do A and B, they always do C. Well, let's just do C for them, stuff like that. Then also building more automation as far as the response back to third-party solutions as well so we can remediate more directly on third-party products without having to get into the consoles or having our customers do it. So that's really just trying to drive efficiency in the system, and that helps provide better security outcomes but also has a big impact on our margins as well. >> I know you got to go, but I want to show you something real quick. I have data. I do a weekly program called "Breaking Analysis," and I have a partner called ETR, Enterprise Technology Research, and they have a platform. I don't know if you can see this. They have a survey platform, and each quarter, they do a survey of about 1,500 IT decision makers. They also have a survey on, they call ETS, Emerging Technology Survey. So it's private companies. And I don't want to go into it too much, but this is a sentiment graph. This is net sentiment. >> Just so you know, all I see is a white- >> Yeah, just a white bar. >> Oh, that's weird. Oh, whiteboard. Oh, here we go. How about that? >> There you go. >> Yeah, so this is a sentiment graph. So this is net sentiment and this is mindshare. And if I go to Arctic Wolf... So it's typical security, right? The 8,000 companies. And when I go here, what impresses me about this is you got a decent mindshare, that's this axis, but you've also got an N in the survey. It's about 1,500 in the survey, It's 479 Arctic Wolf customers responded to this. 57% don't know you. Oh, sorry, they're aware of you, but no plan to evaluate; 19% plan to evaluate, 7% are evaluating; 11%, no plan to utilize even though they've evaluated you; and 1% say they've evaluated you and plan to utilize. It's a small percentage, but actually it's not bad in the random sample of the world about that. And so obviously you want to get that number up, but this is a really impressive position right here that I wanted to just share with you. I do a lot of analysis weekly, and this is a really, it's completely independent survey, and you're sort of separating from the pack, as you can see. So kind of- >> Well, it's good to see that. And I think that just is a further indicator of what I was telling you. We continue to have a strong financial performance. >> Yeah, in a good market. Okay, well, thanks you guys. And hey, if I can get this recording, Hannah, I may even figure out how to write it up. (chuckles) That would be super helpful. >> Yes. We'll get that up. >> And David or Hannah, if you can send me David's contact info so I can get a salesperson in touch with him. (Hannah chuckling) >> Yeah, great. >> Yeah, we'll work on that as well. Thanks so much for both your time. >> Thanks a lot. It was great talking with you. >> Thanks, you guys. Great to meet you. >> Thank you. >> Bye. >> Bye.

(upbeat music beginning) >> From the Cube Studios in Palo Alto and Boston, bringing you data-driven insights from the Cube and ETR, this is "Breaking Analysis" with Dave Vellante. >> Making predictions about the future of enterprise tech is more challenging if you strive to lay down forecasts that are measurable. In other words, if you make a prediction, you should be able to look back a year later and say, with some degree of certainty, whether the prediction came true or not, with evidence to back that up. Hello and welcome to this week's Wikibon Cube Insights, powered by ETR. In this breaking analysis, we aim to do just that, with predictions about the macro IT spending environment, cost optimization, security, lots to talk about there, generative AI, cloud, and of course supercloud, blockchain adoption, data platforms, including commentary on Databricks, snowflake, and other key players, automation, events, and we may even have some bonus predictions around quantum computing, and perhaps some other areas. To make all this happen, we welcome back, for the third year in a row, my colleague and friend Eric Bradley from ETR. Eric, thanks for all you do for the community, and thanks for being part of this program. Again. >> I wouldn't miss it for the world. I always enjoy this one. Dave, good to see you. >> Yeah, so let me bring up this next slide and show you, actually come back to me if you would. I got to show the audience this. These are the inbounds that we got from PR firms starting in October around predictions. They know we do prediction posts. And so they'll send literally thousands and thousands of predictions from hundreds of experts in the industry, technologists, consultants, et cetera. And if you bring up the slide I can show you sort of the pattern that developed here. 40% of these thousands of predictions were from cyber. You had AI and data. If you combine those, it's still not close to cyber. Cost optimization was a big thing. Of course, cloud, some on DevOps, and software. Digital... Digital transformation got, you know, some lip service and SaaS. And then there was other, it's kind of around 2%. So quite remarkable, when you think about the focus on cyber, Eric. >> Yeah, there's two reasons why I think it makes sense, though. One, the cybersecurity companies have a lot of cash, so therefore the PR firms might be working a little bit harder for them than some of their other clients. (laughs) And then secondly, as you know, for multiple years now, when we do our macro survey, we ask, "What's your number one spending priority?" And again, it's security. It just isn't going anywhere. It just stays at the top. So I'm actually not that surprised by that little pie chart there, but I was shocked that SaaS was only 5%. You know, going back 10 years ago, that would've been the only thing anyone was talking about. >> Yeah. So true. All right, let's get into it. First prediction, we always start with kind of tech spending. Number one is tech spending increases between four and 5%. ETR has currently got it at 4.6% coming into 2023. This has been a consistently downward trend all year. We started, you know, much, much higher as we've been reporting. Bottom line is the fed is still in control. They're going to ease up on tightening, is the expectation, they're going to shoot for a soft landing. But you know, my feeling is this slingshot economy is going to continue, and it's going to continue to confound, whether it's supply chains or spending. The, the interesting thing about the ETR data, Eric, and I want you to comment on this, the largest companies are the most aggressive to cut. They're laying off, smaller firms are spending faster. They're actually growing at a much larger, faster rate as are companies in EMEA. And that's a surprise. That's outpacing the US and APAC. Chime in on this, Eric. >> Yeah, I was surprised on all of that. First on the higher level spending, we are definitely seeing it coming down, but the interesting thing here is headlines are making it worse. The huge research shop recently said 0% growth. We're coming in at 4.6%. And just so everyone knows, this is not us guessing, we asked 1,525 IT decision-makers what their budget growth will be, and they came in at 4.6%. Now there's a huge disparity, as you mentioned. The Fortune 500, global 2000, barely at 2% growth, but small, it's at 7%. So we're at a situation right now where the smaller companies are still playing a little bit of catch up on digital transformation, and they're spending money. The largest companies that have the most to lose from a recession are being more trepidatious, obviously. So they're playing a "Wait and see." And I hope we don't talk ourselves into a recession. Certainly the headlines and some of their research shops are helping it along. But another interesting comment here is, you know, energy and utilities used to be called an orphan and widow stock group, right? They are spending more than anyone, more than financials insurance, more than retail consumer. So right now it's being driven by mid, small, and energy and utilities. They're all spending like gangbusters, like nothing's happening. And it's the rest of everyone else that's being very cautious. >> Yeah, so very unpredictable right now. All right, let's go to number two. Cost optimization remains a major theme in 2023. We've been reporting on this. You've, we've shown a chart here. What's the primary method that your organization plans to use? You asked this question of those individuals that cited that they were going to reduce their spend and- >> Mhm. >> consolidating redundant vendors, you know, still leads the way, you know, far behind, cloud optimization is second, but it, but cloud continues to outpace legacy on-prem spending, no doubt. Somebody, it was, the guy's name was Alexander Feiglstorfer from Storyblok, sent in a prediction, said "All in one becomes extinct." Now, generally I would say I disagree with that because, you know, as we know over the years, suites tend to win out over, you know, individual, you know, point products. But I think what's going to happen is all in one is going to remain the norm for these larger companies that are cutting back. They want to consolidate redundant vendors, and the smaller companies are going to stick with that best of breed and be more aggressive and try to compete more effectively. What's your take on that? >> Yeah, I'm seeing much more consolidation in vendors, but also consolidation in functionality. We're seeing people building out new functionality, whether it's, we're going to talk about this later, so I don't want to steal too much of our thunder right now, but data and security also, we're seeing a functionality creep. So I think there's further consolidation happening here. I think niche solutions are going to be less likely, and platform solutions are going to be more likely in a spending environment where you want to reduce your vendors. You want to have one bill to pay, not 10. Another thing on this slide, real quick if I can before I move on, is we had a bunch of people write in and some of the answer options that aren't on this graph but did get cited a lot, unfortunately, is the obvious reduction in staff, hiring freezes, and delaying hardware, were three of the top write-ins. And another one was offshore outsourcing. So in addition to what we're seeing here, there were a lot of write-in options, and I just thought it would be important to state that, but essentially the cost optimization is by and far the highest one, and it's growing. So it's actually increased in our citations over the last year. >> And yeah, specifically consolidating redundant vendors. And so I actually thank you for bringing that other up, 'cause I had asked you, Eric, is there any evidence that repatriation is going on and we don't see it in the numbers, we don't see it even in the other, there was, I think very little or no mention of cloud repatriation, even though it might be happening in this in a smattering. >> Not a single mention, not one single mention. I went through it for you. Yep. Not one write-in. >> All right, let's move on. Number three, security leads M&A in 2023. Now you might say, "Oh, well that's a layup," but let me set this up Eric, because I didn't really do a great job with the slide. I hid the, what you've done, because you basically took, this is from the emerging technology survey with 1,181 responses from November. And what we did is we took Palo Alto and looked at the overlap in Palo Alto Networks accounts with these vendors that were showing on this chart. And Eric, I'm going to ask you to explain why we put a circle around OneTrust, but let me just set it up, and then have you comment on the slide and take, give us more detail. We're seeing private company valuations are off, you know, 10 to 40%. We saw a sneak, do a down round, but pretty good actually only down 12%. We've seen much higher down rounds. Palo Alto Networks we think is going to get busy. Again, they're an inquisitive company, they've been sort of quiet lately, and we think CrowdStrike, Cisco, Microsoft, Zscaler, we're predicting all of those will make some acquisitions and we're thinking that the targets are somewhere in this mess of security taxonomy. Other thing we're predicting AI meets cyber big time in 2023, we're going to probably going to see some acquisitions of those companies that are leaning into AI. We've seen some of that with Palo Alto. And then, you know, your comment to me, Eric, was "The RSA conference is going to be insane, hopping mad, "crazy this April," (Eric laughing) but give us your take on this data, and why the red circle around OneTrust? Take us back to that slide if you would, Alex. >> Sure. There's a few things here. First, let me explain what we're looking at. So because we separate the public companies and the private companies into two separate surveys, this allows us the ability to cross-reference that data. So what we're doing here is in our public survey, the tesis, everyone who cited some spending with Palo Alto, meaning they're a Palo Alto customer, we then cross-reference that with the private tech companies. Who also are they spending with? So what you're seeing here is an overlap. These companies that we have circled are doing the best in Palo Alto's accounts. Now, Palo Alto went and bought Twistlock a few years ago, which this data slide predicted, to be quite honest. And so I don't know if they necessarily are going to go after Snyk. Snyk, sorry. They already have something in that space. What they do need, however, is more on the authentication space. So I'm looking at OneTrust, with a 45% overlap in their overall net sentiment. That is a company that's already existing in their accounts and could be very synergistic to them. BeyondTrust as well, authentication identity. This is something that Palo needs to do to move more down that zero trust path. Now why did I pick Palo first? Because usually they're very inquisitive. They've been a little quiet lately. Secondly, if you look at the backdrop in the markets, the IPO freeze isn't going to last forever. Sooner or later, the IPO markets are going to open up, and some of these private companies are going to tap into public equity. In the meantime, however, cash funding on the private side is drying up. If they need another round, they're not going to get it, and they're certainly not going to get it at the valuations they were getting. So we're seeing valuations maybe come down where they're a touch more attractive, and Palo knows this isn't going to last forever. Cisco knows that, CrowdStrike, Zscaler, all these companies that are trying to make a push to become that vendor that you're consolidating in, around, they have a chance now, they have a window where they need to go make some acquisitions. And that's why I believe leading up to RSA, we're going to see some movement. I think it's going to pretty, a really exciting time in security right now. >> Awesome. Thank you. Great explanation. All right, let's go on the next one. Number four is, it relates to security. Let's stay there. Zero trust moves from hype to reality in 2023. Now again, you might say, "Oh yeah, that's a layup." A lot of these inbounds that we got are very, you know, kind of self-serving, but we always try to put some meat in the bone. So first thing we do is we pull out some commentary from, Eric, your roundtable, your insights roundtable. And we have a CISO from a global hospitality firm says, "For me that's the highest priority." He's talking about zero trust because it's the best ROI, it's the most forward-looking, and it enables a lot of the business transformation activities that we want to do. CISOs tell me that they actually can drive forward transformation projects that have zero trust, and because they can accelerate them, because they don't have to go through the hurdle of, you know, getting, making sure that it's secure. Second comment, zero trust closes that last mile where once you're authenticated, they open up the resource to you in a zero trust way. That's a CISO of a, and a managing director of a cyber risk services enterprise. Your thoughts on this? >> I can be here all day, so I'm going to try to be quick on this one. This is not a fluff piece on this one. There's a couple of other reasons this is happening. One, the board finally gets it. Zero trust at first was just a marketing hype term. Now the board understands it, and that's why CISOs are able to push through it. And what they finally did was redefine what it means. Zero trust simply means moving away from hardware security, moving towards software-defined security, with authentication as its base. The board finally gets that, and now they understand that this is necessary and it's being moved forward. The other reason it's happening now is hybrid work is here to stay. We weren't really sure at first, large companies were still trying to push people back to the office, and it's going to happen. The pendulum will swing back, but hybrid work's not going anywhere. By basically on our own data, we're seeing that 69% of companies expect remote and hybrid to be permanent, with only 30% permanent in office. Zero trust works for a hybrid environment. So all of that is the reason why this is happening right now. And going back to our previous prediction, this is why we're picking Palo, this is why we're picking Zscaler to make these acquisitions. Palo Alto needs to be better on the authentication side, and so does Zscaler. They're both fantastic on zero trust network access, but they need the authentication software defined aspect, and that's why we think this is going to happen. One last thing, in that CISO round table, I also had somebody say, "Listen, Zscaler is incredible. "They're doing incredibly well pervading the enterprise, "but their pricing's getting a little high," and they actually think Palo Alto is well-suited to start taking some of that share, if Palo can make one move. >> Yeah, Palo Alto's consolidation story is very strong. Here's my question and challenge. Do you and me, so I'm always hardcore about, okay, you've got to have evidence. I want to look back at these things a year from now and say, "Did we get it right? Yes or no?" If we got it wrong, we'll tell you we got it wrong. So how are we going to measure this? I'd say a couple things, and you can chime in. One is just the number of vendors talking about it. That's, but the marketing always leads the reality. So the second part of that is we got to get evidence from the buying community. Can you help us with that? >> (laughs) Luckily, that's what I do. I have a data company that asks thousands of IT decision-makers what they're adopting and what they're increasing spend on, as well as what they're decreasing spend on and what they're replacing. So I have snapshots in time over the last 11 years where I can go ahead and compare and contrast whether this adoption is happening or not. So come back to me in 12 months and I'll let you know. >> Now, you know, I will. Okay, let's bring up the next one. Number five, generative AI hits where the Metaverse missed. Of course everybody's talking about ChatGPT, we just wrote last week in a breaking analysis with John Furrier and Sarjeet Joha our take on that. We think 2023 does mark a pivot point as natural language processing really infiltrates enterprise tech just as Amazon turned the data center into an API. We think going forward, you're going to be interacting with technology through natural language, through English commands or other, you know, foreign language commands, and investors are lining up, all the VCs are getting excited about creating something competitive to ChatGPT, according to (indistinct) a hundred million dollars gets you a seat at the table, gets you into the game. (laughing) That's before you have to start doing promotion. But he thinks that's what it takes to actually create a clone or something equivalent. We've seen stuff from, you know, the head of Facebook's, you know, AI saying, "Oh, it's really not that sophisticated, ChatGPT, "it's kind of like IBM Watson, it's great engineering, "but you know, we've got more advanced technology." We know Google's working on some really interesting stuff. But here's the thing. ETR just launched this survey for the February survey. It's in the field now. We circle open AI in this category. They weren't even in the survey, Eric, last quarter. So 52% of the ETR survey respondents indicated a positive sentiment toward open AI. I added up all the sort of different bars, we could double click on that. And then I got this inbound from Scott Stevenson of Deep Graham. He said "AI is recession-proof." I don't know if that's the case, but it's a good quote. So bring this back up and take us through this. Explain this chart for us, if you would. >> First of all, I like Scott's quote better than the Facebook one. I think that's some sour grapes. Meta just spent an insane amount of money on the Metaverse and that's a dud. Microsoft just spent money on open AI and it is hot, undoubtedly hot. We've only been in the field with our current ETS survey for a week. So my caveat is it's preliminary data, but I don't care if it's preliminary data. (laughing) We're getting a sneak peek here at what is the number one net sentiment and mindshare leader in the entire machine-learning AI sector within a week. It's beating Data- >> 600. 600 in. >> It's beating Databricks. And we all know Databricks is a huge established enterprise company, not only in machine-learning AI, but it's in the top 10 in the entire survey. We have over 400 vendors in this survey. It's number eight overall, already. In a week. This is not hype. This is real. And I could go on the NLP stuff for a while. Not only here are we seeing it in open AI and machine-learning and AI, but we're seeing NLP in security. It's huge in email security. It's completely transforming that area. It's one of the reasons I thought Palo might take Abnormal out. They're doing such a great job with NLP in this email side, and also in the data prep tools. NLP is going to take out data prep tools. If we have time, I'll discuss that later. But yeah, this is, to me this is a no-brainer, and we're already seeing it in the data. >> Yeah, John Furrier called, you know, the ChatGPT introduction. He said it reminded him of the Netscape moment, when we all first saw Netscape Navigator and went, "Wow, it really could be transformative." All right, number six, the cloud expands to supercloud as edge computing accelerates and CloudFlare is a big winner in 2023. We've reported obviously on cloud, multi-cloud, supercloud and CloudFlare, basically saying what multi-cloud should have been. We pulled this quote from Atif Kahn, who is the founder and CTO of Alkira, thanks, one of the inbounds, thank you. "In 2023, highly distributed IT environments "will become more the norm "as organizations increasingly deploy hybrid cloud, "multi-cloud and edge settings..." Eric, from one of your round tables, "If my sources from edge computing are coming "from the cloud, that means I have my workloads "running in the cloud. "There is no one better than CloudFlare," That's a senior director of IT architecture at a huge financial firm. And then your analysis shows CloudFlare really growing in pervasion, that sort of market presence in the dataset, dramatically, to near 20%, leading, I think you had told me that they're even ahead of Google Cloud in terms of momentum right now. >> That was probably the biggest shock to me in our January 2023 tesis, which covers the public companies in the cloud computing sector. CloudFlare has now overtaken GCP in overall spending, and I was shocked by that. It's already extremely pervasive in networking, of course, for the edge networking side, and also in security. This is the number one leader in SaaSi, web access firewall, DDoS, bot protection, by your definition of supercloud, which we just did a couple of weeks ago, and I really enjoyed that by the way Dave, I think CloudFlare is the one that fits your definition best, because it's bringing all of these aspects together, and most importantly, it's cloud agnostic. It does not need to rely on Azure or AWS to do this. It has its own cloud. So I just think it's, when we look at your definition of supercloud, CloudFlare is the poster child. >> You know, what's interesting about that too, is a lot of people are poo-pooing CloudFlare, "Ah, it's, you know, really kind of not that sophisticated." "You don't have as many tools," but to your point, you're can have those tools in the cloud, Cloudflare's doing serverless on steroids, trying to keep things really simple, doing a phenomenal job at, you know, various locations around the world. And they're definitely one to watch. Somebody put them on my radar (laughing) a while ago and said, "Dave, you got to do a breaking analysis on CloudFlare." And so I want to thank that person. I can't really name them, 'cause they work inside of a giant hyperscaler. But- (Eric laughing) (Dave chuckling) >> Real quickly, if I can from a competitive perspective too, who else is there? They've already taken share from Akamai, and Fastly is their really only other direct comp, and they're not there. And these guys are in poll position and they're the only game in town right now. I just, I don't see it slowing down. >> I thought one of your comments from your roundtable I was reading, one of the folks said, you know, CloudFlare, if my workloads are in the cloud, they are, you know, dominant, they said not as strong with on-prem. And so Akamai is doing better there. I'm like, "Okay, where would you want to be?" (laughing) >> Yeah, which one of those two would you rather be? >> Right? Anyway, all right, let's move on. Number seven, blockchain continues to look for a home in the enterprise, but devs will slowly begin to adopt in 2023. You know, blockchains have got a lot of buzz, obviously crypto is, you know, the killer app for blockchain. Senior IT architect in financial services from your, one of your insight roundtables said quote, "For enterprises to adopt a new technology, "there have to be proven turnkey solutions. "My experience in talking with my peers are, "blockchain is still an open-source component "where you have to build around it." Now I want to thank Ravi Mayuram, who's the CTO of Couchbase sent in, you know, one of the predictions, he said, "DevOps will adopt blockchain, specifically Ethereum." And he referenced actually in his email to me, Solidity, which is the programming language for Ethereum, "will be in every DevOps pro's playbook, "mirroring the boom in machine-learning. "Newer programming languages like Solidity "will enter the toolkits of devs." His point there, you know, Solidity for those of you don't know, you know, Bitcoin is not programmable. Solidity, you know, came out and that was their whole shtick, and they've been improving that, and so forth. But it, Eric, it's true, it really hasn't found its home despite, you know, the potential for smart contracts. IBM's pushing it, VMware has had announcements, and others, really hasn't found its way in the enterprise yet. >> Yeah, and I got to be honest, I don't think it's going to, either. So when we did our top trends series, this was basically chosen as an anti-prediction, I would guess, that it just continues to not gain hold. And the reason why was that first comment, right? It's very much a niche solution that requires a ton of custom work around it. You can't just plug and play it. And at the end of the day, let's be very real what this technology is, it's a database ledger, and we already have database ledgers in the enterprise. So why is this a priority to move to a different database ledger? It's going to be very niche cases. I like the CTO comment from Couchbase about it being adopted by DevOps. I agree with that, but it has to be a DevOps in a very specific use case, and a very sophisticated use case in financial services, most likely. And that's not across the entire enterprise. So I just think it's still going to struggle to get its foothold for a little bit longer, if ever. >> Great, thanks. Okay, let's move on. Number eight, AWS Databricks, Google Snowflake lead the data charge with Microsoft. Keeping it simple. So let's unpack this a little bit. This is the shared accounts peer position for, I pulled data platforms in for analytics, machine-learning and AI and database. So I could grab all these accounts or these vendors and see how they compare in those three sectors. Analytics, machine-learning and database. Snowflake and Databricks, you know, they're on a crash course, as you and I have talked about. They're battling to be the single source of truth in analytics. They're, there's going to be a big focus. They're already started. It's going to be accelerated in 2023 on open formats. Iceberg, Python, you know, they're all the rage. We heard about Iceberg at Snowflake Summit, last summer or last June. Not a lot of people had heard of it, but of course the Databricks crowd, who knows it well. A lot of other open source tooling. There's a company called DBT Labs, which you're going to talk about in a minute. George Gilbert put them on our radar. We just had Tristan Handy, the CEO of DBT labs, on at supercloud last week. They are a new disruptor in data that's, they're essentially making, they're API-ifying, if you will, KPIs inside the data warehouse and dramatically simplifying that whole data pipeline. So really, you know, the ETL guys should be shaking in their boots with them. Coming back to the slide. Google really remains focused on BigQuery adoption. Customers have complained to me that they would like to use Snowflake with Google's AI tools, but they're being forced to go to BigQuery. I got to ask Google about that. AWS continues to stitch together its bespoke data stores, that's gone down that "Right tool for the right job" path. David Foyer two years ago said, "AWS absolutely is going to have to solve that problem." We saw them start to do it in, at Reinvent, bringing together NoETL between Aurora and Redshift, and really trying to simplify those worlds. There's going to be more of that. And then Microsoft, they're just making it cheap and easy to use their stuff, you know, despite some of the complaints that we hear in the community, you know, about things like Cosmos, but Eric, your take? >> Yeah, my concern here is that Snowflake and Databricks are fighting each other, and it's allowing AWS and Microsoft to kind of catch up against them, and I don't know if that's the right move for either of those two companies individually, Azure and AWS are building out functionality. Are they as good? No they're not. The other thing to remember too is that AWS and Azure get paid anyway, because both Databricks and Snowflake run on top of 'em. So (laughing) they're basically collecting their toll, while these two fight it out with each other, and they build out functionality. I think they need to stop focusing on each other, a little bit, and think about the overall strategy. Now for Databricks, we know they came out first as a machine-learning AI tool. They were known better for that spot, and now they're really trying to play catch-up on that data storage compute spot, and inversely for Snowflake, they were killing it with the compute separation from storage, and now they're trying to get into the MLAI spot. I actually wouldn't be surprised to see them make some sort of acquisition. Frank Slootman has been a little bit quiet, in my opinion there. The other thing to mention is your comment about DBT Labs. If we look at our emerging technology survey, last survey when this came out, DBT labs, number one leader in that data integration space, I'm going to just pull it up real quickly. It looks like they had a 33% overall net sentiment to lead data analytics integration. So they are clearly growing, it's fourth straight survey consecutively that they've grown. The other name we're seeing there a little bit is Cribl, but DBT labs is by far the number one player in this space. >> All right. Okay, cool. Moving on, let's go to number nine. With Automation mixer resurgence in 2023, we're showing again data. The x axis is overlap or presence in the dataset, and the vertical axis is shared net score. Net score is a measure of spending momentum. As always, you've seen UI path and Microsoft Power Automate up until the right, that red line, that 40% line is generally considered elevated. UI path is really separating, creating some distance from Automation Anywhere, they, you know, previous quarters they were much closer. Microsoft Power Automate came on the scene in a big way, they loom large with this "Good enough" approach. I will say this, I, somebody sent me a results of a (indistinct) survey, which showed UiPath actually had more mentions than Power Automate, which was surprising, but I think that's not been the case in the ETR data set. We're definitely seeing a shift from back office to front soft office kind of workloads. Having said that, software testing is emerging as a mainstream use case, we're seeing ML and AI become embedded in end-to-end automations, and low-code is serving the line of business. And so this, we think, is going to increasingly have appeal to organizations in the coming year, who want to automate as much as possible and not necessarily, we've seen a lot of layoffs in tech, and people... You're going to have to fill the gaps with automation. That's a trend that's going to continue. >> Yep, agreed. At first that comment about Microsoft Power Automate having less citations than UiPath, that's shocking to me. I'm looking at my chart right here where Microsoft Power Automate was cited by over 60% of our entire survey takers, and UiPath at around 38%. Now don't get me wrong, 38% pervasion's fantastic, but you know you're not going to beat an entrenched Microsoft. So I don't really know where that comment came from. So UiPath, looking at it alone, it's doing incredibly well. It had a huge rebound in its net score this last survey. It had dropped going through the back half of 2022, but we saw a big spike in the last one. So it's got a net score of over 55%. A lot of people citing adoption and increasing. So that's really what you want to see for a name like this. The problem is that just Microsoft is doing its playbook. At the end of the day, I'm going to do a POC, why am I going to pay more for UiPath, or even take on another separate bill, when we know everyone's consolidating vendors, if my license already includes Microsoft Power Automate? It might not be perfect, it might not be as good, but what I'm hearing all the time is it's good enough, and I really don't want another invoice. >> Right. So how does UiPath, you know, and Automation Anywhere, how do they compete with that? Well, the way they compete with it is they got to have a better product. They got a product that's 10 times better. You know, they- >> Right. >> they're not going to compete based on where the lowest cost, Microsoft's got that locked up, or where the easiest to, you know, Microsoft basically give it away for free, and that's their playbook. So that's, you know, up to UiPath. UiPath brought on Rob Ensslin, I've interviewed him. Very, very capable individual, is now Co-CEO. So he's kind of bringing that adult supervision in, and really tightening up the go to market. So, you know, we know this company has been a rocket ship, and so getting some control on that and really getting focused like a laser, you know, could be good things ahead there for that company. Okay. >> One of the problems, if I could real quick Dave, is what the use cases are. When we first came out with RPA, everyone was super excited about like, "No, UiPath is going to be great for super powerful "projects, use cases." That's not what RPA is being used for. As you mentioned, it's being used for mundane tasks, so it's not automating complex things, which I think UiPath was built for. So if you were going to get UiPath, and choose that over Microsoft, it's going to be 'cause you're doing it for more powerful use case, where it is better. But the problem is that's not where the enterprise is using it. The enterprise are using this for base rote tasks, and simply, Microsoft Power Automate can do that. >> Yeah, it's interesting. I've had people on theCube that are both Microsoft Power Automate customers and UiPath customers, and I've asked them, "Well you know, "how do you differentiate between the two?" And they've said to me, "Look, our users and personal productivity users, "they like Power Automate, "they can use it themselves, and you know, "it doesn't take a lot of, you know, support on our end." The flip side is you could do that with UiPath, but like you said, there's more of a focus now on end-to-end enterprise automation and building out those capabilities. So it's increasingly a value play, and that's going to be obviously the challenge going forward. Okay, my last one, and then I think you've got some bonus ones. Number 10, hybrid events are the new category. Look it, if I can get a thousand inbounds that are largely self-serving, I can do my own here, 'cause we're in the events business. (Eric chuckling) Here's the prediction though, and this is a trend we're seeing, the number of physical events is going to dramatically increase. That might surprise people, but most of the big giant events are going to get smaller. The exception is AWS with Reinvent, I think Snowflake's going to continue to grow. So there are examples of physical events that are growing, but generally, most of the big ones are getting smaller, and there's going to be many more smaller intimate regional events and road shows. These micro-events, they're going to be stitched together. Digital is becoming a first class citizen, so people really got to get their digital acts together, and brands are prioritizing earned media, and they're beginning to build their own news networks, going direct to their customers. And so that's a trend we see, and I, you know, we're right in the middle of it, Eric, so you know we're going to, you mentioned RSA, I think that's perhaps going to be one of those crazy ones that continues to grow. It's shrunk, and then it, you know, 'cause last year- >> Yeah, it did shrink. >> right, it was the last one before the pandemic, and then they sort of made another run at it last year. It was smaller but it was very vibrant, and I think this year's going to be huge. Global World Congress is another one, we're going to be there end of Feb. That's obviously a big big show, but in general, the brands and the technology vendors, even Oracle is going to scale down. I don't know about Salesforce. We'll see. You had a couple of bonus predictions. Quantum and maybe some others? Bring us home. >> Yeah, sure. I got a few more. I think we touched upon one, but I definitely think the data prep tools are facing extinction, unfortunately, you know, the Talons Informatica is some of those names. The problem there is that the BI tools are kind of including data prep into it already. You know, an example of that is Tableau Prep Builder, and then in addition, Advanced NLP is being worked in as well. ThoughtSpot, Intelius, both often say that as their selling point, Tableau has Ask Data, Click has Insight Bot, so you don't have to really be intelligent on data prep anymore. A regular business user can just self-query, using either the search bar, or even just speaking into what it needs, and these tools are kind of doing the data prep for it. I don't think that's a, you know, an out in left field type of prediction, but it's the time is nigh. The other one I would also state is that I think knowledge graphs are going to break through this year. Neo4j in our survey is growing in pervasion in Mindshare. So more and more people are citing it, AWS Neptune's getting its act together, and we're seeing that spending intentions are growing there. Tiger Graph is also growing in our survey sample. I just think that the time is now for knowledge graphs to break through, and if I had to do one more, I'd say real-time streaming analytics moves from the very, very rich big enterprises to downstream, to more people are actually going to be moving towards real-time streaming, again, because the data prep tools and the data pipelines have gotten easier to use, and I think the ROI on real-time streaming is obviously there. So those are three that didn't make the cut, but I thought deserved an honorable mention. >> Yeah, I'm glad you did. Several weeks ago, we did an analyst prediction roundtable, if you will, a cube session power panel with a number of data analysts and that, you know, streaming, real-time streaming was top of mind. So glad you brought that up. Eric, as always, thank you very much. I appreciate the time you put in beforehand. I know it's been crazy, because you guys are wrapping up, you know, the last quarter survey in- >> Been a nuts three weeks for us. (laughing) >> job. I love the fact that you're doing, you know, the ETS survey now, I think it's quarterly now, right? Is that right? >> Yep. >> Yep. So that's phenomenal. >> Four times a year. I'll be happy to jump on with you when we get that done. I know you were really impressed with that last time. >> It's unbelievable. This is so much data at ETR. Okay. Hey, that's a wrap. Thanks again. >> Take care Dave. Good seeing you. >> All right, many thanks to our team here, Alex Myerson as production, he manages the podcast force. Ken Schiffman as well is a critical component of our East Coast studio. Kristen Martin and Cheryl Knight help get the word out on social media and in our newsletters. And Rob Hoof is our editor-in-chief. He's at siliconangle.com. He's just a great editing for us. Thank you all. Remember all these episodes that are available as podcasts, wherever you listen, podcast is doing great. Just search "Breaking analysis podcast." Really appreciate you guys listening. I publish each week on wikibon.com and siliconangle.com, or you can email me directly if you want to get in touch, david.vellante@siliconangle.com. That's how I got all these. I really appreciate it. I went through every single one with a yellow highlighter. It took some time, (laughing) but I appreciate it. You could DM me at dvellante, or comment on our LinkedIn post and please check out etr.ai. Its data is amazing. Best survey data in the enterprise tech business. This is Dave Vellante for theCube Insights, powered by ETR. Thanks for watching, and we'll see you next time on "Breaking Analysis." (upbeat music beginning) (upbeat music ending)

>>The Cube presents Ignite 22, brought to you by Palo Alto Networks. >>Welcome back everyone. We're so glad that you're still with us. It's the Cube Live at the MGM Grand. This is our second day of coverage of Palo Alto Networks Ignite. This is takeaways from Ignite 22. Lisa Martin here with two really smart guys, Dave Valante. Dave, we're joined by one of our cube alumni, a friend, a friend of the, we say friend of the Cube. >>Yeah, otc. A friend of the Cube >>Karala joined us. Guys, it's great to have you here. It's been an exciting show. A lot of cybersecurity is one of my favorite topics to talk about. But I'd love to get some of the big takeaways from both of you. Dave, we'll start with you. >>A breathing room from two weeks ago. Yeah, that was, that was really pleasant. You know, I mean, I know was, yes, you sat in the analyst program, interested in what your takeaways were from there. But, you know, coming into this, we wrote a piece, Palo Alto's Gold Standard, what they need to do to, to keep that, that status. And we hear it a lot about consolidation. That's their big theme now, which is timely, right? Cause people wanna save money, they wanna do more with less. But I'm really interested in hearing zeus's thoughts on how that's playing in the market. How customers, how easy is it to just say, oh, hey, I'm gonna consolidate. I wanna get into that a little bit with you, how well the strategy's working. We're gonna get into some of the m and a activity and really bring your perspectives to the table. Well, >>It's, it's not easy. I mean, people have been calling for the consolidation of security for decades, and it's, it's, they're the first company that's actually made it happen. Right? And, and I think this is what we're seeing here is the culmination of this long term strategy, this company trying to build more of a platform. And they, you know, they, they came out as a firewall vendor. And I think it's safe to say they're more than firewall today. That's only about two thirds of their revenue now. So down from 80% a few years ago. And when I think of what Palo Alto has become, they're really a data company. Now, if you look at, you know, unit 42 in Cortex, the, the, the Cortex Data Lake, they've done an excellent job of taking telemetry from their products and from the acquisitions they have, right? And bringing that together into one big data lake. >>And then they're able to use that to, to do faster threat notification, forensics, things like that. And so I think the old model of security of create signatures for known threats, it's safe to say it never really worked and it wasn't ever gonna work. You had too many day zero exploits and things. The only way to fight security today is with a AI and ML based analytics. And they have, they're the gold standard. I think the one thing about your post that I would add the gold standard from a data standpoint, and that's given them this competitive advantage to go out and become a platform for a security. Which, like I said, the people have tried to do that for years. And the first one that's actually done it, well, >>We've heard this from some of the startups, like Lacework will say, oh, we treat security as a data problem. Of course there's a startup, Palo Alto's got, you know, whatever, 10, 15 years of, of, of history. But one of the things I wanted to explore with you coming into this was the notion of can you be best of breed and develop a suite? And we, we've been hearing a consistent answer to that question, which is, and, and do you need to, and the answer is, well, best of breed in security requires that full spectrum, that full view. So here's my question to you. So, okay, let's take Esty win relatively new for these guys, right? Yeah. Okay. And >>And one of the few products are not top two, top three in, right? Exactly. >>Yeah. So that's why I want to take that. Yeah. Because in bakeoffs, they're gonna lose on a head-to-head best of breed. And so the customer's gonna say, Hey, you know, I love your, your consolidation play, your esty win's. Just, okay, how about a little discount on that? And you know, these guys are premium priced. Yes. So, you know, are they in essentially through their pricing strategies, sort of creating that stuff, fighting that, is that friction for them where they've got, you know, the customer says, all right, well forget it, we're gonna go stove pipe with the SD WAN will consolidate some of the stuff. Are you seeing that? >>Yeah, I, I, I still think the sales model is that way. And I think that's something they need to work on changing. If they get into a situation where they have to get down into a feature battle of my SD WAN versus your SD wan, my firewall versus your firewall, frankly they've already lost, you know, because their value prop is the suite and, and is the platform. And I was talking to the CISO here that told me, he realizes now that you don't need best of breed everywhere to have best in class threat protection. In fact, best of breed everywhere leads to suboptimal threat protection. Cuz you have all these data data sets that are in silos, right? And so from a data scientist standpoint, right, there's the good data leads to good insights. Well, partial data leads to fragmented insights and that's, that's what the best, best of breed approach gives you. And so I was talking with Palo about this, can they have this vision of being best of breed and platform? I don't really think you can maintain best of breed everywhere across this portfolio this big, but you don't need to. >>That was my second point of my >>Question. That's the point. >>Yeah. And so, cuz cuz because you know, we've talked about this, that that sweets always win in the long run, >>Sweets >>Win. Yeah. But here's the thing, I, I wonder to your your point about, you know, the customer, you know, understanding that that that, that this resonates with them. I, my guess is a lot of customers, you know, at that mid-level and the fat middle are like still sort of wed, you know, hugging that, that tool. So there's, there's work to be done here, but I think they, they, they got it right Because if they devolve, to your point, if they devolve down to that speeds and feeds, eh, what's the point of that? Where's their valuable? >>You do not wanna get into a knife fight. And I, and I, and I think for them the, a big challenge now is convincing customers that the suite, the suite approach does work. And they have to be able to do that in actual customer examples. And so, you know, I I interviewed a bunch of customers here and the ones that have bought into XDR and xor and even are looking at their sim have told me that the, the, so think of soc operations, the old way heavily manually oriented, right? You have multiple panes of glass and you know, and then you've got, so there's a lot of people work before you bring the tools in, right? If done correctly with AI and ml, the machines would do all the heavy lifting and then you'd bring people in at the end to clean up the little bits that were missed, right? >>And so you, you moved to, from something that was very people heavy to something that's machine heavy and machines can work a lot faster than people. And the, and so the ones that I've talked that have, that have done that have said, look, our engineers have moved on to a lot different things. They're doing penetration testing, they're, you know, helping us with, with strategy and they're not fighting that, that daily fight of looking through log files. And the only proof point you need, Dave, is look at every big breach that we've had over the last five years. There's some SIM vendor up there that says, we caught it. Yeah. >>Yeah. We we had the data. >>Yeah. But, but, but the security team missed it. Well they missed it because you're, nobody can look at that much data manually. And so the, I I think their approach of relying heavily on machines to fight the fight is actually the right way. >>Is that a differentiator for them versus, we were talking before we went live that you and I first hit our very first segment back in 2017 at Fort Net. Is that, where do the two stand in your >>Yeah, it's funny cuz if you talk to the two vendors, they don't really see each other in a lot of accounts because Fort Net's more small market mid-market. It's the same strategy to some degree where Fort Net relies heavily on in-house development and Palo Alto relies heavily on acquisition. Yeah. And so I think from a consistently feature set, you know, Fort Net has an advantage there because it, it's all run off their, their their silicon. Where, where Palo's able to innovate very quickly. The, it it requires a lot of work right? To, to bring the front end and back ends together. But they're serving different markets. So >>Do you see that as a differentiator? The integration strategy that Palo Alto has as a differentiator? We talk to so many companies who have an a strong m and a strategy and, and execution arm. But the challenge is always integrating the technology so that the customer to, you know, ultimately it's the customer. >>I actually think they're, they're underrated as a, an acquirer. In fact, Dave wrote a post to a prior on Silicon Angle prior to Accelerate and he, he on, you put it on Twitter and you asked people to rank 'em as an acquirer and they were in the middle of the pack, >>Right? It was, it was. So it was Oracle, VMware, emc, ibm, Cisco, ServiceNow, and Palo Alto. Yeah. Or Oracle got very high marks. It was like 8.5 out of, you know, 10. Yeah. VMware I think was 6.5. Nice. Era was high emc, big range. IBM five to seven. Cisco was three to eight. Yeah. Yeah, right. ServiceNow was a seven. And then, yeah, Palo Alto was like a five. And I, which I think it was unfair. >>Well, and I think it depends on how you look at it. And I, so I think a lot of the acquisitions Palo Altos made, they've done a good job of integrating their backend data and they've almost ignored the front end. And so when you buy some of the products, it's a little clunky today. You know, if you work with Prisma Cloud, it could be a little bit cleaner. And even with, you know, the SD wan that took 'em a long time to bring CloudGenix in and stuff. But I think the approach is right. I don't, I don't necessarily believe you should integrate the front end until you've integrated the back end. >>That's >>The hard part, right? Because UL ultimately what you're gonna get, you're gonna get two panes of glass and one pane of glass and it might look pretty all mush together, but ultimately you're not solving the bigger problem, right. Of, of being able to create that big data like the, the fight security. And so I think, you know, the approach they've taken is the right one. I think from a user standpoint, maybe it doesn't show up as neatly because you don't see the frontend integration, but the way they're doing it is the right way to do it. And I'm glad they're doing it that way versus caving to the pressures of what, you know, the industry might want >>Showed up in the performance of the company. I mean, this company was basically gonna double revenues to 7 billion from 2020 to >>2023. Three. Think about that at that, that >>Make a, that's unbelievable, right? I mean, and then and they wanna double again. Yeah. You know, so, well >>What did, what did Nikesh was quoted as saying they wanna be the first cyber company that's a hundred billion dollars. He didn't give a timeline market cap. >>Right. >>Market cap, right. Do what I wanna get both of your opinions on what you saw and heard and felt this week. What do you think the likelihood is? And and do you have any projections on how, you know, how many years it's gonna take for them to get there? >>Well, >>Well I think so if they're gonna get that big, right? And, and we were talking about this pre-show, any company that's becoming a big company does it through ecosystem >>Bingo. >>Right? And that when you look around the show floor, it's not that impressive. And if that, if there's an area they need to focus on, it's building that ecosystem. And it's not with other security vendors, it's with application vendors and it's with the cloud companies and stuff. And they've got some relationships there, but they need to do more. I actually challenge 'em on that. One of the analyst sessions. They said, look, we've got 800 cortex partners. Well where are they? Right? Why isn't there a cortex stand here with a bunch of the small companies here? So I do think that that is an area they need to focus on. If they are gonna get to that, that market caps number, they will do so do so through ecosystem. Because every company that's achieved that has done it through ecosystem. >>A hundred percent agree. And you know, if you look at CrowdStrike's ecosystem, it's pretty similar. Yeah. You know, it doesn't really, you know, make much, much, not much different from this, but I went back and just looked at some, you know, peak valuations during the pandemic and shortly thereafter CrowdStrike was 70 billion. You know, that's what their roughly their peak Palo Alto was 56, fortune was 59 for the actually diverged. Right. And now Palo Alto has taken the, the top mantle, you know, today it's market cap's 52. So it's held 93% of its peak value. Everybody else is tanking. Even Okta was 45 billion. It's been crushed as you well know. But, so Palo Alto wasn't always, you know, the number one in terms of market cap. But I guess my point is, look, if CrowdStrike could got to 70 billion during Yeah. During the frenzy, I think it's gonna take, to answer your question, I think it's gonna be five years. Okay. Before they get back there. I think this market's gonna be tough for a while from a valuation standpoint. I think generally tech is gonna kind of go up and down and sideways for a good year and a half, maybe even two years could be even longer. And then I think there's gonna be some next wave of productivity innovation that that hits. And then you're gonna, you're almost always gonna exceed the previous highs. It's gonna take a while. Yeah, >>Yeah, yeah. But I think their ability to disrupt the SIM market actually is something I, I believe they're gonna do. I've been calling for the death of the sim for a long time and I know some people at Palo Alto are very cautious about saying that cuz the Splunks and the, you know, they're, they're their partners. But I, I think the, you know, it's what I said before, the, the tools are catching them, but they're, it's not in a way that's useful for the IT pro and, but I, I don't think the SIM vendors have that ecosystem of insight across network cloud endpoint. Right. Which is what you need in order to make a sim useful. >>CISO at an ETR roundtable said, if, if it weren't for my regulators, I would chuck my sim. >>Yes. >>But that's the only reason that, that this person was keeping it. So, >>Yeah. And I think the, the fact that most of those companies have moved to a perpetual MO or a a recurring revenue model actually helps unseat them. Typically when you pour a bunch of money into something, you remember the old computer associate days, nobody ever took it out cuz the sunk dollars you spent to do it. But now that you're paying an annual recurring fee, it's actually makes it easier to take out. So >>Yeah, it's it's an ebb and flow, right? Yeah. Because the maintenance costs were, you know, relatively low. Maybe it was 20% of the total. And then, you know, once every five years you had to do a refresh and you were still locked into the sort of maintenance and, and so yeah, I think you're right. The switching costs with sas, you know, in theory anyway, should be less >>Yeah. As long as you can migrate the data over. And I think they've got a pretty good handle on that. So, >>Yeah. So guys, I wanna get your perspective as a whole bunch of announcements here. We've only been here for a couple days, not a big conference as, as you can see from behind us. What Zs in your opinion was Palo Alto's main message and and what do you think about it main message at this event? And then same question for you. >>Yeah, I, I think their message largely wrapped around disruption, right? And, and they, in The's keynote already talked about that, right? And where they disrupted the firewall market by creating a NextGen firewall. In fact, if you look at all the new services they added to their firewall, you, you could almost say it's a NextGen NextGen firewall. But, but I do think the, the work they've done in the area of cloud and cortex actually I think is, is pretty impressive. And I think that's the, the SOC is ripe for disruption because it's for, for the most part, most socks still, you know, run off legacy playbooks. They run off legacy, you know, forensic models and things and they don't work. It's why we have so many breaches today. The, the dirty little secret that nobody ever wants to talk about is the bad guys are using machine learning, right? And so if you're using a signature based model, all they're do is tweak their model a little bit and it becomes, it bypasses them. So I, I think the only way to fight the the bad guys today is with you gotta fight fire with fire. And I think that's, that's the path they've, they've headed >>Down and the bad guys are hiding in plain sight, you know? >>Yeah, yeah. Well it's, it's not hard to do now with a lot of those legacy tools. So >>I think, I think for me, you know, the stat that we threw out earlier, I think yesterday at our keynote analysis was, you know, the ETR data shows that are, that are that last survey around 35% of the respondents said we are actively consolidating, sorry, 44%, sorry, 35 says we're actively consolidating vendors, redundant vendors today. That number's up to 44%. Yeah. It's by far the number one cost optimization technique. That's what these guys are pitching. And I think it's gonna resonate with people and, and I think to your point, they're integrating at the backend, their beeps are technical, right? I mean, they can deal with that complexity. Yeah. And so they don't need eye candy. Eventually they, they, they want to have that cuz it'll allow 'em to have deeper market penetration and make people more productive. But you know, that consolidation message came through loud and clear. >>Yeah. The big change in this industry too is all the new startups are all cloud native, right? They're all built on Amazon or Google or whatever. Yeah. And when your cloud native and you buy a cloud native integration is fast. It's not like having to integrate this big monolithic software stack anymore. Right. So I I think their pace of integration will only accelerate from here because everything's now cloud native. >>If a customer comes to you or when a customer comes to you and says, Zs help us with this cyber transformation we have, our board isn't necessarily with our executives in terms of execution of a security strategy. How do you advise them where Palo Alto is concerned? >>Yeah. You know, a lot, a lot of this is just fighting legacy mindset. And I've, I was talking with some CISOs here from state and local governments and things and they're, you know, they can't get more budget. They're fighting the tide. But what they did find is through the use of automation technology, they're able to bring their people costs way down. Right. And then be able to use that budget to invest in a lot of new projects. And so with that, you, you have to start with your biggest pain points, apply automation where you can, and then be able to use that budget to reinvest back in your security strategy. And it's good for the IT pros too, the security pros, my advice to, to it pros is if you're doing things today that aren't resume building, stop doing them. Right? Find a way to automate the money your job. And so if you're patching systems and you're looking through log files, there's no reason machines can't do that. And you go do something a lot more interesting. >>So true. It's like storage guys 10 years ago, provisioning loans. Yes. It's like, stop doing that. Yeah. You're gonna be outta a job. And so who, last question I have is, is who do you see as the big competitors, the horses on the track question, right? So obviously Cisco kind of service has led for a while and you know, big portfolio company, CrowdStrike coming at it from end point. You know who, who, who do you see as the real players going for that? You know, right now the market's three to 4%. The leader has three, three 4% of the market. You know who they're all going for? 10, 15, maybe 20% of the market. Who, who are the likely candidates? Yeah, >>I don't know if CrowdStrike really has the breadth of portfolio to compete long term though. I I think they've had a nice run, but I, we might start to see the follow 'em. I think Microsoft is gonna be for middle. They've laid down the gauntlet, right? They are a security vendor, right? We, we were at Reinvent and a AWS is the platform for security vendors. Yes. Middle, somewhere in the middle. But Microsoft make no mistake, they're in security. They've got some good products. I think a lot of 'em are kind of good enough and they, they tie it to the licensing and I'm not sure that works in security, but they've certainly got the ear of a lot of it pros. >>It might work in smb. >>Yeah. Yeah. It, it might. And, and I do like Zscaler. I, I know these guys poo poo the proxy model, but they've, they've done about as much with proxies as you can. And I, I think it's, it's a battle of, I love the, the, the near, you know, proxies are dead and Jay's model, you know, Jay over at c skater throw 'em back at 'em. So I, it's good to see that kind of fight going on between the two. >>Oh, it's great. Well, and, and again, ZScaler's coming at it from their cloud security angle. CrowdStrike's coming at it from endpoint. I, I do think CrowdStrike has an opportunity to build out the portfolio through m and a and maybe ecosystem. And then obviously, you know, Palo Alto's getting it done. How about Cisco? >>Yeah. Cisco's interesting. And I, I think if Cisco can make the network matter in security and it should, right? We're talking about how a lot of you need a lot of forensics to fight security today. Well, they're gonna see things long before anybody else because they have all that network data. If they can tie network security, I, I mean they could really have that business take off. But we've been saying that about Cisco for 20 years. >>But big install based though. Yeah. It's hard for a company, any company to just say, okay, hey Cisco customer sweep the floor and come with us. That's, that's >>A tough thing. They have a lot of good peace parts, right? And like duo's a good product and umbrella's a good product. They've, they've not done a good job. >>They're the opposite of these guys. >>They've not done a good job of the backend integration that, that's where Cisco needs to, to focus. And I do think g G two Patel there fixed the WebEx group and I think he's now, in fact when you talk to him, he's doing very little on WebEx that that group's running itself and he's more focused in security. So I, I think we could see a resurgence there. But you know, they have a, from a revenue perspective, it's a little misleading cuz they have this big legacy base that's in decline while they're moving to cloud and stuff. So, but they, but they, there's a lot of work there're trying to, to tie to network. >>Right. Lots of fuel for conversation. We're gonna have to carry this on, on Silicon angle.com guys. Yes. And Wikibon, lets do see us. Thank you so much for joining Dave and me giving us your insights as to this event. Where are you gonna be next? Are you gonna be on vacation? >>There's nothing more fun than mean on the cube, so, right. What's outside of that though? Yeah, you know, Christmas coming up, I gotta go see family and do the obligatory, although for me that's a lot of travel, so I guess >>More planes. Yeah. >>Hopefully not in Vegas. >>Not in Vegas. >>Awesome. Nothing against Vegas. Yeah, no, >>We love it. We >>Love it. Although I will say my year started off with ces. Yeah. And it's finishing up with Palo Alto here. The bookends. Yeah, exactly. In Vegas bookends. >>Well thanks so much for joining us. Thank you Dave. Always a pleasure to host a show with you and hear your insights. Reading your breaking analysis always kicks off my prep for show and it's always great to see, but predictions come true. So thank you for being my co-host bet. All right. For Dave Valante Enz as Carla, I'm Lisa Martin. You've been watching The Cube, the leader in live, emerging and enterprise tech coverage. Thanks for watching.

>>The Cube presents Ignite 22, brought to you by Palo Alto Networks. >>Welcome back to Vegas, guys and girls, it's great to have you with us. The Cube Live. Si finishing our second day of coverage of Palo Alto Ignite. 22 from MGM Grand in Las Vegas. Lisa Martin here with Dave Valante. Dave Cybersecurity is one of my favorite topics to talk about because it is so interesting. It is so dynamic. My other favorite thing is to hear the voice of our vendors' customers. And we could to >>Do that. I always love to have the customer on you get you get right to the heart of the matter. Yeah. Really understand. You know, what I like to do is sort of when I listen to the keynotes, try to see how well it aligns with what the customers are actually doing. Yeah. So let's >>Do it. We're gonna unpack that now. Michael Fagan joins us, the Chief Transformation Officer at Village Roadshow. Welcome Michael. It's great to have you >>And thank you. It's a pleasure to be here. >>So this is a really interesting entertainment company. I find the name interesting, but talk to us a little bit about Village Roadshow so the audience gets an understanding of all of the things that you guys do cuz theme parks is part of >>This. Yeah, so Village Road show's Australia's largest cinema exhibitor in conjunction with our partners at event. We also own and operate Australia's largest theme parks. We have Warner Brothers movie World, wet and Wild. SeaWorld Top Golf in Australia is, is operated by us plus more. We also do studio, we also own movie studios, so Aquaman, parts of the Caribbean. We're, we're filming our movie studios Elvis last year. And we also distribute and produce movies and TV shows. Quite diverse group. >>Yeah, you guys have won a lot of awards. I mean, I don't know, academy Awards, golden Globe, all that stuff, you know, and so it's good. Congratulations. Yeah. >>Thank you. >>Cool stuff. I wanna also, before we dig into the use case here, talk to us about the role of a chief transformation officer. How long have you been in that role? What does it encompass and what do you get to drive from a transformation perspective? Yeah, >>So the, the, the nature and pace of disruption is accelerating and on, on one side. And then on the other side, the running business as usual is becoming increasingly complex and, and more difficult to do. So running both simultaneously and at pace can put organizations at risk, both financially and and other ways. So in my role as Chief Transformation officer, I support the rest of the executive team by giving them additional capacity and also bring capability to the team that wasn't there before. So I do a lot of strategic and thought leadership. There's some executive coaching in there, a lot of financial modeling and analysis. And I believe that when a transformation role in particularly a chief transformation role is done correctly, it's a very hands-on role. So there's certain things where I, I dive right down and I'm actually hands in, hands-on leading teams or leading pieces of work. So I might be leading particular projects. I tried to drive profit revenue and profitability across the divisions and does any multi or cross-divisional opportunities or initiative, then I will, I will lead those. >>The transformation, you know, a while ago was cloud, right? Okay, hey, cloud and transformation officers, whether or not they had that title, we'll tell you, look, you gotta change the operating model. You can't just, you know, lift and shift in the cloud. That's, you know, that's pennies. We want, you know, big bucks. That's the operating. Now it's, I'm my question is, is did the pandemic just accelerate your transformation or, or was it, you know, deeper than that? >>Yeah, so what in my role have both digital and business transformation, some of it has been organizational. I think the pandemic has had a, a significant and long lasting effect on society, not just on, on business. So I think if you think about how work work used to be a, a place you went to and how it was done beforehand, before the, before COVID versus now where, you know, previously, you know, within the enterprise you had all of the users, you had all of the applications, you had all of the data, you had all of the people. And then since March, 2020, just overnight, that kind of inverted and, you know, you had people working from home and a person working from home as a branch office of one. So, so we ended up with another thousand branches literally overnight. A lot of the applications that we use are now SASS or cloud-based, whether that's timekeeping with Kronos or communica employee communication or work Jam. So they're not sitting within our data center, they're not sitting within, within our enterprise. It's all external. >>So from a security perspective, you obviously had to respond to that and we heard a lot about endpoint and cloud security and refactoring the network and identity. These guys aren't really an identity. They partner for that, but still a lot of change in focus that the CISO had to deal with. How, how did you guys respond to that? And, and you had a rush to do it. Yeah. And so as you sit back now, where do you go from here? >>Well we had, we had two major triggers for our, our network and security transformation. The first being COVID itself, and then the second beam, we had a, a major MPLS telco renewal that came up. So that gave you an opportunity to look at what we were doing and essentially our network was designed for a near, that no longer exists for when, for when p like I said, when people, when people were from home, all the applications were inside. So, and we had aging infrastructure, our firewalls were end of life. So initially we started off with an SD WAN at the SD WAN layer and an SD WAN implementation. But when we investigated and saw the security capabilities that are available now, we that to a full sassy WAN implementation. >>Why Palo Alto Networks? Because you, you had, you said you had an aging infrastructure designed for an era that doesn't exist anymore, but you also had a number of tools. We've been talking about a consolidation a lot the last couple days. Yeah. How did, what did you consolidate and why with Palo Alto? >>So we had a great partner in Australia, incidentally also called Cube. Cube Networks. Yeah. That we worked with great >>Names. Yeah, right. >>So we, so we, we worked for Cube. We ran a, a form of tender process. And Palo Alto with, you know, Prisma access and Global Global Protect was the only, the only solution that gave us everything that we needed in terms of network modernization, the agility that we required. So for example, in our theme part, we want to send out a hotdog cart or an ice cream cart, and that becomes, all of a sudden you got a new branch that I want to spin up this branch in 10 minutes and then I wanna spin it back down again. So from agility perspective, from a flexibility perspective, the security that, that we wanted, you know, from a zero trust perspective, and they were the only, certainly from a zero trust perspective, they're probably the only vendor that, that exists that, that actually provided the, the, all those capabilities. >>And did you consolidate tools or you were in the process of consolidating tools now? >>Yeah, so we actually, we actually consolidated down to, to, to a, to a single vendor. And in my previous role I had, I had implemented SD WAN before and you know, interoperability is a, is a major issue in the IT industry. I think there's, it's probably the only industry in the, the only industry I can think of certainly that where we, we ship products that aren't ready. They're not of all the features, they, they don't have all the features that they should have. They're their plans. They were releasing patches, releasing additional features every, every couple of months. So, you know, if you, if if Ford sold the card, I said, Hey, you're gonna give you backseats in a couple of months, they'd be uproar. But, but we do that all the time in, in it. So I had, when I previously implemented an Sdwan transformation, I had products from two tier one vendors that just didn't talk to one another. And so when I went and spoke to those vendors, they just went, well, it's not me. It's clearly, clearly those guys. So, so there's a lot to be said for having a, you know, a champion team rather than a team of champions. And Palo Alto have got that full stack fully integrated that was, you know, exactly meant what we were looking for. >>They've been talking a lot the last couple days about integration and it, and I've talked with some of their executives and some analysts as well, including Dave about that seems to be a differentiator for them because they really focus on that. Their m and a strategy is very, it seems to be very clear and there's purpose on that backend integration instead of leaving it to the customer, like Village Road show to do it. They also talked a lot about the consolidation. I'm just curious, Michael, in terms of like what you've heard at the show in the last couple of days. >>Yeah, I mean I've been hearing to same mess, but actually we've, we've lived in a >>You're living it. That's what I wanted to >>Know. So, so, you know, we had a choice of, you know, do you try and purchase so-called best of breed products and then put a lot of effort into integrating them and trying to get them to work, which is not really what we want to spend time doing. I don't, I don't wanna be famous for, you know, integration and, you know, great infrastructure. I want to be, I want Village to be famous for delivering great experiences to our customers. Memories that last a lifetime. And you know, when kids grow up in Australia, they, everybody remembers going to the theme parks. That's what, that's what I want our team to be doing and to be delivering those great experiences, not to be trying to plug together bits of software and it may or may not work and have vendors pointing at one another and then we are left carrying the cannon and holding the >>Baby. So what was the before and after, can you give us a sense as to how life changed, you know, pre that consolidation versus post? >>Yeah, so our, our, our infrastructure, say our infrastructure was designed for, you know, the, you know, old ways of working where we had you knowm routers that were, you know, not designed for cloud, for modern traffic, including cloud Destin traffic, an old MPLS network. We used to back haul all the traffic from, from our branches back to central location run where we've got, you know, firewall walls, we've got a dmz, we could run advanced inspection services on that. So if you had a branch that wanted to access a website that was housed next door, even if it was across the country, then it would, we would pull that all the way back to Melbourne. We would apply advanced inspection services to it, send it up to the cloud out back across the country. Traffic would come back, come down to us, back out to our branch. >>So you talk about crossing the country four times, even at the website is, is situated next door now with, with our sasi sdwan transformation just pops out to the cloud now straight away. And the, the difference in performance for our, for our team and for our customers, it, it's phenomenal. So you'll talk about saving minutes, you know, on a log on and, and seconds then and on, on an average transaction and second zone sound like a lot. But when you, it's every click up, they're saving a second and add up. You're talking about thousands of man hours every month that we've saved. >>If near Zuke were sitting right here and said, what could we do better? You know, what do you need from us that we're not delivering today that you want to, you want us to deliver that would change your life. Yeah, >>There's two things. One, one of which I think they're all, they're already doing, but I actually haven't experienced myself. It's around the autonomous digital experience management. So I've now got a thousand users who are sitting at home and they've got, when they've got a problem, I don't know, is it, is it my problem or is it their problem? So I know that p were working on a, an A solution that digital experience solution, which can actually tell, well actually know you're sitting in your kitchen and your routes in your front room, maybe you should move closer to the route. So there, there they, that's one thing. And the second thing is using AI to tell me things that I wouldn't be able to figure out with a human training. A lot of time sifting through data. So things like where I've potentially overcompensated and, you know, overdelivered on the network and security side or of potentially underdelivered on a security side. So having AI to, you know, assess all of those millions and probably billions of, you know, transactions and packets that are moving around our network and say, Hey, you could optimize it more if you, if you dial this down or dial this up. >>So you said earlier we, this industry has a habit of shipping products before, you know they're ready. So based on your experience, seems like, first of all, it sounds like you got a at least decent technical background as well. When do you expect to have that capability? Realistically? When can we expect that as an industry? >>I think I, I think, like I said, the the rate and nature of change is, is, I think it's accelerating. The halflife of degree is short. I think when I left university, what I, what I learned in first year was, was obsolete within five years, I'd say now it's probably obsolete of you. What'd you learn in first year? It's probably obsolete by the time you finish your degree. >>Six months. Yeah, >>It's true. So I think the, the, the rate of change and the, the partnership that I see Palo building with the likes of AWS and Google and that and how they're coming together to, to solve, to jointly solve these problems is I think we will see this within 12 months. >>Who, who are your clouds? You got multiple clouds >>Or We got multiple clouds. Mostly aws, but there are certain things that we run that run in run in Azure as well. We, we don't really have much in GCP or, or, or some of the other >>Azure for collaboration and teams, stuff like that. >>Ah, we, we run, we run SAP that's we hosted in, in Azure and our cinema ticketing system is, is was run in Azure. It's, it was only available in, in in Azure the time we're mo we are mostly an AWS >>Shop. And what do you do with aws? I mean, pretty much everything else is >>Much every, everything else, anything that's customer facing our websites, they give us great stability. Great, great availability, great performance, you know, we've had and, and, and, and a very variable as well. So, we'll, you know, our, our pattern of selling movie tickets is typically, you know, fairly flat except when, you know, there's a launch of a, of a new movie. So all of a sudden we might say you might sell, you know, at 9:00 AM when, you know, spider-Man went on sale last year, I think we sold 100 times the amount of tickets in the forest, 10 minutes. So our website didn't just scale look beautifully, just took in all of that extra traffic scale up. We're at only any intervention and then scale back down >>Taylor Swift needs that she does need that. So yeah. And so is your vision to have Palo Alto networks security infrastructure have be a common sort of layer across those clouds and maybe even some on-prem? Is it, are you, are you working toward that? Yeah, >>We, yeah, we, yeah, we, we'd love to have, you know, our end, our end customers don't really care about the infrastructure that we run. They won't be >>Able to unless it breaks. >>Unless it breaks. Yeah. They wanna be able to go to see a movie. Do you wanna be able to get on a rollercoaster? They wanna be able to go, you know, play around around a top golf. So having that convergence and that seamless integration of working across cloud network security now for most of our team, they, they don't know and they don't need to know. In fact, I, I frankly don't want them to know and be, be thinking about networks and clouds. I kind of want them thinking about how do we sell more cinema tickets? How do we give a great experience to our guests? How do we give long lasting lifetime memories to, to the people who come visit our parks? >>That's what they want. They want that experience. Right. I'd love to get your final thoughts on, we, we had you give a great overview of the ch the role that you play as Chief transformation officer. You own digital transformation, you want business transformation. What advice would you give to either other treat chief transformation officers, CISOs, CSOs, CEOs about partnering, what's the right partner to really improve your security posture? >>I think there's, there's two things. One is if you haven't looked at this in the last two years and made some changes, you're outta date. Yeah. Because the world has changed. We've seen, I mean, I've heard somebody say it was two decades worth of, I actually think it's probably five 50 years worth of change in, in Australia in terms of working habits. So one, you need to do something. Yeah. Need to, you need to have a look at this. The second thing I think is to try and partner with someone that has similar values to your organization. So Village is a, it's a wonderful, innovative company. Very agile. So the, like the, the concept of gold class cinema, so, you know, big proceeds, recliners, waiter service, elevated foods concept that, that was invented by village in 1997. Thank you. And we had thanks finally came to the states so decade later, I mean we would've had the CEO of every major cinema chain in the world come to come to Melbourne and have a look at what Village is doing and go, yeah, we're gonna export that back around around the world. It's probably one of, one of Australia's unknown exports. Yeah. So it's, yeah, so, so partnering. So we've got a great innovation history and we'd like to think of ourselves as pretty agile. So working with partners who are, have a similar thought process and, and managed to an outcome and not to a contract Yeah. Is, is important for us. >>It's all about outcomes. And you've had some great outcomes, Michael, thank you for joining us on the program, walking us through Village Roadshow, the challenges that you had, how you tackled them, and, and next time I think I'm in a movie theater and I'm in reclining chair, I'm gonna think about you and village. So thank you. We appreciate your insights, your time. Thank you. Thanks Michael. For Michael Fagan and Dave Valante. I'm Lisa Martin. You've been watching The Cube. Our live coverage of Palo Alto Networks. Ignite comes to an end. We thank you so much for watching. We appreciate you. You're watching the Cube, the leader in live enterprise and emerging emerging tech coverage next year. >>Yeah.

>>The Cube presents Ignite 22, brought to you by Palo Alto Networks. >>Welcome back everyone. We're so glad that you're still with us. It's the Cube Live at the MGM Grand. This is our second day of coverage of Palo Alto Networks Ignite. This is takeaways from Ignite 22. Lisa Martin here with two really smart guys, Dave Valante. Dave, we're joined by one of our cube alumni, a friend, a friend of the, we say friend of the Cube. >>Yeah, F otc. A friend of the Cube >>Karala joins us. Guys, it's great to have you here. It's been an exciting show. A lot of cybersecurity is one of my favorite topics to talk about. But I'd love to get some of the big takeaways from both of you. Dave, we'll start with >>You. A breathing room from two weeks ago. Yeah, that was, that was really pleasant. You know, I mean, I know was, yes, you sat in the analyst program, interested in what your takeaways were from there. But, you know, coming into this, we wrote a piece, Palo Alto's Gold Standard, what they need to do to, to keep that, that status. And we hear it a lot about consolidation. That's their big theme now, which is timely, right? Cause people wanna save money, they wanna do more with less. But I'm really interested in hearing zeus's thoughts on how that's playing in the market. How customers, how easy is it to just say, oh, hey, I'm gonna consolidate. I wanna get into that a little bit with you, how well the strategy's working. We're gonna get into some of the m and a activity and really bring your perspectives to the table. Well, >>It's, it's not easy. I mean, people have been calling for the consolidation of security for decades, and it's, it's, they're the first company that's actually made it happen. Right? And, and I think this is what we're seeing here is the culmination of this long-term strategy, this company trying to build more of a platform. And they, you know, they, they came out as a firewall vendor. And I think it's safe to say they're more than firewall today. That's only about two thirds of their revenue now. So down from 80% a few years ago. And when I think of what Palo Alto has become, they're really a data company. Now, if you look at, you know, unit 42 in Cortex, the, the, the Cortex Data Lake, they've done an excellent job of taking telemetry from their products and from the acquisitions they have, right? And bringing that together into one big data lake. >>And then they're able to use that to, to do faster threat notification, forensics, things like that. And so I think the old model of security of create signatures for known threats, it's safe to say it never really worked and it wasn't ever gonna work. You had too many days, zero exploits and things. The only way to fight security today is with a AI and ML based analytics. And they have, they're the gold standard. I think the one thing about your post that I would add, they're the gold standard from a data standpoint. And that's given them this competitive advantage to go out and become a platform for security. Which, like I said, the people have tried to do that for years. And the first one that's actually done it, well, >>We've heard this from some of the startups, like Lacework will say, oh, we treat security as a data problem. Of course there's a startup, Palo Alto's got, you know, whatever, 10, 15 years of, of, of history. But one of the things I wanted to explore with you coming into this was the notion of can you be best of breed and develop a suite? And we, we've been hearing a consistent answer to that question, which is, and, and do you need to, and the answer is, well, best of breed in security requires that full spectrum, that full view. So here's my question to you. So, okay, let's take Estee win relatively new for these guys, right? Yeah. Okay. And >>And one of the few products are not top two, top three in, right? >>Exactly. Yeah. So that's why I want to take that. Yeah. Because in bakeoffs, they're gonna lose on a head-to-head best of breed. And so the customer's gonna say, Hey, you know, I love your, your consolidation play, your esty win's. Just, okay, how about a little discount on that? And you know, these guys are premium priced. Yes. So, you know, are they in essentially through their pricing strategies, sort of creating that stuff, fighting that, is that friction for them where they've got, you know, the customer says, all right, well forget it, we're gonna go stove pipe with the SD WAN will consolidate some of the stuff. Are you seeing that? >>Yeah, I, I, I still think the sales model is that way. And I think that's something they need to work on changing. If they get into a situation where they have to get down into a feature battle of my SD WAN versus your SD wan, my firewall versus your firewall, frankly they've already lost, you know, because their value prop is the suite and, and is the platform. And I was talking with the CISO here that told me, he realizes now that you don't need best of breed everywhere to have best in class threat protection. In fact, best of breed everywhere leads to suboptimal threat protection. Cuz you have all these data data sets that are in silos, right? And so from a data scientist standpoint, right, there's the good data leads to good insights. Well, partial data leads to fragmented insights and that's, that's what the best, best of breed approach gives you. And so I was talking with Palo about this, can they have this vision of being best of breed and platform? I don't really think you can maintain best of breed everywhere across this portfolio this big, but you don't need to. >>That was my second point of my question. That's the point I'm saying. Yeah. And so, cuz cuz because you know, we've talked about this, that that sweets always win in the long run, >>Sweets win. >>Yeah. But here's the thing, I, I wonder to your your point about, you know, the customer, you know, understanding that that that, that this resonates with them. I, my guess is a lot of customers, you know, at that mid-level and the fat middle are like still sort of wed, you know, hugging that, that tool. So there's, there's work to be done here, but I think they, they, they got it right Because if they devolve, to your point, if they devolve down to that speeds and feeds, eh, what's the point of that? Where's their >>Valuable? You do not wanna get into a knife fight. And I, and I, and I think for them the, a big challenge now is convincing customers that the suite, the suite approach does work. And they have to be able to do that in actual customer examples. And so, you know, I I interviewed a bunch of customers here and the ones that have bought into XDR and xor and even are looking at their sim have told me that the, the, so think of soc operations, the old way heavily manually oriented, right? You have multiple panes of glass and you know, and then you've got, so there's a lot of people work before you bring the tools in, right? If done correctly with AI and ml, the machines would do all the heavy lifting and then you'd bring people in at the end to clean up the little bits that were missed, right? >>And so you, you moved to, from something that was very people heavy to something that's machine heavy and machines can work a lot faster than people. And the, and so the ones that I've talked that have, that have done that have said, look, our engineers have moved on to a lot different things. They're doing penetration testing, they're, you know, helping us with, with strategy and they're not fighting that, that daily fight of looking through log files. And the only proof point you need, Dave, is look at every big breach that we've had over the last five years. There's some SIM vendor up there that says, we caught it. Yeah. >>Yeah. We we had the data. >>Yeah. But, but, but the security team missed it. Well they missed it because you're, nobody can look at that much data manually. And so the, I I think their approach of relying heavily on machines to fight the fight is actually the right way. >>Is that a differentiator for them versus, we were talking before we went live that you and I first hit our very first segment back in 2017 at Fort Net. Is that, where do the two stand in your >>Yeah, it's funny cuz if you talk to the two vendors, they don't really see each other in a lot of accounts because Fort Net's more small market mid-market. It's the same strategy to some degree where Fort Net relies heavily on in-house development in Palo Alto relies heavily on acquisition. Yeah. And so I think from a consistently feature set, you know, Fort Net has an advantage there because it, it's all run off their, their their silicon. Where, where Palo's able to innovate very quickly. The, it it requires a lot of work right? To, to bring the front end and back ends together. But they're serving different markets. So >>Do you see that as a differentiator? The integration strategy that Palo Alto has as a differentiator? We talk to so many companies who have an a strong m and a strategy and, and execution arm. But the challenge is always integrating the technology so that the customer to, you know, ultimately it's the customer. >>I actually think they're, they're underrated as a, an acquirer. In fact, Dave wrote a post to a prior on Silicon Angle prior to Accelerate and he, he on, you put it on Twitter and you asked people to rank 'em as an acquirer and they were in the middle of the pack, >>Right? It was, it was. So it was Oracle, VMware, emc, ibm, Cisco, ServiceNow, and Palo Alto. Yeah. Or Oracle got very high marks. It was like 8.5 out of, you know, 10. Yeah. VMware I think was 6.5. Naira was high emc, big range. IBM five to seven. Cisco was three to eight. Yeah. Yeah, right. ServiceNow was a seven. And then, yeah, Palo Alto was like a five. And I, which I think it was unfair. Well, >>And I think it depends on how you look at it. And I, so I think a lot of the acquisitions Palo Alto's made, they've done a good job of integrating the backend data and they've almost ignored the front end. And so when you buy some of the products, it's a little clunky today. You know, if you work with Prisma Cloud, it could be a little bit cleaner. And even with, you know, the SD wan that took 'em a long time to bring CloudGenix in and stuff. But I think the approach is right. I don't, I don't necessarily believe you should integrate the front end until you've integrated the back end. >>That's >>The hard part, right? Because UL ultimately what you're gonna get, you're gonna get two panes of glass and one pane of glass and it might look pretty and all mush together, but ultimately you're not solving the bigger problem, right. Of, of being able to create that big data lake to, to fight security. And so I think, you know, the approach they've taken is the right one. I think from a user standpoint, maybe it doesn't show up as neatly because you don't see the frontend integration, but the way they're doing it is the right way to do it. And I'm glad they're doing it that way versus caving to the pressures of what, you know, the industry might want or >>Showed up in the performance of the company. I mean, this company was basically gonna double revenues to 7 billion from 2020 to >>2023. Think about that at that. That makes, >>I mean that's unbelievable, right? I mean, and then and they wanna double again. Yeah. You know, so, well >>What did, what did Nikesh was quoted as saying they wanna be the first cyber company that's a hundred billion dollars. He didn't give a timeline market >>Cap. Right. >>Market cap, right. Do what I wanna get both of your opinions on what you saw and heard and felt this week. What do you think the likelihood is? And and do you have any projections on how, you know, how many years it's gonna take for them to get there? >>Well, >>Well I think so if they're gonna get that big, right? And, and we were talking about this pre-show, any company that's becoming a big company does it through ecosystem >>Bingo >>Go, right? And that when you look around the show floor, it's not that impressive. No. And if that, if there's an area they need to focus on, it's building that ecosystem. And it's not with other security vendors, it's with application vendors and it's with the cloud companies and stuff. And they've got some relationships there, but they need to do more. I actually challenge 'em on that. One of the analyst sessions. They said, look, we've got 800 cortex partners. Well where are they? Right? Why isn't there a cortex stand here with a bunch of the small companies here? So I do think that that is an area they need to focus on. If they are gonna get to that, that market caps number, they will do so do so through ecosystem. Because every company that's achieved that has done it through ecosystem. >>A hundred percent agree. And you know, if you look at CrowdStrike's ecosystem, it's, I mean, pretty similar. Yeah. You know, it doesn't really, you know, make much, much, not much different from this, but I went back and just looked at some, you know, peak valuations during the pandemic and shortly thereafter CrowdStrike was 70 billion. You know, that's what their roughly their peak Palo Alto was 56, fortune was 59 for the actually diverged. Right. And now Palo Alto has taken the, the top mantle, you know, today it's market cap's 52. So it's held 93% of its peak value. Everybody else is tanking. Even Okta was 45 billion. It's been crushed as you well know. But, so Palo Alto wasn't always, you know, the number one in terms of market cap. But I guess my point is, look, if CrowdStrike could got to 70 billion during Yeah. During the frenzy, I think it's gonna take, to answer your question, I think it's gonna be five years. Okay. Before they get back there. I think this market's gonna be tough for a while from a valuation standpoint. I think generally tech is gonna kind of go up and down and sideways for a good year and a half, maybe even two years could be even longer. And then I think there's gonna be some next wave of productivity innovation that that hits. And then you're gonna, you're almost always gonna exceed the previous highs. It's gonna take a while. Yeah. >>Yeah, yeah. But I think their ability to disrupt the SIM market actually is something that I, I believe they're gonna do. I've been calling for the death of the sim for a long time and I know some people of Palo Alto are very cautious about saying that cuz the Splunks and the, you know, they're, they're their partners. But I, I think the, you know, it's what I said before, the, the tools are catching them, but they're, it's not in a way that's useful for the IT pro and, but I, I don't think the SIM vendors have that ecosystem of insight across network cloud endpoint. Right. Which is what you need in order to make a sim useful. >>CISO at an ETR round table said, if, if it weren't for my regulators, I would chuck my sim. >>Yes. >>But that's the only reason that, that this person was keeping it. No. >>Yeah. And I think the, the fact that most of those companies have moved to a perpetual MO or a a recurring revenue model actually helps unseat them. Typically when you pour a bunch of money into something, you remember the old computer associate says nobody ever took it out cuz the sunk dollars you spent to do it. But now that you're paying an annual recurring fee, it's actually makes it easier to take out. So >>Yeah, it's just an ebb and flow, right? Yeah. Because the maintenance costs were, you know, relatively low. Maybe it was 20% of the total. And then, you know, once every five years you had to do a refresh and you were still locked into the sort of maintenance and, and so yeah, I think you're right. The switching costs with sas, you know, in theory anyway, should be less >>Yeah. As long as you can migrate the data over. And I think they've got a pretty good handle on that. So, >>Yeah. So guys, I wanna get your perspective as a whole bunch of announcements here. We've only been here for a couple days, not a big conference as, as you can see from behind us. What Zs in your opinion was Palo Alto's main message and and what do you think about it main message at this event? And then same question for you. >>Yeah, I, I think their message largely wrapped around disruption, right? And, and they, and The's keynote already talked about that, right? And where they disrupted the firewall market by creating a NextGen firewall. In fact, if you look at all the new services they added to their firewall, you, you could almost say it's a NextGen NextGen firewall. But, but I do think the, the work they've done in the area of cloud and cortex actually I think is, is pretty impressive. And I think that's the, the SOC is ripe for disruption because it's for, for the most part, most socks still, you know, run off legacy playbooks. They run off legacy, you know, forensic models and things and they don't work. It's why we have so many breaches today. The, the dirty little secret that nobody ever wants to talk about is the bad guys are using machine learning, right? And so if you're using a signature based model, all they gotta do is tweak their model a little bit and it becomes, it bypasses them. So I, I think the only way to fight the the bad guys today is with you're gonna fight fire with fire. And I think that's, that's the path they've, they've headed >>Down. Yeah. The bad guys are hiding in plain sight, you know? Yeah, >>Yeah. Well it's, it's not hard to do now with a lot of those legacy tools. So >>I think, I think for me, you know, the stat that we threw out earlier, I think yesterday at our keynote analysis was, you know, the ETR data shows that are, that are that last survey around 35% of the respondents said we are actively consolidating, sorry, 44%, sorry, 35 says who are actively consolidating vendors, redundant vendors today that number's up to 44%. Yeah. It's by far the number one cost optimization technique. That's what these guys are pitching. And I think it's gonna resonate with people and, and I think to your point, they're integrating at the backend, their beeps are technical, right? I mean, they can deal with that complexity. Yeah. And so they don't need eye candy. Eventually they, they, they want to have that cuz it'll allow 'em to have deeper market penetration and make people more productive. But you know, that consolidation message came through loud and clear. >>Yeah. The big change in this industry too is all the new startups are all cloud native, right? They're all built on Amazon or Google or whatever. Yeah. And when your cloud native and you buy a cloud native integration is fast. It's not like having to integrate this big monolithic software stack anymore. Right. So I, I think their pace of integration will only accelerate from here because everything's now cloud native. >>If a customer comes to you or when a customer comes to you and says, Zs help us with this cyber transformation we have, our board isn't necessarily aligned with our executives in terms of execution of a security strategy. How do you advise them where Palo Alto is concerned? >>Yeah. You know, a lot, a lot of this is just fighting legacy mindset. And I've, I was talking with some CISOs here from state and local governments and things and they're, you know, they can't get more budget. They're fighting the tide. But what they did find is through the use of automation technology, they're able to bring their people costs way down. Right. And then be able to use that budget to invest in a lot of new projects. And so with that, you, you have to start with your biggest pain points, apply automation where you can, and then be able to use that budget to reinvest back in your security strategy. And it's good for the IT pros too, the security pros, my advice to the IT pros is, is if you're doing things today that aren't resume building, stop doing them. Right. Find a way to automate the money your job. And so if you're patching systems and you're looking through log files, there's no reason machines can't do that. And you go do something a lot more interesting. >>So true. It's like storage guys 10 years ago, provisioning loans. Yes. It's like, stop doing that. Yeah. You're gonna be outta a job. So who, last question I have is, is who do you see as the big competitors, the horses on the track question, right? So obviously Cisco kind of service has led for a while and you know, big portfolio company, CrowdStrike coming at it from end point. You know who, who, who do you see as the real players going for that? You know, right now the market's three to 4%. The leader has three, three 4% of the market. You know who they're all going for? 10, 15, maybe 20% of the market. Who, who are the likely candidates? Yeah, >>I don't know if CrowdStrike really has the breadth of portfolio to compete long term though. I I think they've had a nice run, but I, we might start to see the follow 'em. I think Microsoft is gonna be for middle. They've laid down the gauntlet, right? They are a security vendor, right? We, we were at Reinvent and a AWS is the platform for security vendors. Yes. Middle, somewhere in the middle. But Microsoft make no mistake, they're in security. They've got some good products. I think a lot of 'em are kind of good enough and they, they tie it to the licensing and I'm not sure that works in security, but they've certainly got the ear of a lot of it pros. >>It might work in smb. >>Yeah, yeah. It, it might. And, and I do like Zscaler. I, I know these guys poo poo the proxy model, but they've, they've done about as much with prox as you can. And I, I think it's, it's a battle of, I love the, the, the near, you know, proxies are dead and Jay's model, you know, Jay over at csca, throw 'em back at 'em. So I, it's good to see that kind of fight going on between the >>Two. Oh, it's great. Well, and, and again, ZScaler's coming at it from their cloud security angle. CrowdStrike's coming at it from endpoint. I, I do think CrowdStrike has an opportunity to build out the portfolio through m and a and maybe ecosystem. And then obviously, you know, Palo Alto's getting it done. How about Cisco? >>Yeah, Cisco's interesting. And I I think if Cisco can make the network matter in security and it should, right? We're talking about how a lot of you need a lot of forensics to fight security today. Well, they're gonna see things long before anybody else because they have all that network data. If they can tie network security, I, I mean they could really have that business take off. But we've been saying that about Cisco for 20 years. >>But big install based though. Yeah. It's hard for a company, any company to say, okay, hey Cisco customer sweep the floor and come with us. That's, that's >>A tough thing. They have a lot of good peace parts, right? And like duo's a good product and umbrella's a good product. They've, they've not done a good job. >>They're the opposite of these guys. >>They've not done a good job of the backend integration and that, that's where Cisco needs to, to focus. And I do think g G two Patel there fixed the WebEx group and I think he's now, in fact when you talk to him, he's doing very little on WebEx that that group's running itself and he's more focused in security. So I, I think we could see a resurgence there. But you know, they have a, from a revenue perspective, it's a little misleading cuz they have this big legacy base that's in decline while they're moving to cloud and stuff. So, but they, but they, there's a lot of Rick there trying to, to tie to network. >>Lots of fuel for conversation. We're gonna have to carry this on, on Silicon angle.com guys. Yes. And Wi KeePon. Lets do see us. Thank you so much for joining Dave and me giving us your insights as to this event. Where are gonna be next? Are you gonna be on >>Vacation? There's nothing more fun than mean on the cube. So what's outside of that though? Yeah, you know, Christmas coming up, I gotta go see family and be the obligatory, although for me that's a lot of travel, so I guess >>More planes. Yeah. >>Hopefully not in Vegas. >>Not in Vegas. >>Awesome. Nothing against Vegas. Yeah, no, >>We love it. We love >>It. Although I will say my year started off with ces. Yeah. And it's finishing up with Palo Alto here. The bookends. Yeah, exactly. In Vegas bookends. >>Well thanks so much for joining us. Thank you Dave. Always a pleasure to host a show with you and hear your insights. Reading your breaking analysis always kicks off my prep for show. And it, it's always great to see, but predictions come true. So thank you for being my co-host bet. All right. For Dave Valante Enz as Carla, I'm Lisa Martin. You've been watching The Cube, the leader in live, emerging and enterprise tech coverage. Thanks for watching.

>> Announcer: TheCUBE presents Ignite22, brought to you by Palo Alto Networks. >> Hey, welcome back to Vegas. Great to have you. We're pleased that you're watching theCUBE. Lisa Martin and Dave Vellante. Day two of theCUBE's coverage of Palo Alto Ignite22 from the MGM Grand. Dave, we're going to be talking about data. >> You know I love data. >> I do know you love data. >> Survey data- >> There is a great new survey that Palo Alto Networks just published yesterday, "What's next in cyber?" We're going to be digging through it with their CMO. Who better to talk about data with than a CMO that has a PhD in machine learning? We're very pleased to welcome to the program, Zeynep Ozdemir, CMO of Palo Alto Networks. Great to have you. Thank you for joining us. >> It's a pleasure to be here. >> First, I got to ask you about your PhD. Your background as a CMO is so interesting and unique. Give me a little bit of a history on that. >> Oh, absolutely, yes. Yes, I admit that I'm a little bit of an untraditional marketing leader. I spent probably the first half of my career as a software engineer and a research scientist in the area of machine learning and speech signal processing, which is very uncommon, I admit that. Honestly, it has actually helped me immensely in my current role. I mean, you know, you've spoken to Lee Klarich, I think a little while ago. We have a very tight and close partnership with product and engineering teams at Palo Alto Networks. And, you know, cybersecurity is a very complex topic. And we're at a critical juncture right now where all of these new technologies, AI, machine learning, cloud computing, are going to really transform the industry. And I think that I'm very lucky, as somebody who's very technically competent in all of those areas, to partner with the best people and the leading company right now. So, I'm very happy that my technical background is actually helping in this journey. >> Dave: Oh, wait, aren't you like a molecular biologist, or something? >> A reformed molecular...yes. >> Yes. >> Okay. Whoa, okay. (group laughs) >> But >> Math guy over here. >> Yeah. You guys just, the story that I tease is... the amount of data in there is unbelievable. This has just started in August, so a few months ago. >> Zeynep: Yeah. >> Fresh data. You surveyed 1300 CXOs globally. >> Zeynep: That's right. >> Across industries and organizations are saying, you know, hybrid work and remote work became status quo like that. >> Yes. >> Couple years ago everyone shifted to multicloud and of course the cyber criminals are sophisticated, and they're motivated, and they're well funded. >> Zeynep: That's right. >> What are some of the things that you think that the survey really demonstrated that validate the direction that Palo Alto Networks is going in? >> That's right. That's right. So we do these surveys because first and foremost, we have to make sure we're aligned with our customers in terms of our product strategy and the direction. And we have to confirm and validate our very strong opinions about the future of the cybersecurity industry. So, but this time when we did this survey, we just saw some great insights, and we decided we want to share it with the broader industry because we obviously want to drive thought leadership and make sure everybody is in the same level field. Some interesting and significant results with this one. So, as you said, this was 1300 C level cybersecurity decision makers and executives across the world. So we had participants from Europe, from Japan, from Asia Pacific, Latin America, in addition to North America. So one of the most significant stats or data points that we've seen was the fact that out of everybody interviewed, 96% of participants had experienced one or more cybersecurity breaches in the past 12 months. That was more than what we expected, to be honest with you. And then 57% of them actually experienced three or more. So those stats are really worth sharing in terms of where the state of cybersecurity is. What also was personally interesting to me was 33% of them actually experienced an operational disruption as a result of a breach, which is a big number. It's one third of participants. So all of these were very interesting. We asked them more detailed questions around you know, how many...like obviously all of them are trying to respond to this situation. They're trying different technologies, different tools and it seems like they're in a point where they're almost have too many tools and technologies because, you know, when you have too many tools and technologies, there's the operational overhead of integrating them. It creates blind spots between them because those tools aren't really communicating with each other. So what we heard from the responders was that on average they were on like 32 tools, 22% was on 50 or more tools, which is crazy. But what the question we asked them was, you know, are you, are you looking to consolidate? Are you looking to go more tools or less tools? Like what are your thoughts on that? And a significant majority of them, like about 77% said they are actively trying to reduce the number of technologies that they're trying to use because they want to actually achieve better security outcomes. >> I wonder if you could comment on this. So early on in the pandemic, we have a partner, survey partner ETR, Enterprise Technology Research. And we saw a real shift of course, 'cause of hybrid work toward endpoint security, cloud security, they were rearchitecting their networks, a new focus on, you know, different thinking about network security and identity. >> Yeah. >> You play in all of those in partner for identity. >> Zeynep: Yeah. >> I almost, my question is, is was there kind of a knee jerk reaction to get point tools to plug some of those holes? >> Zeynep: Yes. >> And now they're...'cause we said at the time, this is a permanent shift in thinking. What we didn't think through it's coming to focus here at this conference is, okay, we did that, but now we created another problem. >> Zeynep: Yeah. Yeah. >> Now we're- >> Yes, yes. You're very right. I think, and it's very natural to do this, right? >> Sure. >> Every time a problem pops up, you want to fix it as quickly as possible. And you look... you survey who can help you with that. And then you kind of get going because cybersecurity is one of those areas where you can't really wait and do, you know, take time to fix those problems. So that happened a lot and it is happening. But what happened as a result of that. For example, I'll give you a data point from the actual survey that answers this very question. When we asked these executives what keeps them like up at night, like what's their biggest concern? A significant majority of them said, oh we're having difficulty with data management. And what that means is that all these tools that they've deployed, they're generating a lot of insights and data, but they're disconnected, right? So there is no one place where you can say, look at it holistically and come to conclusions very fast about how threat actors are moving in an organization. So that's a direct result of this proliferation of tools, if you will. And you're right. And it will...it's a natural thing to deploy products very quickly. But then you have to take a step back and say, how do I make this more effective? How do I bring things together, bring all my data together to be able to get to threats detect threats much faster? >> An unintended consequence of that quick fix. >> And become cyber resilient. We've been hearing a lot about cyber resiliency. >> Yes, yes. >> Recently and something that I was noting in the survey is only 25% of execs said, yeah, our cyber resilience and readiness is high. And you found that there was a lack of alignment between the boards and the executive levels. And we actually spoke with I think BJ yesterday on how are you guys and even some of your partners >> Yeah. >> How are you helping facilitate that alignment? We know security's always a board level- >> Zeynep: Yes. >> Conversation, but the lack of alignment was kind of surprising to me. >> Yeah. Well I think the good news is that I think we... cybersecurity is taking its place in board discussions more and more. Whether there's alignment or not, at least it's a topic, right? >> Yeah. That was also out of the survey that we saw. I think yes, we have a lot of, a big role to play in helping security executives communicate better with boards and c-level executives in their organizations. Because as we said, it's a very complex topic, and it has to be taken from two angles. When there's...it's a board level discussion. One, how are you reducing risk and making sure that you're resilient. Two, how do you think about return on investment and you know, what's the right level of investment and is that investment going to get us the return that we need? >> What do you think of this? So there's another interesting stat here. What keeps executives up at night? >> Mmhm. >> You mentioned difficulty of data management. Normally, the CISO response to what's your number one problem is lack of talent. >> Zeynep: Number three there, yes. Yeah. >> And it is maybe somewhat related to difficulty of data management, but maybe people have realized, you know what? I'm never going to solve this problem by throwing bodies at it. >> Yeah. >> I got to think of a better way to consolidate my data. Maybe partner with a company that can help me do that. And then the second one was scared of being left behind changes in the tech stack. So we're moving so fast to digitize. >> Zeynep: Yes. >> And security's still an afterthought. And so it's almost as though they're kind of rethinking the problems 'cause they know that they can't just solve the issue by throwing, you know, more hires at it 'cause they can't find the people. >> That is...you're absolutely spot on. The thing about cybersecurity skills gap, it's a reality. It's very real. It's a hard place to be. It's hard to ramp up sometimes. Also, there's a lot of turnover. But you're right in the sense that a lot of the manual work that is needed for cybersecurity, it's actually more sort of much easier to tackle with machines- >> Yeah. >> Than humans. It's a funny double click on the stat you just gave. In North America, the responders when we asked them like how they're coping with the skills shortage, they said we're automating more. So we're using more AI, we're using more process automation to make sure we do the heavy lifting with machines and then only present to the people what they're very good at, is making judgements, right? Very sort of like last minute judgment calls. In the other parts of the world, the top answer to that question is how you're tackling cybersecurity skill shortage was, we're actually trying to provide higher wages and better benefits to the existing p... so there's a little bit of a gap between the two. But I think, I think the world is moving towards the former, which is let's do as much as we can with AI and machines and automation in general and then let's make sure we're more in an automation assisted world versus a human first world. >> We also saw on the survey that ransomware was, you know, the big concern in the United States. Not as much, not that it's not a concern >> Lisa: Yeah. >> In other parts of the world. >> Zeynep: Yeah. >> But it wasn't number one. Why do you think that is? Is it 'cause maybe the US has more to lose? Is it, you know, more high profile or- >> Yeah. Look, I mean, yes you're right? So most responders said number one is ransomware. That's my biggest concern going into 2023. And it was for JAPAC and I think EMEA, Europe, it was supply chain attacks. >> Dave: Right. >> So I think US has been hit hard by ransomware in the past year. I think it's like fresh memory and that's why it rose to the top in various verticals. So I'm not surprised with that outcome. I think supply chain is more of a... we've, you know, we've been hit hard globally by that, and it's very new. >> Lisa: Yeah. >> So I think a lot of the European and JAPAC responders are responding to it from a perspective of, this is a problem I still don't know how to solve. You know, like, and it's like I need the right infrastructure to...and I need the right visibility into my software supply chain. It's very top of mind. So those were some of the differences, but you're right. That was a very interesting regional distinction as well. >> How do you take this data and then bring it back to your customers to kind of close the loop? Do you do that? Do you say, okay, hey, we're going to share this data with you, get realtime feedback- >> Zeynep: Yes. >> Dave: We often like to do that with data- >> Zeynep: Absolutely. >> Say okay...'cause you know, when you do a survey like this, you're like, oh, I wish we asked A, B and C. But it gives you, informs you as to where to double click. Is there a system to do that? Or process to do that? >> Yes. Our hope and goal is to do this every year and see how things are changing and then do some historical analysis as to how things are changing as well. But as I said in the very beginning, I think we take this and we say, okay, there's a lot of alignment in these areas, especially for us for our products to see if where our products are deployed to see if some of those numbers vary, you know, per product. Because we address as a company, we address a lot of these concerns. So then it's very encouraging to say, okay, with certain customers, we're going to go, we're going to have develop certain metrics and we're going to measure how much of a difference we're making with these stats. >> Well, I mean, if you can show that you're consolidating- >> Yeah. >> You know, the number of tools and show the business impact- >> Right. >> Exactly. >> Home run. >> Exactly. Yes- >> Speaking of business outcomes, you know, we have so many conversations around everything needs to be outcome-based. Can security become an enabler of business outcomes for organizations? >> Absolutely. Security has to be an enabler. So it's, you know, back to the security lagging behind the evolution of the digital transformation, I don't think it's possible to move fast without having security move fast with digital transformation. I don't think anybody would raise their hands and say, I'm just going to have the most creative, most interesting digital transformation journey. But, you know, security is say, so I think we're past that point where I think generally people do agree that security has to run as fast as digital transformation and really enable those business outcomes that everybody's proud of. So Yes. Yes it is. >> So...sorry. So chicken and egg, digital transformation, cyber transformation. >> Zeynep: Yes. >> Lisa: How are they related? Is one digital leading? >> They are two halves of the perfect solution. They have to coexist because otherwise if you're taking a lot of risk with your digital transformation, is it really worth going through a digital transformation? >> Yeah. >> Yeah. >> So there's a board over here. I'm looking at it and it started out blank. >> Yes. >> And it's what's next in cyber and basically- >> That's this. Yes. >> People can come through and they can write down, and there's some great stuff in there: 5G, cloud native, some technical stuff, automated meantime to repair or to remediation. >> Yeah. >> Somebody wrote AWS. The AWS guys left their mark, which is kind of cool. >> Zeynep: That's great. >> And so I'm wondering, so we always talk about... we just talked about earlier that cyber is a board...has become a board level you know, issue. I think even go back mid last decade, it was really starting to gain strength. What I'm looking for, and I dunno if there's anything in here that suggests this is going beyond the board. So it becomes this top down thing, not just the the SOC, not just the, you know, IT, not just the board. Now it's top down maybe it's bottom up, middle out. The awareness across the organization. >> Zeynep: Absolutely. >> And that's something that I think is that is a next big thing in cyber. I believe it's coming. >> Cybersecurity awareness is a topic. And you know, there are companies who do that, who actually educate just all of us who work for corporations on the best way to tackle, especially when the human is the source and the reason knowingly or unknowing, mostly unknowingly of cyber attacks. Their education and awareness is critical in preventing a lot of this...before our, you know tools even get in. So I agree with you that there is a cybersecurity awareness as a topic is going to be very, very popular in the future. >> Lena Smart is the CISO of MongoDB does... I forget what she calls it, but she basically takes the top security people in the company like the super geeks and puts 'em with those that know nothing about security, and they start having conversations. >> Zeynep: Yeah. >> And then so they can sort of be empathic to each other's point of view. >> Zeynep: Absolutely. >> And that's how she gets the organization to become cyber aware. >> Yes. >> It's brilliant. >> It is. >> So simple. >> Exactly. Well that's the beauty in it is the simplicity. >> Yeah. And there are programs just to put a plug. There are programs where you can simulate, for example, phishing attacks with your, you know employee base and your workforce. And then teach them at that moment when they fall for it, you know, what they should have done. >> I think I can make a family game night. >> Yeah. Yeah. (group laughs) >> I'm serious. That's a good little exercise For everybody. >> Yes. Yeah, exactly. >> It really is. Especially as the sophistication and smishing gets more and more common these days. Where can folks go to get their hands on this juicy survey that we just unpacked? >> We have it online, so if you go to the Palo Alto Networks website, there's a big link to the survey from there. So for sure there's a summary version that you can come in and you can have access to all the stats. >> Excellent. Zeynep, it's been such a pleasure having you on the program dissecting what's keeping CXOs up at night, what Palo Alto Networks is doing to really help organizations digitally transform cyber transformation and achieve that nirvana of cyber resilience. We appreciate so much your insights. >> Thanks very much. It's been the pleasure. >> Dave: Good to have you. >> Thank you >> Zeynep Ozdemir and Dave Vellante. I'm Lisa Martin. You're watching theCUBE, the leader in live and emerging tech coverage. (upbeat music)

(upbeat music playing) >> Narrator: theCUBE presents Ignite 22, brought to you by Palo Alto Networks. >> Hey guys, girls, welcome back. It's theCUBE Live in Las Vegas at the MGM Grand for Palo Alto Networks Ignite 22. Lisa Martin here with Dave Vellante. Dave, We've had some great conversations. This is day one of two days of cube coverage. We're talking with Palo Alto executives, their partner network, their customers, going to be learning a lot about what they've been doing to really be that golden nugget. >> Yeah. We've talked, Lisa, about how Palo Alto Networks is affecting a TAM expansion strategy through acquisitions and integration and company CDW, that I remember, you know, been around a long time. I remember back in the Comdex days talk about transformation of a company. Really excited to have them on. >> We're going to talk about that. Stephanie Hagopian is here, the VP of Security at CDW. >> Stephanie, >> Hey it's great to have you on the program. >> It's so nice to be here. Thank you. >> So lots going on. CDW has made several acquisitions in the past couple of quarters alone as it relates to security. Talk to us about what's going on. >> Yes. So we are way more than the computer warehouse that you used to know. The computer catalog days, we've moved beyond that. We've made a lot of strategic acquisitions in the past several quarters. The reason for that is we're trying to change our image and our brand and how, more importantly, we engage with our customers in security. We used to traditionally be, you know, kind of at the end of the procurement cycle with our customers, and we want to be an advisor. We want to really sell solutions and help influence the outcomes that our clients are trying to achieve when it comes to, not just security, but also risk, governance, threatened vulnerability management, how are they dealing with major issues around zero trust and building a zero trust framework for a company. >> Lisa: And I imagine these acquisitions, that really from a catalyst perspective was really driven >> Yeah. by the customers and what they were >> absolutely wanting to see and feel and hear and be able to do. >> Absolutely. So the acquisitions have given us over 400 delivery resources, consultants, advisors people who can actually engage with our clients who have real life experience, have worked with global organizations, some of the biggest companies in the world in order to solve their problems. And using that experience to be able to to really create higher value, you know as we interact and engage. >> Dave: You were telling us, Stephanie, that you actually came into CDW through an acquisition. >> I did. >> And I think if you go back 10 years ago when the cloud was just sort of hitting its steep steep ramp, and it looked, it was pretty obvious. And at the same time you had what we affectionately called you know, box sellers. And it was very clear that if they didn't transform their businesses and you know, the, they a lot of 'em were small, regional companies. They had the owners had big houses and big boats but the companies were going to go away if they didn't transform. So it's interesting to me that you've chosen security and governance in some of the really most difficult areas to as part of that transformation. Where did that come from, from your perspective and you know, why security and why such challenging areas? >> Well, I've been part of security in the security industry for over 20 years, and I've loved the fact it is challenging. It's what, it's what makes us so important and critical to our clients. Security's not an easy problem to solve. And it, it's because the landscape keeps changing. The advent of cloud and now hybrid infrastructure creates endless challenges for our customers. Threat actors change. We have insider threats, we have external threats. There's all sorts of risk when you talk about third parties and how third parties interact with organizations. We have supply chain management. And now that we've moved into this hybrid work environment of virtual, not virtual. You know, we have people kind of engaging within organizations in different ways. There's just a lot of risk associated with that. It's not easy and you have to engage with stakeholders across the entire organization. You have to understand how legal thinks of this and compliance and HR. It's not just an IT issue, it's a business issue. And we understand that and it's just, it's so interesting for us to engage with our customers on critical initiatives and security is at the top of the list. It's not just a, a CISO or even a CIO problem anymore. Boards care about this, >> Lisa: Right? >> We make or break companies with cybersecurity and risk strategies. That's why it's so critical. So we consider ourselves to be a high priority for every single organization, big or small. >> Lisa: From a security perspective, what's the common denominator among industries that you're seeing? >> Oh, I mean, we see, in terms of common denominator, I think every single organization's contending with ransomware. >> Ah >> That's probably number one. Breaches. You know, how do you prevent bad actors from doing something, you know, that's threatening to information sensitive data, especially consumer data. Third party risk is a big topic, and how to secure hybrid cloud infrastructures which is a key part of, you know, Palo's strategy as well. And we realize that. >> Why do they buy from CDW? Pitch me. I'm a customer, what can you do for me? >> Yeah. Because we want to partner. So we, we provide true advisory and consulting services to our customers. We aren't there just to make a sale and walk away. We want long-term commitments and long-term partnerships with our customer base. We're there to, to give them outcomes, right? And to align to their priorities and their challenges. It's, it's not a one and done for us. This is about a long-term partnership and that's what makes us so different. And we're now through the acquisition strategies. We're the largest security integrator in North America in terms of our revenue and our size just our sheer size and capability and the amount of full-time employees we have dedicated to this part of our business. So they know they can trust us and that we can scale. >> Dave: Do you? Is is it a, a teach me how to fish strategy? Or is it also if >> Yeah, >> if you want to have, if I, if I as a customer want to have you continue to manage or at least provide some kind of managed services, where's the the line? >> Stephanie: Yeah. So we are incredibly unique in the way we've built out our security practice in that we, we do both. And we want our clients to understand that there are going to be elements of what they do that they want to keep in house from a security perspective. That is why, and it also came from an acquisition, we have a workforce development team for security. We actually are a Palo authorized training partner. And we're incredibly proud of that fact because we don't just want to configure technology. We want to enable our customers to enhance and maintain their investments with Palo and with all technologies, with all of security. At the same time, we know they can't do everything in-house, and it just might make more sense to do manage through us. So we have end-to-end managed capabilities as well and we continue to enhance that part of our business. >> So a lot, a lot of opportunities for customers there. Talk a little bit about the Palo Alto Network's extension of the value prop that you just talked about. >> Oh yes. We love, you know, Palo is taking a platform approach and really focusing on helping customers rationalize their IT infrastructure around security. We're doing the same exact thing and focusing on zero trust is huge. We're, we're having those conversations with our customers as well. We want them to take their Palo investment and try to create a platform approach because there's simplicity and cost savings in that. The security conversations becoming a CFO conversation, right? We love rationalizing those technology investments in a way that makes sense. And we're right in line with Palo in that we want to provide those capabilities end to end and we want to ensure they integrate and use that all of the capabilities within your platform to the extent of that investment, right? We want them to use everything and not just parts of the technology or just do a partial deployment. We want them to use everything that it functionally is available to them through that investment. >> Dakesh, in his keynote this morning, said the answer is not just more people. I know there's this, this, this gap between the number of required number of cyber professionals that we need and >> Stephanie: Oh yeah. >> And how many employees we have, et cetera, et cetera. However, you just can't get there overnight. So that's where service providers, you know, come in. >> Stephanie: It's huge. >> I saw a stat recently, I think it said 50% of organizations in North America don't have a SOC. >> That's true. >> Okay. So they, they need managed services. So, >> Stephanie: They do. >> What are you seeing with some of the small and mid-size companies >> Stephanie: Managed >> and, and and how does, how is that, how is that going? We're entering a new era with, >> Stephanie: Yeah with, you know, cloud can can be a, a great help and and reduce the IT load internally. >> Yeah. >> Dave: What, what's the dynamic like in the customer base? >> Smaller customers especially they just can't attract the cyber talent. It's a high demand field because there just aren't many people who have that capability, right? For us, providing managed a managed SOC is huge. One of our key acquisitions, Sirius, was our largest acquisition recently, brought us a 24 7 managed SOC capability. And that's exactly what our mid-size customers want and demand and what they need, and it's more cost effective. And now they don't have to worry about being a security business. That's not what they are. They need to run their businesses and that's what we provide through managed capabilities especially for that customer base in particular. >> Lisa: And and >> Dave: How about the really small customers, right? Who, who, you know, they're in some ways the most vulnerable. >> Yeah >> Right? >> In many ways >> They don't have the budgets they're kind of working hand to mouth. How, how do you help them? >> Stephanie: Yeah. Yeah. So we, we provide cost effective managed capabilities. So there's managed for enterprise, there's managed for mid-market, but then for small medium businesses they want something that is at the right price point. And that's what we're doing actually in co-development with Palos. That's why we're expanding, not just our professional services capabilities with the Palo platform, but also providing managed support for every aspect of the platform so that customers don't need to invest in full-time employees to do that. They can, they have a predictable cost model that's affordable, that they can leverage over time. So we're very intent on making sure we're fulfilling that not just for our big customers but also for SMB and our, and small businesses as well. >> So you really have that whole suite taken care of >> The whole suite, yeah. I want to talk about some of the the large enterprises for a second. I saw a survey recently that, you know, you talked about security is a board level conversation. It is. >> Stephanie: Very much so. >> We talk about that all the time, CFO conversation but the survey that I saw recently was that there's not there's lack of alignment on boards with the executive suite where security is concerned. Are you seeing that and how can CDW and the Palo Alto partnership help gain that important alignment? >> Stephanie: Yeah So we, we face this all the time. What's on the CISO whiteboard might not be on the CFO's whiteboard or the, the board's whiteboard right? We love, and this is the whole part of our strategy and our strategy partnering with Palo, is that we want to engage further up on the, on the cycle. The, you know, we don't want to to talk to them at the end of the purchasing cycle because we're not providing value. >> Lisa: Yeah. >> We want to help advise them and build the business case. And by them, I mean our CISOs are, you know the heads of network security. You know, their are various stakeholders that we want to engage with to help them build the business case and the justification so that they are speaking the same language as the board member, the CFO. And we do that in many ways. I think the biggest is that we've we've built a global security strategy office that encompasses practitioners. So these are former CISOs, CIOs CTOs who have sat in their shoes and done what they've done. And we bring that experience to bear, coincidentally but not so coincidentally, Palo has the same capability. So Palo's also has a team of field CISOs and former practitioners. So we're partnering together to make sure that we're enabling our customers in, in providing the right value statements and the the right ROI within the the board meetings so that they get that investment right. And they're able to do what they need to do to secure the infrastructure. >> Dave: I mean, historically the business case has been we're going to help you not get breached, and you're going to reduce your, your, your loss >> Stephanie: (indistinct) still relevant. >> And, and I'm, and it's still very relevant. Is there any sort of on the other side of the algebra algebraic equation where actually having this kind of security practice can actually drive productivity >> Absolutely. >> Or or even drive revenue and can you talk about that part of the equation? >> Stephanie: Yeah, security as an industry, we're we've gotten a lot smarter. We understand it's not just about the compliance aspect or the data privacy aspect. It's very important to your point, you know breach prevention is certainly, you know, a a great justification. It's also about automation. So you think of SOAR, right? Providing automation and visibility and dashboard views into who's doing what actually really reduces administrative overhead. We, you know, we want to re-allow our clients to repurpose individuals because there are a finite amount of people in the security industry to focus on higher value tasks. So we're enabling just a lot of cost savings through that. Self-service is a big piece of this. You know, when you think about security we bring along a lot of automation, self-service automation of business logic, and business process. There's a huge value in cost savings attached to that. So that's huge. That's a huge part of the security conversation. >> I was reading, you talked about the cybersecurity skills gap and I was reading some interesting numbers that there's 26 million developers in the world less than 3 million cybersecurity professionals. >> Stephanie: Yeah. >> Talk to us about one of your favorite customer stories where you think CDW and Palo really nailed it in terms of helping organization drive that value the top line value, the bottom line value while enabling them with your expertise. >> Oh my gosh, I don't even want to focus on one because since we became a Palo authorized training partner we have worked with over a hundred clients. We just started this this year and we've helped over a hundred clients and thousands of people get enabled on on Palo firewall configuration and training and development. So we've co, we've partnered together as and we've impacted over a hundred organizations this year in making sure their people are enabled and they're, they're going from that I'm a developer generic to I'm a security professional. So we're helping to close that cybersecurity workforce gap. And we're just so excited at the scale we've been able to do that in such a short amount of time that, I mean, if you think about next year and the year following I mean it's going to be thousands of different clients. But you think about each client, we're impact we're, we're holding classes with 30 plus people. So we've already impacted thousands of people which is amazing. >> Right? So the idea to scale the program in in calendar year 2023 >> Absolutely. We're going to, we, we tried it. This was a trial run and it was amazingly successful trial run. So we're incredibly excited to scale this even more and continue to provide, you know, that element, that workforce development element, that training element for the entire Palo's stack, not just elements of it. >> Lisa: Excellent. Stephanie, thank you so much for joining us on the program. >> Stephanie: Thank you. >> Sharing what CDW and Palo Alto Networks are doing together. The what's in it for me from a customer perspective, big impact there. We appreciate your insights. >> Thank you so much. >> Dave: Great to have you >> Lisa: Our pleasure. >> It's great to have, great to be here. >> Yeah. For our guest and for Dave Vellante, I'm Lisa Martin. You're watching theCUBE, the leader in live and emerging tech coverage.

>> From "theCube" Studios in Palo Alto in Boston bringing you data-driven insights from "theCube" and ETR. This is "Breaking Analysis" with Dave Vellante. >> As an independent pure play company, Palo Alto Networks has earned its status as the leader in security. You can measure this in a variety of ways. Revenue, market cap, execution, ethos, and most importantly, conversations with customers generally. In CISO specifically, who consistently affirm this position. The company's on track to double its revenues in fiscal year 23 relative to fiscal year 2020. Despite macro headwinds, which are likely to carry through next year, Palo Alto owes its position to a clarity of vision and strong execution on a TAM expansion strategy through acquisitions and integration into its cloud and SaaS offerings. Hello and welcome to this week's "Wikibon Cube Insights" powered by ETR and this breaking analysis and ahead of Palo Alto Ignite the company's user conference, we bring you the next chapter on top of the last week's cybersecurity update. We're going to dig into the ETR data on Palo Alto Networks as we promised and provide a glimpse of what we're going to look for at "Ignite" and posit what Palo Alto needs to do to stay on top of the hill. Now, the challenges for cybersecurity professionals. Dead simple to understand. Solving it, not so much. This is a taxonomic eye test, if you will, from Optiv. It's one of our favorite artifacts to make the point the cybersecurity landscape is a mosaic of stovepipes. Security professionals have to work with dozens of tools many legacy combined with shiny new toys to try and keep up with the relentless pace of innovation catalyzed by the incredibly capable well-funded and motivated adversaries. Cybersecurity is an anomalous market in that the leaders have low single digit market shares. Think about that. Cisco at one point held 60% market share in the networking business and it's still deep into the 40s. Oracle captures around 30% of database market revenue. EMC and storage at its peak had more than 30% of that market. Even Dell's PC market shares, you know, in the mid 20s or even over that from a revenue standpoint. So cybersecurity from a market share standpoint is even more fragmented perhaps than the software industry. Okay, you get the point. So despite its position as the number one player Palo Alto might have maybe three maybe 4% of the total market, depending on what you use as your denominator, but just a tiny slice. So how is it that we can sit here and declare Palo Alto as the undisputed leader? Well, we probably wouldn't go that far. They probably have quite a bit of competition. But this CISO from a recent ETR round table discussion with our friend Eric Bradley, summed up Palo Alto's allure. We thought pretty well. The question was why Palo Alto Networks? Here's the answer. Because of its completeness as a platform, its ability to integrate with its own products or they acquire, integrate then rebrand them as their own. We've looked at other vendors we just didn't think they were as mature and we already had implemented some of the Palo Alto tools like the firewalls and stuff and we thought why not go holistically with the vendor a single throat to choke, if you will, if stuff goes wrong. And I think that was probably the primary driver and familiarity with the tools and the resources that they provided. Now here's another stat from ETR's Eric Bradley. He gave us a glimpse of the January survey that's in the field now. The percent of IT buyers stating that they plan to consolidate redundant vendors, it went from 34% in the October survey and now stands at 44%. So we fo we feel this bodes well for consolidators like Palo Alto networks. And the same is true from Microsoft's kind of good enough approach. It should also be true for CrowdStrike although last quarter we saw softness reported on in their SMB market, whereas interestingly MongoDB actually saw consistent strength from its SMB and its self-serve. So that's something that we're watching very closely. Now, Palo Alto Networks has held up better than most of its peers in the stock market. So let's take a look at that real quick. This chart gives you a sense of how well. It's a one year comparison of Palo Alto with the bug ETF. That's the cyber basket that we like to compare often CrowdStrike, Zscaler, and Okta. Now remember Palo Alto, they didn't run up as much as CrowdStrike, ZS and Okta during the pandemic but you can see it's now down unquote only 9% for the year. Whereas the cyber basket ETF is off 27% roughly in line with the NASDAQ. We're not showing that CrowdStrike down 44%, Zscaler down 61% and Okta off a whopping 72% in the past 12 months. Now as we've indicated, Palo Alto is making a strong case for consolidating point tools and we think it will have a much harder time getting customers to switch off of big platforms like Cisco who's another leader in network security. But based on the fragmentation in the market there's plenty of room to grow in our view. We asked breaking analysis contributor Chip Simington for his take on the technicals of the stock and he said that despite Palo Alto's leadership position it doesn't seem to make much difference these days. It's all about interest rates. And even though this name has performed better than its peers, it looks like the stock wants to keep testing its 52 week lows, but he thinks Palo Alto got oversold during the last big selloff. And the fact that the company's free cash flow is so strong probably keeps it at the one 50 level or above maybe bouncing around there for a while. If it breaks through that under to the downside it's ne next test is at that low of around one 40 level. So thanks for that, Chip. Now having get that out of the way as we said on the previous chart Palo Alto has strong opinions, it's founder and CTO, Nir Zuk, is extremely clear on that point of view. So let's take a look at how Palo Alto got to where it is today and how we think you should think about his future. The company was founded around 18 years ago as a network security company focused on what they called NextGen firewalls. Now, what Palo Alto did was different. They didn't try to stuff a bunch of functionality inside of a hardware box. Rather they layered network security functions on top of its firewalls and delivered value as a service through software running at the time in its own cloud. So pretty obvious today, but forward thinking for the time and now they've moved to a more true cloud native platform and much more activity in the public cloud. In February, 2020, right before the pandemic we reported on the divergence in market values between Palo Alto and Fort Net and we cited some challenges that Palo Alto was happening having transitioning to a cloud native model. And at the time we said we were confident that Palo Alto would make it through the knot hole. And you could see from the previous chart that it has. So the company's architectural approach was to do the heavy lifting in the cloud. And this eliminates the need for customers to deploy sensors on prem or proxies on prem or sandboxes on prem sandboxes, you know for instance are vulnerable to overwhelming attacks. Think about it, if you're a sandbox is on prem you're not going to be updating that every day. No way. You're probably not going to updated even every week or every month. And if the capacity of your sandbox is let's say 20,000 files an hour you know a hacker's just going to turn up the volume, it'll overwhelm you. They'll send a hundred thousand emails attachments into your sandbox and they'll choke you out and then they'll have the run of the house while you're trying to recover. Now the cloud doesn't completely prevent that but what it does, it definitely increases the hacker's cost. So they're going to probably hit some easier targets and that's kind of the objective of security firms. You know, increase the denominator on the ROI. All right, the next thing that Palo Alto did is start acquiring aggressively, I think we counted 17 or 18 acquisitions to expand the TAM beyond network security into endpoint CASB, PaaS security, IaaS security, container security, serverless security, incident response, SD WAN, CICD pipeline security, attack service management, supply chain security. Just recently with the acquisition of Cider Security and Palo Alto by all accounts takes the time to integrate into its cloud and SaaS platform called Prisma. Unlike many acquisitive companies in the past EMC was a really good example where you ended up with a kind of a Franken portfolio. Now all this leads us to believe that Palo Alto wants to be the consolidator and is in a good position to do so. But beyond that, as multi-cloud becomes more prevalent and more of a strategy customers tell us they want a consistent experience across clouds. And is going to be the same by the way with IoT. So of the next wave here. Customers don't want another stove pipe. So we think Palo Alto is in a good position to build what we call the security super cloud that layer above the clouds that brings a common experience for devs and operational teams. So of course the obvious question is this, can Palo Alto networks continue on this path of acquire and integrate and still maintain best of breed status? Can it? Will it? Does it even have to? As Holger Mueller of Constellation Research and I talk about all the time integrated suites seem to always beat best of breed in the long run. We'll come back to that. Now, this next graphic that we're going to show you underscores this question about portfolio. Here's a picture and I don't expect you to digest it all but it's a screen grab of Palo Alto's product and solutions portfolios, network cloud, network security rather, cloud security, Sassy, CNAP, endpoint unit 42 which is their threat intelligence platform and every imaginable security service and solution for customers. Well, maybe not every, I'm sure there's more to come like supply chain with the recent Cider acquisition and maybe more IoT beyond ZingBox and earlier acquisition but we're sure there will be more in the future both organic and inorganic. Okay, let's bring in more of the ETR survey data. For those of you who don't know ETR, they are the number one enterprise data platform surveying thousands of end customers every quarter with additional drill down surveys and customer round tables just an awesome SaaS enabled platform. And here's a view that shows net score or spending momentum on the vertical axis in provision or presence within the ETR data set on the horizontal axis. You see that red dotted line at 40%. Anything at or over that indicates a highly elevated net score. And as you can see Palo Alto is right on that line just under. And I'll give you another glimpse it looks like Palo Alto despite the macro may even just edge up a bit in the next survey based on the glimpse that Eric gave us. Now those colored bars in the bottom right corner they show the breakdown of Palo Alto's net score and underscore the methodology that ETR uses. The lime green is new customer adoptions, that's 7%. The forest green at 38% represents the percent of customers that are spending 6% or more on Palo Alto solutions. The gray is at that 40 or 8% that's flat spending plus or minus 5%. The pinkish at 5% is spending is down on Palo Alto network products by 6% or worse. And the bright red at only 2% is churn or defections. Very low single digit numbers for Palo Alto, that's a real positive. What you do is you subtract the red from the green and you get a net score of 38% which is very good for a company of Palo Alto size. And we'll note this is based on just under 400 responses in the ETR survey that are Palo Alto customers out of around 1300 in the total survey. It's a really good representation of Palo Alto. And you can see the other leading companies like CrowdStrike, Okta, Zscaler, Forte, Cisco they loom large with similar aspirations. Well maybe not so much Okta. They don't necessarily rule want to rule the world. They want to rule identity and of course the ever ubiquitous Microsoft in the upper right. Now drilling deeper into the ETR data, let's look at how Palo Alto has progressed over the last three surveys in terms of market presence in the survey. This view of the data shows provision in the data going back to October, 2021, that's the gray bars. The blue is July 22 and the yellow is the latest survey from October, 2022. Remember, the January survey is currently in the field. Now the leftmost set of data there show size a company. The middle set of data shows the industry for a select number of industries in the right most shows, geographic region. Notice anything, yes, Palo Alto up across the board relative to both this past summer and last fall. So that's pretty impressive. Palo Alto network CEO, Nikesh Aurora, stressed on the last earnings call that the company is seeing somewhat elongated deal approvals and sometimes splitting up size of deals. He's stressed that certain industries like energy, government and financial services continue to spend. But we would expect even a pullback there as companies get more conservative. But the point is that Nikesh talked about how they're hiring more sales pros to work the pipeline because they understand that they have to work harder to pull deals forward 'cause they got to get more approvals and they got to increase the volume that's coming through the pipeline to account for the possibility that certain companies are going to split up the deals, you know, large deals they want to split into to smaller bite size chunks. So they're really going hard after they go to market expansion to account for that. All right, so we're going to wrap by sharing what we expect and what we're going to probe for at Palo Alto Ignite next week, Lisa Martin and I will be hosting "theCube" and here's what we'll be looking for. First, it's a four day event at the MGM with the meat of the program on days two and three. That's day two was the big keynote. That's when we'll start our broadcasting, we're going for two days. Now our understanding is we've never done Palo Alto Ignite before but our understanding it's a pretty technically oriented crowd that's going to be eager to hear what CTO and founder Nir Zuk has to say. And as well CEO Nikesh Aurora and as in addition to longtime friend of "theCube" and current president, BJ Jenkins, he's going to be speaking. Wendy Whitmore runs Unit 42 and is going to be several other high profile Palo Alto execs, as well, Thomas Kurian from Google is a featured speaker. Lee Claridge, who is Palo Alto's, chief product officer we think is going to be giving the audience heavy doses of Prisma Cloud and Cortex enhancements. Now, Cortex, you might remember, came from an acquisition and does threat detection and attack surface management. And we're going to hear a lot about we think about security automation. So we'll be listening for how Cortex has been integrated and what kind of uptake that it's getting. We've done some, you know, modeling in from the ETR. Guys have done some modeling of cortex, you know looks like it's got a lot of upside and through the Palo Alto go to market machine, you know could really pick up momentum. That's something that we'll be probing for. Now, one of the other things that we'll be watching is pricing. We want to talk to customers about their spend optimization, their spending patterns, their vendor consolidation strategies. Look, Palo Alto is a premium offering. It charges for value. It's expensive. So we also want to understand what kind of switching costs are customers willing to absorb and how onerous they are and what's the business case look like? How are they thinking about that business case. We also want to understand and really probe on how will Palo Alto maintain best of breed as it continues to acquire and integrate to expand its TAM and appeal as that one-stop shop. You know, can it do that as we talked about before. And will it do that? There's also an interesting tension going on sort of changing subjects here in security. There's a guy named Edward Hellekey who's been in "theCube" before. He hasn't been in "theCube" in a while but he's a security pro who has educated us on the nuances of protecting data privacy, public policy, how it varies by region and how complicated it is relative to security. Because securities you technically you have to show a chain of custody that proves unequivocally, for example that data has been deleted or scrubbed or that metadata does. It doesn't include any residual private data that violates the laws, the local laws. And the tension is this, you need good data and lots of it to have good security, really the more the better. But government policy is often at odds in a major blocker to sharing data and it's getting more so. So we want to understand this tension and how companies like Palo Alto are dealing with it. Our customers testing public policy in courts we think not quite yet, our government's making exceptions and policies like GDPR that favor security over data privacy. What are the trade-offs there? And finally, one theme of this breaking analysis is what does Palo Alto have to do to stay on top? And we would sum it up with three words. Ecosystem, ecosystem, ecosystem. And we said this at CrowdStrike Falcon in September that the one concern we had was the pace of ecosystem development for CrowdStrike. Is collaboration possible with competitors? Is being adopted aggressively? Is Palo Alto being adopted aggressively by global system integrators? What's the uptake there? What about developers? Look, the hallmark of a cloud company which Palo Alto is a cloud security company is a thriving ecosystem that has entries into and exits from its platform. So we'll be looking at what that ecosystem looks like how vibrant and inclusive it is where the public clouds fit and whether Palo Alto Networks can really become the security super cloud. Okay, that's a wrap stop by next week. If you're in Vegas, say hello to "theCube" team. We have an unbelievable lineup on the program. Now if you're not there, check out our coverage on theCube.net. I want to thank Eric Bradley for sharing a glimpse on short notice of the upcoming survey from ETR and his thoughts. And as always, thanks to Chip Symington for his sharp comments. Want to thank Alex Morrison, who's on production and manages the podcast Ken Schiffman as well in our Boston studio, Kristen Martin and Cheryl Knight they help get the word out on social and of course in our newsletters, Rob Hoof, is our editor in chief over at Silicon Angle who does some awesome editing, thank you to all. Remember all these episodes they're available as podcasts. Wherever you listen, all you got to do is search "Breaking Analysis" podcasts. I publish each week on wikibon.com and silicon angle.com where you can email me at david.valante@siliconangle.com or dm me at D Valante or comment on our LinkedIn post. And please do check out etr.ai. They've got the best survey data in the enterprise tech business. This is Dave Valante for "theCube" Insights powered by ETR. Thanks for watching. We'll see you next week on "Ignite" or next time on "Breaking Analysis". (upbeat music)

(upbeat music) >> From theCube Studios in Palo Alto in Boston, bringing you data driven insights from theCube and ETR. This is Breaking Analysis with Dave Vellante. >> While by no means a safe haven, the cybersecurity sector has outpaced the broader tech market by a meaningful margin, that is up until very recently. Cybersecurity remains the number one technology priority for the C-suite, but as we've previously reported the CISO's budget has constraints just like other technology investments. Recent trends show that economic headwinds have elongated sales cycles, pushed deals into future quarters, and just like other tech initiatives, are pacing cybersecurity investments and breaking them into smaller chunks. Hello and welcome to this week's Wikibon Cube Insights powered by ETR. In this Breaking Analysis we explain how cybersecurity trends are reverting to the mean and tracking more closely with other technology investments. We'll make a couple of valuation comparisons to show the magnitude of the challenge and which cyber firms are feeling the heat, which aren't. There are some exceptions. We'll then show the latest survey data from ETR to quantify the contraction in spending momentum and close with a glimpse of the landscape of emerging cybersecurity companies, the private companies that could be ripe for acquisition, consolidation, or disruptive to the broader market. First, let's take a look at the recent patterns for cyber stocks relative to the broader tech market as a benchmark, as an indicator. Here's a year to date comparison of the bug ETF, which comprises a basket of cyber security names, and we compare that with the tech heavy NASDAQ composite. Notice that on April 13th of this year the cyber ETF was actually in positive territory while the NAS was down nearly 14%. Now by August 16th, the green turned red for cyber stocks but they still meaningfully outpaced the broader tech market by more than 950 basis points as of December 2nd that Delta had contracted. As you can see, the cyber ETF is now down nearly 25%, year to date, while the NASDAQ is down 27% and change. Now take a look at just how far a few of the high profile cybersecurity names have fallen. Here are six security firms that we've been tracking closely since before the pandemic. We've been, you know, tracking dozens but let's just take a look at this data and the subset. We show for comparison the S&P 500 and the NASDAQ, again, just for reference, they're both up since right before the pandemic. They're up relative to right before the pandemic, and then during the pandemic the S&P shot up more than 40%, relative to its pre pandemic level, around February is what we're using for the pre pandemic level, and the NASDAQ peaked at around 65% higher than that February level. They're now down 85% and 71% of their previous. So they're at 85% and 71% respectively from their pandemic highs. You compare that to these six companies, Splunk, which was and still is working through a transition is well below its pre pandemic market value and 44, it's 44% of its pre pandemic high as of last Friday. Palo Alto Networks is the most interesting here, in that it had been facing challenges prior to the pandemic related to a pivot to the Cloud which we reported on at the time. But as we said at that time we believe the company would sort out its Cloud transition, and its go to market challenges, and sales compensation issues, which it did as you can see. And its valuation jumped from 24 billion prior to Covid to 56 billion, and it's holding 93% of its peak value. Its revenue run rate is now over 6 billion with a healthy growth rate of 24% expected for the next quarter. Similarly, Fortinet has done relatively well holding 71% of its peak Covid value, with a healthy 34% revenue guide for the coming quarter. Now, Okta has been the biggest disappointment, a darling of the pandemic Okta's communication snafu, with what was actually a pretty benign hack combined with difficulty absorbing its 7 billion off zero acquisition, knocked the company off track. Its valuation has dropped by 35 billion since its peak during the pandemic, and that's after a nice beat and bounce back quarter just announced by Okta. Now, in our view Okta remains a viable long-term leader in identity. However, its recent fiscal 24 revenue guide was exceedingly conservative at around 16% growth. So either the company is sandbagging, or has such poor visibility that it wants to be like super cautious or maybe it's actually seeing a dramatic slowdown in its business momentum. After all, this is a company that not long ago was putting up 50% plus revenue growth rates. So it's one that bears close watching. CrowdStrike is another big name that we've been talking about on Breaking Analysis for quite some time. It like Okta has led the industry in a key ETR performance indicator that measures customer spending momentum. Just last week, CrowdStrike announced revenue increased more than 50% but new ARR was soft and the company guided conservatively. Not surprisingly, the stock got absolutely crushed as CrowdStrike blamed tepid demand from smaller and midsize firms. Many analysts believe that competition from Microsoft was one factor along with cautious spending amongst those midsize and smaller customers. Notably, large customers remain active. So we'll see if this is a longer term trend or an anomaly. Zscaler is another company in the space that we've reported having great customer spending momentum from the ETR data. But even though the company beat expectations for its recent quarter, like other companies its Outlook was conservative. So other than Palo Alto, and to a lesser extent Fortinet, these companies and others that we're not showing here are feeling the economic pinch and it shows in the compression of value. CrowdStrike, for example, had a 70 billion valuation at one point during the pandemic Zscaler top 50 billion, Okta 45 billion. Now, having said that Palo Alto Networks, Fortinet, CrowdStrike, and Zscaler are all still trading well above their pre pandemic levels that we tracked back in February of 2020. All right, let's go now back to ETR'S January survey and take a look at how much things have changed since the beginning of the year. Remember, this is obviously pre Ukraine, and pre all the concerns about the economic headwinds but here's an X Y graph that shows a net score, or spending momentum on the y-axis, and market presence on the x-axis. The red dotted line at 40% on the vertical indicates a highly elevated net score. Anything above that we think is, you know, super elevated. Now, we filtered the data here to show only those companies with more than 50 responses in the ETR survey. Still really crowded. Note that there were around 20 companies above that red 40% mark, which is a very, you know, high number. It's a, it's a crowded market, but lots of companies with, you know, positive momentum. Now let's jump ahead to the most recent October survey and take a look at what, what's happening. Same graphic plotting, spending momentum, and market presence, and look at the number of companies above that red line and how it's been squashed. It's really compressing, it's still a crowded market, it's still, you know, plenty of green, but the number of companies above 40% that, that key mark has gone from around 20 firms down to about five or six. And it speaks to that compression and IT spending, and of course the elongated sales cycles pushing deals out, taking them in smaller chunks. I can't tell you how many conversations with customers I had, at last week at Reinvent underscoring this exact same trend. The buyers are getting pressure from their CFOs to slow things down, do more with less and, and, and prioritize projects to those that absolutely are critical to driving revenue or cutting costs. And that's rippling through all sectors, including cyber. Now, let's do a bit more playing around with the ETR data and take a look at those companies with more than a hundred citations in the survey this quarter. So N, greater than or equal to a hundred. Now remember the followers of Breaking Analysis know that each quarter we take a look at those, what we call four star security firms. That is, those are the, that are in, that hit the top 10 for both spending momentum, net score, and the N, the mentions in the survey, the presence, the pervasiveness in the survey, and that's what we show here. The left most chart is sorted by spending momentum or net score, and the right hand chart by shared N, or the number of mentions in the survey, that pervasiveness metric. that solid red line denotes the cutoff point at the top 10. And you'll note we've actually cut it off at 11 to account for Auth 0, which is now part of Okta, and is going through a go to market transition, you know, with the company, they're kind of restructuring sales so they can take advantage of that. So starting on the left with spending momentum, again, net score, Microsoft leads all vendors, typical Microsoft, very prominent, although it hadn't always done so, it, for a while, CrowdStrike and Okta were, were taking the top spot, now it's Microsoft. CrowdStrike, still always near the top, but note that CyberArk and Cloudflare have cracked the top five in Okta, which as I just said was consistently at the top, has dropped well off its previous highs. You'll notice that Palo Alto Network Palo Alto Networks with a 38% net score, just below that magic 40% number, is healthy, especially as you look over to the right hand chart. Take a look at Palo Alto with an N of 395. It is the largest of the independent pure play security firms, and has a very healthy net score, although one caution is that net score has dropped considerably since the beginning of the year, which is the case for most of the top 10 names. The only exception is Fortinet, they're the only ones that saw an increase since January in spending momentum as ETR measures it. Now this brings us to the four star security firms, that is those that hit the top 10 in both net score on the left hand side and market presence on the right hand side. So it's Microsoft, Palo Alto, CrowdStrike, Okta, still there even not accounting for a Auth 0, just Okta on its own. If you put in Auth 0, it's, it's even stronger. Adding then in Fortinet and Zscaler. So Microsoft, Palo Alto, CrowdStrike, Okta, Fortinet, and Zscaler. And as we've mentioned since January, only Fortinet has shown an increase in net score since, since that time, again, since the January survey. Now again, this talks to the compression in spending. Now one of the big themes we hear constantly in cybersecurity is the market is overcrowded. Everybody talks about that, me included. The implication there, is there's a lot of room for consolidation and that consolidation can come in the form of M&A, or it can come in the form of people consolidating onto a single platform, and retiring some other vendors, and getting rid of duplicate vendors. We're hearing that as a big theme as well. Now, as we saw in the previous, previous chart, this is a very crowded market and we've seen lots of consolidation in 2022, in the form of M&A. Literally hundreds of M&A deals, with some of the largest companies going private. SailPoint, KnowBe4, Barracuda, Mandiant, Fedora, these are multi billion dollar acquisitions, or at least billion dollars and up, and many of them multi-billion, for these companies, and hundreds more acquisitions in the cyberspace, now less you think the pond is overfished, here's a chart from ETR of emerging tech companies in the cyber security industry. This data comes from ETR's Emerging Technologies Survey, ETS, which is this diamond in a rough that I found a couple quarters ago, and it's ripe with companies that are candidates for M&A. Many would've liked, many of these companies would've liked to, gotten to the public markets during the pandemic, but they, you know, couldn't get there. They weren't ready. So the graph, you know, similar to the previous one, but different, it shows net sentiment on the vertical axis and that's a measurement of, of, of intent to adopt against a mind share on the X axis, which measures, measures the awareness of the vendor in the community. So this is specifically a survey that ETR goes out and, and, and fields only to track those emerging tech companies that are private companies. Now, some of the standouts in Mindshare, are OneTrust, BeyondTrust, Tanium and Endpoint, Net Scope, which we've talked about in previous Breaking Analysis. 1Password, which has been acquisitive on its own. In identity, the managed security service provider, Arctic Wolf Network, a company we've also covered, we've had their CEO on. We've talked about MSSPs as a real trend, particularly in small and medium sized business, we'll come back to that, Sneek, you know, kind of high flyer in both app security and containers, and you can just see the number of companies in the space this huge and it just keeps growing. Now, just to make it a bit easier on the eyes we filtered the data on these companies with with those, and isolated on those with more than a hundred responses only within the survey. And that's what we show here. Some of the names that we just mentioned are a bit easier to see, but these are the ones that really stand out in ERT, ETS, survey of private companies, OneTrust, BeyondTrust, Taniam, Netscope, which is in Cloud, 1Password, Arctic Wolf, Sneek, BitSight, SecurityScorecard, HackerOne, Code42, and Exabeam, and Sim. All of these hit the ETS survey with more than a hundred responses by, by the IT practitioners. Okay, so these firms, you know, maybe they do some M&A on their own. We've seen that with Sneek, as I said, with 1Password has been inquisitive, as have others. Now these companies with the larger footprint, these private companies, will likely be candidate for both buying companies and eventually going public when the markets settle down a bit. So again, no shortage of players to affect consolidation, both buyers and sellers. Okay, so let's finish with some key questions that we're watching. CrowdStrike in particular on its earnings calls cited softness from smaller buyers. Is that because these smaller buyers have stopped adopting? If so, are they more at risk, or are they tactically moving toward the easy button, aka, Microsoft's good enough approach. What does that mean for the market if smaller company cohorts continue to soften? How about MSSPs? Will companies continue to outsource, or pause on on that, as well as try to free up, to try to free up some budget? Adam Celiski at Reinvent last week said, "If you want to save money the Cloud's the best place to do it." Is the cloud the best place to save money in cyber? Well, it would seem that way from the standpoint of controlling budgets with lots of, lots of optionality. You could dial up and dial down services, you know, or does the Cloud add another layer of complexity that has to be understood and managed by Devs, for example? Now, consolidation should favor the likes of Palo Alto and CrowdStrike, cause they're platform players, and some of the larger players as well, like Cisco, how about IBM and of course Microsoft. Will that happen? And how will economic uncertainty impact the risk equation, a particular concern is increase of tax on vulnerable sectors of the population, like the elderly. How will companies and governments protect them from scams? And finally, how many cybersecurity companies can actually remain independent in the slingshot economy? In so many ways the market is still strong, it's just that expectations got ahead of themselves, and now as earnings forecast come, come, come down and come down to earth, it's going to basically come down to who can execute, generate cash, and keep enough runway to get through the knothole. And the one certainty is nobody really knows how tight that knothole really is. All right, let's call it a wrap. Next week we dive deeper into Palo Alto Networks, and take a look at how and why that company has held up so well and what to expect at Ignite, Palo Alto's big user conference coming up later this month in Las Vegas. We'll be there with theCube. Okay, many thanks to Alex Myerson on production and manages the podcast, Ken Schiffman as well, as our newest edition to our Boston studio. Great to have you Ken. Kristin Martin and Cheryl Knight help get the word out on social media and in our newsletters. And Rob Hof is our EIC over at Silicon Angle. He does some great editing for us. Thank you to all. Remember these episodes are all available as podcasts. Wherever you listen, just search Breaking Analysis podcast. I publish each week on wikibond.com and siliconangle.com, or you can email me directly David.vellante@siliconangle.com or DM me @DVellante, or comment on our LinkedIn posts. Please do checkout etr.ai, they got the best survey data in the enterprise tech business. This is Dave Vellante for theCube Insights powered by ETR. Thanks for watching, and we'll see you next time on Breaking Analysis. (upbeat music)

>>Good afternoon from the Venetian Expo, center, hall, whatever you wanna call it, in Las Vegas. Lisa Martin here. It's day four. I'm not sure what this place is called. Wait, >>What? >>Lisa Martin here with Dave Ante. This is the cube. This is day four of a ton of coverage that we've been delivering to you, which, you know, cause you've been watching since Monday night, Dave, we are almost at the end, we're almost at the show wrap. Excited to bring back, we've been talking about security, a lot about security. Excited to bring back a, an alumni to talk about that. But what's your final thoughts? >>Well, so just in, in, in the context of security, we've had just three in a row talking about cyber, which is like the most important topic. And I, and I love that we're having Palo Alto Networks on Palo Alto Networks is the gold standard in security. Talk to CISOs, they wanna work with them. And, and it was, it's interesting because I've been following them for a little bit now, watch them move to the cloud and a couple of little stumbling points. But I said at the time, they're gonna figure it out and, and come rocking back. And they have, and the company's just performing unbelievably well despite, you know, all the macro headwinds that we love to >>Talk about. So. Right. And we're gonna be unpacking all of that with one of our alumni. As I mentioned, Anker Shaw is with us, the SVP and GM of Palo Alto Networks. Anker, welcome back to the Cub. It's great to see you. It's been a while. >>It's good to be here after a couple years. Yeah, >>Yeah. I think three. >>Yeah, yeah, for sure. Yeah. Yeah. It's a bit of a blur after Covid. >>Everyone's saying that. Yeah. Are you surprised that there are still this many people on the show floor? Cuz I am. >>I am. Yeah. Look, I am not, this is my fourth, last year was probably one third or one fourth of this size. Yeah. But pre covid, this is what dream went looked like. And it's energizing, it's exciting. It's just good to be doing the good old things. So many people and yeah. Amazing technology and innovation. It's been incredible. >>Let's talk about innovation. I know you guys, Palo Alto Networks recently acquired cyber security. Talk to us a little bit about that. How is it gonna compliment Prisma? Give us all the scoop on that. >>Yeah, for sure. Look, some of the recent, the cybersecurity attacks that we have seen are related to supply chain, the colonial pipeline, many, many supply chain. And the reason for that is the modern software supply chain, not the physical supply chain, the one that AWS announced, but this is the software supply chain is really incredibly complicated, complicated developers that are building and shipping code faster than ever before. And the, the site acquisition at the center, the heart of that was securing the entire supply chain. White House came with a new initiative on supply chain security and SBO software bill of material. And we needed a technology, a company, and a set of people who can really deliver to that. And that's why we acquired that for supply chain security, otherwise known as cicd, security, c >>IDC security. Yeah. So how will that complement PRIs McCloud? >>Yeah, so look, if you look at our history lease over the last four years, we have been wanting to, our mission mission has been to build a single code to cloud platform. As you may know, there are over 3000 security vendors in the industry. And we said enough is enough. We need a platform player who can really deliver a unified cohesive platform solution for our customers because they're sick and tired of buying PI point product. So our mission has been to deliver that code to cloud platform supply chain security was a missing piece and we acquired them, it fits right really nicely into our portfolio of products and solution that customers have. And they'll have a single pin of glass with this. >>Yeah. So there's a lot going on. You've got, you've got an adversary that is incredibly capable. Yeah. These days and highly motivated and extremely sophisticated mentioned supply chain. It's caused a shift in, in CSO strategies, talking about the pandemic, of course we know work from home that changed things. You've mentioned public policy. Yeah. And, and so, and as well you have the cloud, cloud, you know, relatively new. I mean, it's not that new, but still. Yeah. But you've got the shared responsibility model and not, not only do you have the shared responsibility model, you have the shared responsibility across clouds and OnPrem. So yes, the cloud helps with security, but that the CISO has to worry about all these other things. The, the app dev team is being asked to shift left, you know, secure and they're not security pros. Yeah. And you know, kind audit is like the last line of defense. So I love this event, I love the cloud, but customers need help in making their lives simpler. Yeah. And the cloud in and of itself, because, you know, shared responsibility doesn't do that. Yeah. That's what Palo Alto and firms like yours come in. >>Absolutely. So look, Jim, this is a unable situation for a lot of the Cisco, simply because there are over 26 million developers, less than 3 million security professional. If you just look at all the announcement the AWS made, I bet you there were like probably over 2000 features. Yeah. I mean, they're shipping faster than ever before. Developers are moving really, really fast and just not enough security people to keep up with the velocity and the innovation. So you are right, while AWS will guarantee securing the infrastructure layer, but everything that is built on top of it, the new machine learning stuff, the new application, the new supply chain applications that are developed, that's the responsibility of the ciso. They stay up at night, they don't know what's going on because developers are bringing new services and new technology. And that's why, you know, we've always taken a platform approach where customers and the systems don't have to worry about it. >>What AWS new service they have, it's covered, it's secured. And that's why the adopters, McCloud and Palo Alto Networks, because regardless what developers bring, security is always there by their side. And so security teams need just a simple one click solution. They don't have to worry about it. They can sleep at night, keep the bad actors away. And, and that's, that's where Palo Alto Networks has been innovating in this area. AWS is one of our biggest partners and you know, we've integrated with, with a lot of their services. We launch about three integrations with their services. And we've been doing this historically for more and >>More. Are you still having conversations with the security folks? Or because security is a board level conversation, are your conversations going up a stack because this is a C-suite problem, this is a board level initiative? >>Absolutely. Look, you know, there was a time about four years ago, like the best we could do is director of security. Now it's just so CEO level conversation, board level conversation to your point, simply because I mean, if, if all your financial stuff is going to public cloud, all your healthcare data, all your supply chain data is going to public cloud, the board is asking very simple question, what are you doing to secure that? And to be honest, the question is simple. The answer's not because all the stuff that we talked about, too many applications, lots and lots of different services, different threat vectors and the bad actors, the bad guys are always a step ahead of the curve. And that's why this has become a board level conversation. They wanna make sure that things are secure from the get go before, you know, the enterprises go too deep into public cloud adoption. >>I mean there, there was shift topics a little bit. There was hope or kinda early this year that that cyber was somewhat insulated from the sort of macro press pressures. Nobody's safe. Even the cloud is sort of, you know, facing those, those headwinds people optimizing costs. But one thing when you talk to customers is, I always like to talk about that, that optiv graph. We've all seen it, right? And it's just this eye test of tools and it's a beautiful taxonomy, but there's just too many tools. So we're seeing a shift from point tools to platforms because obviously a platform play, and that's a way. So what are you seeing in the, in the field with customers trying to optimize their infrastructure costs with regard to consolidating to >>Platforms? Yeah. Look, you rightly pointed out one thing, the cybersecurity industry in general and Palo Alto networks, knock on wood, the stocks doing well. The macro headwinds hasn't impacted the security spend so far, right? Like time will tell, we'll, we'll see how things go. And one of the primary reason is that when you know the economy starts to slow down, the customers again want to invest in platforms. It's simple to deploy, simple to operationalize. They want a security partner of choice that knows that they, it's gonna be by them through the entire journey from code to cloud. And so that's why platform, especially times like these are more important than they've ever been before. You know, customers are investing in the, the, the product I lead at Palo Alto network called Prisma Cloud. It's in the cloud network application protection platform seen app space where once again, customers that investing in platform from quote to cloud and avoiding all the point products for sure. >>Yeah. Yeah. And you've seen it in, in Palo Alto's performance. I mean, not every cyber firm has is, is, >>You know, I know. Ouch. CrowdStrike Yeah. >>Was not. Well you saw that. I mean, and it was, and and you know, the large customers were continuing to spend, it was the small and mid-size businesses Yeah. That were, were were a little bit soft. Yeah. You know, it's a really, it's really, I mean, you see Okta now, you know, after they had some troubles announcing that, you know, their, their, their visibility's a little bit better. So it's, it's very hard to predict right now. And of course if TOMA Brava is buying you, then your stock price has been up and steady. That's, >>Yeah. Look, I think the key is to have a diversified portfolio of products. Four years ago before our CEO cash took over the reins of the company, we were a single product X firewall company. Right. And over time we have added XDR with the first one to introduce that recently launched x Im, you know, to, to make sure we build an NextGen team, cloud security is a completely net new investment, zero trust with access as workers started working remotely and they needed to make sure enterprises needed to make sure that they're accessing the applications securely. So we've added a lot of portfolio products over time. So you have to remain incredibly diversified, stay strong, because there will be stuff like remote work that slowed down. But if you've got other portfolio product like cloud security, while those secular tailwinds continue to grow, I mean, look how fast AWS is growing. 35, 40%, like $80 billion run rate. Crazy at that, that scale. So luckily we've got the portfolio of products to ensure that regardless of what the customer's journey is, macro headwinds are, we've got portfolio of solutions to help our customers. >>Talk a little bit about the AWS partnership. You talked about the run rate and I was reading a few days ago. You're right. It's an 82 billion arr, massive run rate. It's crazy. Well, what are, what is a Palo Alto Networks doing with aws and what's the value in it to help your customers on a secure digital transformation journey? >>Well, absolutely. We have been doing business with aws. We've been one of their security partners of choice for many years now. We have a presence in the marketplace where customers can through one click deploy the, the several Palo Alto Networks security solutions. So that's available. Like I said, we had launch partner to many, many new products and innovation that AWS comes up with. But always the day one partner, Adam was talking about some of those announcements and his keynote security data lake was one of those. And they were like a bunch of others related to compute and others. So we have been a partner for a long time, and look, AWS is an incredibly customer obsessed company. They've got their own security products. But if the customer says like, Hey, like I'd like to pick this from yours, but there's three other things from Palo Alto Networks or S MacCloud or whatever else that may be, they're open to it. And that's the great thing about AWS where it doesn't have to be wall garden open ecosystem, let the customer pick the best. >>And, and that's, I mean, there's, there's examples where AWS is directly competitive. I mean, my favorite example is Redshift and Snowflake. I mean those are directly competitive products, but, but Snowflake is an unbelievably great relationship with aws. They do cyber's, I think different, I mean, yeah, you got guard duty and you got some other stuff there. But generally speaking, the, correct me if I'm wrong, the e the ecosystem has more room to play on AWS than it may on some other clouds. >>A hundred percent. Yeah. Once again, you know, guard duty for examples, we've got a lot of customers who use guard duty and Prisma Cloud and other Palo Alto Networks products. And we also ingest the data from guard duty. So if customers want a single pane of glass, they can use the best of AWS in terms of guard duty threat detection, but leverage other technology suite from, you know, a platform provider like Palo Alto Networks. So you know, that that, you know, look, world is a complicated place. Some like blue, some like red, whatever that may be. But we believe in giving customers that choice, just like AWS customers want that. Not a >>Problem. And at least today they're not like directly, you know, in your space. Yeah. You know, and even if they were, you've got such a much mature stack. Absolutely. And my, my frankly Microsoft's different, right? I mean, you see, I mean even the analysts were saying that some of the CrowdStrike's troubles for, cuz Microsoft's got the good enough, right? So >>Yeah. Endpoint security. Yeah. And >>Yeah, for sure. So >>Do you have a favorite example of a customer where Palo Alto Networks has really helped them come in and, and enable that secure business transformation? Anything come to mind that you think really shines a light on Palo Alto Networks and what it's able to do? >>Yeah, look, we have customers across, and I'm gonna speak to public cloud in general, right? Like Palo Alto has over 60,000 customers. So we've been helping with that business transformation for years now. But because it's reinvented aws, the Prisma cloud product has been helping customers across different industry verticals. Some of the largest credit card processing companies, they can process transactions because we are running security on top of the workloads, the biggest financial services, biggest healthcare customers. They're able to put the patient health records in public cloud because Palo Alto Networks is helping them get there. So we are helping accelerated that digital journey. We've been an enabler. Security is often perceived as a blocker, but we have always treated our role as enabler. How can we get developers and enterprises to move as fast as possible? And like, my favorite thing is that, you know, moving fast and going digital is not a monopoly of just a tech company. Every company is gonna be a tech company Oh absolutely. To public cloud. Yes. And we want to help them get there. Yeah. >>So the other thing too, I mean, I'll just give you some data. I love data. I have a, ETR is our survey partner and I'm looking at Data 395. They do a survey every quarter, 1,250 respondents on this survey. 395 were Palo Alto customers, fortune 500 s and P 500, you know, big global 2000 companies as well. Some small companies. Single digit churn. Yeah. Okay. Yeah. Very, very low replacement >>Rates. Absolutely. >>And still high single digit new adoption. Yeah. Right. So you've got that tailwind going for you. Yeah, >>Right. It's, it's sticky because especially our, our main business firewall, once you deploy the firewall, we are inspecting all the network traffic. It's just so hard to rip and replace. Customers are getting value every second, every minute because we are thwarting attacks from public cloud. And look, we, we, we provide solutions not just product, we just don't leave the product and ask the customers to deploy it. We help them with deployment consumption of the product. And we've been really fortunate with that kind of gross dollar and netten rate for our customers. >>Now, before we wrap, I gotta tease, the cube is gonna be at Palo Alto Ignite. Yeah. In two weeks back here. I think we're at D mgm, right? We >>Were at D MGM December 13th and >>14th. So give us a little, show us a little leg if you would. What could we expect? >>Hey, look, I mean, a lot of exciting new things coming. Obviously I can't talk about it right now. The PR Inc is still not dry yet. But lots of, lots of new innovation across our three main businesses. Network security, public cloud, security, as well as XDR X. Im so stay tuned. You know, you'll, you'll see a lot of new exciting things coming up. >>Looking forward to it. >>We are looking forward to it. Last question on curf. You, if you had a billboard to place in New York Times Square. Yeah. You're gonna take over the the the Times Square Nasdaq. What does the billboard say about why organizations should be working with Palo Alto Networks? Yeah. To really embed security into their dna. Yeah. >>You know when Jim said Palo Alto Networks is the gold standard for security, I thought it was gonna steal it. I think it's pretty good gold standard for security. But I'm gonna go with our mission cyber security partner's choice. We want to be known as that and that's who we are. >>Beautifully said. Walker, thank you so much for joining David in the program. We really appreciate your insights, your time. We look forward to seeing you in a couple weeks back here in Vegas. >>Absolutely. Can't have enough of Vegas. Thank you. Lisa. >>Can't have in Vegas, >>I dunno about that. By this time of the year, I think we can have had enough of Vegas, but we're gonna be able to see you on the cubes coverage, which you could catch up. Palo Alto Networks show Ignite December, I believe 13th and 14th on the cube.net. We want to thank Anker Shaw for joining us. For Dave Ante, this is Lisa Martin. You're watching the Cube, the leader in live enterprise and emerging tech coverage.

(light music) (airy white noise rumbling) >> Hey everyone, welcome back to Las Vegas. It's theCUBE. We're here, day four of our coverage of AWS re:Invent 22. There's been about, we've heard, north of 55,000 folks here in person. We're seeing only a fraction of that but it's packed in the expo center. We're at the Venetian Expo, Lisa Martin, Dave Vellante. Dave, we've had such great conversations as we always do on theCUBE. With the AWS ecosystem, we're going to be talking with another partner on that ecosystem and what they're doing to innovate together next. >> Well, we know security is the number one topic on IT practitioners, mine, CIOs, CISOs. We also know that they don't have the bench strength, that's why they look to manage service providers, manage service security providers. It's a growing topic, we've talked about it. We talked about it at re:Inforce earlier this year. I think it was July, actually, and August, believe it or not, not everybody was at the Cape. It was pretty well attended conference and that's their security focus conference, exclusive on security. But there's a lot of security here too. >> Lot of security, we're going to be talking about that next. We have two guests from Capgemini joining us. Mike Wasielewski, the head of cloud security, and NextGen secure architectures, welcome Mike. Anne Saunders also joins us, the Director of Cybersecurity Technology Partnerships at Capgemini, welcome Anne. >> Thank you. >> Dave: Hey guys. >> So, day four of the show, how you feeling? >> Anne: Pretty good. >> Mike: It's a long show. >> It is a long, and it's still jamming in here. Normally on the last day, it dwindles down. Not here. >> No, the foot traffic around the booth and around the totality of this expo floor has been amazing, I think. >> It really has. Anne, I want to start with you. Capgemini making some moves in the waves in the cloud and cloud security spaces. Talk to us about what Cap's got going on there. >> Well, we actually have a variety of things going on. Very much partner driven. The SOC Essentials offering that Mike's going to talk about shortly is the kind of the starter offer where we're going to build from and build out from. SOC Essentials is definitely critical for establishing that foundation. A lot of good stuff coming along with partners. Since I manage the partners, I'm kind of keen on who we get involved with and how we work with them to build out value and focus on our overall cloud security strategy. Mike, you want to talk about SOC Essentials? >> Yeah, well, no, I mean, I think at Capgemini, we really say cybersecurity is part of our DNA and so as we look at what we do in the cloud, you'll find that security has always been an underpinning to a lot of what we deliver, whether it's on the DevSecOps services, migration services, stuff like that. But what we're really trying to do is be intentional about how we approach the security piece of the cloud in different ways, right? Traditional infrastructure, you mentioned the totality of security vendors here and at re:Inforce. We're really seeing that you have to approach it differently. So we're bringing together the right partners. We're using what's part of our DNA to really be able to drive the next generation of security inside those clouds for our clients and customers. So as Anne was talking about, we have a new service called the Capgemini Cloud SOC Essentials, and we've really brought our partners to bear, in this case Trend Micro, really bringing a lot of their intelligence and building off of what they do so that we can help customers. Services can be pretty expensive, right, when you go for the high end, or if you have to try to run one yourself, there's a lot of time, I think you mentioned earlier, right, the people's benches. It's really hard to have a really good cybersecurity people in those smaller businesses. So what we're trying to do is we're really trying to help companies, whether you're the really big buyers of the world or some of the smaller ones, right? We want to be able to give you the visibility and ability to deliver to your customers securely. So that's how we're approaching security now and we're cloud SOC Essentials, the new thing that we're announcing while we were here is really driving out of. >> When I came out of re:Invent, when you do these events, you get this Kool-Aid injection and after a while you're like hm, what did I learn? And one of the things that struck me in talking to people is you've got the shared responsibility model that the cloud has sort of created and I know there's complexities across cloud but let's just keep it at cloud generically for a moment. And then you've got the CISO, the AppDev, AppSecDev group is being asked to do a lot. They're kind of being dragged into security that's really not their wheelhouse and then you've got audit which is like the last line of defense. And so one of the things that struck me at re:Inforce is like, okay, Amazon, great job for their portion of the shared responsibility model but I didn't hear a lot in terms of making the CISO's life easier and I'm guessing that's where you guys come in. I wonder if you could talk about that trend, that conceptual layers that I just laid out and where you guys fit. >> Mike: Sure, so I think first and foremost, I always go back to a quote from, I think it's attributed to Peter Drucker, whether that's right or wrong, who knows? But culture eats strategy for breakfast, right? And I think what we've seen in our conversations with whether you're talking to the CISO, the application team, the AppDev team, wherever throughout the organization, we really see that culture is what's going to drive success or failure of security in the org, and so what we do is we really do bring that totality of perspective. We're not just cloud, not just security, not just AppDev. We can really bring across the totality of the Capgemini estate. So that when we go, and you're right, a CISO says, I'm having a hard time getting the app people to deliver what I need. If you just come from a security perspective, you're right, that's what's going to happen. So what we try to do is so, we've got a great DevSecOps service, for example in the cloud where we do that. We bring all the perspectives together, how do we align KPIs? That's a big problem, I think, for what you're seeing, making CISO's lives easier, is about making sure that the app team KPIs are aligned with the CISO's but also the CISO's KPIs are aligned with the app teams. And by doing that, we have had really great success in a number of organizations by giving them the tools then and the people on our side to be able to make those alignments at the business level, to drive the right business outcome, to drive the right security outcome, the right application outcome. That's where I think we've really come to play. >> Absolutely, and I will say from a partnering perspective, what's key in supporting that strategy is we will learn from our partners, we lean on our partners to understand what the trends they're seeing and where they're having an impact with regards to supporting the CISO and supporting the overall security strategy within a company. I mean, they're on the cutting edge. We do a lot to track their technology roadmaps. We do a lot to track how they build their buyer personas and what issues they're dealing with and what issues they're prepared to deal with regards to where they're investing and who's investing in them. A lot of strategy around which partner to bring in and support, how we're going to address the challenges, the CISO and the IT teams are having to kind of support that overall. Security is a part of everything, DNA kind of strategy. >> Yeah, do you have a favorite example, Anne, of a partner that came in with Capgemini, helped a customer really be able to do what Capgemini is doing and that is, have cybersecurity be actually part of their DNA when there's so many challenges, the skills gap. Any favorite example that really you think articulates how you're able to enable organizations to achieve just that? >> Anne: Well, actually the SOC Essentials offering that we're rolling out is a prime example of that. I mean, we work very, very closely with Trend on all fronts with regards to developing it. It's one of those completely collaborative from day one to going to the customer and that it's almost that seamless connectivity and just partnering at such a strategic level is a great example of how it's done right, and when it's done right, how successful it can be. >> Dave: Why Trend Micro? Because I mean, I'm sure you've seen, I think that's Optiv, has the eye test with all the tools and you talk to CISOs, they're like really trying to consolidate those tools. So I presume there's a portfolio play there, but tell us, tell the audience a little bit more about why Trend Micro and I mean your branding with them, why those guys? >> Well, it goes towards the technology, of course, and all the development they've done and their position within AWS and how they address assuring security for our clients who are moving onto and running their estates on AWS. There's such a long heritage with regards to their technology platform and what they've developed, that deep experience, that kind of the strength of the technology because of the longevity they've had and where they sit within their domain. I try to call partners out by their domain and their area of expertise is part of the reason, I mean. >> Yeah, I think another big part of it is Gartner is expecting, I think they published this out in the next three years, we expect to see another consolidation both inside of the enterprises as well as, I look back a couple years, when Palo Alto went on a very nice spending spree, right? And put together a lot of really great companies that built their Prisma platform. So what I think one of the reasons we picked Trend in this particular case is as we look forward for our customers and our clients, not just having point solutions, right? This isn't just about endpoint protection, this isn't just about security posture management. This is really who can take the totality of the customer's problems and deliver on the right outcomes from a single platform, and so when we look at companies like Trend, like Palo, some of the bigger partners for us, that's where we try to focus. They're definitely best in breed and we bring those to our customers too for certain things. But as we look to the future, I think really finding those partners that are going to be able to solve a swath of problems at the right price point for their customers, that is where I think we see the industry moving. >> Dave: And maybe be around as an independent company. Was that a factor as well? I mean, you see Thoma Bravo buying up all his hiring companies and right, so, and maybe they're trying to create something that could be competitive, but you're saying Trend Micros there, so. >> Well I think as Anne mentioned, the 30 year heritage, I think, of Trend Micro really driving this and I've done work with them in various past things. There's also a big part of just the people you like, the people that are good to work with, that are really trying to be customer obsessed, going back right, at an AWS event, the ones that get the cloud tend to be able to follow those Amazon LPs as well, right, just kind of naturally, and so I think when you look at the Trend Micros of the world, that's where that kind of cloud native piece comes out and I like working with that. >> In this environment, the macro environment, lets talk a bit, earning season, it's really mixed. I mean you're seeing some really good earnings, some mixed earnings, some good earnings with cautious guidance. So nobody really (indistinct), and it was for a period time there was a thinking that security was non-discretionary and it's clearly non-discretionary, but the CISO, she or he, doesn't have unlimited budgets, right? So what are you seeing in terms of how are customers dealing with this challenging macro environment? Is it through tools consolidation? Is that a play that's going on? What are you seeing in the customer base? >> Anne: I see ways, and we're working through this right now where we're actually weaving cybersecurity in at the very beginning of how we're designing offers across our entire offer portfolio, not just the cybersecurity business. So taking that approach in the long run will help contain costs and our hope, and we're already seeing it, is it's actually helping change the perception that security's that cost center and that final obstacle you have to get over and it's going to throw your margins off and all that sort of stuff. >> Dave: I like that, its at least is like a security cover charge. You're not getting in unless we do the security thing. >> Exactly, a security cover charge, that's what you should call it. >> Yeah. >> Like it. >> Another piece though, you mentioned earlier about making CISO's life easier, right? And I think, as Anne did a really absolutely true about building it in, not to the security stack but application developers, they want visibility they want observability, they want to do it right. They want CI/CD pipeline that can give them confidence in their security. So should the CISO have a budget issue, right? And they can't necessarily afford, but the application team as they're looking at what products they want to purchase, can I get a SaaS or a DaaS, right? The static or dynamic application security testing in my product up front and if the app team buys into that methodology, the CISO convinces them, yes, this is important. Now I've got two budgets to pull from, and in the end I end up with a cheaper, a lower cost of a service. So I think that's another way that we see with like DevSecOps and a few other services, that building in on day one that you mentioned. >> Lisa: Yeah. >> Getting both teams involved. >> Dave: That's interesting, Mike, because that's the alignment that you were talking about earlier in the KPIs and you're not a tech vendor saying, buy my product, you guys have deep consultancy backgrounds. >> Anne: And the customer appreciates that. >> Yeah. >> Anne: They see us as looking out for their best interest when we're trying to support them and help them and bringing it to the table at the very beginning as something that is there and we're conscientious of, just helps them in the long run and I think, they're seeing that, they appreciate that. >> Dave: Yeah, you can bring best practice around measurements, alignment, business process, stuff like that. Maybe even some industry expertise which you're not typically going to get from a product company. >> Well, one thing you just mentioned that I love talking about with Capgemini is the industry expertise, right? So when you look at systems integrators, there are a lot of really, really good ones. To say otherwise would be foolish. But Capgemini with our acquisition of Altran, a couple years ago, I think think it was, right? How many other GSIs or SIs are actually building silicon for IoT chips? So IoT's huge right now, the intelligent industry moving forward is going to drive a lot of those business outcomes that people are looking for. Who else can say we've built an autonomous vehicle, Capgemini can. Who can say that we've built the IoT devices from the ground up? We know not just how to integrate them into AWS, into the IoT services in the cloud, but to build and have that secure development for the firmware and all and that's where I think our customers really look to us as being those industry experts and being able to bring that totality of our business to bear for what they need to do to achieve their objectives to deliver to their customer. >> Dave: That's interesting. I mean, using silicon as a differentiator to drive a lot of business outcomes and security. >> Mike: Absolutely. >> I mean you see what Amazon's doing in silicon, Look at Apple. Look at what Tesla's doing with silicon. >> Dave: That's where you're seeing a lot of people start focusing 'cause not everybody can do it. >> Yeah. >> It's hard. >> Right. >> It's hard. >> And you'll see some interesting announcements from us and some interesting information and trends that we'll be driving because of where we're placed and what we have going around security and intelligent industry overall. We have a lot of investment going on there right now and again, from the partner perspective, it's an ecosystem of key partners that collectively work together to kind of create a seamless security posture for an intelligent industry initiative with these companies that we're working with. >> So last question, probably toughest question, and that's to give us a 30 second like elevator pitch or a billboard and I'm going to ask you, Anne, specifically about the SOC Essentials program powered by Trend Micro. Why should organizations look to that? >> Organizations should move to it or work with us on it because we have the expertise, we have the width and breadth to help them fill the gaps, be those eyes, be that team, the police behind it all, so to speak, and be the team behind them to make sure we're giving them the right information they need to actually act effectively on maintaining their security posture. >> Nice and then last question for you, Mike is that billboard, why should organizations in any industry work with Capgemini to help become an intelligent industrial player. >> Mike: Sure, so if you look at our board up top, right, we've got our tagline that says, "get the future you want." And that's what you're going to get with Capgemini. It's not just about selling a service, it's not just about what partners' right in reselling. We don't want that to be why you come to us. You, as a company have a vision and we will help you achieve that vision in a way that nobody else can because of our depth, because of the breadth that we have that's very hard to replicate. >> Awesome guys, that was great answers. Mike, Anne, thank you for spending some time with Dave and me on the program today talking about what's new with Capgemini. We'll be following this space. >> All right, thank you very much. >> For our guests and for Dave Vellante, I'm Lisa Martin, you're watching theCUBE, the leader in live enterprise and emerging tech coverage. (gentle light music)

(gentle music) >> Good morning, fellow cloud nerds, and welcome back to day four of AWS re:Invent. We are here in fabulous Las Vegas, Nevada. I'm joined by my cohost Paul Gillin. I'm Savannah Peterson. We're on theCUBE. Paul, how you doing? You doing well? >> We're staggering to the conclusion. >> (laughing) It's almost the end then. >> And I say that only talking about my feet. This event is still going strong. The great keynote this morning by Werner Vogels about system architecture and really teaching 70,000 people how to design systems. AWS really taking advantage of this event to educate its customer base and- >> So much education here. >> Yeah, and that was a fantastic sort of cap to the keynotes we've seen this week. >> Yeah, I'm impressed Paul, our first AWS re:Invent. I think we're doing pretty good all things considered. >> Well, we're still alive. >> And our next guest actually looks like he's been sleeping this week, which is remarkable. Please welcome Ayal to the show. Ayal, how you doing today? >> I'm good, I'm good. Thank you for having me. >> It's our pleasure. You're with Anjuna. >> Yes. >> Just in case the audience isn't familiar, what's Anjuna? >> Anjuna is an enterprise security company. We focus in the space of confidential computing. And essentially we enable people to run anything they want in any environment with complete security and privacy. >> Which is a top priority for pretty much every single person here. >> Ayal: That is true. >> Now, confidential computing, I keep hearing that term. >> Yeah, let's go there. >> Is it, I mean, is there a trademark associated with it? Is there a certification? Is the concept or is it actually a set of principles and frameworks? >> Savannah: Give us the scoop. >> Yeah, so confidential computing is essentially a set of technologies that were added to the hardware itself, to the CPU, and now to GPUs by the hardware vendors. So Intel, AMD, Arm, Nvidia AWS with their own hardware solution for this. And essentially what it allows you to do is to run workloads on top of the CPU and the GPU in a way that even if somebody gets full access to the infrastructure, you know, root access, physical access, they're not going to have any access to the data and the code running on top of it. And as you can imagine in cloud environments, this is extremely, extremely (indistinct). >> And this done through encryption? >> It involves encryption. If you go one step deeper, it involves protecting the data while it's running, data and memory, when the application is processing it. Which is always been the missing piece in terms of where you protect data. >> So I got excited when I looked at the show notes because you are serving some of the most notoriously security strict customers in the market. Can you tell us about the Israeli Ministry of Defense? >> Sure. So essentially what we do with the Israel Ministry of Defense and other customers, especially on the on the government side, one of the challenges government has is that they have to, if they want security and privacy in the cloud, they have to use something like a gov cloud. And sometimes that makes sense, but sometimes either the gov cloud is not ready because of legal battles or just it takes time to set it up. In some countries, it's just not going to make financial sense for the clouds to create a gov cloud. So what we do is we enable them to run in the commercial cloud with the security and privacy of a gov cloud. >> Was that, I can imagine, so you took them to the public cloud, correct? >> Ayal: Yes. >> Was that a challenging process? When I think of national security, I can imagine a business transformation like that would be a little nerve-wracking. >> Oh, definitely. It was a long process and they went like, "This is probably one of the best security experts on the planet." And they went extremely deep in making sure that this aligns with what they would be able to do to actually move sensitive data to the commercial cloud. Which, obviously, that the requirements are higher than anything I've ever seen from anybody else. And the fact that they were willing to publicly talk about this and be a public reference for us shows the level of confidence that they have in the underlying technology, in the security and privacy that this allows them to achieve. >> We still hear reservations, particularly from heavily regulated industries, about moving into the cloud. Concerns about security, data ownership, shared responsibility. >> Ayal: Yes. >> Are those real, are those valid? Or is the technology foundation now strong enough that they should not be worried about those things? >> Yeah, this is an excellent question, because the the shared responsibility model, is exactly sort of the core of what this is about. The shared responsibility model essentially means the cloud's, sort of by definition, the cloud is somebody else managing the infrastructure for you, right? And if somebody's managing the infrastructure for you they have full access to what you do on top of that infrastructure. That's almost the definition. And that's always been sort of one of the core security problems that was never solved. Confidential computing solves this. It means that you can use the cloud without the clouds having any access to what you do on top of their infrastructure. And that means that if the clouds get hacked, your data is safe. If an employee of the cloud decides to get access to your data, they can't. They just don't have any access. Or if the government comes to the cloud with a subpoena, the clouds can't give them access to your data, which is obviously very important for European customers and other customers outside of the US. So this is essentially what confidential computing does and it allows to break that shared responsibility model, where you as the customer get full control of your data back. >> Now, do you need the hardware foundation to do that? Or are you solving this problem in software? >> No. So we do need a hardware foundation for this which is now available in every cloud. And it's part of every server CPU that Intel ship, that AMD ship. This is part of almost every data center in AWS. But what we bring to the table at Anjuna, is every time there was a fundamental shift in computer architecture, you needed a software stack on top of it to essentially make it usable. And I think the best last example was VMware, right? But virtualization was extremely powerful technology that nobody was using until VMware built a software stack to make it super simple to virtualize anything. And to some extent that was the birth of the public cloud. We would never have a public cloud without virtualization. We're seeing the same level of shift now with confidential computing on the hardware side. And all the large players are behind this. They're all part of the confidential computing consortium that pushes this. But the challenge customers are running into, is for them to go use this they have to go refactor and rebuild every application. >> Why? >> And nobody's going to go do that. And that's exactly what we help them with. >> Yeah. >> In terms of why, as part of confidential computing, what it essentially means is that the operating system is outside the cross cycle. You, you don't want to cross the operating system because you don't want somebody with root access to have any access to your data. And what this means is every application obviously communicates with the operating system pretty often, right? To send something to the network or some, you know, save something to the file system, which means you have to re-architect your application and break it into two: a confidential piece and a piece that's communicating with the operating system and build some channel for the two sides to communicate. Nobody's going to go do that for every application. We allow you to essentially do something like Anjuna run application and it just runs in a confidential computing environment. No changes. >> Let's talk a little bit more about that. So when we're thinking about, I think we've talked a little bit about it, but I think there's a myth of control when we're talking about on-prem. Everybody thinks that things are more secure. >> Right. >> It's not the case. Tell us how enterprise security changes once when a customer has adopted Anjuna. >> Yeah, so I think you're absolutely right. I think the clouds can put a lot more effort and expertise into bringing security than the data center. But you definitely have this sort of more sense of security in your data center because you own the full stack, right? It's your people, it's your servers, it's your networks in the cloud >> Savannah: It's in your house, so to speak. Yeah. >> Exactly. And the cloud is the third party managing all that for you. And people get very concerned about that, and to some extent for a good reason. Because if a breach happens regardless of whose fault it is, the customer's going to be the one sort of left holding the bag and dealing with the aftermath of the breach. So they're right to be concerned. In terms of what we do, once you run things in confidential computing, you sort of solve the core problem of security. One of the core problems of security has always been when somebody gets access to the infrastructure especially root access to the infrastructure, it's game over. They have access to everything. And a lot of how security's been built is almost like these bandaid solutions to try to solve. Like perimeter security is how do I make sure nobody gets access to the infrastructure if they don't need to, right? All these detection solutions is once they're in the infrastructure, how do I detect that they've done something they shouldn't have? A lot of the vulnerability management is how do I make sure everything is patched? Because if somebody gets access how do I make sure they don't get root access? And then they really get access to everything. And conversation computing solves all of that. It solves the root cause, the root problem. So even if somebody gets root access, even if somebody has full access to the infrastructure, they don't have access to anything, which allows you to one, essentially move anything you want to the public cloud regardless, of the sensitivity of it, but also get rid of a lot of these other sort of bandaid solutions that you use today to try to stop people from getting that access because it doesn't matter anymore. >> Okay. So cyber security is a one and a half trillion dollar industry, growing at over 10% a year. Are you saying that if organizations were to adopt confidential computing universally that industry would not be necessary? >> No, I think a lot of it will have to change with confidential computing. Exactly, like the computer industry changed with virtualization. If you had asked when VMware just got started if the data centers are going to like, "Oh, this is going to happen," I don't think anybody could have foreseen this. But this is exactly what virtualization did. Confidential computing will change the the security industry in a massive way, but it doesn't solve every security problem. What it essentially does is it moves the perimeter from the machine itself, which used to be sort of the smallest atom, to be around the workload. And what happens in the machine doesn't matter anymore. You still need to make sure that your workload is protected. So companies that make sure that you write secure code are still going to be needed. Plus you're going to need security for things like denial of service. Because if somebody runs, you know, gets access to their infrastructure, they can stop you from running but your data is going to be protected. You're not going to need any of these data protection solutions around the box anymore. >> Let's hang out there for a second. Where do you see, I mean what an exciting time to be you, quite frankly, and congratulations on all of your success so far. Where are we going in the next two to five years? >> Yeah, I think with confidential computing the first thing that this is going to enable is essentially moving everything to the public cloud. I think the number one concern with the cloud kind of like you mentioned, is security and privacy. >> Savannah: Right. >> And this essentially eliminates that need. And that's why the clouds are so excited about this. That's why AWS talks about it. And I think Steve Schmidt, the of CISO of Amazon, used to be the CISO of AWS, talks about confidential computing as the future of data security and privacy. And there's a reason why he does that. We've seen other clouds talk about this and push this. That's why the clouds are so excited about this. But even more so again, I think over time this will allow you to essentially remove a lot of the security tools that exist there, kind of reimagine security in a better way. >> Savannah: Clean it up a little bit. Yeah. >> Exactly. And over time, I think it's going to change the world of compute even more because one of the things this allows you to do is the closer you get to the edge, the more security and privacy problems you have. >> Savannah: Right. And so many variables. >> Exactly. And it's basically out there in the wild, and people can get physical access. >> Quite literally a lot of the time, yeah. >> Exactly. And what confidential computing does, it provides that complete security and privacy regardless of even if somebody has physical access, which will allow you to move workloads much closer to the edge or to the edge itself instead of sending everything back to your backend to process things. >> We have interviewed a number of security companies here during this event, and I have to say, confidential computing has never come up. They don't talk about it. Why is that? Is there an awareness problem? >> Savannah: Are they threatened? >> Yeah, so I think the biggest, and to some extent, this is exactly like I kept bringing up VMware. Like VMware's, you can think of Salesforce, when they talked about SaaS, they sort of embedded the concept of SaaS. No other company on the planet was talking about SaaS. They created a new category and now almost everything is SaaS. VMware with virtualization, right? Nobody was using it, and now, almost everything is virtualized. Confidential computing is a new way of doing things. It's basically a kind have to shift the way of how you think about security and how you think about privacy. And this is exactly what we're seeing. I don't expect other security companies to talk about this. And to some extent, one of the things I've realized that we're almost more of an infrastructure company than a security company, because we bake security to be part of the infrastructure. But we're seeing more and more the clouds talk about this. The CPU vendors talk about this. We talk to customers more and more. Like almost every large bank I talk to now has a confidential computing strategy for 2023. This is now becoming part of the mainstream. And yeah, security companies will have to adopt or die if they don't fit into that new world that it is going to create >> This is the new world order, baby, get on the train or get left behind. >> Ayal: Exactly. >> I love it. This is a really fascinating conversation and honestly what you're doing makes so much sense. Yeah, you don't need me to validate your business model, but I will, just for the sake of that. >> Thank you. >> We have a new challenge here at re:Invent on theCUBE where we are looking for your 30 second Instagram reel hot take, thought leadership. What's the biggest theme, key takeaway from the show or experience this year for you? >> Yeah, so for me, obviously focusing on confidential computing. I think this is just going to be similar to how no network was encrypted 10 years ago and today every network is encrypted with TLS and HTTPS. And how five years ago no disc was encrypted, and today every disc is encrypted with disc encryption. The one missing piece is memory. Memory is where data is exposed now. I think within a few years all memory is going to be encrypted and it's just going to change two industries: the security industry as well as the computer industry. >> Paul: Does that include cache memory? >> What's that? >> Does that include cache memory? >> That is encrypting the RAM essentially. So everything, this is the one last place where data is not encrypted, and that's exactly what confidential computing brings to the table. >> Are there any performance concerns with encrypting memory? >> That's a phenomenal question. One of the really nice things about confidential computing is that the heavy lifting is done by the hardware vendors themselves as part of the hardware and not part of the critical path in the CPU. It's very similar to the TLS acceleration cards, if you remember those, which allows us to be extremely, extremely performant. And that's why I think this is going to be for everything. Because every time we had a security solution that had no performance impact and was super simple to use it just became the default, because why wouldn't you use it for everything? >> Ayal, this has been absolutely fascinating. We could talk to you all day. Unfortunately, we're out of time. But really thank you so much for coming on the show. Now, we feel more confident in terms of our confidential computing knowledge and definitely learned a lot. Thank all of you for tuning in to our fantastic four day live stream at AWS re:Invent here in Sin City with Paul Gillin. I'm Savannah Peterson. You're watching theCUBE, the leader in high tech coverage. (gentle music)

>>Hey everyone, welcome back. It's the Cube live in Las Vegas. We've been here since Monday covering the event wall to coverage on the cube at AWS Reinvent 22, Lisa Martin here with Dave Ante. Dave, we're hearing consistently north of 50,000 people here. I'm hearing close to 300,000 online. People are back. They are ready to hear from AWS and its ecosystem. Yeah, >>I think 55 is the number I'm hearing. I've been using 50 for 2019, but somebody the other day told me, no, no, it was way more than that. Right, right. Well this feels bigger in >>2019. It does feel bigger. It does feel bigger. And we've had such great conversations as you know, because you've been watching the Cube since Monday night. We're pleased to welcome from Sumo Logic. Lynn Doherty, the president of Worldwide Field Operations. Lynn, welcome to the program. >>Thank you for having me. I'm glad to be here. Talk >>To us about what's going on at Sumo Logic. We cover them. We've been following them for a long time, but what's what's new? >>We have a lot going on at Sumo Logic. What we do is provide solutions for both observability and security. And if you think about the challenges that our customers are facing today, everybody as they're doing this digital transformation is in a situation where the data and the digital exhausts that they have is growing faster than their budgets and especially in what looks like potentially uncertain economic times. And so what we do is enable them to bring that together on a platform so that they can solve both of those problems in a really cost effective way. >>What are some of the things that you're hearing from customers in the field where it relates to Sumo logic and aws? What are they asking for? >>They continue to ask for security and, and I think as everybody goes on that journey of digital transformation and, and I think what's going on now is that there are people who are kind of in wave two of that digital transformation, but security continues to be top of mind. And again, as as our customers are moving into potentially uncertain economic times and they're saying, Hey, I've gotta shore up and, and maybe do smarter things with my budget, cybersecurity is one piece of that that is not falling off the table. That their requirements around security, around audits, around compliance don't go away regardless of what else happens. >>How do you fit in the cloud ecosystem generally? AWS specifically? I think AWS is generally perceived as a more friendly environment for the ecosystem partners. We saw CrowdStrike yesterday, you know, stock got crushed. They had a great quarter, but not as great as they thought it could be. Yeah. And one, some of the analysts were saying, well, it could be Microsoft competition at the low end of the market. Okay. AWS is like the ecosystem partners are really strong in security, lot of places to add value. Where does Sumo Logic >>Fit? Yeah, we are all in with aws. So AWS is our platform of choice. It's the platform that we're built on. It's the only platform that we use. And so we work incredibly closely with aws. In fact, last year we were the first ever AWS ISV partner of the year for as Sumo Logic, which we're not as big as some of the other players, but it just is a testament to the partnership that we have with aws. >>When you're out in the field talking with customers, we talked about some of the challenges there, but where are your customer conversations? You talked about security and cyber as is not falling off the table. In fact, it's, it's rising up the stock, it's a board level conversation. So where are the customer conversations that you're having? Are they, are they at the developer level? Are they higher? Are they at the C-suite? What does that look like? >>Yeah, it's, it's actually at both the developer and the C-suite. And so there's really two motions. The first is around developers and practitioners and people that run security operation centers. And they need tools that are easy to use that integrate in their environment. And so we absolutely work with them as a starting point because if, if they aren't happy with the tools that they have, you know, the customer can't go on that digital transformation, can't have effective application usage. But we also need to talk to C-Suite and that to CIO or a CISO who's really thinking often more broadly about how do we do things as a platform and how do we consolidate some of our tools to rationalize what we're using and really make the most of the budget that we have. And so we come at it from both angles. We call it selling above the line and below the line because both of those are really important people for us to work with. >>Above the line being sort of the business executives, >>Business executives and C-suite executives. And then, but below the line are the actual people who are using the product and using a day to day interacting with the tools. >>So how are those above the line and below the line conversations, you know, different? What, what are the, what are the above the line conversations? What are the sort of keywords that, you know, that resonate? Let's start there. >>Yeah, above the line, there's a lot that's around how do we make the most of the investments that we're making. And so there are no shortage of tools, right? You can look around this AWS floor and see that there are no shortage of tools and software products out there. And so above the line it's how do we make use of the budget that we have and get the most out of the investments we've made and do that in a really smart way. Often thinking about platforms and consolidating tools and, and using the tools and getting full value of what they have below the line. I think it's really how do they have really strong ease of use? How do they get the fastest time to value? Because time to value is really important when you're a practitioner, when you're developing an application, when you're migrating and modernizing an application, having tools that are easy to use and not just give you data but give you insights. And so that's what a conversation with a practitioner for us is, is taking data and turning it into insights that they can use. >>You know, and it seems like we never get rid of stuff in it, but there's a big conversation now when you talk to practitioners, okay, well you got some budget pressures, your sales cycles are elongating. What are you doing about, a lot of 'em are saying, well, we're consolidating and nowhere is that more needed probably than insecurity. So how, how are you seeing that play out in the market? Are you able to take advantage of that as Sumo? >>I think there's the old joke that says there is no ciso. Whoever says, if I just had one more tool, I'd be secure. >>And >>Nobody ever says that it's not one more tool. It's having effective tools and having tools that integrate. And so when I think of Sumo Logic in that space, it's number one, we really integrate with so many different tools out there that give, again, not just security information, but security insights. And so that becomes a really important part of the conversation. What, when you talk about tool consolidation, that's absolutely, I think something that has been a journey that a lot of our customers have been on and probably will be on for the foreseeable future. And so that's a place that we can really help because we have a platform that you can leverage our tool on the DevOps side and on the security side. And that's a conversation that we have a lot with our customers. Are >>You helping bridge those two, the security folks, the dev folks? Cause we talk about Shift left and CISO being involved now. Is Sumo Logic helping from a cultural perspective to bridge those two? >>Yeah, well I think it's a really good point that you make. It's, there's part of it that's a technology challenge and then there's part of it that's a cultural challenge and an organization silo challenge that happens. And so it is something that we try to bring our customers together and often start in one area of the business and help move into other areas and bring them together. It, it also comes down to that data growing faster than budgets and customers can no longer afford to keep multiple copies of the same data, the same metrics, and all of that digital exhaust that comes as they move to the cloud and modernize their applications. And so we bring that together and help them get the most use out of it. >>There are a lot of, we've been talking all week in the cube about sort of adjacencies to security. We've talking about data protections now becoming an adjacency. You know, you talk about resilience within an organization, everybody was sort of caught off guard, obviously with the pandemic, not as resilient as they could have been. So it seems like the scope of security is really expanding. You know, they always say it's, it's a team sport, okay, it's a pro mine, but it's true. Right? Whereas it used to be that guy's problem. Yeah. What are you seeing in terms of that evolution? >>Yeah, I think you're absolutely right. I think the pandemics force some of that faster than was happening, but it's absolutely something that is going on that cybersecurity is now built in from the ground up and I've been in cyber security for years and it's moved from an afterthought or something that comes after the fact, Hey, let's build the application and then we'll worry about security to, it needs to be a secure application from the ground up. And so that is bringing together that dev and SEC ops a lot because it needs to be built in, the security piece needs to be built in from the ground up on the development side. >>Absolutely. The, the threat landscape has changed so much in the last couple of years. Has the fraudsters, bad actors, whatever you wanna call 'em, are getting far more sophisticated. Yeah. So security can't be an afterthought. Can't be a built on. Yeah, it's gotta be integrated, built in from the ground up for organizations to be able to be, as they've said, resilient. We're hearing a lot about resiliency and the importance of it. For any business. >>For any business, it's important for every business. And if you think about how we interact with companies now, our view of a bank isn't the branch, it's the app, our view of office, it's this, right? It's, it's on the phone, it's on digital devices, it's on a website. And so that is your interaction, that is your experience. And so that plays into, is it up, is it running, is it responsive? That application performance piece, but also the security piece of is it secure? Is my data protected? You know, do I have any vulnerability? >>Yeah, you must have, being in field operations, a favorite customer story that you really think defines the value proposition beautifully of Sumo Logic. What story is that? >>Wow, that's a good question. I have a lot of favorite stories. You know, we have customers, for example, gaming customers that maybe aren't able to predict what their usage looks like. And that's something that we really help our customers with is the peaks and valleys. And so we have gaming customers or retail customers that we're able to take their data sources and they may be at one level and go to 10 x in a day without any notice. And we're able to handle that for them. And I think that's something that I'm really proud of is that we don't make that the customer's problem. They're, they're peaks and valleys, they're spikes that may happen seasonally in retail. It's Black Friday sales that are coming up. It's a new game that gets released. It's a new music piece that gets released and they are going to see that, but they don't have to worry about that because of us. And so that really makes me proud that we handle that and take that problem off of their shoulders. I >>See Pokemon on the website, that's a hugely popular >>Game, Pokemon now. Yes. >>Last question for you, we've got about 30 seconds left. If you had a billboard to put up in Denver where you live about Sumo Logic and its impact like an elevator pitch or a phrase that you think really summarizes the impact, what would it >>Say? Yeah, well it's a really good question. I've got it on my shirt. I dunno, it's not for the G-rated, but we fix things faster. Fix shit faster. And so for us that's really, ultimately, it's not just about having information, it's not just about having the data, it's about being able to resolve your problems quickly. And whether that's an application or a security issue, we've gotta be able to fix it faster for our customers and that's what we enable them to do. >>Fix bleep faster. Lynn, it's been a pleasure having you on the program. Thank you so much. Thank you for joining us. Awesome step at Sumo Logic. For our guest and for Dave Ante. I'm Lisa Martin. You're watching The Cube Live from Las Vegas, the leader in live enterprise and emerging tech coverage.