>>From the Cube Studios in Palo Alto in Boston, bringing you data-driven insights from the cube and E T R. This is breaking analysis with Dave Valante. >>Making technology predictions in 2022 was tricky business, especially if you were projecting the performance of markets or identifying I P O prospects and making binary forecast on data AI and the macro spending climate and other related topics in enterprise tech 2022, of course was characterized by a seesaw economy where central banks were restructuring their balance sheets. The war on Ukraine fueled inflation supply chains were a mess. And the unintended consequences of of forced march to digital and the acceleration still being sorted out. Hello and welcome to this week's weekly on Cube Insights powered by E T R. In this breaking analysis, we continue our annual tradition of transparently grading last year's enterprise tech predictions. And you may or may not agree with our self grading system, but look, we're gonna give you the data and you can draw your own conclusions and tell you what, tell us what you think. >>All right, let's get right to it. So our first prediction was tech spending increases by 8% in 2022. And as we exited 2021 CIOs, they were optimistic about their digital transformation plans. You know, they rushed to make changes to their business and were eager to sharpen their focus and continue to iterate on their digital business models and plug the holes that they, the, in the learnings that they had. And so we predicted that 8% rise in enterprise tech spending, which looked pretty good until Ukraine and the Fed decided that, you know, had to rush and make up for lost time. We kind of nailed the momentum in the energy sector, but we can't give ourselves too much credit for that layup. And as of October, Gartner had it spending growing at just over 5%. I think it was 5.1%. So we're gonna take a C plus on this one and, and move on. >>Our next prediction was basically kind of a slow ground ball. The second base, if I have to be honest, but we felt it was important to highlight that security would remain front and center as the number one priority for organizations in 2022. As is our tradition, you know, we try to up the degree of difficulty by specifically identifying companies that are gonna benefit from these trends. So we highlighted some possible I P O candidates, which of course didn't pan out. S NQ was on our radar. The company had just had to do another raise and they recently took a valuation hit and it was a down round. They raised 196 million. So good chunk of cash, but, but not the i p O that we had predicted Aqua Securities focus on containers and cloud native. That was a trendy call and we thought maybe an M SS P or multiple managed security service providers like Arctic Wolf would I p o, but no way that was happening in the crummy market. >>Nonetheless, we think these types of companies, they're still faring well as the talent shortage in security remains really acute, particularly in the sort of mid-size and small businesses that often don't have a sock Lacework laid off 20% of its workforce in 2022. And CO C e o Dave Hatfield left the company. So that I p o didn't, didn't happen. It was probably too early for Lacework. Anyway, meanwhile you got Netscope, which we've cited as strong in the E T R data as particularly in the emerging technology survey. And then, you know, I lumia holding its own, you know, we never liked that 7 billion price tag that Okta paid for auth zero, but we loved the TAM expansion strategy to target developers beyond sort of Okta's enterprise strength. But we gotta take some points off of the failure thus far of, of Okta to really nail the integration and the go to market model with azero and build, you know, bring that into the, the, the core Okta. >>So the focus on endpoint security that was a winner in 2022 is CrowdStrike led that charge with others holding their own, not the least of which was Palo Alto Networks as it continued to expand beyond its core network security and firewall business, you know, through acquisition. So overall we're gonna give ourselves an A minus for this relatively easy call, but again, we had some specifics associated with it to make it a little tougher. And of course we're watching ve very closely this this coming year in 2023. The vendor consolidation trend. You know, according to a recent Palo Alto network survey with 1300 SecOps pros on average organizations have more than 30 tools to manage security tools. So this is a logical way to optimize cost consolidating vendors and consolidating redundant vendors. The E T R data shows that's clearly a trend that's on the upswing. >>Now moving on, a big theme of 2020 and 2021 of course was remote work and hybrid work and new ways to work and return to work. So we predicted in 2022 that hybrid work models would become the dominant protocol, which clearly is the case. We predicted that about 33% of the workforce would come back to the office in 2022 in September. The E T R data showed that figure was at 29%, but organizations expected that 32% would be in the office, you know, pretty much full-time by year end. That hasn't quite happened, but we were pretty close with the projection, so we're gonna take an A minus on this one. Now, supply chain disruption was another big theme that we felt would carry through 2022. And sure that sounds like another easy one, but as is our tradition, again we try to put some binary metrics around our predictions to put some meat in the bone, so to speak, and and allow us than you to say, okay, did it come true or not? >>So we had some data that we presented last year and supply chain issues impacting hardware spend. We said at the time, you can see this on the left hand side of this chart, the PC laptop demand would remain above pre covid levels, which would reverse a decade of year on year declines, which I think started in around 2011, 2012. Now, while demand is down this year pretty substantially relative to 2021, I D C has worldwide unit shipments for PCs at just over 300 million for 22. If you go back to 2019 and you're looking at around let's say 260 million units shipped globally, you know, roughly, so, you know, pretty good call there. Definitely much higher than pre covid levels. But so what you might be asking why the B, well, we projected that 30% of customers would replace security appliances with cloud-based services and that more than a third would replace their internal data center server and storage hardware with cloud services like 30 and 40% respectively. >>And we don't have explicit survey data on exactly these metrics, but anecdotally we see this happening in earnest. And we do have some data that we're showing here on cloud adoption from ET R'S October survey where the midpoint of workloads running in the cloud is around 34% and forecast, as you can see, to grow steadily over the next three years. So this, well look, this is not, we understand it's not a one-to-one correlation with our prediction, but it's a pretty good bet that we were right, but we gotta take some points off, we think for the lack of unequivocal proof. Cause again, we always strive to make our predictions in ways that can be measured as accurate or not. Is it binary? Did it happen, did it not? Kind of like an O K R and you know, we strive to provide data as proof and in this case it's a bit fuzzy. >>We have to admit that although we're pretty comfortable that the prediction was accurate. And look, when you make an hard forecast, sometimes you gotta pay the price. All right, next, we said in 2022 that the big four cloud players would generate 167 billion in IS and PaaS revenue combining for 38% market growth. And our current forecasts are shown here with a comparison to our January, 2022 figures. So coming into this year now where we are today, so currently we expect 162 billion in total revenue and a 33% growth rate. Still very healthy, but not on our mark. So we think a w s is gonna miss our predictions by about a billion dollars, not, you know, not bad for an 80 billion company. So they're not gonna hit that expectation though of getting really close to a hundred billion run rate. We thought they'd exit the year, you know, closer to, you know, 25 billion a quarter and we don't think they're gonna get there. >>Look, we pretty much nailed Azure even though our prediction W was was correct about g Google Cloud platform surpassing Alibaba, Alibaba, we way overestimated the performance of both of those companies. So we're gonna give ourselves a C plus here and we think, yeah, you might think it's a little bit harsh, we could argue for a B minus to the professor, but the misses on GCP and Alibaba we think warrant a a self penalty on this one. All right, let's move on to our prediction about Supercloud. We said it becomes a thing in 2022 and we think by many accounts it has, despite the naysayers, we're seeing clear evidence that the concept of a layer of value add that sits above and across clouds is taking shape. And on this slide we showed just some of the pickup in the industry. I mean one of the most interesting is CloudFlare, the biggest supercloud antagonist. >>Charles Fitzgerald even predicted that no vendor would ever use the term in their marketing. And that would be proof if that happened that Supercloud was a thing and he said it would never happen. Well CloudFlare has, and they launched their version of Supercloud at their developer week. Chris Miller of the register put out a Supercloud block diagram, something else that Charles Fitzgerald was, it was was pushing us for, which is rightly so, it was a good call on his part. And Chris Miller actually came up with one that's pretty good at David Linthicum also has produced a a a A block diagram, kind of similar, David uses the term metacloud and he uses the term supercloud kind of interchangeably to describe that trend. And so we we're aligned on that front. Brian Gracely has covered the concept on the popular cloud podcast. Berkeley launched the Sky computing initiative. >>You read through that white paper and many of the concepts highlighted in the Supercloud 3.0 community developed definition align with that. Walmart launched a platform with many of the supercloud salient attributes. So did Goldman Sachs, so did Capital One, so did nasdaq. So you know, sorry you can hate the term, but very clearly the evidence is gathering for the super cloud storm. We're gonna take an a plus on this one. Sorry, haters. Alright, let's talk about data mesh in our 21 predictions posts. We said that in the 2020s, 75% of large organizations are gonna re-architect their big data platforms. So kind of a decade long prediction. We don't like to do that always, but sometimes it's warranted. And because it was a longer term prediction, we, at the time in, in coming into 22 when we were evaluating our 21 predictions, we took a grade of incomplete because the sort of decade long or majority of the decade better part of the decade prediction. >>So last year, earlier this year, we said our number seven prediction was data mesh gains momentum in 22. But it's largely confined and narrow data problems with limited scope as you can see here with some of the key bullets. So there's a lot of discussion in the data community about data mesh and while there are an increasing number of examples, JP Morgan Chase, Intuit, H S P C, HelloFresh, and others that are completely rearchitecting parts of their data platform completely rearchitecting entire data platforms is non-trivial. There are organizational challenges, there're data, data ownership, debates, technical considerations, and in particular two of the four fundamental data mesh principles that the, the need for a self-service infrastructure and federated computational governance are challenging. Look, democratizing data and facilitating data sharing creates conflicts with regulatory requirements around data privacy. As such many organizations are being really selective with their data mesh implementations and hence our prediction of narrowing the scope of data mesh initiatives. >>I think that was right on J P M C is a good example of this, where you got a single group within a, within a division narrowly implementing the data mesh architecture. They're using a w s, they're using data lakes, they're using Amazon Glue, creating a catalog and a variety of other techniques to meet their objectives. They kind of automating data quality and it was pretty well thought out and interesting approach and I think it's gonna be made easier by some of the announcements that Amazon made at the recent, you know, reinvent, particularly trying to eliminate ET t l, better connections between Aurora and Redshift and, and, and better data sharing the data clean room. So a lot of that is gonna help. Of course, snowflake has been on this for a while now. Many other companies are facing, you know, limitations as we said here and this slide with their Hadoop data platforms. They need to do new, some new thinking around that to scale. HelloFresh is a really good example of this. Look, the bottom line is that organizations want to get more value from data and having a centralized, highly specialized teams that own the data problem, it's been a barrier and a blocker to success. The data mesh starts with organizational considerations as described in great detail by Ash Nair of Warner Brothers. So take a listen to this clip. >>Yeah, so when people think of Warner Brothers, you always think of like the movie studio, but we're more than that, right? I mean, you think of H B O, you think of t n t, you think of C N N. We have 30 plus brands in our portfolio and each have their own needs. So the, the idea of a data mesh really helps us because what we can do is we can federate access across the company so that, you know, CNN can work at their own pace. You know, when there's election season, they can ingest their own data and they don't have to, you know, bump up against, as an example, HBO if Game of Thrones is going on. >>So it's often the case that data mesh is in the eyes of the implementer. And while a company's implementation may not strictly adhere to Jamma Dani's vision of data mesh, and that's okay, the goal is to use data more effectively. And despite Gartner's attempts to deposition data mesh in favor of the somewhat confusing or frankly far more confusing data fabric concept that they stole from NetApp data mesh is taking hold in organizations globally today. So we're gonna take a B on this one. The prediction is shaping up the way we envision, but as we previously reported, it's gonna take some time. The better part of a decade in our view, new standards have to emerge to make this vision become reality and they'll come in the form of both open and de facto approaches. Okay, our eighth prediction last year focused on the face off between Snowflake and Databricks. >>And we realized this popular topic, and maybe one that's getting a little overplayed, but these are two companies that initially, you know, looked like they were shaping up as partners and they, by the way, they are still partnering in the field. But you go back a couple years ago, the idea of using an AW w s infrastructure, Databricks machine intelligence and applying that on top of Snowflake as a facile data warehouse, still very viable. But both of these companies, they have much larger ambitions. They got big total available markets to chase and large valuations that they have to justify. So what's happening is, as we've previously reported, each of these companies is moving toward the other firm's core domain and they're building out an ecosystem that'll be critical for their future. So as part of that effort, we said each is gonna become aggressive investors and maybe start doing some m and a and they have in various companies. >>And on this chart that we produced last year, we studied some of the companies that were targets and we've added some recent investments of both Snowflake and Databricks. As you can see, they've both, for example, invested in elation snowflake's, put money into Lacework, the Secur security firm, ThoughtSpot, which is trying to democratize data with ai. Collibra is a governance platform and you can see Databricks investments in data transformation with D B T labs, Matillion doing simplified business intelligence hunters. So that's, you know, they're security investment and so forth. So other than our thought that we'd see Databricks I p o last year, this prediction been pretty spot on. So we'll give ourselves an A on that one. Now observability has been a hot topic and we've been covering it for a while with our friends at E T R, particularly Eric Bradley. Our number nine prediction last year was basically that if you're not cloud native and observability, you are gonna be in big trouble. >>So everything guys gotta go cloud native. And that's clearly been the case. Splunk, the big player in the space has been transitioning to the cloud, hasn't always been pretty, as we reported, Datadog real momentum, the elk stack, that's open source model. You got new entrants that we've cited before, like observe, honeycomb, chaos search and others that we've, we've reported on, they're all born in the cloud. So we're gonna take another a on this one, admittedly, yeah, it's a re reasonably easy call, but you gotta have a few of those in the mix. Okay, our last prediction, our number 10 was around events. Something the cube knows a little bit about. We said that a new category of events would emerge as hybrid and that for the most part is happened. So that's gonna be the mainstay is what we said. That pure play virtual events are gonna give way to hi hybrid. >>And the narrative is that virtual only events are, you know, they're good for quick hits, but lousy replacements for in-person events. And you know that said, organizations of all shapes and sizes, they learn how to create better virtual content and support remote audiences during the pandemic. So when we set at pure play is gonna give way to hybrid, we said we, we i we implied or specific or specified that the physical event that v i p experience is going defined. That overall experience and those v i p events would create a little fomo, fear of, of missing out in a virtual component would overlay that serves an audience 10 x the size of the physical. We saw that really two really good examples. Red Hat Summit in Boston, small event, couple thousand people served tens of thousands, you know, online. Second was Google Cloud next v i p event in, in New York City. >>Everything else was, was, was, was virtual. You know, even examples of our prediction of metaverse like immersion have popped up and, and and, and you know, other companies are doing roadshow as we predicted like a lot of companies are doing it. You're seeing that as a major trend where organizations are going with their sales teams out into the regions and doing a little belly to belly action as opposed to the big giant event. That's a definitely a, a trend that we're seeing. So in reviewing this prediction, the grade we gave ourselves is, you know, maybe a bit unfair, it should be, you could argue for a higher grade, but the, but the organization still haven't figured it out. They have hybrid experiences but they generally do a really poor job of leveraging the afterglow and of event of an event. It still tends to be one and done, let's move on to the next event or the next city. >>Let the sales team pick up the pieces if they were paying attention. So because of that, we're only taking a B plus on this one. Okay, so that's the review of last year's predictions. You know, overall if you average out our grade on the 10 predictions that come out to a b plus, I dunno why we can't seem to get that elusive a, but we're gonna keep trying our friends at E T R and we are starting to look at the data for 2023 from the surveys and all the work that we've done on the cube and our, our analysis and we're gonna put together our predictions. We've had literally hundreds of inbounds from PR pros pitching us. We've got this huge thick folder that we've started to review with our yellow highlighter. And our plan is to review it this month, take a look at all the data, get some ideas from the inbounds and then the e t R of January surveys in the field. >>It's probably got a little over a thousand responses right now. You know, they'll get up to, you know, 1400 or so. And once we've digested all that, we're gonna go back and publish our predictions for 2023 sometime in January. So stay tuned for that. All right, we're gonna leave it there for today. You wanna thank Alex Myerson who's on production and he manages the podcast, Ken Schiffman as well out of our, our Boston studio. I gotta really heartfelt thank you to Kristen Martin and Cheryl Knight and their team. They helped get the word out on social and in our newsletters. Rob Ho is our editor in chief over at Silicon Angle who does some great editing for us. Thank you all. Remember all these podcasts are available or all these episodes are available is podcasts. Wherever you listen, just all you do Search Breaking analysis podcast, really getting some great traction there. Appreciate you guys subscribing. I published each week on wikibon.com, silicon angle.com or you can email me directly at david dot valante silicon angle.com or dm me Dante, or you can comment on my LinkedIn post. And please check out ETR AI for the very best survey data in the enterprise tech business. Some awesome stuff in there. This is Dante for the Cube Insights powered by etr. Thanks for watching and we'll see you next time on breaking analysis.

>>Welcome to this cube conversation. I'm john Kerry host of the cube here in Palo alto California. We got a hot startup doing new things differently. The new way the cloud native way brendon, Hannigan, Ceo of sun rays securities. They deliver an awesome new solutions platform on all clouds to change the game and how security is done Brendan. Thanks for joining me on this cube conversation. >>Really nice to talk to you today, john >>you know, I loved showcasing companies that are, that are thinking about their entire optimizing their efforts to bring in the new, the new way to do things. And we certainly with the pandemic we've seen and everyone's validating this general global consensus that cloud scale and devops and def sec apps is generating a new kind of modern applications and this is just clearly has been known for a while inside the industry, but now it's mainstream. You guys are building a company around this notion of security. So let's get into it. What do you guys do is get right to it? What's the product? >>Well, firstly to get going And before getting into the specifics of product, john just I like to frame it, which is the ways in which I started out as a software engineer. You know, a long, long time ago built a company based on classic, traditional ways of developing software. The way we develop software has just changed dramatically change from stem to stern. We've gone from monolithic applications to microservices. We've gone from 18 month development cycles to two weeks from business units and I. T. Controlling it to devoPS teams. And then the amazing this is the incredible thing from a security perspective is we used to call up people in traditional networks and data centers to reconfigure the firewall so I could put my application of data center. But now I represented in code infrastructure is code that basically represents the infrastructure I have shows up in of course the cloud. The reason why I'd like to explain this story is we talk about cloud security and the complexities of cloud security. That's just where it all comes together. The reality is everything has changed around it. And we have a simple belief if everything has changed in terms of how it is, you build technology, value, deploy it and operators, we have to change how it is reduced security and it has to be also from stem to stern. So that's what basically that's why we started this business. Our mission is simple. We want to reinvent how it is. People secure new technology in these new environments and we do it by building a service that sits on top of companies usage of cloud amazon as your google cloud. And we help find risks automatically, eliminate them, Make sure they never come back and then deliver incredible new ways of continuously monitor activity to prevent cyber security incidents from happening in the first place. >>So this reinvention is a big, big trend. We've talked about this on the cube, you know, with many guests, even Pat Gelsinger's now the ceo of intel. When was that VM ware told us that you need to do over it in security, got to redo it all, not just incremental improvement. You know, fundamental revolutionary change was you're basically getting out here. So the question is top to bottom reinvention totally get that. How do you do it? Okay, Do you change the airplane engine out of 30,000 ft? It's hard people, it's easier said than done. What are the elements to reinvent security >>in this? We have we have a magical opportunity here because of cloud. So what happens is into traditional data centers and the traditional enterprise networks, There's, there's kind of Control points that are traditionally, which we understand and security John, right. And it's built up over 2030, 50 years. Right. And there's certain ways around which we rotate our security controls and you're familiar with them, right? Firewalls, Endpoint, antivirus security, information, security, event management system. Think of all those things, those control points are not relevant in the cloud. It's not, it's, they're interesting. V p c s and narrow grooves are kind of interesting in the cloud. Totally insufficient. So there's a necessity to reinvent and there's new control points and I will then tell you why it leads with an incredible better result. The new control points of the cloud, we believe and strenuously push when we speak to our customers, our identities. And it's not about Brandon and john, it's nearly always about non people identities, serverless functions, pieces of compute containers, all of these things have rights to like people. The second control point our data. Where is it? We used to have a data center. It's in the word, it says it data center, but in this instance I may have 20 devops teams. Each one of them is using RDS. One of them is using elastic cash. One of them is using a different thing. So data is the second one. The third one is applications. Why is this so important? The service providers have done a great job with core infrastructure. They give us two mechanisms to set up these environments. We need to help our customers organize and reinvent our security around these three pillars. The reason why it's so important, I love what you said is God, we've got to start from scratch. You get to start from scratch and when you do it, you actually can deliver a level of granularity and control and security that is unimaginable in the traditional enterprise network and data center. >>It's like golf, you got an extra Mulligan off the T if you hit it out of bounds and security, you get a do over. This is this is an opportunity. I love that concept because this is I mean it's not many times you get this clean sheet of paper or the opportunity to to pivot or reinvent or refresh re platform re factor whatever word you use. This is a time >>once in our life this transition, we know digital transformation is transforming industries, every industry is feeling it. We can see and understand the significance of the inventions like like AWS, it's an amazing invention, the power of it and what it delivers to us. The opportunity which is a must take opportunity is reinventing security from top to bottom. And by the way if you don't do it, if you just do this kind of half I have asked you end up with a mess on your hands if you do it properly, you end up in a better place than you would have been a traditional enterprise network and data center. >>The old expression you gotta burn the boats to get people motivated to kind of get it done right with the cloud. Let me ask you questions. Identity security and the data secure. Love that perspective because Identity the first thing in terms in my head when you said that was I thought about the identity of the individual their I. D. You know and you could actually get down to the firmware of a phone or you know to fact multifactor authentication. I get that access authentication. You're talking more in terms of other naming spaces and naming systems like specifically around services and applications identity, not just users. Right? >>Can you expand more on that? We we we we understand this as many people now understand this at a superficial level, but they haven't truly understand stood what's under the hood of what's happening inside cloud when you have reinvented applications, microservices, applications, auto scaling applications, it's all cloud is about incredible innovation happening across teams. What happens in the cloud is you have developers, administrators creating workloads. Those work clothes have huge numbers of compute functions which could be a container, a compute instance, a serverless function. They're gaining access to resources, other compute resources, cues and data to give you a sense of scale job you could have a company. It's not unusual. 80,000 pieces of compute 20,000 active at a particular point in time. We've got companies and then they assume these roles which give them access and rights to do things on these cloud services. It's not unusual to have 10,000 rolls in a cloud environment across multiple different accounts. Now, you see the identities, these pieces of compute have rights to do things. That's good because I can restrict what they do. It can be bad because if I don't have a handle on it, it's a mess. By the way, when you talk about this scale, human beings can't process this much information must be able to understand the risks, configure and automate remediation of these risks. The cloud providers give us the tools to build these flexible workloads. They're incredibly flexible. The dark side of it is in experience and basically inefficient deployment of those tools can lead to a whole host of risks that, quite frankly a lot of customers don't fully appreciate yet. >>And then people call that day to operation. But I love this idea of identity, the thousands and thousands of services out there because with microservices and you're seeing coming out of the cloud native world is these these new kinds of services could be stood up and torn down very quickly. So, you know, the observe ability trend is a great indicator in my opinion of this whole, you know, manic focus on data. So, you know, because you need machines to know, you don't know if something could be terminated and and stood up not even knowing about it, it could be errors. How do you log it? Right. So this is just an example. What's your thoughts on that? What's your reaction? Is that right? >>Ephemeral nature is the beauty of cloud. Right. Because, you know, there's problems that even now when we build our, we have a cloud native application ourselves and when we have a problem sometimes, of course we can go in and spin up 400 servers to go solve a problem and spin them back down half an hour later. We couldn't do that before a cloud. We can actually have developers doing this incredible rapid work with serverless functions to go and interrogate data to go out of data. Like to go and do analytics. It's wonderful. But what you said is their ephemeral. Now, just think about an environment. 20,000 pieces of compute 10,000 active, lots of 20 different teams across a 50 amazon accounts. Somebody comes in and basically during a period of time compromises. It compromises something and gets access to data, but it's a federal, it just comes and goes, we have to know that we have to know what's possible. We have to know if it's happened and then we have to basically greatly minimize the possibility of that happened. My promise because I'm security people are always trying to scare everybody which is valid. However, my promise the power of this cloud has created complexity opportunities but actually it also gives us the solution because using analytics machine learning in our case graphing technologies, we can actually find these things and give micro control two workloads so that actually we can see these things and automatically eliminate these risks and that was impossible >>in the the automation is programmable. You can actually set policies around automation. Pretty cool. I gotta ask you about get to the technical and want to understand the graphics and the platform more. But I want to ask you the question on the reinvention. If I follow your your playbook Yes. What's the end results? Can you take me through the all in bet the redo what happens? Can you just take me through the day in the life of an outcome? What's it look like and walk me through that? >>So firstly what the outcome I want to give our clients is they have these complex cloud environment spreading across, you know, any, even a moderate sized enterprise. What I basically want to be able to give our clients and when we have delivered for our clients is they basically managed to break that cloud from being this amorphous thing into specific work clothes. Each and every one of those workloads have specific controls in place that understand how that workload should operate in this environment across staging development and production. And actually we're able to essentially locked down what it is these workloads can do from an identity perspective, a data access perspective, a platform rights perspective and then monitor anything that changes. That's one thing. So the complexity were actually able to push away the complexity leveraged up lower to give that level of granularity at very deep levels. Identity, data platform. The second thing, actually, and this is john again, what's possible will clown? It doesn't it can't be all security teams, its security needs, It could be audit teams, its developers. So we have customers who have onboard tens and tens and tens of teams onto our platform. Why do we do that when we're finding issues and finding things that need to be resolved for directing it directly to the development teams? So we're saying developer to get into production, you're going to have to fix your identity set up in this environment. It's too risky, but it doesn't have to go to the security team. The security team will only hear about it if the developer doesn't fix it. >>Got it. So they're proactive, >>we're involving the teams responsible for creation and resolution of issues. The security and cloud teams are setting up the ground rules for a workload to operate in this environment and now we've got a level of granularity across workloads, whether they're in production or not. That basically is wonderful. That's the that's the ultimate endgame. >>What's the uh status of the vision and product on execution uh where your customers at now? Um how do you feel about it? Where is it going? Can you share a little bit about the roadmap and kind of where the product is? Uh It's a huge vision, it sounds easy to do, but it's not >>it's not actually and, you know, underlying it also, we actually, we've production service, we have wonderful, very large customers who are deployed and operational on our platform. You know, an example of one of them would be world fuel services, fortunate 93 company were the center of their kind of new security environment and operating model for everything they're doing and cloud. It's a beautiful story job. They've gone from in, in, you know, a few years ago. They 22 to the centers today to to yeah, it's unbelievable. And now all that future real estate were the center of that cloud security operating model. What does it mean? A 50 ft plus different teams on boarded onto the platform, following the rules of the road. If they don't follow the rules where all the exceptions are coming in and we're doing a continuous monitoring process underneath it. What is it that we've done? That's interesting. We actually have this incredible, unique way of collecting information from the cloud so that we can gather it in a very uh continuous way. So we're constantly seeing what's happening in addition to interrogating A PS and clouds are actually monitoring logs so we can see all the actions, what you just said. By the way, something comes and goes, we see it. The second thing which we do is we gather the information. We build a graph. This was actually, this was hard because it's not just as simple as sticking things in a graph with all of it to be. But what is the graph doing? The graph is basically understanding the intricacies of all the identity and access management models. I can see everything that can do anything to any other resource in the cloud, right? There is a surplus functioning container or a VM And we boil it down to very simple things. So underneath it's complex. We represented grass with boiling two simple things. Then we run analytics across the graph too, find and eliminate plaque from risk, find and eliminate identity risk. Get customers to the privilege enforced separation of duties, find data that you may not know is there that has incredible amounts of things capable of accessing it and help our customers lockdown that access. And then finally had we getting it into an operational automation kind of pipeline so that basically on an ongoing operational perspective it's efficient. So we're actually doing this for customers. We've got some very large financial institution customers. We've got, you know, large customers like World Fuel Services. And now actually our mission this year is to actually help simplify a lot of what we're describing so that, you know, you know, other companies and maybe companies not as sophisticated as a big financial institution or World Fuel Services is able to just very quickly get the value out of a solution. Like, >>you know, when you have these new technologies, new way of doing things, it's exciting at the same time, you have to kind of vector into an environment where the customer is ready to be operationalized. So, um, I got to ask you about how um teams are forming. I've I've been having a lot of conversation with VPs of engineering, large enterprises and and also big companies and hyper scale as well. And they're all talking about how, because of what you're doing and the kind of the general philosophy that you're you guys have is changing how teams are organized. You have a platform engineer now who can work on a platform and then flex and go work with other say feature engineers. And so it used to be just to do your features, You got your platform guys, you got your networking people. Okay, now you don't have to talk to the networking people because you can abstract away the network. You now have more composite, more compose herbal applications with all the observe ability. And now you can actually build that foundational platform. Redeploy the platform engineers with the other teams. So you seem like and then you got sRS embedded into teams and so you kind of got this new engineering formation going on, new kind of ways to organize the new modern era is here, it's on on this, this how people organize their teams. >>Actually is. There's no, there's no entire recipe at because you go to different customers and customers are basically experimenting with different ways to organize their teams. There's no question. But actually, I think one thing that's changed in the last 18 months is companies realizing we definitely need to change how it is. We've organized our team. I'm going to give you a simple example. Again in the old world, they would have network teams and network security teams you call up, Let me re configure the firewall. That doesn't work. It's just, it's just so broken. It can't work in clarity, can't be calling on people to re configure a firewall. That's an example. Another example which companies are realizing the latest identity. They will go through an approval process and they go through a governance and certification process. Well, these, these teams in the class, they want to get to work out in into, they need to get it in a month in an hour, in an hour. They can take a month and a manual approval processes sort of realizing that you need a skill set antiseptic ground rules and then the teams should be allowed to innovate within the ground rules. That's what the platform teams need to do. And so what we see emerging, which I think is a really best practice, is cloud centers of excellence. They're responsible for what I would call the shared infrastructure of the enterprise. The 250 Amazon accounts for 50 is your subscriptions, whatever it is that is king. Then the devoPS teams are using this shared infrastructure. The question is, how do you interface, how do you help coordinate between these different responsibilities from a security and governance and risk perspective? And that's actually what a big part of what our product is, helping teams coordinate their activities. That's a big part of what our product is, >>love. The first principles, they're sitting those ground rules. I mean there's been a chef and a cook, you know, you know, working with the environment and putting the new ingredients together and then getting that operational. It's a huge opportunity. Great stuff. Brandon. I gotta ask you the final question. Well I got you here, Sunrise Securities, the name Sunray. Where'd that come from? What does it mean? >>It actually means it's a Gaelic word and it means data and it's just so central to you know, what are people trying to steal? Like we can talk about security we're going to face. But at the end of the day they're trying to do damage. You're trying to get access to data. That's the most valuable thing we're trying to protect. So that's why we put it in our name. >>Digital transformation, everything's data now, everything's data, content, data Securities, data, data is everything >>it is. and I did >>great stuff. Brendan. Thank you for sharing the story here on the cube conversation, Brennan Hannigan's ceo of suddenly secure. Thanks for joining me. >>Thank you very much, john, it was a great pleasure. >>Okay. It's the cube from Palo alto California remote. Still. Thanks for watching.

(upbeat funky music) >> From our studios, in the heart of Silicon Valley, Palo Alto, California. This is a CUBE conversation. >> Okay, welcome back everyone, we're here at theCUBE studios in Palo Alto for a special CUBE conversation. Talking security, talking about the internet and cloud computing. Martin Bosshardt is the CEO of Open Systems. Martin, great to see you. Last time we chatted was in December you were in Vegas, we had a little on the ground, great to meet your team. Welcome back to theCUBE. >> Thank you so much. It's great to be here. >> So exciting things going on, I want to get a state of the Open Systems and the industry, obviously security's a really big big thing, a lot stuff going on in the industry. Black Hat. Defcon. Amazon had a big event called re:Inforce, which was really kind of the first cloud securities show. Which brings the whole, your kind of value proposition to the table but, you guys have a new office here in Silicon Valley. I saw a video on the internet, trending. >> Yeah. >> Pretty nice place work. Give us the update on the current office and Silicon Valley presence. >> Yeah we are, you know, we are really happy to be now here in the U.S. headquarters in Redwood City and Silicon Valley. So, this really helps us also to be closer to the talents, to be closer to all the going to market activities and also to understand the market better. So, it's really exciting to be here and obviously also our, I mean the people love to work here in Silicon Valley. Weather is always great. >> Yeah, weathers always great and the office has got that good working vibe there. Take a minute to explain Open Systems real quick for the folks not familiar with the video 'cause we did last December in Vegas with your team. Tell them what your companies value propositions is and some of the growth you're experiencing. >> Right, so, Open Systems really is, you know, we operate SD-WAN in a secure way for our customer, so it's really focusing on making a relatively complicated technology, from operational point of view, very easy to consume for our customers. So this is, I think, something we started more than 15 years ago in Europe and I would say Open Systems is very much comparable, or at least the going to market part, is very much comparable to an organic farms. We have a wonderful ecosystems in Switzerland, especially in the financial services industry and our customers just love the way we provided those services and told their neighbors and friends and this is really how we grew on a global scale. Currently Open Systems is operating in more than 180 countries, SD-WAN and security infrastructure for customers and protect approximately 2.5 to three million in users globally. And when we started to enter the U.S. market, we learned that the way we provide SD-WAN in a secure way, really resonates a lot with the U.S. market because we can make complex infrastructures, especially projects going to the cloud, very easy to consume for our customers. So, we are really exciting on the growth side right now, we grow super fast in the U.S., we have been very successful in latest customers, we won Chemers, we won Chemit... >> So you're winning a lot of business. >> We are winning a lot of business and what's exciting about it is those customers give us really very valuable feedback on the difference how we provided services is really exciting... >> You know Martin, I was observing and talking to your team in December when we first met you guys for the first time and you just briefly touched on it on your description of the company success. A lot of the early success and continued success has been word of mouth. >> Right. >> With the organic, not like big marketing splash in the pool, kind of like, you know, banging the drum hard, although you are doing some marketing now but and being in the U.S. That word of mouth has been really a testament to the quality of the product, so I got to ask you, what are they happy about? What's the problem that you're solving? What's the big buzz? Why are they so excited to share, to their peers and colleagues about Open Systems? What's the big revelation? >> Thank you for the credit. I think, you know, everybody goes to the cloud and what you really need is an SD-WAN to access the cloud. What that also means for all those companies, they have to rethink their security posture. So if you add now all those products and then you try to operate those products, it turns out it's relatively complicated compared to an old school MPLS Network we used to operate in the past. So, this is really where Open Systems comes in and helps customers to operate that in very easy ways. So we integrate, all those products needed, to operate the global SD-WAN in a secure way, on a single delivery platform and that allows customers to consume that entire suite in a very very easy way. >> I want to get your vision on the future of Open Systems. I know you guys call it secure SD-WAN. I'm a little bit more radical and controversial in the sense. I think SD-WAN is kind of passe term, I think, it's really cloud connectivity work anywhere, people are working at home more than ever, cloud computing has brought in essentially enterprise cloud. We're calling it cloud 2.0, where, it's not just public cloud and having workloads in there, taking advantage of the greatest of cloud 1.0. It's enterprises, this is hybrid, it's multi-cloud, you seeing a, really a distributed computing, a networking problem and a security problem being at the center of this new work environment. >> Yeah. >> Essentially, people connected to something. >> Right. >> It's cloud right, I mean. We can call it SD-WAN because it used to be an office, campus, remote office, very static dynamic. What's your vision? >> You're absolutely right. I mean, this is really where it all goes. Let's say, a network was a network and it was very clear what a network does, right now it's more like, we want to just connect users to cloud services and it's not so clear where those services are coming from and it's not so clear where those users are sitting, where you consume from. And, it results in a phenomenal opportunity to be much more agile, much more, much faster, also to set-up new services, but it also is a challenge for IT operations. Because you know, you might have a group of users saying, well this and this service doesn't work well and now you have to debug. Why is not performing, why isn't Germany maybe, a service coming from the U.S., not performing well? Or you have an IoT device suddenly not really collecting data in a right way and this is really where SD-WAN becomes an orchestration layer. SD-WAN really helps you to orchestrate all those services and make sure you have the SLA available, at all times, everywhere. And also, understand if it's not delivering right and this is really rare where I believe... Ya, we need new solutions to make these easy because... >> You know, a lot of companies talk about digital transformation, that becomes the office, you know, the top CEO, board conversation, let's transform and be digital. But the underlying infrastructure, which is very complex, you can talk about distributing computing, you got networking, all these things in place and old, new, all kind of mashed together with cloud. It's easy to say digital transformation but you're talking about digital transformation of the business on top of existing complex hardware, which comes out the networking, moving packets from A to B, storing it on drives and now you have people working at home, so you have people working globally. >> Right. >> It's not that simple. >> No. >> It's complicated. >> It is really... >> It's not just a U.S. problem, it's like a have a team in, an engineering team in the U.K. and Germany, wherever, business... So it's a global problem. >> Exactly and also it's about, you know, how do you process all the data in an efficient way. And where we see a lot of iteration power released is right now in the Cloud. It's really exciting how easy it gets to consume all that computing power out of the cloud but you need to make sure it is available and you need to understand what is happening if it's not available and how to fix that. And this is really where, I think networking became more demanding, more challenging but also, obviously offers a tremendous opportunity for innovation. >> And I think the security industry has gotten much broader scope to it, used to be, hey you know, I'm a nerd, I'm Black Hat, I'm a blue team, red team, secure the environment, get a perimeter and okay that's gone, we'll take care of threats, malware, all this stuff's going on. But when you think about like cloud 2.0, cloud 1.0 is compute storage, great applications can load up at the cloud, all this great stuffs happening, hooray, yeah, rah-rah. Now cloud 2.0 is networking and security. >> Right. >> Independent of everything right so, what's your take on that? How is Open Systems, you know, helping companies? And what do you say to your customers when you say, hey, you know, compute networking, the storage is good, the cloud on premise no problem, there's operating models for that but you got networking and you got security to deal with on top of all the complexity. What's your story? >> I think the most important thing is, you know, we have to live with the fact that some device system tools are not secure. So I think IoT's a very good example. If you want to have all those sensors out there and be close to the customer, be close to some business processes, you need IoT. But, it's just not possible to have these very cheap devices built in a secure way. So, it's a lot about how do you design a network, to design it in a resilient secure way and that means that you have to think in cells, you have to think in compartments and that makes it relatively easy, secure again, but, it is from operational point of view, quite a challenge because you do not operate any more one network, you suddenly operate maybe any networks. >> On that point, just to kind of wrap up here. The the security challenges around IoT, Machine Learning and AI, which is clearly becoming part of the fabric of, a company's going to leverage that... >> Right. What are some of the big challenges that companies are having and what do you do to solve it? >> You know, in the old network world, you had a network where everything was connected based on one network. So, when you introduce SD-WAN and you introduce all these capabilities, it is very dangerous if you think just, in the old school of one network because suddenly you have IoT working on the same network as maybe your finance department. Or you have productivity facilities working the same network as your network department. So, it just doesn't make sense to have those very different functionalities on exactly the same network because if you have a compromised situation, you suddenly have your entire company compromised and this is really where compartments become very very important. I think this also something you in every industry, historically as well. Security and safety starts also with compartments. So, if you think fire, fire security, it has a lot to do with fire compartments. In case you have a fire, you don't lose the entire building or the same goes with ship building. I mean, Titanic was the last very big ship that sunk but the reason was the compartments haven't been pressurized. A modern ship doesn't sink anymore. And I think this really what we have to do now also in IT. We have to think in compartments. We have to think in layers and that's easy to do with SD-WAN but it's not so easy to operate. >> Final question for you real quick, you know, people talk about hybrid cloud, multi-clouds, the big conversation in this cloud 2.0. But you guys as being successful in outside the United States and now in the U.S., there's also multi-geo work environment. >> Right. What should people think about when they kind of want to frame that debate or conversation? I'm a multinational, I'm operating in the U.S., now I have regions, clouds have regions. There's also all kind of of now regulatory pressure coming across those areas. >> I would say around 2,000 companies really started to globalize their value chains. You know, in the past, maybe you had a production facility in one country and then you sold your products globally but if you want to be competitive, you have to globalize your value chain. So it doesn't make sense to produce everything in one place. Your product usually, or your service, is produced on a global scale and that means that networks also have to help you to really produce that global value chain. But, it means also that you are operating in different jurisdictions, in different regions and you have to respect those different regulations and laws. And this is, obviously then and also a challenge for network operators because privacy in Germany is different than in the U.S., access rights are different, China's again very different, but all those multinationals, we operate in all those countries and we have to respect the local law. >> And the provide the security they need. >> Exactly. >> Martin, thanks for coming in and sharing your insights. Appreciate, good to see you, we'll follow up with and keep of the progress. Thanks for coming in. >> Thank so much. >> I'm John Furrier for CUBE Conversation in Palo Alto, at theCUBE Studios, thanks for watching. (upbeat funky music)

>> live from Boston, Massachusetts. It's the Cube covering A W s reinforce 2019 brought to you by Amazon Web service is and its ecosystem partners. >> Okay, welcome back. Everyone's two cubes Live coverage here in Boston, Massachusetts, for AWS reinforce. This is Amazon Web services Inaugural conference around Cloud security There first of what? Looks like we'll be more focused events around deep dive security to reinvent for security. But not no one's actually saying that. But it's not a summit. It's ah, branded event Reinforce. We're hearing Mark Ryland off director Office of the Sea. So at eight of us, thanks for coming back. Good to see you keep alumni. Yeah, I'm staying here before It's fun. Wait A great Shadow 80 Bucks summit in New York City Last year we talked about some of the same issues, but now you have a dedicated conference here on the feedback from the sea. So as we've talked to and the partners in the ecosystem is, it's great to have an event where they go deep dives on some of the key things that are really, really important to security. Absolutely. This is really kind of a vibe that how reinvents started, right? So reinventing was a similar thing for commercial. You're deep, not easy to us. Three here, deeper on Amazon. But with security. Yeah, security lens on some of the same issues. One thing that happened >> and kind of signal to us that we needed an event like this over the years with reinvent was consistently over the years, the security and compliance track became one of the most important tracks that was oversubscribed in overflow rooms and like, Hey, there's a signal here, right? And so, but at the same time, we wanted to be able to reach on audience. Maybe they wouldn't go to reinvent because they thought I'd say It's all the crazy Dale Ops guys were doing this cloud thing. But now, of course, they're getting the strong message in their security organizations like, Hey, we're doing cloud. Or maybe as a professional, I need to really get smart about this stuff. So it's been a nice transition from still a lot of the same people, but definitely the different crowd that's coming here and was a cross pollination between multiple and I was >> just at Public sector summit. They about cyber security from a national defense and intelligence standpoint. Obviously, threesome Carlson leads That team you got on the commercial side comes like Splunk who our data and they get into cyber. So you started to see kind of the intersection of all the kind of Amazon ecosystems kind of coming around security, where it's now part of its horizontal. It's not just these are the security vendors and partners writes pretty much everyone's kind of becoming native into thinking about security and the benefits that you guys have talk about that what Amazon has to have a framework, a posture. Yeah, they call it shared responsibility. But I get that you're sharing this with the ecosystem. Makes sense. Yeah, talk about the Amazon Web service is posture for this new security >> world. Well, the new security world is if you look at like a typical security framework like Mist 853 120 50 controls all these different things you need to worry about if you're a security professional. And so what eight obvious able to do is say, look, there's a whole bunch of these that we can take care of on your behalf. There's some that we'll do some things and you got to do some things and there's some There's still your responsibility, but we'll try to make it easy for you to do those parts. So right off the bat we can get a lot of wins from just hey, there's a lot of things will just take care of. And you could essentially delegate to us. And for the what remain, You'll take your expertise and you'll re focus it on more like applications security. There still may be some operating systems or whatever. If using virtual machine service, you still have to think about that. But even there, we'll use we have systems Manager will make it easy to do patch management, updating, et cetera. And if you're willing to go all the way to is like a lambda or some kind of a platform capability, make it super easy because all you gotta do is make sure your code is good and we'll take care of all the infrastructure automatically on your behalf so that share responsibility remains. There's a lot of things you still need to be careful about and do well, but your experts can refocus. They could be very you know like it's just a lot less to worry about it. So it's really a message for howto raise the bar for the whole community, but yet still have >> that stays online with the baby value properties, which is, you know, build stuff, ship fast, lower prices. I mazon ethos in general. But when you think about the core A. W. S what made it so great Waas you can reduce the provisioning of resource is to get something up and running. And I think that's what I'm taking away from the security peace you could say. We know Amazon Web service is really well, and we're gonna do these things. You could do that so us on them and then parts to innovate. So I get that. That's good. The other trend I want to get your reaction to is comments we've had on the Cube with si SOS and customers is a trend towards building in house coding security. Your point about Lambda some cool things air being enabled through a B s. There's a real trend of big large companies with security teams just saying, Hey, you know what? I wanna optimize my talent to code and be security focused on use cases that they care about. So you know, Andy Jazz talks about builders. You guys are about builders you got cos your customers building absolutely. Yet they don't want Tonto, but they are becoming security. So you have a builder mindset going on in the big enterprises. >> Yes, talk about that dynamic. That's a That's a really important trend. And we see that even in security organizations which historically were full of experts but not full of engineers and people that could write code. And what we're seeing now is people say, Look, I have all this expertise, but I also see that with a software defined the infrastructure and everything's in a P I. If I pair up in engineering team with a security professional team, then well, how good things will happen because the security specials will say, Gosh, I do this repetitive task all the time. Can you write code to do that like, Yeah, we can write code to do that. So now I can focus on things that require judgment instead of just more rep repetitive. So So there's a really nice synergy there, and our security customers are becoming builders as well, and they're codifying if you moment expression in code, a policy that used to be in a document. And now they write code this as well. If that policy is whatever password length or how often we rode a credentials, whatever the policy is where Icho to ensure that that actually happening. So it's a real nice confluence of security expertise with the engineering, and they're not building the full stack >> themselves. This becomes again Aki Agility piece I had one customer on was an SMS business. They imported to eight of US Cloud with three engineers, and they wrote all the Kuban aged code themselves. They could have used, you know, other things, but they wanted to make sure it's stable so they could bring in some suppliers that could add value. So, again, this is new. Used to be this way back in the old days, in House developers build the abs on the mainframe, build the APS on the mini computers and then on I went to outsourcing, so we're kind of back. The insourcing is the big trend now, >> right in with the smaller engineering team, I can do a lot that used to require so many more people with a big waterfall method and long term projects. And now I take all these powerful building blocks and put an engineering team five people or what we would call it to pizza team five or six people off to the side, given 34 weeks, and they can generate a really cool system that would have required months and not years before. So that's a big trend, and it applies across the board, including two security. >> I think there's a sea change, and I think it's clear what I like about this show is this cloud security. But it's also they have the on premises conversation, Mrs Legacy applications that have been secured and or need to be secured as they evolve. And then you got cloud native and all these things together where security has to be built in. Yeah, this is a key theme, so I want to get your thoughts on this notion of built in security from Day one. What's your what's your view on this? And how should customers start thinking >> about it? And >> what did you guys bringing to the table? Well, I think that's just a general say maturation that goes on in the industry, >> whether it's cloud or on Prem is that people realize that the old methods we used to use like, Hey, I'm gonna build a nap And then I'm gonna hand it to the security team and they're gonna put firewalls around it That's not really gonna have a good result. So security by design, having security is equal co aspect of If I'm getting doing an architecture, I look a performance. I look, it cost. I look at security. It's just part of my system designed. I don't think of it as like a bolt on afterwards, so that leads to things like, you know, Secure Dev ops and kind of integration teams through. This could be happening on premises to it's just part of I T. Modernization. But Cloud is clearly a driver as well, and cloud makes it easier because it's all programmable. So things that are still manual on premises, you can do in a more automated getting into a lot of conversations here under the covers, A lot of under the hood conversations here around >> security BC to one of the most popular service is you guys have obviously compute a big part of the mission Land, another of the feature VPC traffic flows, where mirroring was a big announcement. Like we talked about that a lot of talking about the E c two nitro. You gave a talk on that. Did you just unpacked it a little bit because this has been nuanced out there. It's out there people are interested in. What's that talk about inscription is, is in a popular conversation taking minutes? Explain your talk. Sure, So we've talked for now a year and 1/2 >> about how we've essentially rien. Imagine reinvented our virtual machine architecture, too. Go from a primarily soft defined system where you have a mainboard with memory and intel processor and all that kind of a coup treatments of a standard server. And then your virtual ization layer would run a full copy of an operating system, which we call a Dom zero privileged OS that would mediate access between the guest OS is in this and the outside world because it would maintain the device model like how do I talk to a network card? How I talked to a storage device. I talked through the hyper visor, but through also a dom zero Ah, copy of Lennox. A copy of Windows to do all that I owe. So what we just did over the past few years, we begin to take all the things we're running inside that privileged OS and move that into dedicated hardware software, harbor combination where we now have components we call nitro components their actual separate little computers that do dbs processing. They do vpc processing they do instance, storage. So at this point now, we've taken all of the components of that damn zero. We've moved it out into these You could call Cho processors. I almost think of them is like the Nitro controllers. The main processor and the Intel motherboard is a co processor where customer workloads run because the trust now is in these external all systems. And when you go to talk to the outside world from easy to now you're talking through these very trusted, very powerful co processors that do encryption. They do identity management for you. They do a lot of work that's off the main processor, but we can accelerate it. We could be more assured that it's trustworthy. It can it can protect itself from potential types of hacks that might have been exposed if that, say, an encryption key was in the and the main motherboard. Now it's not so it's a long story until one hour version and doing three minutes now. But overall we feel that we built a trustworthy system for virtual. What was the title of talk so people can find it online? So I was just called the night to architecture security implications of the night to architecture. So it's taking information that we had out there. But we're like highlighting the fact that if you're a security professional, you're gonna really like the fact that this system has it has no damn zero. It has no shell. You can't log into the system as a human being. It's impossible to log in. It's all software to find suffer driven, and all the encryption features air in these co processors so we can do like full line made encryption of 100 gigabits of network traffic. It's all encrypted like that's never been done before. Really, in the history of computing, what's the benefit of nitro architectural? Simply not shelter. More trust built into it a trusted root. That's not the main board encryption, off load and more isolation. Because even if I somehow we're toe managed to the impossible combination of facts to get sort of like ownership of that main board, I still don't have access to the outside world. From there, I have to go through a whole another layer of very secure software that mediates between the inner world of where customer were close run and the outside world where the actual cloud is. So it's just a bunch of layers that make things more secure, >> and I'm sure Outpost will have that as well. Can you waste on that? Seem to me to hear about that. Okay, Encryption, encrypt everything. Is it philosophy we heard in the keynote? You also talked about that as well. Um, encrypting traffic on the hour. I didn't talk about what that means. What was talked to you? What's the big conversation around? Encryption within a. W s just inside and outside. What's the main story there? >> There's a lot of pieces to the pie, but a big one that we were talking about this week is a pretty long term project we call Project lever. It was actually named after a ah female cryptographer. Eventually Park team that was help. You know, one of the major factors, including World War Two, are these mathematicians and cryptographers. So we we wanted to do a big scale encryption project. We had a very large scale network and we had, you know, all the features you normally have, but we wanted to make it so that we really encrypted everything when it was outside of our physical control. So we done that took a long time. Huge investment, really exciting now going forward, everything we build. So any time data that customers give to us or have traffic between regions between instances within the same region outside reaches, whenever that traffic leaves our physical control so kind of our building boundaries or gates and guards and going down the street on a fiber optic to another data center, maybe not far away or going inter continent intercontinental links are going sub oceanic links all those links. Now we encrypt all the traffic all the time. >> And what's the benefit of that? So the benefit of that is there. Still, you know, it's it's obscure, >> but there is a threat model where, you know, governments have special submarines that are known to exist that go in, sniff those transoceanic links. And potentially a bad guy could somehow get into one of those network junction points or whatever. Inspect traffic. It's not, I would say, a high risk, but it's possible now. That's a whole nother level of phishing attacks. Phishing attack, submarine You're highly motivated to sniff that line couldn't resist U. S. O. So that's now so people could feel comfortable that that protection exists and even things like here's a kind of a little bit of scare example. But we have customers that say, Look, I'm a European customer and I have a very strong sense of regional reality. I wanna be inside the European community with all my data, etcetera, and you know, what about Brexit? So now I've got all this traffic going through. A very large Internet peering point in London in London won't be part of Europe anymore according to kind of legal norms. So what are you doing in that case? Unless they Well, how about this? How about if yes, the packets are moving through London, but they're always encrypted all the time. Does that make you feel good? Yeah, that makes me feel good. I mean, I so my my notion of work as extra territorial extra additional congee modified to accept the fact that hey, if it's just cipher text, it's not quite the same as unscripted. >> People don't really like. The idea of encrypted traffic. I mean, just makes a lot of sense. Why would absolutely Why wouldn't you want to do that right now? Final question At this event, a lot of attendee high, high, high caliber people on the spectrum is from biz dab People building out the ecosystem Thio Hardcore check. He's looking under the hood to see SOS, who oversee the regime's within companies, either with the C i O or whatever had that was formed and every couple is different. But there's a lot of si SOS here to information security officers. You are in the office of the Chief Security Information officer. So what is the conversations they're having? Because we're hearing a lot of Dev ops like conversations in the security bat with a pretty backdrop about not just chest undead, but hack a phone's getting new stuff built and then moving into production operations. Little Deb's sec up So these kinds of things, we're all kind of coming together. What are you hearing from those customers inside Amazon? Because I know you guys a customer driven in the customers in the sea SOS as your customer. What are they saying? What are they asking for? So see, so's our first getting their own minds around >> this big technical transformations that are happening on dhe. They're thinking about risk management and compliance and things that they're responsible for. They've got a report to a board or a board committee say, Hey, we're doing things according to the norms of our industry or the regulated industries that we sit in. So they're building the knowledge base and the expertise and the teams that can translate from this sort of modern dev ops e thing to these more traditional frameworks like, Hey, I've got this oversight by the Securities Exchange Commission or by the banking regulators, or what have you and we have to be able to explain to them why our security posture not only is maintained, it in some ways improved in these in this new world. So they're they're challenge now is both developing their own understanding, which I think they're doing a good job at, but also kind of building this the muscle of the strength. The terminology translate between these new technologies, new worlds and more traditional frameworks that they sit within and people who give oversight over them. So you gotta risk. So there's risk committees on boards of these large publics organizations, and the risk committees don't know a lot about cloud computing. So s O they're part of what they do now is they do that translation function and they can say, Look, I've I've got assurance is based on my work that I do in the technology and my compliance frameworks that I could meet the risk profiles that we've traditionally met in other ways with this new technology. So it's it's a pretty interesting >> had translations with the C I A. Certainly in public sector, those security oriented companies, a cz well, as the other trend, they're gonna educate the boards and they're secure and not get hacked the obsolete. And then there's the innovation side of it. Yeah, we actually gotta build out. Yes. This is what we just talked about a big change for our C says. That we talk to and work with all the time is that hey, we're in engineering community now. We didn't used to write a lot of code, and now we do. We're getting strong in that way. Or else we're parting very closely with an engineering team who has dedicated teams that support our security requirements and build the tools. We need to know that things are going well from our perspective. So that's a really cool, I think, changing that. I think that is probably one >> of my favorite trends that I see because he really shows the criticality of security was pretty much all critically, only act. But having that code coding focus really shows that they're building in house use case that they care about and the fact that I can now get native network traffic. Yeah, and you guys are exposing new sets of service is with land and other things >> over the top. >> It just makes for a good environment to do these clouds. Security things. That seems to be the show >> in a nutshell. Yeah, I think that's one of the nice thing about this show. Is It's a very positive energy here. It's not like the fear and scary stuff sometimes hear it. Security conference is like a the sky's falling by my product kind of thing Here. It's much more of a collaborative like, Hey, we got some serious challenges. There's some bad guys out there. They're gonna come after us. But as a community using new tooling, new techniques, modern approaches, modernization generally like let's get rid of a lot of these crusty old systems we've never updated for 10 or 20 years. It's a positive energy, which is really exciting. Good Mark, get your insights out. So this is your wheelhouse Show. Congratulations. >> You got to ask you the question. Just take your see. So Amazon had off just as an industry participant riding this way, being involved in it. What is the most important story that needs to be told in the press? In the media that should be told what's as important. Either it's being told it, then should be amplified or not being told and be written out. What's the What's the top story? I don't think that even after all this time that you know when people >> hear public cloud computing. They still have this kind of instinctive reaction like, Oh, that sounds kind of scary or a little bit risky and, you know, way need to get to the point where those words don't elicit some sense of risk in people's minds, but rather elicit like, Oh, cool, that's gonna help me be secure instead of being a challenge. Now that's a journey, and people have to get there, and our customers who go deep, very consistently, say, And I'm sure you've had them say to you, Hey, I feel more confident in my cloud based security. Then I do my own premises security. But that's still not the kind of the initial reaction. And so were we still have a ways, a fear based mentality. Too much more >> of a >> Yeah. Modernization base like this is the modern way to get the results in the outcomes I want, and cloud is a part of that, and it doesn't not only doesn't scare me, I want to go there because it's gonna take a community as well. Yeah, Mark, thanks so much for coming back on the greatest. Be hearing great Mark Mark Riley, direct of the office of the chief information security at Amazon Web services here, sharing his inside, extracting the signal. But the top stories and most important things >> being being >> said and discussed and executed here, it reinforced on the Cube. Thanks for watching. We'll be right back with more after this short break.