>>Mhm. Hey there. Welcome to the cubes coverage of Splunk dot com. 21. I'm lisa martin. I've got a new guest joining me on the cube for the first time please welcome 20 pierce the senior manager of cybersecurity at the Y 20. Welcome to the program. >>Hi, glad to be here. >>So your linked in profile. I wanted to ask you about this. It states that you are delivering an evidence based approach to cybersecurity. What does that mean? An evidence based approach? And how are you and spunk helping to deliver this approach? >>Yeah. And I'd like to call it like the out case outcome based the price basically you start with what you're trying to accomplish and work with backwards. A lot of people say I've got a problem and then they go try to buy a tool or whatever to go fix the problem. I go in and I'm like all right, I got a problem. Let me figure out what's realistically I can use in the environment. So it's just basically working back so you have, you know, a breach. What if I what are all the different things that I knew to leverage to meet the controls for that breach. Right? And so um think of mitre in a way as a layered way of looking things um and the full defense and depth. So that's kind of my approach, I go when I figure out what the problem is and I answer the question and I used to do that because funk is able to give me a big data to everything. Got a guy so I like to be able to pull in all the different data types that I need to answer our questions, um, to do that. Right. And so whether it's a vulnerability management, patching your networking a good, a good example of this, like most common hacks in the world go after known vulnerabilities, right? And we get kind of caught up in all that. Um, one of the things we like to do here do, why is like we like to combine what's happening in the network. So the threat landscape in which is the network guys, the vulnerability guys who are scanning the data and then actually the patching, who is, who is actually, you know, mitigating the problem putting all those into one screen has really helped people with their risk rating. >>Talk to me a little bit about some of the changes, we've seen massive changes in the threat landscape in cybersecurity in the last year and a half during the pandemic. We've seen massive increase in ransomware. DDoS attacks, ransomware becoming a household word, the executive order that just came down a few months ago. What are some of the things that you've seen? Have you seen the acceleration of organizations coming to help? We know that it's not a matter of if we get attacked. It's when how are you, how are you seeing the last 18 months influence what you're doing. >>Oh man, it's been quite a crazy, right? And so um, by trade, I'm a instant responder, you know, uh high level investigator and possible solutions architect. So I, I get called in a lot for those kind of things. It has been kind of nuts. But you know, one of the things I always tell them when it started understanding what your threat landscaping is, um, and identify your key cyber terrain. Unfortunately most, you know, most companies as they grow, they get really big, they don't really do that. So they don't, they miss the consolidation point, right? I always say, hey, you know, if you're, if you're going to do this, if you say you have a ransomware attack, the first thing you can do is, you know, there's so many different controls that you can do to stop that you really need to know where it is and ejecting and then you can isolate if you need to um, what we're seeing in the companies. They, because they don't all have full coverage, right? And they expect their endpoint protections to actually do its job, you know, and sometimes that's, you know, don't get me wrong, there are some amazing endpoint protections out there, but you really need to be able to log it, you need to know what it looks like and you need to know where it is. So if you need a in case of a ransomware attack as it spreads through the network, you're able to isolate it and rewrite it to like, I like to call it a black hole the land and just reroute it so I can isolate it and then I can go after it. Um instead of trying to try to do every endpoint at a time because you'll get you'll get whacked >>definitely. So talk to me about working and partnering with Splunk and it's full security stuff. How does that, how is that a differentiator for you and your rule? >>Okay. So one of the things that we do here any why is we can find simmons sores one combined offering. Right? So we we try to bring the data in, we operationalize it and then we try to do something with it, right? We we find that. And then if you really think about that in a situation where the spunk products, it's the spunk or funky s and then phantom, right? And so that's the automation play. So we try to combine all those into one combined offering. So that when when bad things happen where we make a decision, we say all right, So, hey, um what we're seeing in the industry is like a lot of times people spend so much time hunting the known to to forget about the unknown. Think about the target. Hack a couple of years ago. Um the oil and gas attack just recently, you know, they miss those core things. So we try to say all right, well let's automate a lot of that known stuff so that the incident responders can focus on the unknown. And so when you combine all three of those products, you get a pretty good security staff >>when you say automating The known, is that at all in any way like helping companies get back to basics. I've been hearing a lot in the last 18 months that some from a data protection perspective and from a ransomware attack perspective. So it's it's when not if but are you saying that companies are are sort of skipping past the basics where security is concerned? Yeah, >>Well, it's I don't say it's skipping past the basics. Right? I think that sometimes people get caught up in the definitions of what it is. Right? So there's there's so many, there's so many fair more shop there. Right? So like I'm a big fan of your trust. Um a lot of instant responded to using minor, I use minor for that as as it retains the instant response. Some people like to use high trust and I think a lot of what happens is they get lost in the confusion of all these different frameworks. Right? I like to go back to basics. I've been doing cyber for Oh, oh my oh my gosh, about 20 plus years. Right. Um I'm an active hacker. I like this is what I do. I like to call a defense in depth. Right? So when you're when you're doing that, if you follow the defense and depth Satur, it doesn't matter what framework you have, you can actually go back and you can Fix that problem. Right? So going back in the automation of unknown to an unknown, we know, and IOC is 100% now, you can say IOC it's like a hash, right? So when a bad thing happens like an exploit, first thing we try to do is we try to grab that hash and then we try to build a roll around it to stop that hash from spreading and going anywhere else. That's a We know 100% of it's bad. Now can exploits change their hash. Absolute. And it happens all the time, but for that Moment in time that hash is 100%. And so we try to say, hey look, you know, we got an endpoint protection but also why don't we use automation to block it at the boundary or why don't we keep it from doing lateral movement? Why don't we why don't we activate it from a defense and depth. So you have your network. Um I like to say, hey look you have your egress ingress and your lateral movement. So if you understand all those three fact factors, you can automate the control so that it doesn't spread, you know, you had mentioned ransomware, it's been really huge, right? And everybody goes, oh well, you know, if we do zero try zero trust, talks about, you know, segmentation a whole lot and then a segmentation is usually important. It won't stop everything but it will do a good job being able to you'll ever swung we actually pull that in and we say hey you know from and why are we take all that network? And we try to put it in a single pane of glass so that we can see everything. And then once we're able to see it, once we get a good robust data set and understand that operations were able to go in and automate it and so if I can go in and say hey look all these hashes are bad. Yeah I'm not going to rely on my end point, I'm going to put another control in place. So at the end point misses it, I have another control that will actually layer it and prevent it from spreading. >>Which is absolutely critical. Talk to me about some of the outcomes that Ey and Splunk are delivering to the end user customers. Everyone's always talking about it's all about outcomes. What are some of those? >>Yeah so we have um we really embraced like the data to everything right? So I I kind of have this opinion of like uh you know everything's data so everything needs to be secured right? Uh the people who missed that tend to get whacked pretty quickly. Um So what I like to do is I'm like all right so you know like IOT is huge out there right now O. T. Is doing it. So some of the things that we've done is like from a health care perspective um We've done we've combined I. O. T. And I. T. Into a commonality solution leveraging like network simple things like pulling in from the wind, pulling in um understanding what those Mac addresses are so that you can actually do like a workplace analytics around um say R. F. I. D. Tagging right? So you know where your people are at? Um Here we also do like a call a sock in a box where we put that put everything together that every like a from a tiered perspective like a tier one tier two analysts. You know what is that they need to do to mitigate mitigate observe something, What is the investigator need? Right? So we try to simplify those conversations so that you know exactly around like a threat hunting as well like threat hunter an investigator, they're totally different roles, right? So they need to be separated. We also like tie in like the um what is it? I really hate uh like power point. I'm not a big power point guy right? So I really like to be able to give the says oh he needs to understand what risk is, right? So we try to automated so we can get to that too. He can pull up his phone and pull up his punk app and he knows at any given time what his risk rating of his company, right? So we try to combine all those in. Like again, you know there is um we do stuff around Blockchain supply chain. You know, it doesn't really matter if it's a data analytics tool. You know a lot of people look at Funk as a sim. I don't just like look at it that way. I look at as a data analytics tool that does sim. It's just one of the functions this does. If you start understanding data and all the different things that data can do, then you need to go in and you can use Funk to basically answer those questions so that you can start putting in a control set. >>What what's the differentiated value that Ey and Splunk bring together to customers. What really sets this partnership and what it delivers apart. >>Well I'm I'm I'm biased on that right? Because I run the North America 17 for you like for consulting. So I would say that those two things is innovation and time to value. Right? So for let's start with innovation for a minute because Funk is so customizable right? Because it pretty much can integrate with just two. Anything we're able to go very fast, take data in and do something with it and operationalize. It doesn't matter who the customer is is they're going to give us a question. We'll break it all the way down and we'll understand what you're going to answer A good example that is like we were doing stuff around P. C. I. Compliance. The checklist. You know the financial sector, they get a huge amount of audits, right? Especially around PC. I. So we took all the Pc. I checklist and we said harry, what can we, what can we answer those questions? And so we built a dashboard that actually sends out a report to internal audit and we call it compliance over time, right? It's looking at data in a different perspective to answer a question. Now the other thing is that we like, we try to do here is, you know, with the, as we do is Funk and funk helps us with this, right? We have a great relationship with them is um, basically, oh I have a, I lost my train of thought there for me. So uh, innovations time to value, right? So from time to value what we do is we used to say, hey look, we have a lot of stuff in our lab. But one of the things I don't like to do is I don't like to um, go to clients and say, hey look, we were going to build this for the first time. I like to say, hey look, here's these questions in the industry. Get ahead of the question and go build in our labs so that when we when we actually get on site, our time to value is not in months. You know, we can begin weeks because we already have a huge repository of um use cases now those every use case is actually tied into an automation play. And so when we say that we say hey look here's everything is flowing, let's do this, let's go answer that question and let's go automate it and you let's make a decision where where we want to automate and where do we want a human interaction. Mhm. >>Talk to me about what's next for the partnership in terms of the future, what what can you tell us where E Y. And Splunk are going together? >>So we've been partying around um I think our next things that we're really looking at is A I um we're really getting kind of into that as well as A R. And D. R. Technology. Right? So um especially around like I'm looking at like the energy companies in the financial banking and one of the things I would love to do is like um go into you know a bank A. T. M. Right? And right now it takes somebody actually has to plug into that and to do a diagnostic on it. I would love to be able to get to a point where you can just take your camera scan the QR code on the on the device and then pull up an A. R. And it runs all the diagnostics on the device as its there. Another one is like the infrastructure um instead of actually going out, plugging into like say a solar panel going out pulling out of the tablet just scanning the solar panels and it tells you if it's good or bad and that's kind of the next step that we're trying to do. We're trying to really take that uh and dated everything and just kind of turn it on its end um like and you've got to remember everything is data nowadays, right? It's not the old days where you know, things are moving around and everything is in the file folders, it's gone right? Everything is data. So everything is security, right? And we know the first thing is we need to know what our threat landscape is. We need to know what that is and we need to apply that. All right. So if we can simplify answering questions, that's so much better. And one of the things I like about flunked is it scales really well, right? And I've looked at some of these fetters and don't get me wrong, I mean everybody has their place. The one thing I like about spunk is it doesn't mean it literally scales really well. So the more data you can get into it, it actually does better. Right? Um and how you do it now, that's just our approach. That's the next steps that we're really looking at from a technology standpoint, >>exciting stuff, Tony thank you for joining me sharing what ey and Splunk are doing together. Some of the unique use cases that you're helping to solve for customers and some of the things that you're excited about. We appreciate your time on your information. >>No, this is fun. You know, like I said, I'm a big fan. I even wore my spunk shirt just for this meeting. >>Fantastic. You're on brand well, Tony. Thank you. Again. We appreciate your time. >>All right. Thank you. You have a wonderful day. >>Thanks you as well for Tony Pierce. I'm Lisa Martin. You're watching the cubes coverage of splunk.com 21. Thanks for watching, >>enjoy. Bye bye mm. Mm hmm.

>> Announcer: From around the globe, it's theCUBE! With digital coverage of AnsibleFest 2020. Brought to you by Red Hat. >> Hello, everyone. Welcome back to theCUBE's coverage of AnsibleFest 2020. I'm your host with theCUBE John Furrier. And we've got two great guests. A CUBE alumni, Robyn Bergeron, senior manager, Ansible community team. Welcome back, she's with Ansible and Red Hat. Good to see you. And Matt Jones, chief architect for the Ansible Automation Platform. Again, both with Red Hat, Ansible was acquired by Red Hat. Robyn used to work for Red Hat, then went to Ansible. Ansible got bought by Red Hat. Robyn, great to see you, Matt, great to see you. >> Yep, thanks for having me back again. It's good to see you. >> We're not in person. It's the virtual event. Thanks for coming on remotely to our CUBE virtual, really appreciate it. I want to talk about the, and I brought that Red Hat kind of journey Robyn. We talked about it last year, but it really is an important point. The roots of Ansible and kind of where it's come from and what it's turned into and where it is today, is an interesting journey because the mission is still the same. I would like to get your perspectives because you know, Red Hat was acquired by IBM, Ansible's under Red Hat, all part of one big happy family. A lot's going on around the platform, Matt, you're the chief architect, Robyn you're on the community team. Collections, collections, collections, is the message, content, content, content, community, a lot going on. So take a minute, both of you explain the Ansible roots, where it is today, and the mission. >> Right, so beginning of Ansible was really, there was a small team of folks and they'd actually been through an iteration before that didn't use SSH called Funk, but you know, it was, let's make a piece of software that is open source that allows people to automate other things. And we knew at the time that, you know, based on a piece of research that we had seen out of Harvard that having a piece of software be architected in a modular fashion wasn't just great for the software, but it was also great for developing pathways and connections for the community to actually contribute stuff. If you have a car, this is always my analogy. If you have a car, you don't have to know how the engine works in order to swap out the windshield wipers or embed new windshield wipers, things like that. The nice thing about modular architectures is that it doesn't just mean that things can plug in. It means you can actually separate them into different spots to enable them to be plugged in. And that's sort of where we are today with collections, right? We've always had this sense of modules, but everything except for a couple of points in time, all of the modules, the ways that you connect Ansible to the vast array of technologies that you can use it with. All of those have always been in the full Ansible repository. Now we've separated out most of, you know, nearly everything that is not absolutely essential to having in a, you know, a very minimal Ansible installation, broken them out into separate repositories, that are usually grouped by function, right? So there's probably like a VMware something and a cloud something, and a IBM, z/OS something, things like that, right? Each in their own individual groups. So now, not only can contributors find what they want to contribute to in much smaller spots that are not a sea of 5,000 plus folks doing work. But now you can also choose to use your Ansible collections, update them, run them independently of just the singular release of Ansible, where you got everything, all the batteries included in one spot. >> Matt, this brings up the point about she's bringing in more advanced functionality, she's talking about collections. This has been kind of the Ansible formula from the beginning in its startup days, ease of use, easy, fast automation. Talk about the, you know, back in 2013 it was a startup. Now it's part of Red Hat. The game is still the same. Can you just share kind of what's the current guiding principles around Ansible this year? Because lots going on, like I said, faster, bigger, a lot going on, share your perspective. You've been there. >> Yeah, you know, what we're working on now is we're taking this great tool that has changed the way that automation works for a lot of people and we want to make it faster and bigger and better. We want it to scale better. We want it to automate more and be easier to automate, automate all the things that people want to do. And so we're really focusing on that scalability and flexibility. Robyn talked about content and collections, right? And what we want to enable is people to bring the content collections, the collections, the roles, the models, and use them in the way that they feel works best for them, leaving aside some of the things that they maybe aren't quite as interested in and put it together in a way that scales for them and scales for a global automation, automation everywhere. >> Yeah, I want to dig into the collections later, Robyn, for sure. And Matt, so let's, we'll put that on pause for a minute. I want to get into the event, the virtual event. Obviously we're not face to face, this year's virtual. You guys are both keynoting. Matt, we'll start with you. If you can each give 60 seconds, kind of a rundown of your keynote talk, give us the quick summary this year on the keynotes, Matt, we'll start with you. >> Yeah. That's, 60 seconds is- >> If you need a minute and a half, we'll give you 90 seconds, Robyn, that's going to be tough. Matt, we'll start with you. >> I'll try. So this year, and I mentioned the focus on scalability and flexibility, we on the product and on the platform, on the Ansible Automation Platform, the goal here is to bring content and flexibility of that content into the platform for you. We focused a lot on how you execute, how you run automation, how you manage your automation, and so bringing that content management automation into the system for you. It's really important to us. But what we're also noticing is that we, people are managing automation at a much larger scale. So we are updating the Ansible Tower, Ansible AWX, the automation platform, we're updating it to be more flexible in how it runs content, and where it can run content. We're making it so that execution of automation doesn't just have to happen in your data center, in one data center, we recognize that automation occurs globally, and we want to expand that automation execution capability to be able to run globally and all report back into your central business. We're also expanding over the next six months, a year, how well Ansible integrates with OpenShift and Kubernetes. This is a huge focus for us. We want that experience for automation to feel the same, whether you're automating at the edge, in devices and virtual machines and data centers, as well as clusters and Kubernetes clusters anywhere in the world. >> That's awesome. That's why I brought that up earlier. I wanted to get that out there because it's worth calling out that the Ansible mission from the beginning was similar scope, easy to do and simplify, but now it's larger scale. Again, it's everywhere, harder to do, hence complexity being extracted away. So thank you for sharing. We'll dig into that in a second. Okay, Robyn, 60 seconds or more, if you need it, your keynote this year at AnsibleFest, give us the quick rundown. >> All right. Well, I think we probably know at this point, one of the main themes this year is called automate to connect and, you know, the purpose of the community keynote is really to highlight the achievements of the community. So, you know, we are talking about, well, we are talking about collections, you know, going through some of the very broad highlights of that, and also how that has contributed, or, not contributed, how that is included as part of the recent release of Ansible 2.10, which was really the first release where we've got it very easy for people to actually start using collections and getting familiar with what that brings to them. A good portion of the keynote is also just about innovation, right? Like how we do things in open source and why we do things in certain ways in open source to accelerate us. And how that compares with the Red Hat, traditional product model, which is, we kind of, we do a lot of innovation upstream. We move quickly so that if something is maybe not the right idea, we can move on. And then in our products, that's sort of the thing that we give to our customers that is tried, tested and true. All of that kind of jazz. We also talk about, or I guess I also talk about the, all of our initiatives that we're doing around diversity and inclusiveness, including some of the code changes that we've made for better, more inclusive language in our projects and our downstream products, our diversity and inclusion working group that we have in the community land, which is, you know, just looking to embrace more and more people. It's a lot about connectivity, right? To one of Matt's points about all the things that we're trying to achieve and how it's similar to the original principles, the third one was, it's always, we need to have it to be easy to contribute to. It doesn't necessarily just mean in our community, right? Like we see in all of these workplaces, which is one of the reasons why we brought in Automation Hub, that folks inside large organizations, companies, government, whatever it is, are using Ansible and there's more and more, and, you know, there's one person, they tell their friend, they tell another friend, and next thing you know, it's the whole department. And then you find people in other departments and then you've got a ton of people doing stuff. And we all know that you can do a bunch of stuff by yourself, but you can accomplish a lot more together. And so, making it easy to contribute inside your organization is not much different than being able to contribute inside the community. So this is just a further recognition, I think, of what we see as just a natural extension of open source. >> I think the community angle is super important 'cause you have the community in terms of people contributing, but you also have multiple vendors now, multiple clouds, multiple integrations, the stakeholders of collaboration have increased. It was just like, "Oh, here's the upstream and et cetera, we're done, and have meetings, do all that stuff." And Matt, that brings me to my next question. Can you talk about some of the recent releases that have changed the content experience for the Ansible users in the upstream and within the automation platform? >> Well, so last year we released collections, and we've really been moving towards that over the 2.9, 2.10 timeframe. And now I think you're starting to see sort of the realization of that, right? This year we've released Automation Hub on cloud.redhat.com so that we can concentrate that vendor and partner content that Red Hat supports and certifies. In AnsibleFest you'll hear us talk about Private Automation Hub. This is bringing that content experience to the customer, to the user of this content, sort of helping you curate and manage that content yourself, like Robyn said, like we want to build communities around the content that you've developed. That's the whole reason that we've done this with collections is we don't want to bind it to Ansible core releases. We don't want to block content releases, all of this great functionality that the community is building. This is what collections mean. You should be free to use the collections that you want when you want it, regardless of when Ansible core itself has released. >> Can you just take a minute real quick and just explain what is collections, for folks out there who are rich? 'Cause that's the big theme here, collections, collections, collections. That's what I'm hearing resonate throughout the virtual hallways, if you will. Twitter and beyond. >> That's a good question. Like what is a collection itself? So we've talked a lot in the past about reusable content for Ansible. We talk a lot about roles and modules and we sort of put those off to the side a little bit and say, "These are your reusable components." You can put 'em anywhere you want. You can put 'em in source control, distribute them through email, it doesn't matter. And then your playbooks, that's what you write. And that's your sort of blessed content. Collections are really about taking the modules and roles and plugins, the things that make automation possible, and bundling those up together in groups of content, groups of modules and roles, or standing by themselves so that you can decide how that's distributed and how you consume that, right? Like you might have the Azure, VMware or Red Hat satellite collection that you're using. And you're happy with that. But you want a new version of Ansible. You're not bound to using one and the same. You can stick with the content that matters to you, the roles, the modules, the plugins that work for you. And you decide when to update those and you know, what the actual modules and plugins you're using are. >> So I got to ask the content question, you know, I'm a content producer. We do videos as content, blog posts content. When you talk about content, it's code, clarify that role for us because you got, you're enabling developers with content and helping them find experts. This is a concept. Robyn, talk about this. And Matt, you can weigh in, too, define what does content mean? It means different things. (indistinct) again, content could be. >> It is one of those words, it's right up there with developers, you know, so many different things that that can mean, especially- >> Explain content and the importance of the semantics of that. Explain it, it's important that people understand the semantics of the word "content" with respect to what's going on with Ansible. >> Yeah, and Matt and I actually had a conversation about the murkiness of this word, I believe that was yesterday. So what I think about our content, you know, and I try to put myself in the mind, my first job was a CIS admin. So I try to put myself in the mind of someone who might be using this content that I'm about to attempt to explain. Like Matt just explained, we've always had these modules, which were included in Ansible. People have pieces of code that show very basic things, right? If I get one of the AWS modules, it would, I am able to do things like "I would like to create a new user." So you might make a role that actually describes the steps in Ansible, that you would have to create a new user that is able to access AWS services at your company. There may be a number of administrators who want to use that piece of stuff, that piece of code over and over and over again, because hopefully most companies are getting bigger and not smaller, right? They want to have more people accessing all sorts of pieces of technology. So making some of these chunks accessible to lots of folks is really important, right? Because what good is automation, if, sure we've taken care of half of it, but if you still have to come up with your own bits of code from scratch every time you want to invoke it, you're still not really leveraging the full power of collaboration. So when we talk about content, to me, it really is things that are constantly reusable, that are accessible, that you tie together with modules that you're getting from collections. And I think it's that bundle, you can keep those pits of reusable content in the collections or keep them separate. But, you know, it's stuff that is baked for you, or that maybe somebody inside your organization bakes, but they only have to bake it once. They don't have to bake it in 25 silos over and over and over again. >> Matt, the reason why we're talking about this is interesting, 'cause you know what this points out, in my opinion, it's my opinion. This points out that we're talking about content as a word means that you guys were on the cutting edge of new paradigms, which is content, it's essentially code, but it's addressable, community it's being shared. Someone wrote the code and it's a whole 'nother level of thinking. This is kind of a platform automation. I get it. So give us your thoughts because this is a critical component because the origination of the content, the code, I mean, I love it. Content is, I've always said content, our content should be code. It's all data, but this is interesting. This is the cutting edge concept. Could you explain what it means from your perspective? >> This is about building communities around that content, right? Like it's that sharing that didn't exist before, like Robyn mentioned, like, you know, you shouldn't have to build the same thing a dozen times or 100 times, you should be able to leverage the capabilities of experts and people who understand that section of automation the best, like I might be an expert in one field or Robyn's an expert in another field, we're automating in the same space. We should be able to bring our own expertise and resources together. And so this is what that content is. Like, I'm an expert in one, you're an expert in another, let's bring them together as part of our automation community and share them so that we can use them iterate on them and build on them and just constantly make them better. >> And the concepts are consumption, there's consumption of the content. There's the collaboration of the content. There's the sharing, all this, and there's reputation, there's expertise. I mean, it's a multi sided marketplace here, isn't it? >> Yeah. I read a article, I don't know, a year or two ago that said, we've always evolved in the technology industry around, if you have access to this, first it was the mainframes. Then it was, whatever, personal computers, the cloud, now it's containers, all of this, but, once everybody buys that mainframe or once everybody levels up their skills to whatever the next thing is that you can just buy, there's not much left that actually can help you to differentiate from your competitors, other than your ability to actually leverage all of those tools. And if you can actually have better collaboration, I think than other folks, then that is one of those points that actually will get you ahead in your digital transformation curve. >> I've been harping on this for a while. I think that cloud native finally has gone, when I say "mainstream" I mean like on everyone's mind, you look at the container uptake, you're looking at containers. We had IDC on, five to 10% of the enterprises are containerizing. That's huge growth opportunity. The IPO of, say, Snowflake's on Amazon. I mean, how does this happen? That's a company that's went public, It's the most valuable IPO in the history of IPOs on Wall Street. And it's built on Amazon, it has its own cloud. So it's like, I mean, this points to the new value that's being created on top of these new cloud native architectures. So I really think you guys are onto something big here. And I think you're starting to see this, new notions of how things are being rethought and reimagined. So let's keep it, while I've got you guys here real quick, Ansible 2.1 community release. Tell us more about the updates there. >> Oh, 2.10, because, yeah. Oh, that's fine. I know I too have had, I'm like, "Why do we do that?" But it's semantic versioning. So I am more accustomed to this now, it's a slightly different world from when I worked on Fedora. You know, I think the big highlight there is really collections. I mean, it's collections, collections, collections. That is all the work that we did, it's under the hood, over the hood, and really, how we went from being all in one repo to breaking things out. It's a big line for, we're advancing both the tool and also advancing the community's ability to actually collaborate together. And, you know, as folks start to actually use it, it's a big change for them potentially in how they can actually work together in their organizations using Ansible. One of the big things we did focus on was ensuring that their ease of use, that their experience did not change. So if they have existing Ansible stuff that they're running, playbooks, mod roles, et cetera, they should be able to use 2.10 and not see any discernible change. That's all the under the hood. That was a lot of surgery, wasn't it, Matt? Serious amounts of work. >> So Matt, 2.10, does that impact the release piece of it for the developers and the customers out there? What does it change? >> It's a good point. Like at least for the longer term, this means that we can focus on the Ansible core experience. And this is the part that we didn't touch on much before now with the collections pieces that now when we're fixing bugs, when we're iterating and making Ansible as an engine of automation better, we can do that without negatively impacting the automation that people actually use. We could focus on the core experience of actually automating itself. >> Execution environments, let's talk about that. What are they, are they being used in the community today? What do you guys react to that? >> We're actually, we're sort of in the middle of building this right now. Like one of the things that we've struggled with is when you, you need to automate, you need this content that we've talked about before. But beyond that, you have the system that sits underneath the version of Linux, the kernel that you're using, going even further, you need Python dependencies, you need library dependencies. These are hard and complicated things, like in the Ansible Tower space, we have virtual environments, which lets you install those things right alongside the Ansible Tower control plane. This can cause a lot of problems. So execution environments, they take those dependencies, the unit that is the environment that you need to run your automation in, and we're going to containerize it. You were just talking about this from the containerization perspective, right? We're going to build more easily isolated, easy to use distinct units of environments that will let you run your automation. This is great. This lets you, the person who's building the content for your organization, he can develop it and test it and send it through the CI process all the way up through production, it's the exact same environment. You could feel confident that the automation that you're running against the libraries and the models, the version of Ansible that you're using, is the same when you're developing the content as when you're running it in production for your business, for your users, for your customers. >> And that's the Nirvana. This is really where you talk about pushing it to new limits. Real quick, just to kind of end it out here for Ansible 2020, AnsibleFest 2020. Obviously we're now virtual, people aren't there in person, which is really an intimate event. Last year was awesome. Had theCUBE set right there, great event, people were intimate. What's going on for what you guys have for people that obviously we got the videos and got the media content. What's the main theme, Robyn and Matt, and what's going on for resources that might be available for folks who want to learn more, what's going on in the community, can you just take a minute each to talk about some of the exciting things that are going on at the event that they should pay attention to, and obviously, it's asynchronous so they can go anywhere anytime they want, it's the internet. Where can they go to hang out? Is there a hang space? Just give the quick two second commercial, Robyn, we'll start with you. >> All right. Well of course you can catch the keynotes early in the morning. I look forward to everybody's super exciting, highly polite comments. 'Cause I hear there's a couple people coming to this event, at least a few. I know within the event platform itself, there are chat rooms for each track. I myself will be probably hanging out in some of the diversity and inclusion spaces, honestly, and I, this is part of my keynote. You know, one of the great things about AnsibleFest is for me, and I was at the original AnsibleFest that had like 20 people in Boston in 2013. And it happened directly across the street from Red Hat Summit, which is why I was able to just ditch my job and go across the street to my future job, so to speak. We were... Well, I just lost my whole train of thought and ruined everything. Jeez. >> We got that you're going to be in the chat rooms for the diversity and community piece, off platform, is there a Slack? Is there like a site? Anything else? 'Cause you know, when the event's over, they're going to come back and consume on demand, but also the community, is there a Discord? I mean, all kinds of stuff's going on, popping up with these virtual spaces. >> One thing I should highlight is we do have the Ansible Contributor Summit that goes on the day before AnsibleFest and the day after AnsibleFest. Now, normally this is a pretty intimate event with the large outreach that we've gotten with this Fest, which is much bigger than the original one, much, much, much bigger, we've, and signing up for the contributor summit is part of the registration process for AnsibleFest. So we've actually geared our first day of that event to be towards new or aspiring contributors rather than the traditional format that we've had, which is where we have a lot of engineers, and can you remember sit down physically or in a virtual room and really talk about all of the things going on under the hood, which is, you know, can be intimidating for new people. Like "I just wanted to learn about how to contribute, not how to do surgery." So the first day is really geared towards making everything accessible to new people because turns out there's a lot of new people who are very excited about Ansible and we want to make sure that we're giving them the content that they need. >> Think about architects. I mean, SREs are jumping in, Matt, you talked about large scale. You're the chief architect, new blood's coming in. But give us an update on your perspective, what people should pay attention to at the event, after the event, communities they could be involved in, certainly people want to tap into you are an expert and find out what's going on. What's your comment? >> Yeah, you know, we have a whole new session track this year on architects, specifically for SREs and automation architects. We really want to highlight that. We want to give that sort of empowerment to the personas of people who, you know, maybe you're not a developer, maybe you're not, operations or a VP of your company. You're looking at the architecture of automation, how you can make our automation better for you and your organization. Everybody's suffered a lot and struggled with the COVID-19. We're no different, right? We want to show how automation can empower you, empower your organization and your company, just like we've struggled also. And we're excited about the things that we want to deliver in the next six months to a year. We want you to hear about those. We want you to hear about content and collections. We want you to hear about scalability, execution environments, we're really excited about what we're doing. You know, use the tools that we've provided in the AnsibleFest event experience to communicate with us, to talk to us. You can always find us on IRC via email, GitHub. We want people to continue to engage with us, our community, our open source community, to engage with us in the same ways that they have. And now we just want to share the things that we're working on, so that we can all collaborate on it and automate better. >> I'm really glad you said that. I mean, again, people are impacted by COVID-19. I got, it sounds like all channels are open. I got to say of all the communities that are having to work from home and are impacted by digital, developers probably are less impacted. They got more time to gain, they don't have to travel, they could hang out, they're used to some of these tools. So I think I guess the strategy is turn on all the channels and engage in new ways. And that seems to be the message, right? >> Yeah, exactly. >> Alright, Robyn Bergeron, great to see you again, Matt Jones, great to chat with you, chief architect for Ansible Automation Platform and of course, Robyn senior manager for the community team. Thanks so much for joining me today. I appreciate it. >> Thank you so much. >> Okay. It's theCUBE's coverage. I'm John Furrier, your host. We're here in the studio in Palo Alto. We're virtual. This is theCUBE virtual with AnsibleFest virtual. We're not face to face. Thank you for watching. (calm music)

>> From theCUBE Studios in Palo Alto in Boston, bringing you data-driven insights from theCUBE and ETR, this is Breaking Analysis with Dave Vellante. >> Application performance management AKA APM, you know it's been around since the days of the mainframe. Now, as systems' architectures became more complex, the technology evolved to accommodate client-server, web-tier architectures, mobile and now of course, cloud-based systems. A spate of vendors have emerged to solve the sticky problems associated with ensuring consistent and predictable user experiences. The market has grown, I mean it's decent size, it's about $5 billion globally. It's growing at a consistent 10% CAGR. It's got a variety of established companies and new entrants that are attacking this space. Hi everyone, welcome to this week's Wikibon Cube Insights powered by ETR. My name is Dave Vellante and today, we welcome back ETR's Erik Bradley, who was the chief engagement strategist at Aptiviti which is the holding company of our data partner, ETR. Erik, my friend, great to see you. Thanks so much for coming on and spending some time with us. >> Oh, always enjoy it Dave. Great to see you too and I'm just glad I got some fresh material for ya. >> As always, you have fresh data. Now, Erik just recently hosted an ETR VENN session and on this particular topic, APM. Now VENNs are an open round table, they're exclusively available to ETR's clients and what we do is we sometimes come in theCUBE and we summarize those sessions in our Breaking Analysis. Now Erik, yo let's start with a summary slide here, guys, if you could bring that up, we just want to make a couple of points and... So as I said Erik, I mean this started back, you know in the System/390 days. Now, distributed systems and cloud of course create a lot more complexity, you got data that's really fragmented. You got user data, you got application data, you have infrastructure data and it gets complicated and you've got guys in lab coats having to come in and diagnose these stuff, lot of tribal knowledge. What are you seeing in the space? >> Well yeah, you know to start back, you know it's funny when the panel I hosted, one of the guys even brought up Tivoli, how long ago that was right? Then of course you get, you know you have the solar winds and you had people like that trying to just kind of monitor your network. You know what we've heard a lot about now is infrastructure has really become code-based. So when that happens, you really start wondering to yourself the lines are blurring between infrastructure and application because at the end of the day, what you're really monitoring is code. So it has gotten incredibly complex, you have OnPrem, you have hybrid, you have multi-cloud approach so it has gotten extremely complex and there's also now a third wave of next-gen vendors getting involved in the mix as well. As you're aware, New Relic and Datadog, obviously, Splunk has been in logging and monitoring for a long time. You also had some of the traditional players throw their hat in the ring through acquisition, that you know AppDynamics gobbled up by Cisco and obviously Splunk trying to continue to reinvent themselves a little bit by SignalFx. So it is a very crowded, complex space, it is a complicated problem but it's also a problem that needs to be solved. You know, we were looking at, you said in your intro about, it's only about a $5 billion market right now but there's been a lot of data out there from industry analysts saying that that's going to grow quite handsomely over the next five years and it could get up to 13, 14, 15 billion. And when I asked my panel about that, I had one gentleman say without a doubt, they see the next 10 years that spending in this space will continue. And when you pry and ask why, they simply state that digital transformation is not going to stop, it's marching forward, whether anyone likes it or not and as it does, monitoring is going to be critical, it's only going to increase and increase and increase. So right now, to your point, it's a small market but it's a growing market and there's a lot of entrance in there and their whole goal is to reduce this complexity that you're talking about. >> Now, one of the things we heard from the panel, guys if you bring up that same slide again, you know the third point on that slide was what's closely tied to digital transformation. You heard a number of individuals say, "Look, your digital business is critical, it's all about monitoring your applications and your data and your infrastructure. And we heard a lot that they wanted a, a single pane of glass and you made a number of points about the market. What are your thoughts on both the digital transformation, maybe the COVID acceleration of that mandate and that notion of a single pane of glass, is that aspirational or is it, in your view, something that is actually technically feasible? >> Not only is it technically feasible, it has to happen. It's going to be demanded by the large enterprise, they can't continue to monitor hundreds and hundreds of applications. They need something that not only can give them observability through their entire stack, but they need to be able to view it in one way, there's enough fatigue in monitoring and logging. And actually it goes even further than one pane of glass, they're demanding that these systems can now actually employ machine learning algorithms to be proactive. It's not enough to just say, "Okay, I observed this," you have to let me know that this may happen in the future and what to do about it. So not only is it feasible, it's something that is being demanded by the end-user market and the players that survive are the ones that already have that in their roadmap. >> Now, as we always like to do in these sessions, we're going to bring up some ETR data and we like to position the companies. So what we do is, we're going to bring up some of the pure players, pure-play companies and you can see them on this slide. But Erik, and when we talk about companies in this space, they are well over a dozen. It's just again for reference, you know it's Cisco with AppD, you mentioned that before Dynatrace is one of the leaders, New Relic has been around for awhile and is doing well, Splunk, Datadog. Now of course, and we're not showing them here, AWS, Microsoft and Google cause they just sort of, they pollute the chart. But so I want to start with the guys that are on this view and maybe talk about a few. Elastic came up a lot, certainly AppD came up a little, Dynatrace was obviously mentioned, especially in large organizations. Lot of conversations about New Relic. So let's go through them. Where do you want to start here? >> Yeah there's a lot to go through and we did spend the majority of the panel talking about the individual players, the differences between them and also what we thought their longer term prospects were but yeah, we'll go through each one. I think maybe to start with, let's go back in time a little bit, right? Cisco is a wonderful acquirer, they do a great job at M&A. A lot of companies will acquire something and let it die on the vine. Cisco has proven recently that they are reinventing themselves as a full platform play, whether that be through, you know, kind of, their networking reach or whether it be through the security. And AppDynamics is one of those that actually kind of gives you a little bit of both with being able to monitor. It is a great play for people that are already involved with Cisco. Now, I don't think you're going to see too many people that are non-Cisco customers run out and buy it. There you're going to see some of them, maybe the pure plays or one of my guests called the third wave of vendors. And that third wave is really about a Datadog and a New Relic. Let's talk about Datadog first. >> Yeah let's bring that back up guys, if you would. Now let me just, sorry to interrupt you Erik (indistinct) The vertical axis here is net score, that's the ETR's primary metric, and that's an indication of spending velocity, the higher, the better. And on the horizontal axis is market share. Now we're showing the July data, the October data is in the field, you know once ETR releases that to its clients, then we'll share that with you. But the first thing that jumps out at me is other than Elastic Erik, I mean, I'm not blown away by the spending momentum in this space but let's talk about that and then some of your thoughts on the specific vendors. >> Yeah, you know I'll go back because you asked a little bit about the digital transformation, I don't think I answered it fully. So to your comment about maybe not being impressed with the spend, I think this is one where the spend is going to come, kind of as a laggard because you're not going to rush out and go buy the software to monitor until you've built out the, what needs to be monitored. So as we're seeing this increase in the digital transformation, and I think you and I had a conversation in the past, but when COVID first hit and I did a series of panels, we had one person say that this virus is going to increase digital transformation by five to 10 years. Now that was an amazing statement. Basically, if you were on the fence, if you didn't, if you weren't already heading down to digital transformation, you needed to play catch up quickly. So now that you are doing that right, now that you're moving from OnPrem to a multicloud or a hybrid cloud environment, you have to get observability, you have to get monitoring into it. So now these players start to play catch up and this is where you're going to see the proof of concepts and you're going to see people trying to decide which direction they're going to take their company. Now back to the actual vendors. I believe that there is some differentiation, right? So we'll just take, for instance, Splunk. Splunk is obviously probably the biggest boy on the block when it comes to just straight up logging and monitoring. They've leveraged that big boy position to really, you know, add some costs, kind of intimidate their customers they've been compared in the past of the type of things that Oracle used to do from their cost perspective. And that's opened up some new competition, Datadog is one of those. According to my panel, Datadog is viewed more for logging and monitoring than it is truly full end-to-end observability throughout your entire network and application system. So that is one of the areas that's there. Now, to stay on those two names for a quick second, Splunk obviously has some holes in what they're trying to offer, they went out and tried to buy SignalFx to fill one of those holes. Now according to my panel again, did a great job filling that hole, problem is if you have a boat with three holes, you can't put your fingers everywhere. So they think, hey listen, Splunk scrape, they're going to keep the company they have and I know that we can talk a little bit more about valuations and the equity side later, but I think it's very clear that their sales and revenue are trending flat to down, whereas some of these other names still have great acceleration in their sales. So Splunk and Datadog both are really facing pressure from Elastic or generally just open-source. >> I was struck by the panel and how much emphasis they, how much complaining they did about Splunk pricing. Generally, I feel like hey, if your price is too high is the biggest objection, that's actually not a bad thing for a company but the way they kept hitting on it and said, "Hey, we're actively looking for alternatives" and Datadog was one of those and given the momentum that Datadog has, I don't think that that's necessarily a positive. But you know Splunk has a lot of loyal customers but you know to your point if you go back to the slide, Elastic came up very, very strong and they are head and shoulders from a spending momentum above the rest of the crowd here. >> Right. And you know, so you're right. If the only problem with a vendor or a technology is cost, usually you live with it because that means it's giving you what you need. So okay, it's expensive but it's also the best in breed and that's where Splunk has been for a very long time. And I think they're resting on their laurels knowing that. Enter Elastic and you say to these guys, the panel, I asked them, well okay, you can make Elastic work but is it truly a viable alternative from a technology standpoint? And the answer to that was not only is it viable, it's half the price. So if you can bring something in that can do the job the same and it's half the cost, it's really difficult not to at least try. And I had one of the other gentlemen who was a Datadog customer said, "Listen, we love Datadog, we were a huge customer and then I started getting enormous bills and I just switched over to open-source, I switched to Elastic, I switched to Kibana, I switched to Kafka and I can do this search myself. Now the difference is not every enterprise has the human skillset to do so and I'm not saying Splunk's going to turn around to disappear tomorrow, not even close. Because there is a difference in spending that money with the vendor or spending that money developing the human skillset to use open-source. But the bigger backdrop here is there are more alternatives than there used to be, there's more competition and the space is getting very crowded. >> Yeah, comment on open-source. I mean open-source is free like a puppy. But the thing about that, and we had one of the panelists was a very senior consultant, exclusively work with very large companies, he told a story about one of the companies years ago, he came in to solve a problem. The problem was they had 70% availability and then they had no visibility on their infrastructure and there's really no great, no good monitor, they get them up to whatever, five nines or two, three nines or wherever they got them to, but dramatic improvement. And so, but he said, "Look it, I work with companies with billions of dollars, $3 billion IT budgets so they don't rely on open-source for this stuff, they're happy to spend." But there's a huge market, particularly in the mid size where we heard that New Relic plays in a big way, it might be more receptive to open-source. >> Couple of great points there Dave, honestly. I'm going to jump over to the use case that was given by that person who was in a healthcare role. And essentially the part I didn't write into my summary was that his CEO was two days away from shutting down the entire business because he was so frustrated that he had no observability and Dynatrace was the one that was able to step in and fix that. And this gentleman did say that the majority of the companies that he does work with which are all in the Fortune 100, Dynatrace has a stranglehold in that spot. So that's really interesting to note. Now on the flip side, when pushed a little bit more later in the panel, he said, "Dynatrace is sort of resting on its laurels from a product roadmap standpoint and that's going to open up the possibility of a New Relic getting in," a transition to New Relic as you mentioned on their small to medium sized business. They recently launched a new pricing strategy which is basically a free version to get you involved to kind of get their hooks into you and see if you can work it out. And basically what they're trying to do there I think is, you know, make up for their lack of marketing. As you saw the panel that we spoke about said, "New Relic's technology is fantastic." They have the ability to provide a single pane of glass which is the Holy Grail in this space and they have the ability to provide machine learning and proactive type of ability which again are the two things that all of the end-users are asking for. The problem is that most people might not be aware of it because New Relic doesn't have as flashy a marketing department, they don't have the dollars as much as the others to go out there and compete with the Splunk and Dynatrace and Cisco. But from a roadmap perspective, it was almost unanimous that our panel agreed, New Relic is by far, one of the leaders from a functionality standpoint. >> Yeah, if you guys bring that slide up one more time, the X Y. I mean, I look at where New Relic is and I'm like wow, I'm surprised. I mean this company, I mean they were the hot company for awhile and I think still have the capability. You're talking about the technology. NRDB, New Relic database is like, it kicks ass. In fact, you know Erik, somebody brought up in the panel that they thought that snowflake could compete in this market because essentially Snowflake's positioning is this data cloud. But you know, here's New Relic, they have a purpose-built database specifically for monitoring an APM so you would think that with that technology, they could really make some moves. And then I just want to bring in two other companies to the mix here. Honeycomb who I think even their founder and former CEO now CTO, she coined the term I believe, observability. And there's another company that is run by Jeremy Burton, company's called Observe, okay (indistinct) and it's funded by the Silicon Valley Mafia. So that's going to be an interesting one to watch, they're coming out, well they're out of stealth but they're doing a launch on October 7th. So I think those are two companies that could disrupt this space and I would expect to see, as you said, it's a latent momentum in net score from a dataset standpoint because people are trying to plug the holes cause of COVID, you know security, work from home, that pivot and now it's really on to digital transformation and that's where APM really comes in. >> It really does and again, it comes back to that comment someone made a long time ago that everything's becoming code as software eats the world and everything becomes code, you need the ability to kind of monitor that code, enter Honeycomb. And as you know, we have two different studies at ETR, one of them is for emerging technology. Honeycomb is in our emerging technology study that's more of a private series B to series E round stage whereas our main study is for companies that are pre IPO or already public. But Honeycomb is a little bit different in my opinion, that they're focused very much so on the developers or the software engineers. They're a very microservices oriented type of product whereas some of the other ones may have started as an infrastructure monitoring and then kind of work their way backward into application. But Honeycomb certainly needs to be observed and it's funny when you talk about that, the one thing I think is, "Oh great, more players." The crowded space gets even more crowded. And I think well you know, kind of foreshadowing something you and I will be speaking about in a little bit but there's a lot of players in this space and there's a lot of other possible interest in there. You mentioned Snowflake. It actually wasn't brought up from our panelists, it was a question that came from one of my clients that said, "Hey, I'm curious, can snowflake play in this space?" And the panel thought about it for a second and said, "There's absolutely no reason why they can't, they most certainly can." And we all know the cash they have so I mean the easiest way to play in that would maybe be to buy some of the technology, integrate it in and yeah, they have that portability. And if I can real quickly, they've just, one of the things that came out that was so important about this, we haven't spoken about the vendors is, is the public cloud. The public cloud offers this. They offer monitoring, they'll give it to you for free. If I'm going to run Kubernetes at Google, I'm going to get the monitoring for free which is super nice, right? But if I have an enterprise that has multicloud or hybrid cloud, and I'm working outside of that public cloud silo, it doesn't work. This is the exact conversation you and I had about Snowflake. AWS Redshift's fantastic but it doesn't work outside of AWS. So if every one of our enterprises continues on the digital transformation, they need portability. They have to be able to go across any architecture structure and that's why these independent providers are really starting to gain steam when you would think they could never compete with the public cloud. >> Yeah man, that's a great point. And we've talked about this in the context of Snowflake that who are you going to trust with your multi-cloud strategy? Are you going to trust AWS? Are you going to trust Google? Yeah, okay, they got Anthos but we kind of know why they're taking that posture. Microsoft, look, I'm probably going to partner with somebody who can, who's maybe I have a relationship with them with my OnPrem and that is really sort of agnostic to the various clouds so I'm glad you brought that up. And you know the point you're making about Honeycomb is a good one and I'll add that, again, it gets more complex with microservices and containers, that's spinning them up, spinning them down. Sometimes these, first of all, these microservices, sometimes aren't that micro and second of all, you're sometimes talking about hundreds of thousands of containers so it's a really increasingly complex environment. All right. What I want to do is-- >> You didn't even touch on serverless, we'll do that some other day. >> Oh, yeah, I mean absolutely. A hundred percent, right. So, now let's take a look at some of the valuations, guys if you bring that up for me. So I put this little chart together and it's always instructive. Now I like to, simple guy Erik so I like to... So you see, the company, I take a trailing 12-month revenue and then the market cap as of 9/25. And then just a simple revenue multiple, just to get a sense, it's not a hardcore valuation model but it's interesting and there usually is a correlation to the growth rate, I just pulled that off the latest quarterly growth rate. I mean, look at Datadog. I mean that's like Snowflake pre IPO valuations. I mean you're really, right around there with smaller revenue, smaller growth rate, Snowflakes up in the whatever 120% range but well eye-popping. You know the same valuation as Splunk, I mean that's just amazing. What do you make of this data? >> Well, you know I was an equity analyst for almost 15 years on the Wall Street side. So the, my first caveat is a trailing revenue to the multiple is not always the same because people are looking at what the forward expected revenue will be but I actually do see the correlation here. And when you brought this up, my eyes popped open. I do not understand why Datadog has a 27 billion market cap on a trailing 350 million in revenue. I just don't know if their forward looking growth really warrants that and at the same time, then you look at a Splunk, right? I mean they have two and a half billion in revenue but their growth rate's down and truthfully, when I see a -5% growth rate, I don't know why you weren't at 12% sales either. I would argue that there's quite a few names on here that could be in for a reckoning, ETR actually as far back as a year ago caught this in our data and said, "Hey, there's some inflection points here and I think investors need to pay attention to them." And since we came out with the July report, a lot of these names we're talking about, despite insane valuations in the equity markets are flat to down. And, you know I do think that, hey if they stay stagnant and their technology is right but it's a crowded space, I think we're really leading to the point where as one of my panelists said, this industry is ripe for consolidation. These players are not all going to be here in 12 months, it's that simple. >> Yeah and by the way, thank you for mentioning that as a former equity analyst, you were right (indistinct) 12 months, it's kind of the rear-view mirror. But I'll tell you, two reasons why I do that. One is, I put the growth rate in there so you can pick your own growth rate and your own forward revenue. The other is it's really easy for me to get TTM off a Yahoo as opposed to >> Right exactly. >> And so truth be told. But, guys bring that back up one more time cause I want to make a point about New Relic. I mean I think they are potentially right for an M&A because they got great technology. Now remember Elliot Management is in there and when Elliot's is in there, stuff's going to happen. They're going to start cleaning house, they're going to really create changes, they don't just get in in a big way and sit back and watch, they are extremely active. And the New Relic, leader in this space, great technology, great heritage. So either they got to clean up and get that valuation back up maybe as you pointed out, little bit better marketing posture, et cetera or they get taken out. >> Yeah and let's think about the two things that coincide, right? You have one of the world's best activist funds get involved in Elliot Management. And as you said, they don't get involved to just sort of watch or observe as we're talking about here today, they are very active in trying to get some sort of a, you know, corporate action done. And at the same time, all of a sudden New Relic comes out with a new pricing model. They're trying to create a moat around the small to medium business, right? They're trying to grow their footprint. Now the great thing about getting involved in small to medium businesses, it starts off for free but you grow with them. So I don't think those two are a coincidence, let me just put it that way. I think that they're coming in, they're trying to entrench themselves in a new market and set themselves up for future growth and I truly believe that based on the product roadmap and the feedback we were getting from the end-users in my panel, New Relic has the ability to look across all architecture, it has the ability to provide a single pane of glass and it has the ability to incorporate machine learning for proactive response. Their roadmap is fantastic, they have an active manager inside as an investor, I don't think they're going to be around for much, much longer. And obviously that you look around and you wonder who the acquirers will be and it might be one of the major cloud players. >> Yeah that would be interesting. I mean it gives them a play in a multicloud world and either they're going to just use that for their own advantage or they will actually see that as an opportunity, we'll be itching to watch. Alright, anything we didn't cover that you want to touch on or give us your final thoughts, please Erik. >> You know I would also just sort of mention a little bit about Splunk. This is a company that has a tremendous amount of revenue, a tremendous installed customer base but many, many times we've seen it before and Oracle is the greatest example. They kind of forget about their customers and they don't treat them properly. And I can't tell you how many people I have mentioned to me said, "Hey when this all went down in the viral pandemic and I went to Splunk and I asked for a little bit of pricing flexibility, I asked for this, I asked for that and they just wouldn't give it to me." And I wrote an article once called (indistinct) never forget similar to an elephant. And when they come out the other side, they're going to find a way to replace them. And today I also wrote an article that it was our 200th interview and I entitled it, The Splunk Funk. And basically it's about all the alternatives that are now out there, not just open source, but other vendors, even the vulnerability management players like a Rapid7, like a Tenable are getting into this space now. Fortinet, which one guy called "Fortaeverything" is a company that's really expanding. So I would just really kind of caution some of those vendors out there that don't rest on your laurels, don't take your customers for granted because sooner or later, they're going to be in a position to bite the back. >> Well I'll say this about Splunk, I've been following the company since the early part of last decade and I've done a lot of Cube interviews at their shows. They do have a passionate, passionate customer base, they got the experts that run around with that crazy hat and I've seen Splunk killers emerge for the last decade and so... But I think your point is right. I mean they've, the SignalFx acquisition was something that, it was a hole to fill and it gets them into a subscription-based model, they're going through that transition now. But I think they have some real gravity with their customer base. So, all right, let me summarize. For years, the application monitoring and management, it's really relied on alerts, logs, traces and even what I call tribal knowledge. In that world of pre-distributed systems, that was fine, like I said a trace can tell you what was going on. But things have begotten much more complicated architecturally with cloud and mobile and they're really changing fast now. Erik mentioned serverless, we talked about containers. So, today it's much harder to understand the customer experience because it's difficult to get a full picture of the data. And what I mean by that is that the user data, the application data, the infrastructure data, they're all fragmented and the Holy Grail solution really takes all this disparate data, it ingests it, it transforms it. Connects the dots if you will, across clouds, Onprem and then it shapes it, brings in machine intelligence, really creating an organic systems view that can proactively tell you that there's a problem coming. And finally, nearly absolute Nirvana is doing this in a way that non-technical people are going to be able to understand the true user experience. You know in theory, this is going to allow organizations to remediate in 110th the time with much, much lower costs and that's going to be critical in this world of digital transformation. So thank you Erik, really appreciate you coming on today. >> Always enjoy it Dave, it's always great talking to you and hopefully we'll do it again soon. >> All right, I can't wait. And thank you everybody for watching this episode of theCUBE Insights powered by ETR. Remember these episodes, they're all available on podcasts. We publish weekly on wikibon.com and siliconangle.com so you got to check that out. And don't forget, go to etr.plus for all the survey action. Would appreciate if you kindly comment on my LinkedIn post or tweet me @dvellante or email at david.vellante@siliconangle.com This is Dave Vellante. Thanks so much to Erik Bradley, be well and we'll see you next time. (bouncy music)