>>from San Francisco. It's the queue covering our essay conference. 2020. San Francisco Brought to you by Silicon Angle Media's >>Welcome Back Around Here at the Cube. Coverage for our conference. Mosconi, South Floor. Bring you all the action day one of three days of cube coverage where the security game is changing, the big players are making big announcements. The market's changing from on premise to cloud. Then hybrid Multi cloud was seeing that wave coming. A great guest here. Barr, our VP of product strategy and co founder of the Mystery, was acquired by Palo Alto Networks. Worries employed now, Rishi. Thanks for coming on. Thank you. Absolutely happy to be here. So, first of all, great journey for your company. Closed a year ago. Half a 1,000,000,000. Roughly give or take 60. Congratulations. Thank you. Big accomplishments. You guys were taken out right in the growth phase. Now at Palo Alto Networks, which we've been following, you know, very careful. You got a new CMO over there, Jean English? No, we're very well. We're very bullish on Palo Alto. Even though that the on premise transitions happening cloud. You guys are well positioned. How's things going things are going fantastic. We're investing a lot in the next Gen security business across the board, as mentioned Prisma Cloud is big business. And then on the other side, which is what I'm part of the cortex family focused on the Security operations center and the efficiencies That's fantastic and, ah, lot off product innovations, investment and the customer pull from an operations perspective. So very excited. You guys had a big announcement on Monday, and then yesterday was the earnings, which really kind of points to the trend that we're seeing, which is the wave to the cloud, which you're well positioned for this transition going on. I want to get to the news first. Then we get into some of the macro industry questions you guys announced the X ore, which is redefining orchestration. Yes. What is this about? What's this news about? Tell us. >> So this news is about Mr was acquired about a year ago as well. This is taking that Mr Platform and expanding it on, expanding it to include a very core piece, which is Intel management. If you look at a traditional saw, what has happened is soccer teams have had the same dead and over the last few years acquired a sword platform such as a mystery security orchestration, automation and response platform. But the Edge Intel team has always been still separate the threat Intel feeds that came in with separate. With this, we are expanding the power of automation and applying doc to the threat intelligence as well. That is, thread intelligence, current state of the art right now. So the current state of the art of threat intelligence is are the larger organizations typically subscribe to a lot of faith, feeds open source feeds and aggregate them. But the challenge is to aggregate them the sit in a repository and nobody knows what to do with them. So the operationalization of those feeds is completely missing. >> So basically, that is going to have data pile. Corpus is sitting there. No one touches it, and then everyone has to. It's a heavy lift. It's a heavy lift, and nobody knows. Cisco sees the value coming out of it. How do you proactively hunt using those? How do you put them to protecting proactively to explain cortex X, or what is it? And what's the value? So the cortex X or as a platform. There are four core pieces, three off which for the core tenants of the misto since the big one is automation and orchestration. So today we roughly integrate with close to 400 different products security and I t products. Why are the FBI on let customers build these work flows come out of the box with close to 80 or 90 different workloads. The idea of these workloads is being able to connect to one product for the data go to another taken action there Automation, orchestration builds a visual book second s case management and this is very critical, right? I mean, if you look at the process side of security, we have never focused as an industry and the process and the human side of security. So how do you make sure every security alert on the process the case management escalation sl A's are all managed. So that's a second piece off cortex. Third collaboration. One of the core tenants of Mr Waas. We heard from customers that analysts do not talk to each other effectively on when they do. Nobody captures that knowledge. So the misto has an inbuilt boardroom which now Cortex X or has the collaboration war room on that is now available to be able to chat among analysts. But not only that charged with the board take actions. The fourth piece, which is the new expanded platform, is the personal management to be able to now use the power of orchestration, automation collaboration, all for threat intelligence feeds as well. Not only the alerts >> so and so you're adding in the threat. Intelligence feeds, yes. So is that visualize ai on the machine Learning on that? How is that being process in real time? How does that on demand work for that fills. So the biggest piece is applying the automation and intelligence to automatically score that on being able to customize the scoring the customer's needs. Customized confidence score perfect. And once you have the high fidelity indicators automatically go block them as an example. If you get a very high fidelity IOC from FBI that this particular domain is the militias domain, you would want to block that in. Your firewall is executed immediately, and that is not happening today. That is the core, and that's because of the constraint is I don't know the data the way we don't know the data and it's manual. Some human needs to review it. Some human needs to go just not being surfaced, just not. So let's get back into some of the human piece. I love the collaboration piece. One of things that I hear all the time in my cube interviews across all the hundreds of events we go to is the human component you mentioned. Yes, people have burnt out. I mean, like the security guys. I mean, the joke was CIOs have good days once in a while, CSOs don't have any good days, and it's kind of a job board pejorative to that. But that's the reality. Is that it works? Yes. We actually okay, if you have another job. Talking of jokes, we have this. Which is what do you call and overwork security analyst. A security analyst, because every one of them >>is over word. >>So this is a huge thing. So, like the ai and some of the predictive analytics trend Is tourist personalization towards the analyst Exactly. This is a trend that we're seeing. What's your view on this? What? You're absolutely We're seeing that trend which is How do you make sure analyst gets to see the data they're supposed to see at the right time? Right. So there's one aspect is what do you bring up to the analyst? What is relevant and you bring it up at the right time to be able to use it. Respond with that. So that comes in one from an ML perspective and machine learning. And our cortex. XDR suite of products actually does a fantastic job of bringing very rich data to the analyst at the right time. And then the second is, can we help analyst respond to it? Can we take the repetitive work away from them with a playbook approach? And that's what the cortex platform brings to that. I love to riff on some future scenarios kind of. I won't say sci fi, but I got to roll a little bit of a future to me. I think security has to get to like a multi player gaming environment because imagine like a first person shooter game, you know where or a collaborative game where it's fun. Because once you start that collaboration, yes, then you're gonna have some are oi around. I saw that already. Don't waste your time or you get to know people. So sharing has been a big part? Yes. How soon do you think we're gonna get to an environment where I won't say like gaming? But that notion of a headset on I got some data. I know you are your reputation. I think your armor, you're you're certifications. Metaphorically putting. I think way have a lot of these aspects and I think it's a very critical point. You mentioned right one of the things which we call the virtual war room and like sex or I was pointing out the fact that you can have analysts sit in front of a collaboration war room not only charge for the appears but charged with a boat to go take care of. This is equivalent to remember that matrix movie plugging and says, you know how to fly this helicopter data and now I do. That's exactly what it is. I think we need to point move to a point where, no matter what the security tool is what your endpoint is, you should not have to learn every endpoint every time the normalization off, running those commands via the collaboration War Room should be dead. I would say we're starting to see in some of the customers are topics or they're using the collaboration war room to run those commands intractably, I would say, though, there's a big challenge. Security vendors do not do a good job normalizing that data, and that is where we're trying to reach you. First of all, you get the award for bringing up a matrix quote in The Cube interview. So props to that. So you have blue teams. Red teams picked the pill. I mean, people are people picking their teams. You know what's what's going on. How do you see the whole Red Team Blue team thing happening? I think that's a really good stuff happening. In my opinion, John, what's going on is right now so far, if you see if I go back three years our adversaries were are committing. Then we started to see this trend off red teaming automation with beach automation and bunch of companies starting to >>do that >>with Cortex X or on similar products, we're starting to now automate the blue team side of things, which is how do you automatically respond how do you protect yourself? How do you put the response framework back there? I think the next day and I'm starting to see is these things coming together into a unified platform where the blue team and the team are part of the same umbrella. They're sharing the data. They're sharing the information on the threat Intel chair. So I see we are a very, very good part. Of course, the adversities. I'm not gonna sit idle like you said about the Dev ops mindset. Heavens, notion of knowledge coming your way and having sharing packages all baked out for you. She doesn't do the heavy lifting. That's really the problem. The data is a problem. So much demand so much off it. And you don't know what is good and what is not. Great. Great conversation again. The Matrix reference about your journey. You've been an entrepreneur and sold. You had a great exit again. Politics is world class blue chip company in the industry public going through a transition. What's it like from an entrepreneur now to the big company? What's the opportunity is amazing. I think journey has been very quick. One. We saw some crazy growth with the misto on. Even after the acquisition, it's been incredibly fast pace. It's very interesting lot of one of the doctors like, Hey, you must be no resting is like, No, the journey is amazing. I think he s Polito Networks fundamentally believe that. We need to know where it really, really fast to keep the adversaries out on. But that's been the journey. Um, and we have accelerated, in fact, some of our product plans that we hard as a start up on delivering much faster. So the journey has been incredible, and we have been seeing that growth Will they picked you guys write up? There's no vesting interesting going on when you guys were on the uphill on the upslope growth and certainly relevance for Palo Alto. So clearly, you know, you haven't fun. People vested arrest when they checked out, You guys look like you're doing good. So I got to ask you the question that when you started, what was the original mission? Where is it now? I mean this Is there any deviation? What's been the kind? Of course you know, this is very, very relevant questions. It's very interesting. Right after the acquisition, we went and looked at a pitch deck, which we presented overseas in mid 2015. Believe it or not, the mission has not changed, not changing iron. It had the same competent off. How do you make the life off a security person? A security analyst? Easy. It's all the same mission by automating more by applying AI and learning to help them further by letting them collaborate. All the aspects off case management process, collaboration, automation. It's not changed. That's actually very powerful, because if you're on the same mission, of course you're adding more and more capabilities. But we're still on the same path on going on that. So every company's got their own little nuanced. Moore's Law for Intel. What made you guys successful was that the culture of Dev ops? It sounds like you guys had a certain either it was cut in grain. I think I would say, by the way, making things easy. But you got to do it. You got to stay the course. What was that? I think that's a fundamental cultural feature. Yeah, there's one thing really stand by, and I actually tweeted about a few weeks ago, this which is every idea, is as good as good as its execution. So there's two things between really focus on which is customer focused on. We were really, really portable about customer needs to get the product needs to use the product, customer focus and execution. As we heard the customers loud and clear, every small better. And that's what we also did. You guys have this agile mindset as well, absolutely agile mindset and the development that comes with the customer focus because way kind of these micro payments customer wants this like, why do they want this? What is the end goal? Attributed learner. Move on to make a decision making line was on Web services Way debate argue align! Go Then go. And then once you said we see great success story again Startup right out of the gate 2015. Acquire a couple years later, conventions you and your team and looking forward to seeing your next Palo Alto Networks event. Or thanks for coming on. Great insight here on the cube coverage. I'm John Furrier here on the ground floor of our S e commerce on Mosconi getting all the signal extracting it from the noise here on the Cube. Thanks for watching. >>Yeah, yeah,