(light music) >> Hi everybody. Welcome to this Cube Conversation. I'm really pleased to announce a collaboration with Rob Strechay. He's a guest cube analyst, and we'll be working together to extract the signal from the noise. Rob is a long-time product pro, working at a number of firms including AWS, HP, HPE, NetApp, Snowplow. I did a stint as an analyst at Enterprise Strategy Group. Rob, good to see you. Thanks for coming into our Marlboro Studios. >> Well, thank you for having me. It's always great to be here. >> I'm really excited about working with you. We've known each other for a long time. You've been in the Cube a bunch. You know, you're in between gigs, and I think we can have a lot of fun together. Covering events, covering trends. So. let's get into it. What's happening out there? We're sort of exited the isolation economy. Things were booming. Now, everybody's tapping the brakes. From your standpoint, what are you seeing out there? >> Yeah. I'm seeing that people are really looking how to get more out of their data. How they're bringing things together, how they're looking at the costs of Cloud, and understanding how are they building out their SaaS applications. And understanding that when they go in and actually start to use Cloud, it's not only just using the base services anymore. They're looking at, how do I use these platforms as a service? Some are easier than others, and they're trying to understand, how do I get more value out of that relationship with the Cloud? They're also consolidating the number of Clouds that they have, I would say to try to better optimize their spend, and getting better pricing for that matter. >> Are you seeing people unhook Clouds, or just reduce maybe certain Cloud activities and going maybe instead of 60/40 going 90/10? >> Correct. It's more like the 90/10 type of rule where they're starting to say, Hey I'm not going to get rid of Azure or AWS or Google. I'm going to move a portion of this over that I was using on this one service. Maybe I got a great two-year contract to start with on this platform as a service or a database as a service. I'm going to unhook from that and maybe go with an independent. Maybe with something like a Snowflake or a Databricks on top of another Cloud, so that I can consolidate down. But it also gives them more flexibility as well. >> In our last breaking analysis, Rob, we identified six factors that were reducing Cloud consumption. There were factors and customer tactics. And I want to get your take on this. So, some of the factors really, you got fewer mortgage originations. FinTech, obviously big Cloud user. Crypto, not as much activity there. Lower ad spending means less Cloud. And then one of 'em, which you kind of disagreed with was less, less analytics, you know, fewer... Less frequency of calculations. I'll come back to that. But then optimizing compute using Graviton or AMD instances moving to cheaper storage tiers. That of course makes sense. And then optimize pricing plans. Maybe going from On Demand, you know, to, you know, instead of pay by the drink, buy in volume. Okay. So, first of all, do those make sense to you with the exception? We'll come back and talk about the analytics piece. Is that what you're seeing from customers? >> Yeah, I think so. I think that was pretty much dead on with what I'm seeing from customers and the ones that I go out and talk to. A lot of times they're trying to really monetize their, you know, understand how their business utilizes these Clouds. And, where their spend is going in those Clouds. Can they use, you know, lower tiers of storage? Do they really need the best processors? Do they need to be using Intel or can they get away with AMD or Graviton 2 or 3? Or do they need to move in? And, I think when you look at all of these Clouds, they always have pricing curves that are arcs from the newest to the oldest stuff. And you can play games with that. And understanding how you can actually lower your costs by looking at maybe some of the older generation. Maybe your application was written 10 years ago. You don't necessarily have to be on the best, newest processor for that application per se. >> So last, I want to come back to this whole analytics piece. Last June, I think it was June, Dev Ittycheria, who's the-- I call him Dev. Spelled Dev, pronounced Dave. (chuckles softly) Same pronunciation, different spelling. Dev Ittycheria, CEO of Mongo, on the earnings call. He was getting, you know, hit. Things were starting to get a little less visible in terms of, you know, the outlook. And people were pushing him like... Because you're in the Cloud, is it easier to dial down? And he said, because we're the document database, we support transaction applications. We're less discretionary than say, analytics. Well on the Snowflake earnings call, that same month or the month after, they were all over Slootman and Scarpelli. Oh, the Mongo CEO said that they're less discretionary than analytics. And Snowflake was an interesting comment. They basically said, look, we're the Cloud. You can dial it up, you can dial it down, but the area under the curve over a period of time is going to be the same, because they get their customers to commit. What do you say? You disagreed with the notion that people are running their calculations less frequently. Is that because they're trying to do a better job of targeting customers in near real time? What are you seeing out there? >> Yeah, I think they're moving away from using people and more expensive marketing. Or, they're trying to figure out what's my Google ad spend, what's my Meta ad spend? And what they're trying to do is optimize that spend. So, what is the return on advertising, or the ROAS as they would say. And what they're looking to do is understand, okay, I have to collect these analytics that better understand where are these people coming from? How do they get to my site, to my store, to my whatever? And when they're using it, how do they they better move through that? What you're also seeing is that analytics is not only just for kind of the retail or financial services or things like that, but then they're also, you know, using that to make offers in those categories. When you move back to more, you know, take other companies that are building products and SaaS delivered products. They may actually go and use this analytics for making the product better. And one of the big reasons for that is maybe they're dialing back how many product managers they have. And they're looking to be more data driven about how they actually go and build the product out or enhance the product. So maybe they're, you know, an online video service and they want to understand why people are either using or not using the whiteboard inside the product. And they're collecting a lot of that product analytics in a big way so that they can go through that. And they're doing it in a constant manner. This first party type tracking within applications is growing rapidly by customers. >> So, let's talk about who wins in that. So, obviously the Cloud guys, AWS, Google and Azure. I want to come back and unpack that a little bit. Databricks and Snowflake, we reported on our last breaking analysis, it kind of on a collision course. You know, a couple years ago we were thinking, okay, AWS, Snowflake and Databricks, like perfect sandwich. And then of course they started to become more competitive. My sense is they still, you know, compliment each other in the field, right? But, you know, publicly, they've got bigger aspirations, they get big TAMs that they're going after. But it's interesting, the data shows that-- So, Snowflake was off the charts in terms of spending momentum and our EPR surveys. Our partner down in New York, they kind of came into line. They're both growing in terms of market presence. Databricks couldn't get to IPO. So, we don't have as much, you know, visibility on their financials. You know, Snowflake obviously highly transparent cause they're a public company. And then you got AWS, Google and Azure. And it seems like AWS appears to be more partner friendly. Microsoft, you know, depends on what market you're in. And Google wants to sell BigQuery. >> Yeah. >> So, what are you seeing in the public Cloud from a data platform perspective? >> Yeah. I think that was pretty astute in what you were talking about there, because I think of the three, Google is definitely I think a little bit behind in how they go to market with their partners. Azure's done a fantastic job of partnering with these companies to understand and even though they may have Synapse as their go-to and where they want people to go to do AI and ML. What they're looking at is, Hey, we're going to also be friendly with Snowflake. We're also going to be friendly with a Databricks. And I think that, Amazon has always been there because that's where the market has been for these developers. So, many, like Databricks' and the Snowflake's have gone there first because, you know, Databricks' case, they built out on top of S3 first. And going and using somebody's object layer other than AWS, was not as simple as you would think it would be. Moving between those. >> So, one of the financial meetups I said meetup, but the... It was either the CEO or the CFO. It was either Slootman or Scarpelli talking at, I don't know, Merrill Lynch or one of the other financial conferences said, I think it was probably their Q3 call. Snowflake said 80% of our business goes through Amazon. And he said to this audience, the next day we got a call from Microsoft. Hey, we got to do more. And, we know just from reading the financial statements that Snowflake is getting concessions from Amazon, they're buying in volume, they're renegotiating their contracts. Amazon gets it. You know, lower the price, people buy more. Long term, we're all going to make more money. Microsoft obviously wants to get into that game with Snowflake. They understand the momentum. They said Google, not so much. And I've had customers tell me that they wanted to use Google's AI with Snowflake, but they can't, they got to go to to BigQuery. So, honestly, I haven't like vetted that so. But, I think it's true. But nonetheless, it seems like Google's a little less friendly with the data platform providers. What do you think? >> Yeah, I would say so. I think this is a place that Google looks and wants to own. Is that now, are they doing the right things long term? I mean again, you know, you look at Google Analytics being you know, basically outlawed in five countries in the EU because of GDPR concerns, and compliance and governance of data. And I think people are looking at Google and BigQuery in general and saying, is it the best place for me to go? Is it going to be in the right places where I need it? Still, it's still one of the largest used databases out there just because it underpins a number of the Google services. So you almost get, like you were saying, forced into BigQuery sometimes, if you want to use the tech on top. >> You do strategy. >> Yeah. >> Right? You do strategy, you do messaging. Is it the right call by Google? I mean, it's not a-- I criticize Google sometimes. But, I'm not sure it's the wrong call to say, Hey, this is our ace in the hole. >> Yeah. >> We got to get people into BigQuery. Cause, first of all, BigQuery is a solid product. I mean it's Cloud native and it's, you know, by all, it gets high marks. So, why give the competition an advantage? Let's try to force people essentially into what is we think a great product and it is a great product. The flip side of that is, they're giving up some potential partner TAM and not treating the ecosystem as well as one of their major competitors. What do you do if you're in that position? >> Yeah, I think that that's a fantastic question. And the question I pose back to the companies I've worked with and worked for is, are you really looking to have vendor lock-in as your key differentiator to your service? And I think when you start to look at these companies that are moving away from BigQuery, moving to even, Databricks on top of GCS in Google, they're looking to say, okay, I can go there if I have to evacuate from GCP and go to another Cloud, I can stay on Databricks as a platform, for instance. So I think it's, people are looking at what platform as a service, database as a service they go and use. Because from a strategic perspective, they don't want that vendor locking. >> That's where Supercloud becomes interesting, right? Because, if I can run on Snowflake or Databricks, you know, across Clouds. Even Oracle, you know, they're getting into business with Microsoft. Let's talk about some of the Cloud players. So, the big three have reported. >> Right. >> We saw AWSs Cloud growth decelerated down to 20%, which is I think the lowest growth rate since they started to disclose public numbers. And they said they exited, sorry, they said January they grew at 15%. >> Yeah. >> Year on year. Now, they had some pretty tough compares. But nonetheless, 15%, wow. Azure, kind of mid thirties, and then Google, we had kind of low thirties. But, well behind in terms of size. And Google's losing probably almost $3 billion annually. But, that's not necessarily a bad thing by advocating and investing. What's happening with the Cloud? Is AWS just running into the law, large numbers? Do you think we can actually see a re-acceleration like we have in the past with AWS Cloud? Azure, we predicted is going to be 75% of AWS IAS revenues. You know, we try to estimate IAS. >> Yeah. >> Even though they don't share that with us. That's a huge milestone. You'd think-- There's some people who have, I think, Bob Evans predicted a while ago that Microsoft would surpass AWS in terms of size. You know, what do you think? >> Yeah, I think that Azure's going to keep to-- Keep growing at a pretty good clip. I think that for Azure, they still have really great account control, even though people like to hate Microsoft. The Microsoft sellers that are out there making those companies successful day after day have really done a good job of being in those accounts and helping people. I was recently over in the UK. And the UK market between AWS and Azure is pretty amazing, how much Azure there is. And it's growing within Europe in general. In the states, it's, you know, I think it's growing well. I think it's still growing, probably not as fast as it is outside the U.S. But, you go down to someplace like Australia, it's also Azure. You hear about Azure all the time. >> Why? Is that just because of the Microsoft's software state? It's just so convenient. >> I think it has to do with, you know, and you can go with the reasoning they don't break out, you know, Office 365 and all of that out of their numbers is because they have-- They're in all of these accounts because the office suite is so pervasive in there. So, they always have reasons to go back in and, oh by the way, you're on these old SQL licenses. Let us move you up here and we'll be able to-- We'll support you on the old version, you know, with security and all of these things. And be able to move you forward. So, they have a lot of, I guess you could say, levers to stay in those accounts and be interesting. At least as part of the Cloud estate. I think Amazon, you know, is hitting, you know, the large number. Laws of large numbers. But I think that they're also going through, and I think this was seen in the layoffs that they were making, that they're looking to understand and have profitability in more of those services that they have. You know, over 350 odd services that they have. And you know, as somebody who went there and helped to start yet a new one, while I was there. And finally, it went to beta back in September, you start to look at the fact that, that number of services, people, their own sellers don't even know all of their services. It's impossible to comprehend and sell that many things. So, I think what they're going through is really looking to rationalize a lot of what they're doing from a services perspective going forward. They're looking to focus on more profitable services and bringing those in. Because right now it's built like a layer cake where you have, you know, S3 EBS and EC2 on the bottom of the layer cake. And then maybe you have, you're using IAM, the authorization and authentication in there and you have all these different services. And then they call it EMR on top. And so, EMR has to pay for that entire layer cake just to go and compete against somebody like Mongo or something like that. So, you start to unwind the costs of that. Whereas Azure, went and they build basically ground up services for the most part. And Google kind of falls somewhere in between in how they build their-- They're a sort of layer cake type effect, but not as many layers I guess you could say. >> I feel like, you know, Amazon's trying to be a platform for the ecosystem. Yes, they have their own products and they're going to sell. And that's going to drive their profitability cause they don't have to split the pie. But, they're taking a piece of-- They're spinning the meter, as Ziyas Caravalo likes to say on every time Snowflake or Databricks or Mongo or Atlas is, you know, running on their system. They take a piece of the action. Now, Microsoft does that as well. But, you look at Microsoft and security, head-to-head competitors, for example, with a CrowdStrike or an Okta in identity. Whereas, it seems like at least for now, AWS is a more friendly place for the ecosystem. At the same time, you do a lot of business in Microsoft. >> Yeah. And I think that a lot of companies have always feared that Amazon would just throw, you know, bodies at it. And I think that people have come to the realization that a two pizza team, as Amazon would call it, is eight people. I think that's, you know, two slices per person. I'm a little bit fat, so I don't know if that's enough. But, you start to look at it and go, okay, if they're going to start out with eight engineers, if I'm a startup and they're part of my ecosystem, do I really fear them or should I really embrace them and try to partner closer with them? And I think the smart people and the smart companies are partnering with them because they're realizing, Amazon, unless they can see it to, you know, a hundred million, $500 million market, they're not going to throw eight to 16 people at a problem. I think when, you know, you could say, you could look at the elastic with OpenSearch and what they did there. And the licensing terms and the battle they went through. But they knew that Elastic had a huge market. Also, you had a number of ecosystem companies building on top of now OpenSearch, that are now domain on top of Amazon as well. So, I think Amazon's being pretty strategic in how they're doing it. I think some of the-- It'll be interesting. I think this year is a payout year for the cuts that they're making to some of the services internally to kind of, you know, how do we take the fat off some of those services that-- You know, you look at Alexa. I don't know how much revenue Alexa really generates for them. But it's a means to an end for a number of different other services and partners. >> What do you make of this ChatGPT? I mean, Microsoft obviously is playing that card. You want to, you want ChatGPT in the Cloud, come to Azure. Seems like AWS has to respond. And we know Google is, you know, sharpening its knives to come up with its response. >> Yeah, I mean Google just went and talked about Bard for the first time this week and they're in private preview or I guess they call it beta, but. Right at the moment to select, select AI users, which I have no idea what that means. But that's a very interesting way that they're marketing it out there. But, I think that Amazon will have to respond. I think they'll be more measured than say, what Google's doing with Bard and just throwing it out there to, hey, we're going into beta now. I think they'll look at it and see where do we go and how do we actually integrate this in? Because they do have a lot of components of AI and ML underneath the hood that other services use. And I think that, you know, they've learned from that. And I think that they've already done a good job. Especially for media and entertainment when you start to look at some of the ways that they use it for helping do graphics and helping to do drones. I think part of their buy of iRobot was the fact that iRobot was a big user of RoboMaker, which is using different models to train those robots to go around objects and things like that, so. >> Quick touch on Kubernetes, the whole DevOps World we just covered. The Cloud Native Foundation Security, CNCF. The security conference up in Seattle last week. First time they spun that out kind of like reinforced, you know, AWS spins out, reinforced from reinvent. Amsterdam's coming up soon, the CubeCon. What should we expect? What's hot in Cubeland? >> Yeah, I think, you know, Kubes, you're going to be looking at how OpenShift keeps growing and I think to that respect you get to see the momentum with people like Red Hat. You see others coming up and realizing how OpenShift has gone to market as being, like you were saying, partnering with those Clouds and really making it simple. I think the simplicity and the manageability of Kubernetes is going to be at the forefront. I think a lot of the investment is still going into, how do I bring observability and DevOps and AIOps and MLOps all together. And I think that's going to be a big place where people are going to be looking to see what comes out of CubeCon in Amsterdam. I think it's that manageability ease of use. >> Well Rob, I look forward to working with you on behalf of the whole Cube team. We're going to do more of these and go out to some shows extract the signal from the noise. Really appreciate you coming into our studio. >> Well, thank you for having me on. Really appreciate it. >> You're really welcome. All right, keep it right there, or thanks for watching. This is Dave Vellante for the Cube. And we'll see you next time. (light music)

(lively music) >> Good afternoon and welcome back to beautiful Las Vegas, Nevada, where we're here live from the show floor, all four days of AWS re:Invent. I'm Savannah Peterson, joined with my co-host Dave Vellante. Dave, how you doing? >> Good. Beautiful and chilly Las Vegas. Can't wait to get back to New England where it's warm. >> Balmy, New England this time of year in December. Wow, Dave, that's a bold statement. I am super excited about the conversation that we're going to be having next. And, you know, I'm not even going to tee it up. I just want to bring Dilip on. Dilip, thank you so much for being here. How you doing? >> Savannah, Dave, thank you so much. >> Hey, Dilip. >> Excited to be here. >> It's joy to have you. So, you have been working at Amazon for about 20 years. >> Almost. Almost. >> Yes. >> Feels like 20, 19 1/2. >> Which is very exciting. You've had a lot of roles. I'm going to touch on some of them, but you just came over to AWS from the physical retail side. Talk to me about that. >> Yup, so I've been to Amazon for 19 1/2 years. Done pricing, supply chain. I was Jeff Bezos technical advisor for a couple years. >> Casual name drop. >> Casual name drop. >> Savannah: But a couple people here for that name before. >> Humble brag, hashtag. And then I, for the last several years, I was leading our physical retail initiatives. We just walk out Amazon One, bringing convenience to physical spaces. And then in August, with like as those things were getting a lot of traction and we were selling to third parties, we felt that it would be better suited in AWS. And, but along with that, there was also another trend that's been brewing, which is, you know, companies have loved building on AWS. They love the infrastructure services, but increasingly, they're also asking us to build applications that are higher up in the stack. Solving key, turnkey business problems. Just walk out Amazon One or examples of that, Amazon Connect. We just recently announced supply chain, so now there's a bevy interesting services all coming together, higher up in the stack for customers. So it's an exciting time. >> It was interesting that you're able to, you know, transfer from that retail. I mean, normally, in historically, if you're within an industry, retail, manufacturing, automotive whatever. You were kind as locked in a little bit. >> Dilip: Siloed a little bit. Yeah, yeah, yeah. >> Because they had their own, your own value chain. And I guess, data has changed that maybe, that you can traverse now. >> Yeah, if you think about the things that we did, even when we were in retail, the tenants was less about the industries and more about how can we bring convenience to physical spaces? The fact that you don't like to wait in line is no more like likely, you know, five years from now than it is today. So, it's a very durable tenant, but it's equally applicable whether you're in a grocery store, a convenience store, a stadium, an airport. So it actually transcends any, and like supply chain, think of supply chain. Supply chain isn't, you know, targeted to any one particular industry. It has broad applicability. So these things are very, you know, horizontally applicable. >> Anything that makes my life easier, I'm down. >> Savannah: We're all here for the easy button. We've been talking about it a bit this week. I'm in. And the retail store, I mean, I'm in San Francisco. I've had the experience of going through. Very interesting and seamless journey, honestly. It's very exciting. So tell us a little bit more about the applications group at AWS. >> Yup. So as I said, you know, we are, the applications group is a combination of several services. You know, we have communication developer services, which is the ability to add simple email service or video and embed video, voice chat using a chime SDK. In a higher up in the stack, we are taking care of things that IT administrators have to deal with where you can provision an entire desktop with the workspaces or provide a femoral access to it. And then as you go up even higher up in the stack, you have productivity applications like AWS Wicker, which we just did GA, you know, last week in AWS Clean Rooms which we announced as a service in preview. And then you have, you know, Connect, which is our cloud contact center, AWS supply chain. Just walk out Amazon One, it just feels like we're getting started. >> Just a couple things going on. >> So, clean rooms. Part of the governance play, part of data sharing. Can you explain, you know, we were talking offline, but I remember back in the disk drive days. We were in a clean room, they'd show you the clean room, you couldn't go near it unless you had a hazmat suit on. So now you're applying that to data. Explain that concept. >> Yeah, so the companies across, you know, financial services or healthcare, advertising, they all want to be able to combine and pull together data`sets with their partners in order to get these collaborative insights. The problem is either the data's fragmented, it's siloed or you have, you know, data governance issues that's preventing them from sharing. And the key requirement is that they want to be able to share this data without exposing any of the underlying data. Clean rooms are always emerged as a solution to that, but the problem with that is that they're hard to maintain. They're expensive. You have to write complex privacy queries. And if you make a mistake, you risk exposing the same data that you've been, you know, studiously trying to protect. >> Trying to protect. >> You know, take advertising as an industry, as an example. You know, advertisers care about, is my ad effective? But it turns out that if you're an advertiser and let's say you're a Nike or some other advertiser and your pop, you know, you place an ad on the website. Well, you want to stop showing the ad to people who have already purchased the product. However, people who purchased the product,- >> Savannah: It happens all the time. >> that purchasing data is not accessible to them easily. But if you could combine those insights, you know, the publishers benefit, advertisers benefits. So AWS Clean Rooms is that service that allows you very easily to be able to collaborate with a group of folks and then be able to gain these collaborative insights. >> And the consumers benefit. I mean, how many times you bought, you search it. >> It happens all the time. >> They know. And like, I just bought that guys, you know? >> Yeah, no, exactly. >> Four weeks. >> And I'm like, you don't need to serve me that, you know? And we understand the marketing backend. And it's just a waste of money and energy and resources. I mean, we're talking about sustainability as well. I don't think supply chain has ever had a hotter moment than it's had the last two and a half years. Tell me more about the announcement. >> Yup, so super excited about this. As you know, as you said, supply chains have always been very critical and very core for companies. The pandemic exacerbated it. So, ours way of sort of thinking about supply chains is to say that, you know, companies have taken, over the years many, like dozens, like millions and millions of dollars of investment in building their own supply chains. But the problem with supply chains is that the reason that they're not as functional as they could be is because of the lack of visibility. Because they're strung together very many disparate systems, that lack of visibility affects agility. And so, our approach in it was to say that, well, if we could have folks use their existing supply chain what can we do to improve the investment on the ROI of what they're getting? By creating a layer on top of it, that provides them that insights, connects all of these disparate data and then provides them insights to say, well, you know, here's where you overstock, here's where you under stock. You know, this is the, you know, the carbon emission impact of being able to transfer something. So like rather without requiring people to re-platform, what's the way that we can add value in it? And then also build upon Amazon's, you know, years of supply chain experience, to be able to build these predictive analytics for customers. >> So, that's a good, I like that you started with the why. >> Yes. >> Right now, what is it? It's an abstraction layer and then you're connecting into different data points. >> Yes, that's correct. >> Injecting ML. >> Feel like you can pick in, like if you think about supply chain, you can have warehouse management systems, order management systems. It could be in disparate things. We use ML to be able to bring all of this disparate data in and create our unified data lake. Once you have that unified data lake, you can then run an insights layer on top of it to be able to say, so that as the data changes, supply chain is not a static thing. Data's constantly changing. As the data's changing, the data lake now reflects the most up-to-date information. You can have alerts and insights set up on it to say that, what are the kinds of things that you're interested in? And then more importantly, supply chain and agility is about communication. In order to be able to make certain things happen, you need to be able to communicate, you need to make sure that everyone's on the same page. And we allow for a lot of the communication and collaboration tools to be built within this platform so that you're not necessarily leaving to go and toggle from one place to the other to solve your problems. >> And in the pie chart of how people spend their time, they're spending a lot less time communicating and being proactive. >> That's correct. >> And getting ahead of the curve. They're spending more time trying to figure out actually what's going on. >> Yes. >> And that's the problem that you're going to solve. >> Well, and it ensures that the customer at the other end of that supply chain experience is going to have their expectations managed in terms of when their good might get there or whatever's going to happen. >> Exactly. >> I feel like that expectation management has been such a big part of it. Okay, I just have to ask because I'm very curious. What was it like advising Jeff? >> Quite possibly the best job that I've ever had. You know, he's a fascinating individual. >> Did he pay you to say that? >> Nope. But I would've, like, I would've done it for like, it's remarkable seeing how he thinks and his approach to problem solving. It is, you know, you could be really tactical and go very deep. You could be extremely strategic. And to be able to sort of move effortlessly between those two is a unique skill. I learned a lot. >> Yeah, absolutely. So what made you want to evolve your career at Amazon after that? 'Cause I see on your LinkedIn, you say, it was the best job you ever had. With curiosity? >> Yeah, so one of the things, so the role is designed for you to be able to transition to something new. >> Savannah: Oh, cool. >> So after I finished that role, we were just getting into our foray with physical stores. And the idea between physical stores is that, you and I as consumers, we all have a lot of choices for physical stores. You know, there's a lot of options, there's a lot of formats. And so the last thing we wanted to do is come up with another me too offering. So, our approach was that what can we do to improve convenience in physical stores? That's what resulted in just walk out to Amazon Go. That's what resulted in Amazon One, which is another in a fast, convenient, contactless way to pay using the power of your palm. And now, what started in Amazon retail is now expanded to several third parties in, you know, stadiums, convention centers, airports. >> Airport, I just had, was in the Houston airport and got to do a humanless checkout. >> Dilip: Exactly. >> And actually in Honolulu a couple weeks ago as well too. Yeah, so we're going to see more and more of this. >> Yes. >> So what Amazon, I think has over a million employees. A lot of those are warehouse employees. But what advice would you give to somebody who's somewhere inside of Amazon, maybe they're on AWS, maybe they're Amazon. What advice would you give somebody inside that's maybe, you know, hey, I've been at this job for five, six years, three, four years, whatever it is. I want to do something else. And there's so much opportunity inside Amazon, right? What would you advise them? >> My single advice, which is actually transferable and I use it for myself is choose something that makes you a little uncomfortable. >> Dave: Get out of your comfort zone. >> It's like, you got to do that. It's like, it's not the easiest thing to hear, but it's also the most satisfying. Because almost every single time that I've done it for myself, it's resulted in like, you don't really know what the answer is. You don't really know exactly where you're going to end up, but the process and the journey through it, if you experience a little bit of discomfort constantly, it makes you non complacent. It makes you sort of not take the job, sort of in a stride. You have to be on it to do it. So that's the advice that I would give anyone. >> Yeah, that's good. So something that's maybe adjacent and maybe not completely foreign to you, but also something that, you know, you got to go dig a little bit and learn. >> You're planning a career change over here, Dave? >> No, I know a lot of people in Amazon are like, hey, I'm trying to figure out what I want to do next. I mean, I love it here. I live by the LPS, you know, but, and there's so much to choose from. >> It is, you know, when I joined in 2003, there were so many things that we were sort of doing today. None of those existed. It's a fascinating company. And the evolution, you could be in 20 different places and the breadth of the kinds of things that, you know, the Amazon experience provides is timeless. It's fascinating. >> And, you know, you look at a company like Amazon, and, you know, it's so amazing. You look at this ecosystem. I've been around- >> Even a show floor. >> I've been around a lot of time. And the show floor says it all. But I've seen a lot of, you know, waves. And each subsequent wave, you know, we always talk about how many companies were in the Fortune 1000 and aren't anymore. And, but the leaders, you know, survive and they thrive. And I think it's fascinating to try to better understand the culture that enables that. You know, you look at a company like Microsoft that was irrelevant and then came back. You know, even IBM was on death store for a while and they come back and so they. And so, but Amazon just feels, you know, at the moment you feel like, "Oh wow, nothing can stop this machine." 'Cause everybody's trying to disrupt Amazon and then, you know, only the paranoid survive, all that stuff. But it's not like, past is not prologue, all right? So that's why I asked these questions. And you just said that a lot of the services today that although the ideas didn't even exist, I mean, walkout. I mean, that's just amazing. >> I think one of the things that Amazon does really well culturally is that they create the single threaded leadership. They give people focus. If you have to get something done, you have to give people focus. You can't distract them with like seven different things and then say that, oh, by the way, your eighth job is to innovate. It just doesn't work that way. It's like it's hard. Like it can be- >> And where were the energy come from that? >> Exactly. And so giving people that single threaded focus is super important. >> Frank Slootman, the CEO of Snowflake, has a great quote. He wrote on his book. He said, "If you got 14 priorities, you got none." And he asks,- >> Well said. >> he challenges people. If you had to give up everything and do only one thing for the next 365 days, what would that be? It's a really hard question to answer. >> I feel like as we're around New Year's resolution times. I mean when we thinking about that, maybe we can all share our one thing. So, Dilip, you've been with the the applications team for five months. What's coming up next? >> Well, as I said, you know, it feels like it's still day one for applications. If you think about the things, the news that we introduced and the several services that we introduced, it has applicability across a variety of horizontal industries. But then we're also feeling that there's considerable vertical applications that can be built for specific things. Like, it could be in advertising, it could be in financial services, it could be in manufacturing. The opportunities are endless. I think the notion of people wanting applications higher up in the stack and a little more turnkey solutions is also, it's not new for us, but it's also new and creative too. You know, AWS has traditionally been doing. >> So again, this relates to what we were sort of talking about before. And maybe, this came from Jazzy or maybe it came from Bezos. But you hear a lot, it's okay to be misunderstood or if we were misunderstood for a long time. So when people hear up the stack, they think, when you think about apps, you know, in the last 10 years it was taking on-prem and bringing it into the cloud. Okay, you saw that with CREM, email, CRM, service management, you know, data warehouses, et cetera. Amazon is thinking about this in a different way. It's like you're looking at the world saying, okay, how can we improve whatever? Workflows, people's lives, doing something that's not been done before? And that seems to be the kind of applications that you guys are thinking about building. >> Yeah. >> And that's unique. It's not just, okay, we're going to take something on-prem put it in the cloud. Been there, done that. That S-curve is sort of flattening now. But there's a new S-curve which is completely new workflows and innovations and processes that we really haven't thought about yet. Or you're thinking about, I presume. >> Yeah. Having said that, I'd also like to sort of remind folks that when you consider the, you know, the entire spend, the portion of workloads that are running in the cloud is a teeny tiny fraction. It's like less than 5%, like 4% or something like that. So it's a very, there's still plenty of things that can sort of move to the cloud. But you're right that there is another trend of where in the stack and the types of applications that you can provide as well. >> Yeah, new innovation that haven't well thought of yet. >> So, Dilip, we have a new tradition here on theCUBE at re:Invent. Where we're looking for your 30 minute Instagram reel, your hot take, biggest key theme, either for you, your team, or just general vibe from the show. >> General vibe from the show. Well, 19 1/2 years at Amazon, this is actually my first re:Invent, believe it or not. This is my, as a AWS employee now, as re:Invent with like launching services. So that's the first. I've been to re:Invent before, but as an attendee rather than as a person who's, you know, a contributing number of the workforce. >> Working actually? >> If you will. >> Actually doing your job. >> And so I'm just amazed at the energy and the breadth. And the, you know, from the partners to the customers to the diversity of people who are coming here from everywhere. I had meetings from people in New Zealand. Like, you know, the UK, like customers are coming at us from like very many different places. And it's fascinating for me to see. It's new for me as well given, you know, some of my past experience. But this is a, it's been a blast. >> People are pumped. >> People are pumped. >> They can't believe the booth traffic. Not only that quality. >> Right. All of our guests have talked about that. >> Like, yeah, you know, we're going to throw half of these leads away, but they're saying no, I'm having like really substantive conversations with business people. This is, I think, my 10th re:Invent. And the first one was mostly developers. And I'm like, what are you talking about? And, you know, so. Now it's a lot more business people, a lot of developers too. >> Yeah. >> It's just. >> The community really makes it. Dilip, thank you so much for joining us today on theCube. >> Thank you for having me. >> You're fantastic. I could ask you a million questions. Be sure and tell Jeff that we said hi. >> Will do. >> Savannah: Next time you guys are hanging out. And thank all of you. >> You want to go into space? >> Yeah. Yes, yes, absolutely. I'm perhaps the most space obsessed on the show. And with that, we will continue our out of this world coverage shortly from fabulous Las Vegas where we are at AWS re:Invent. It is day four with Dave Vellante. I'm Savannah Peterson and you're watching theCUBE, the leader in high tech coverage. (lively music)

(upbeat music) >> Hello, welcome back to theCUBE's AWS RE:Invent 2022 Coverage. I'm John Furrier, host of theCUBE. Got a great lineup here, Itamar Ankorion SVP Technology Alliance at Qlik and Peter McDonald, vice President, cloud partnerships and business development Snowflake. We're going to talk about bringing SAP data to life, for joint Snowflake, Qlik and AWS Solution. Gentlemen, thanks for coming on theCUBE Really appreciate it. >> Thank you. >> Thank you, great meeting you John. >> Just to get started, introduce yourselves to the audience, then going to jump into what you guys are doing together, unique relationship here, really compelling solution in cloud. Big story about applications and scale this year. Let's introduce yourselves. Peter, we'll start with you. >> Great. I'm Peter MacDonald. I am vice president of Cloud Partners and business development here at Snowflake. On the Cloud Partner side, that means I manage AWS relationship along with Microsoft and Google Cloud. What we do together in terms of complimentary products, GTM, co-selling, things like that. Importantly, working with other third parties like Qlik for joint solutions. On business development, it's negotiating custom commercial partnerships, large companies like Salesforce and Dell, smaller companies at most for our venture portfolio. >> Thanks Peter and hi John. It's great to be back here. So I'm Itamar Ankorion and I'm the senior vice president responsible for technology alliances here at Qlik. With that, own strategic alliances, including our key partners in the cloud, including Snowflake and AWS. I've been in the data and analytics enterprise software market for 20 plus years, and my main focus is product management, marketing, alliances, and business development. I joined Qlik about three and a half years ago through the acquisition of Attunity, which is now the foundation for Qlik data integration. So again, we focus in my team on creating joint solution alignment with our key partners to provide more value to our customers. >> Great to have both you guys, senior executives in the industry on theCUBE here, talking about data, obviously bringing SAP data to life is the theme of this segment, but this reinvent, it's all about the data, big data end-to-end story, a lot about data being intrinsic as the CEO says on stage around in the organizations in all aspects. Take a minute to explain what you guys are doing as from a company standpoint. Snowflake and Qlik and the solutions, why here at AWS? Peter, we'll start with you at Snowflake, what you guys do as a company, your mission, your focus. >> That was great, John. Yeah, so here at Snowflake, we focus on the data platform and until recently, data platforms required expensive on-prem hardware appliances. And despite all that expense, customers had capacity constraints, inexpensive maintenance, and had limited functionality that all impeded these organizations from reaching their goals. Snowflake is a cloud native SaaS platform, and we've become so successful because we've addressed these pain points and have other new special features. For example, securely sharing data across both the organization and the value chain without copying the data, support for new data types such as JSON and structured data, and also advance in database data governance. Snowflake integrates with complimentary AWS services and other partner products. So we can enable holistic solutions that include, for example, here, both Qlik and AWS SageMaker, and comprehend and bring those to joint customers. Our customers want to convert data into insights along with advanced analytics platforms in AI. That is how they make holistic data-driven solutions that will give them competitive advantage. With Snowflake, our approach is to focus on customer solutions that leverage data from existing systems such as SAP, wherever they are in the cloud or on-premise. And to do this, we leverage partners like Qlik native US to help customers transform their businesses. We provide customers with a premier data analytics platform as a result. Itamar, why don't you talk about Qlik a little bit and then we can dive into the specific SAP solution here and some trends >> Sounds great, Peter. So Qlik provides modern data integration and analytics software used by over 38,000 customers worldwide. Our focus is to help our customers turn data into value and help them close the gap between data all the way through insight and action. We offer click data integration and click data analytics. Click data integration helps to automate the data pipelines to deliver data to where they want to use them in real-time and make the data ready for analytics and then Qlik data analytics is a robust platform for analytics and business intelligence has been a leader in the Gartner Magic Quadrant for over 11 years now in the market. And both of these come together into what we call Qlik Cloud, which is our SaaS based platform. So providing a more seamless way to consume all these services and accelerate time to value with customer solutions. In terms of partnerships, both Snowflake and AWS are very strategic to us here at Qlik, so we have very comprehensive investment to ensure strong joint value proposition to we can bring to our mutual customers, everything from aligning our roadmaps through optimizing and validating integrations, collaborating on best practices, packaging joint solutions like the one we'll talk about today. And with that investment, we are an elite level, top level partner with Snowflake. We fly that our technology is Snowflake-ready across the entire product set and we have hundreds of joint customers together and with AWS we've also partnered for a long time. We're here to reinvent. We've been here with the first reinvent since the inaugural one, so it kind of gives you an idea for how long we've been working with AWS. We provide very comprehensive integration with AWS data analytics services, and we have several competencies ranging from data analytics to migration and modernization. So that's our focus and again, we're excited about working with Snowflake and AWS to bring solutions together to market. >> Well, I'm looking forward to unpacking the solutions specifically, and congratulations on the continued success of both your companies. We've been following them obviously for a very long time and seeing the platform evolve beyond just SaaS and a lot more going on in cloud these days, kind of next generation emerging. You know, we're seeing a lot of macro trends that are going to be powering some of the things we're going to get into real quickly. But before we get into the solution, what are some of those power dynamics in the industry that you're seeing in trends specifically that are impacting your customers that are taking us down this road of getting more out of the data and specifically the SAP, but in general trends and dynamics. What are you hearing from your customers? Why do they care? Why are they going down this road? Peter, we'll start with you. >> Yeah, I'll go ahead and start. Thanks. Yeah, I'd say we continue to see customers being, being very eager to transform their businesses and they know they need to leverage technology and data to do so. They're also increasingly depending upon the cloud to bring that agility, that elasticity, new functionality necessary to react in real-time to every evolving customer needs. You look at what's happened over the last three years, and boy, the macro environment customers, it's all changing so fast. With our partnerships with AWS and Qlik, we've been able to bring to market innovative solutions like the one we're announcing today that spans all three companies. It provides a holistic solution and an integrated solution for our customer. >> Itamar let's get into it, you've been with theCUBE, you've seen the journey, you have your own journey, many, many years, you've seen the waves. What's going on now? I mean, what's the big wave? What's the dynamic powering this trend? >> Yeah, in a nutshell I'll call it, it's all about time. You know, it's time to value and it's about real-time data. I'll kind of talk about that a bit. So, I mean, you hear a lot about the data being the new oil, but it's definitely, we see more and more customers seeing data as their critical enabler for innovation and digital transformation. They look for ways to monetize data. They look as the data as the way in which they can innovate and bring different value to the customers. So we see customers want to use more data so to get more value from data. We definitely see them wanting to do it faster, right, than before. And we definitely see them looking for agility and automation as ways to accelerate time to value, and also reduce overall costs. I did mention real-time data, so we definitely see more and more customers, they want to be able to act and make decisions based on fresh data. So yesterday's data is just not good enough. >> John: Yeah. >> It's got to be down to the hour, down to the minutes and sometimes even lower than that. And then I think we're also seeing customers look to their core business systems where they have a lot of value, like the SAP, like mainframe and thinking, okay, our core data is there, how can we get more value from this data? So that's key things we see all the time with customers. >> Yeah, we did a big editorial segment this year on, we called data as code. Data as code is kind of a riff on infrastructure as code and you start to see data becoming proliferating into all aspects, fresh data. It's not just where you store it, it's how you share it, it's how you turn it into an application intrinsically involved in all aspects. This is the big theme this year and that's driving all the conversations here at RE:Invent. And I'm guaranteeing you, it's going to happen for another five and 10 years. It's not stopping. So I got to get into the solution, you guys mentioned SAP and you've announced the solution by Qlik, Snowflake and AWS for your customers using SAP. Can you share more about this solution? What's unique about it? Why is it important and why now? Peter, Itamar, we'll start with you first. >> Let me jump in, this is really, I'll jump because I'm excited. We're very excited about this solution and it's also a solution by the way and again, we've seen proven customer success with it. So to your point, it's ready to scale, it's starting, I think we're going to see a lot of companies doing this over the next few years. But before we jump to the solution, let me maybe take a few minutes just to clarify the need, why we're seeing, why we're seeing customers jump to do this. So customers that use SAP, they use it to manage the core of their business. So think order processing, management, finance, inventory, supply chain, and so much more. So if you're running SAP in your company, that data creates a great opportunity for you to drive innovation and modernization. So what we see customers want to do, they want to do more with their data and more means they want to take SAP with non-SAP data and use it together to drive new insights. They want to use real-time data to drive real-time analytics, which they couldn't do to date. They want to bring together descriptive with predictive analytics. So adding machine learning in AI to drive more value from the data. And naturally they want to do it faster. So find ways to iterate faster on their solutions, have freedom with the data and agility. And I think this is really where cloud data platforms like Snowflake and AWS, you know, bring that value to be able to drive that. Now to do that you need to unlock the SAP data, which is a lot of also where Qlik comes in because typical challenges these customers run into is the complexity, inherent in SAP data. Tens of thousands of tables, proprietary formats, complex data models, licensing restrictions, and more than, you have performance issues, they usually run into how do we handle the throughput, the volumes while maintaining lower latency and impact. Where do we find knowledge to really understand how to get all this done? So these are the things we've looked at when we came together to create a solution and make it unique. So when you think about its uniqueness, because we put together a lot, and I'll go through three, four key things that come together to make this unique. First is about data delivery. How do you have the SAP data delivery? So how do you get it from ECC, from HANA from S/4HANA, how do you deliver the data and the metadata and how that integration well into Snowflake. And what we've done is we've focused a lot on optimizing that process and the continuous ingestion, so the real-time ingestion of the data in a way that works really well with the Snowflake system, data cloud. Second thing is we looked at SAP data transformation, so once the data arrives at Snowflake, how do we turn it into being analytics ready? So that's where data transformation and data worth automation come in. And these are all elements of this solution. So creating derivative datasets, creating data marts, and all of that is done by again, creating an optimized integration that pushes down SQL based transformations, so they can be processed inside Snowflake, leveraging its powerful engine. And then the third element is bringing together data visualization analytics that can also take all the data now that in organizing inside Snowflake, bring other data in, bring machine learning from SageMaker, and then you go to create a seamless integration to bring analytic applications to life. So these are all things we put together in the solution. And maybe the last point is we actually took the next step with this and we created something we refer to as solution accelerators, which we're really, really keen about. Think about this as prepackaged templates for common business analytic needs like order to cash, finance, inventory. And we can either dig into that a little more later, but this gets the next level of value to the customers all built into this joint solution. >> Yeah, I want to get to the accelerators, but real quick, Peter, your reaction to the solution, what's unique about it? And obviously Snowflake, we've been seeing the progression data applications, more developers developing on top of Snowflake, data as code kind of implies developer ecosystem. This is kind of interesting. I mean, you got partnering with Qlik and AWS, it's kind of a developer-like thinking real solution. What's unique about this SAP solution that's, that's different than what customers can get anywhere else or not? >> Yeah, well listen, I think first of all, you have to start with the idea of the solution. This are three companies coming together to build a holistic solution that is all about, you know, creating a great opportunity to turn SAP data into value this is Itamar was talking about, that's really what we're talking about here and there's a lot of technology underneath it. I'll talk more about the Snowflake technology, what's involved here, and then cover some of the AWS pieces as well. But you know, we're focusing on getting that value out and accelerating time to value for our joint customers. As Itamar was saying, you know, there's a lot of complexity with the SAP data and a lot of value there. How can we manage that in a prepackaged way, bringing together best of breed solutions with proven capabilities and bringing this to market quickly for our joint customers. You know, Snowflake and AWS have been strong partners for a number of years now, and that's not only on how Snowflake runs on top of AWS, but also how we integrate with their complementary analytics and then all products. And so, you know, we want to be able to leverage those in addition to what Qlik is bringing in terms of the data transformations, bringing data out of SAP in the visualization as well. All very critical. And then we want to bring in the predictive analytics, AWS brings and what Sage brings. We'll talk about that a little bit later on. Some of the technologies that we're leveraging are some of our latest cutting edge technologies that really make things easier for both our partners and our customers. For example, Qlik leverages Snowflakes recently released Snowpark for Python functionality to push down those data transformations from clicking the Snowflake that Itamar's mentioning. And while we also leverage Snowpark for integrations with Amazon SageMaker, but there's a lot of great new technology that just makes this easy and compelling for customers. >> I think that's the big word, easy button here for what may look like a complex kind of integration, kind of turnkey, really, really compelling example of the modern era we're living in, as we always say in theCUBE. You mentioned accelerators, SAP accelerators. Can you give an example of how that works with the technology from the third party providers to deliver this business value Itamar, 'cause that was an interesting comment. What's the example? Give an example of this acceleration. >> Yes, certainly. I think this is something that really makes this truly, truly unique in the industry and again, a great opportunity for customers. So we kind talked earlier about there's a lot of things that need to be done with SP data to turn it to value. And these accelerator, as the name suggests, are designed to do just that, to kind of jumpstart the process and reduce the time and the risk involved in such project. So again, these are pre-packaged templates. We basically took a lot of knowledge, and a lot of configurations, best practices about to get things done and we put 'em together. So think about all the steps, it includes things like data extraction, so already knowing which tables, all the relevant tables that you need to get data from in the contexts of the solution you're looking for, say like order to cash, we'll get back to that one. How do you continuously deliver that data into Snowflake in an in efficient manner, handling things like data type mappings, metadata naming conventions and transformations. The data models you build all the way to data mart definitions and all the transformations that the data needs to go through moving through steps until it's fully analytics ready. And then on top of that, even adding a library of comprehensive analytic dashboards and integrations through machine learning and AI and put all of that in a way that's in pre-integrated and tested to work with Snowflake and AWS. So this is where again, you get this entire recipe that's ready. So take for example, I think I mentioned order to cash. So again, all these things I just talked about, I mean, for those who are not familiar, I mean order to cash is a critical business process for every organization. So especially if you're in retail, manufacturing, enterprise, it's a big... This is where, you know, starting with booking a sales order, following by fulfilling the order, billing the customer, then managing the accounts receivable when the customer actually pays, right? So this all process, you got sales order fulfillment and the billing impacts customer satisfaction, you got receivable payments, you know, the impact's working capital, cash liquidity. So again, as a result this order to cash process is a lifeblood for many businesses and it's critical to optimize and understand. So the solution accelerator we created specifically for order to cash takes care of understanding all these aspects and the data that needs to come with it. So everything we outline before to make the data available in Snowflake in a way that's really useful for downstream analytics, along with dashboards that are already common for that, for that use case. So again, this enables customers to gain real-time visibility into their sales orders, fulfillment, accounts receivable performance. That's what the Excel's are all about. And very similarly, we have another one for example, for finance analytics, right? So this will optimize financial data reporting, helps customers get insights into P&L, financial risk of stability or inventory analytics that helps with, you know, improve planning and inventory management, utilization, increased efficiencies, you know, so in supply chain. So again, these accelerators really help customers get a jumpstart and move faster with their solutions. >> Peter, this is the easy button we just talked about, getting things going, you know, get the ball rolling, get some acceleration. Big part of this are the three companies coming together doing this. >> Yeah, and to build on what Itamar just said that the SAP data obviously has tremendous value. Those sales orders, distribution data, financial data, bringing that into Snowflake makes it easily accessible, but also it enables it to be combined with other data too, is one of the things that Snowflake does so well. So you can get a full view of the end-to-end process and the business overall. You know, for example, I'll just take one, you know, one example that, that may not come to mind right away, but you know, looking at the impact of weather conditions on supply chain logistics is relevant and material and have interest to our customers. How do you bring those different data sets together in an easy way, bringing the data out of SAP, bringing maybe other data out of other systems through Qlik or through Snowflake, directly bringing data in from our data marketplace and bring that all together to make it work. You know, fundamentally organizational silos and the data fragmentation exist otherwise make it really difficult to drive modern analytics projects. And that in turn limits the value that our customers are getting from SAP data and these other data sets. We want to enable that and unleash. >> Yeah, time for value. This is great stuff. Itamar final question, you know, what are customers using this? What do you have? I'm sure you have customers examples already using the solution. Can you share kind of what these examples look like in the use cases and the value? >> Oh yeah, absolutely. Thank you. Happy to. We have customers across different, different sectors. You see manufacturing, retail, energy, oil and gas, CPG. So again, customers in those segments, typically sectors typically have SAP. So we have customers in all of them. A great example is like Siemens Energy. Siemens Energy is a global provider of gas par services. You know, over what, 28 billion, 30 billion in revenue. 90,000 employees. They operate globally in over 90 countries. So they've used SAP HANA as a core system, so it's running on premises, multiple locations around the world. And what they were looking for is a way to bring all these data together so they can innovate with it. And the thing is, Peter mentioned earlier, not just the SAP data, but also bring other data from other systems to bring it together for more value. That includes finance data, these logistics data, these customer CRM data. So they bring data from over 20 different SAP systems. Okay, with Qlik data integration, feeding that into Snowflake in under 20 minutes, 24/7, 365, you know, days a year. Okay, they get data from over 20,000 tables, you know, over million, hundreds of millions of records daily going in. So it is a great example of the type of scale, scalability, agility and speed that they can get to drive these kind of innovation. So that's a great example with Siemens. You know, another one comes to mind is a global manufacturer. Very similar scenario, but you know, they're using it for real-time executive reporting. So it's more like feasibility to the production data as well as for financial analytics. So think, think, think about everything from audit to texts to innovate financial intelligence because all the data's coming from SAP. >> It's a great time to be in the data business again. It keeps getting better and better. There's more data coming. It's not stopping, you know, it's growing so fast, it keeps coming. Every year, it's the same story, Peter. It's like, doesn't stop coming. As we wrap up here, let's just get customers some information on how to get started. I mean, obviously you're starting to see the accelerators, it's a great program there. What a great partnership between the two companies and AWS. How can customers get started to learn about the solution and take advantage of it, getting more out of their SAP data, Peter? >> Yeah, I think the first place to go to is talk to Snowflake, talk to AWS, talk to our account executives that are assigned to your account. Reach out to them and they will be able to educate you on the solution. We have packages up very nicely and can be deployed very, very quickly. >> Well gentlemen, thank you so much for coming on. Appreciate the conversation. Great overview of the partnership between, you know, Snowflake and Qlik and AWS on a joint solution. You know, getting more out of the SAP data. It's really kind of a key, key solution, bringing SAP data to life. Thanks for coming on theCUBE. Appreciate it. >> Thank you. >> Thank you John. >> Okay, this is theCUBE coverage here at RE:Invent 2022. I'm John Furrier, your host of theCUBE. Thanks for watching. (upbeat music)

>>Good morning fellow nerds and welcome back to AWS Reinvent. We are live from the show floor here in Las Vegas, Nevada. My name is Savannah Peterson, joined with my fabulous co-host John Furrier. Day two keynotes are rolling. >>Yeah. What do you thinking this? This is the day where everything comes, so the core gets popped off the bottle, all the announcements start flowing out tomorrow. You hear machine learning from swee lot more in depth around AI probably. And then developers with Verner Vos, the CTO who wrote the seminal paper in in early two thousands around web service that becames. So again, just another great year of next level cloud. Big discussion of data in the keynote bulk of the time was talking about data and business intelligence, business transformation easier. Is that what people want? They want the easy button and we're gonna talk a lot about that in this segment. I'm really looking forward to this interview. >>Easy button. We all want the >>Easy, we want the easy button. >>I love that you brought up champagne. It really feels like a champagne moment for the AWS community as a whole. Being here on the floor feels a bit like the before times. I don't want to jinx it. Our next guest, Scott Castle, from Si Sense. Thank you so much for joining us. How are you feeling? How's the show for you going so far? Oh, >>This is exciting. It's really great to see the changes that are coming in aws. It's great to see the, the excitement and the activity around how we can do so much more with data, with compute, with visualization, with reporting. It's fun. >>It is very fun. I just got a note. I think you have the coolest last name of anyone we've had on the show so far, castle. Oh, thank you. I'm here for it. I'm sure no one's ever said that before, but I'm so just in case our audience isn't familiar, tell us about >>Soy Sense is an embedded analytics platform. So we're used to take the queries and the analysis that you can power off of Aurora and Redshift and everything else and bring it to the end user in the applications they already know how to use. So it's all about embedding insights into tools. >>Embedded has been a, a real theme. Nobody wants to, it's I, I keep using the analogy of multiple tabs. Nobody wants to have to leave where they are. They want it all to come in there. Yep. Now this space is older than I think everyone at this table bis been around since 1958. Yep. How do you see Siente playing a role in the evolution there of we're in a different generation of analytics? >>Yeah, I mean, BI started, as you said, 58 with Peter Lu's paper that he wrote for IBM kind of get became popular in the late eighties and early nineties. And that was Gen one bi, that was Cognos and Business Objects and Lotus 1 23 think like green and black screen days. And the way things worked back then is if you ran a business and you wanted to get insights about that business, you went to it with a big check in your hand and said, Hey, can I have a report? And they'd come back and here's a report. And it wasn't quite right. You'd go back and cycle, cycle, cycle and eventually you'd get something. And it wasn't great. It wasn't all that accurate, but it's what we had. And then that whole thing changed in about two, 2004 when self-service BI became a thing. And the whole idea was instead of going to it with a big check in your hand, how about you make your own charts? >>And that was totally transformative. Everybody started doing this and it was great. And it was all built on semantic modeling and having very fast databases and data warehouses. Here's the problem, the tools to get to those insights needed to serve both business users like you and me and also power users who could do a lot more complex analysis and transformation. And as the tools got more complicated, the barrier to entry for everyday users got higher and higher and higher to the point where now you look, look at Gartner and Forester and IDC this year. They're all reporting in the same statistic. Between 10 and 20% of knowledge workers have learned business intelligence and everybody else is just waiting in line for a data analyst or a BI analyst to get a report for them. And that's why the focus on embedded is suddenly showing up so strong because little startups have been putting analytics into their products. People are seeing, oh my, this doesn't have to be hard. It can be easy, it can be intuitive, it can be native. Well why don't I have that for my whole business? So suddenly there's a lot of focus on how do we embed analytics seamlessly? How do we embed the investments people make in machine learning in data science? How do we bring those back to the users who can actually operationalize that? Yeah. And that's what Tysons does. Yeah. >>Yeah. It's interesting. Savannah, you know, data processing used to be what the IT department used to be called back in the day data processing. Now data processing is what everyone wants to do. There's a ton of data we got, we saw the keynote this morning at Adam Lesky. There was almost a standing of vision, big applause for his announcement around ML powered forecasting with Quick Site Cube. My point is people want automation. They want to have this embedded semantic layer in where they are not having all the process of ETL or all the muck that goes on with aligning the data. All this like a lot of stuff that goes on. How do you make it easier? >>Well, to be honest, I, I would argue that they don't want that. I think they, they think they want that, cuz that feels easier. But what users actually want is they want the insight, right? When they are about to make a decision. If you have a, you have an ML powered forecast, Andy Sense has had that built in for years, now you have an ML powered forecast. You don't need it two weeks before or a week after in a report somewhere. You need it when you're about to decide do I hire more salespeople or do I put a hundred grand into a marketing program? It's putting that insight at the point of decision that's important. And you don't wanna be waiting to dig through a lot of infrastructure to find it. You just want it when you need it. What's >>The alternative from a time standpoint? So real time insight, which is what you're saying. Yep. What's the alternative? If they don't have that, what's >>The alternative? Is what we are currently seeing in the market. You hire a bunch of BI analysts and data analysts to do the work for you and you hire enough that your business users can ask questions and get answers in a timely fashion. And by the way, if you're paying attention, there's not enough data analysts in the whole world to do that. Good luck. I am >>Time to get it. I really empathize with when I, I used to work for a 3D printing startup and I can, I have just, I mean, I would call it PTSD flashbacks of standing behind our BI guy with my list of queries and things that I wanted to learn more about our e-commerce platform in our, in our marketplace and community. And it would take weeks and I mean this was only in 2012. We're not talking 1958 here. We're talking, we're talking, well, a decade in, in startup years is, is a hundred years in the rest of the world life. But I think it's really interesting. So talk to us a little bit about infused and composable analytics. Sure. And how does this relate to embedded? Yeah. >>So embedded analytics for a long time was I want to take a dashboard I built in a BI environment. I wanna lift it and shift it into some other application so it's close to the user and that is the right direction to go. But going back to that statistic about how, hey, 10 to 20% of users know how to do something with that dashboard. Well how do you reach the rest of users? Yeah. When you think about breaking that up and making it more personalized so that instead of getting a dashboard embedded in a tool, you get individual insights, you get data visualizations, you get controls, maybe it's not even actually a visualization at all. Maybe it's just a query result that influences the ordering of a list. So like if you're a csm, you have a list of accounts in your book of business, you wanna rank those by who's priorities the most likely to churn. >>Yeah. You get that. How do you get that most likely to churn? You get it from your BI system. So how, but then the question is, how do I insert that back into the application that CSM is using? So that's what we talk about when we talk about Infusion. And SI started the infusion term about two years ago and now it's being used everywhere. We see it in marketing from Click and Tableau and from Looker just recently did a whole launch on infusion. The idea is you break this up into very small digestible pieces. You put those pieces into user experiences where they're relevant and when you need them. And to do that, you need a set of APIs, SDKs, to program it. But you also need a lot of very solid building blocks so that you're not building this from scratch, you're, you're assembling it from big pieces. >>And so what we do aty sense is we've got machine learning built in. We have an LQ built in. We have a whole bunch of AI powered features, including a knowledge graph that helps users find what else they need to know. And we, we provide those to our customers as building blocks so that they can put those into their own products, make them look and feel native and get that experience. In fact, one of the things that was most interesting this last couple of couple of quarters is that we built a technology demo. We integrated SI sensee with Office 365 with Google apps for business with Slack and MS teams. We literally just threw an Nlq box into Excel and now users can go in and say, Hey, which of my sales people in the northwest region are on track to meet their quota? And they just get the table back in Excel. They can build charts of it and PowerPoint. And then when they go to their q do their QBR next week or week after that, they just hit refresh to get live data. It makes it so much more digestible. And that's the whole point of infusion. It's bigger than just, yeah. The iframe based embedding or the JavaScript embedding we used to talk about four or five years >>Ago. APIs are very key. You brought that up. That's gonna be more of the integration piece. How does embedable and composable work as more people start getting on board? It's kind of like a Yeah. A flywheel. Yes. What, how do you guys see that progression? Cause everyone's copying you. We see that, but this is a, this means it's standard. People want this. Yeah. What's next? What's the, what's that next flywheel benefit that you guys coming out with >>Composability, fundamentally, if you read the Gartner analysis, right, they, when they talk about composable, they're talking about building pre-built analytics pieces in different business units for, for different purposes. And being able to plug those together. Think of like containers and services that can, that can talk to each other. You have a composition platform that can pull it into a presentation layer. Well, the presentation layer is where I focus. And so the, so for us, composable means I'm gonna have formulas and queries and widgets and charts and everything else that my, that my end users are gonna wanna say almost minority report style. If I'm not dating myself with that, I can put this card here, I can put that chart here. I can set these filters here and I get my own personalized view. But based on all the investments my organization's made in data and governance and quality so that all that infrastructure is supporting me without me worrying much about it. >>Well that's productivity on the user side. Talk about the software angle development. Yeah. Is your low code, no code? Is there coding involved? APIs are certainly the connective tissue. What's the impact to Yeah, the >>Developer. Oh. So if you were working on a traditional legacy BI platform, it's virtually impossible because this is an architectural thing that you have to be able to do. Every single tool that can make a chart has an API to embed that chart somewhere. But that's not the point. You need the life cycle automation to create models, to modify models, to create new dashboards and charts and queries on the fly. And be able to manage the whole life cycle of that. So that in your composable application, when you say, well I want chart and I want it to go here and I want it to do this and I want it to be filtered this way you can interact with the underlying platform. And most importantly, when you want to use big pieces like, Hey, I wanna forecast revenue for the next six months. You don't want it popping down into Python and writing that yourself. >>You wanna be able to say, okay, here's my forecasting algorithm. Here are the inputs, here's the dimensions, and then go and just put it somewhere for me. And so that's what you get withy sense. And there aren't any other analytics platforms that were built to do that. We were built that way because of our architecture. We're an API first product. But more importantly, most of the legacy BI tools are legacy. They're coming from that desktop single user, self-service, BI environment. And it's a small use case for them to go embedding. And so composable is kind of out of reach without a complete rebuild. Right? But with SI senses, because our bread and butter has always been embedding, it's all architected to be API first. It's integrated for software developers with gi, but it also has all those low code and no code capabilities for business users to do the minority report style thing. And it's assemble endless components into a workable digital workspace application. >>Talk about the strategy with aws. You're here at the ecosystem, you're in the ecosystem, you're leading product and they have a strategy. We know their strategy, they have some stuff, but then the ecosystem goes faster and ends up making a better product in most of the cases. If you compare, I know they'll take me to school on that, but I, that's pretty much what we report on. Mongo's doing a great job. They have databases. So you kind of see this balance. How are you guys playing in the ecosystem? What's the, what's the feedback? What's it like? What's going on? >>AWS is actually really our best partner. And the reason why is because AWS has been clear for many, many years. They build componentry, they build services, they build infrastructure, they build Redshift, they build all these different things, but they need, they need vendors to pull it all together into something usable. And fundamentally, that's what Cient does. I mean, we didn't invent sequel, right? We didn't invent jackal or dle. These are not, these are underlying analytics technologies, but we're taking the bricks out of the briefcase. We're assembling it into something that users can actually deploy for their use cases. And so for us, AWS is perfect because they focus on the hard bits. The the underlying technologies we assemble those make them usable for customers. And we get the distribution. And of course AWS loves that. Cause it drives more compute and it drives more, more consumption. >>How much do they pay you to say that >>Keynote, >>That was a wonderful pitch. That's >>Absolutely, we always say, hey, they got a lot of, they got a lot of great goodness in the cloud, but they're not always the best at the solutions and that they're trying to bring out, and you guys are making these solutions for customers. Yeah. That resonates with what they got with Amazon. For >>Example, we, last year we did a, a technology demo with Comprehend where we put comprehend inside of a semantic model and we would compile it and then send it back to Redshift. And it takes comprehend, which is a very cool service, but you kind of gotta be a coder to use it. >>I've been hear a lot of hype about the semantic layer. What is, what is going on with that >>Semantec layer is what connects the actual data, the tables in your database with how they're connected and what they mean so that a user like you or me who's saying I wanna bar chart with revenue over time can just work with revenue and time. And the semantic layer translates between what we did and what the database knows >>About. So it speaks English and then they converts it to data language. It's >>Exactly >>Right. >>Yeah. It's facilitating the exchange of information. And, and I love this. So I like that you actually talked about it in the beginning, the knowledge map and helping people figure out what they might not know. Yeah. I, I am not a bi analyst by trade and I, I don't always know what's possible to know. Yeah. And I think it's really great that you're doing that education piece. I'm sure, especially working with AWS companies, depending on their scale, that's gotta be a big part of it. How much is the community play a role in your product development? >>It's huge because I'll tell you, one of the challenges in embedding is someone who sees an amazing experience in outreach or in seismic. And to say, I want that. And I want it to be exactly the way my product is built, but I don't wanna learn a lot. And so you, what you want do is you want to have a community of people who have already built things who can help lead the way. And our community, we launched a new version of the SES community in early 2022 and we've seen a 450% growth in the c in that community. And we've gone from an average of one response, >>450%. I just wanna put a little exclamation point on that. Yeah, yeah. That's awesome. We, >>We've tripled our organic activity. So now if you post this Tysons community, it used to be, you'd get one response maybe from us, maybe from from a customer. Now it's up to three. And it's continuing to trend up. So we're, it's >>Amazing how much people are willing to help each other. If you just get in the platform, >>Do it. It's great. I mean, business is so >>Competitive. I think it's time for the, it's time. I think it's time. Instagram challenge. The reels on John. So we have a new thing. We're gonna run by you. Okay. We just call it the bumper sticker for reinvent. Instead of calling it the Instagram reels. If we're gonna do an Instagram reel for 30 seconds, what would be your take on what's going on this year at Reinvent? What you guys are doing? What's the most important story that you would share with folks on Instagram? >>You know, I think it's really what, what's been interesting to me is the, the story with Redshift composable, sorry. No, composable, Redshift Serverless. Yeah. One of the things I've been >>Seeing, we know you're thinking about composable a lot. Yes. Right? It's, it's just, it's in there, it's in your mouth. Yeah. >>So the fact that Redshift Serverless is now kind becoming the defacto standard, it changes something for, for my customers. Cuz one of the challenges with Redshift that I've seen in, in production is if as people use it more, you gotta get more boxes. You have to manage that. The fact that serverless is now available, it's, it's the default means it now people are just seeing Redshift as a very fast, very responsive repository. And that plays right into the story I'm telling cuz I'm telling them it's not that hard to put some analysis on top of things. So for me it's, it's a, maybe it's a narrow Instagram reel, but it's an >>Important one. Yeah. And that makes it better for you because you get to embed that. Yeah. And you get access to better data. Faster data. Yeah. Higher quality, relevant, updated. >>Yep. Awesome. As it goes into that 80% of knowledge workers, they have a consumer great expectation of experience. They're expecting that five ms response time. They're not waiting 2, 3, 4, 5, 10 seconds. They're not trained on theola expectations. And so it's, it matters a lot. >>Final question for you. Five years out from now, if things progress the way they're going with more innovation around data, this front end being very usable, semantic layer kicks in, you got the Lambda and you got serverless kind of coming in, helping out along the way. What's the experience gonna look like for a user? What's it in your mind's eye? What's that user look like? What's their experience? >>I, I think it shifts almost every role in a business towards being a quantitative one. Talking about, Hey, this is what I saw. This is my hypothesis and this is what came out of it. So here's what we should do next. I, I'm really excited to see that sort of scientific method move into more functions in the business. Cuz for decades it's been the domain of a few people like me doing strategy, but now I'm seeing it in CSMs, in support people and sales engineers and line engineers. That's gonna be a big shift. Awesome. >>Thank >>You Scott. Thank you so much. This has been a fantastic session. We wish you the best at si sense. John, always pleasure to share the, the stage with you. Thank you to everybody who's attuning in, tell us your thoughts. We're always eager to hear what, what features have got you most excited. And as you know, we will be live here from Las Vegas at reinvent from the show floor 10 to six all week except for Friday. We'll give you Friday off with John Furrier. My name's Savannah Peterson. We're the cube, the the, the leader in high tech coverage.

(upbeat music) >> Hello, welcome back to theCUBE's AWS RE:Invent 2022 Coverage. I'm John Furrier, host of theCUBE. Got a great lineup here, Itamar Ankorion SVP Technology Alliance at Qlik and Peter McDonald, vice President, cloud partnerships and business development Snowflake. We're going to talk about bringing SAP data to life, for joint Snowflake, Qlik and AWS Solution. Gentlemen, thanks for coming on theCUBE Really appreciate it. >> Thank you. >> Thank you, great meeting you John. >> Just to get started, introduce yourselves to the audience, then going to jump into what you guys are doing together, unique relationship here, really compelling solution in cloud. Big story about applications and scale this year. Let's introduce yourselves. Peter, we'll start with you. >> Great. I'm Peter MacDonald. I am vice president of Cloud Partners and business development here at Snowflake. On the Cloud Partner side, that means I manage AWS relationship along with Microsoft and Google Cloud. What we do together in terms of complimentary products, GTM, co-selling, things like that. Importantly, working with other third parties like Qlik for joint solutions. On business development, it's negotiating custom commercial partnerships, large companies like Salesforce and Dell, smaller companies at most for our venture portfolio. >> Thanks Peter and hi John. It's great to be back here. So I'm Itamar Ankorion and I'm the senior vice president responsible for technology alliances here at Qlik. With that, own strategic alliances, including our key partners in the cloud, including Snowflake and AWS. I've been in the data and analytics enterprise software market for 20 plus years, and my main focus is product management, marketing, alliances, and business development. I joined Qlik about three and a half years ago through the acquisition of Attunity, which is now the foundation for Qlik data integration. So again, we focus in my team on creating joint solution alignment with our key partners to provide more value to our customers. >> Great to have both you guys, senior executives in the industry on theCUBE here, talking about data, obviously bringing SAP data to life is the theme of this segment, but this reinvent, it's all about the data, big data end-to-end story, a lot about data being intrinsic as the CEO says on stage around in the organizations in all aspects. Take a minute to explain what you guys are doing as from a company standpoint. Snowflake and Qlik and the solutions, why here at AWS? Peter, we'll start with you at Snowflake, what you guys do as a company, your mission, your focus. >> That was great, John. Yeah, so here at Snowflake, we focus on the data platform and until recently, data platforms required expensive on-prem hardware appliances. And despite all that expense, customers had capacity constraints, inexpensive maintenance, and had limited functionality that all impeded these organizations from reaching their goals. Snowflake is a cloud native SaaS platform, and we've become so successful because we've addressed these pain points and have other new special features. For example, securely sharing data across both the organization and the value chain without copying the data, support for new data types such as JSON and structured data, and also advance in database data governance. Snowflake integrates with complimentary AWS services and other partner products. So we can enable holistic solutions that include, for example, here, both Qlik and AWS SageMaker, and comprehend and bring those to joint customers. Our customers want to convert data into insights along with advanced analytics platforms in AI. That is how they make holistic data-driven solutions that will give them competitive advantage. With Snowflake, our approach is to focus on customer solutions that leverage data from existing systems such as SAP, wherever they are in the cloud or on-premise. And to do this, we leverage partners like Qlik native US to help customers transform their businesses. We provide customers with a premier data analytics platform as a result. Itamar, why don't you talk about Qlik a little bit and then we can dive into the specific SAP solution here and some trends >> Sounds great, Peter. So Qlik provides modern data integration and analytics software used by over 38,000 customers worldwide. Our focus is to help our customers turn data into value and help them close the gap between data all the way through insight and action. We offer click data integration and click data analytics. Click data integration helps to automate the data pipelines to deliver data to where they want to use them in real-time and make the data ready for analytics and then Qlik data analytics is a robust platform for analytics and business intelligence has been a leader in the Gartner Magic Quadrant for over 11 years now in the market. And both of these come together into what we call Qlik Cloud, which is our SaaS based platform. So providing a more seamless way to consume all these services and accelerate time to value with customer solutions. In terms of partnerships, both Snowflake and AWS are very strategic to us here at Qlik, so we have very comprehensive investment to ensure strong joint value proposition to we can bring to our mutual customers, everything from aligning our roadmaps through optimizing and validating integrations, collaborating on best practices, packaging joint solutions like the one we'll talk about today. And with that investment, we are an elite level, top level partner with Snowflake. We fly that our technology is Snowflake-ready across the entire product set and we have hundreds of joint customers together and with AWS we've also partnered for a long time. We're here to reinvent. We've been here with the first reinvent since the inaugural one, so it kind of gives you an idea for how long we've been working with AWS. We provide very comprehensive integration with AWS data analytics services, and we have several competencies ranging from data analytics to migration and modernization. So that's our focus and again, we're excited about working with Snowflake and AWS to bring solutions together to market. >> Well, I'm looking forward to unpacking the solutions specifically, and congratulations on the continued success of both your companies. We've been following them obviously for a very long time and seeing the platform evolve beyond just SaaS and a lot more going on in cloud these days, kind of next generation emerging. You know, we're seeing a lot of macro trends that are going to be powering some of the things we're going to get into real quickly. But before we get into the solution, what are some of those power dynamics in the industry that you're seeing in trends specifically that are impacting your customers that are taking us down this road of getting more out of the data and specifically the SAP, but in general trends and dynamics. What are you hearing from your customers? Why do they care? Why are they going down this road? Peter, we'll start with you. >> Yeah, I'll go ahead and start. Thanks. Yeah, I'd say we continue to see customers being, being very eager to transform their businesses and they know they need to leverage technology and data to do so. They're also increasingly depending upon the cloud to bring that agility, that elasticity, new functionality necessary to react in real-time to every evolving customer needs. You look at what's happened over the last three years, and boy, the macro environment customers, it's all changing so fast. With our partnerships with AWS and Qlik, we've been able to bring to market innovative solutions like the one we're announcing today that spans all three companies. It provides a holistic solution and an integrated solution for our customer. >> Itamar let's get into it, you've been with theCUBE, you've seen the journey, you have your own journey, many, many years, you've seen the waves. What's going on now? I mean, what's the big wave? What's the dynamic powering this trend? >> Yeah, in a nutshell I'll call it, it's all about time. You know, it's time to value and it's about real-time data. I'll kind of talk about that a bit. So, I mean, you hear a lot about the data being the new oil, but it's definitely, we see more and more customers seeing data as their critical enabler for innovation and digital transformation. They look for ways to monetize data. They look as the data as the way in which they can innovate and bring different value to the customers. So we see customers want to use more data so to get more value from data. We definitely see them wanting to do it faster, right, than before. And we definitely see them looking for agility and automation as ways to accelerate time to value, and also reduce overall costs. I did mention real-time data, so we definitely see more and more customers, they want to be able to act and make decisions based on fresh data. So yesterday's data is just not good enough. >> John: Yeah. >> It's got to be down to the hour, down to the minutes and sometimes even lower than that. And then I think we're also seeing customers look to their core business systems where they have a lot of value, like the SAP, like mainframe and thinking, okay, our core data is there, how can we get more value from this data? So that's key things we see all the time with customers. >> Yeah, we did a big editorial segment this year on, we called data as code. Data as code is kind of a riff on infrastructure as code and you start to see data becoming proliferating into all aspects, fresh data. It's not just where you store it, it's how you share it, it's how you turn it into an application intrinsically involved in all aspects. This is the big theme this year and that's driving all the conversations here at RE:Invent. And I'm guaranteeing you, it's going to happen for another five and 10 years. It's not stopping. So I got to get into the solution, you guys mentioned SAP and you've announced the solution by Qlik, Snowflake and AWS for your customers using SAP. Can you share more about this solution? What's unique about it? Why is it important and why now? Peter, Itamar, we'll start with you first. >> Let me jump in, this is really, I'll jump because I'm excited. We're very excited about this solution and it's also a solution by the way and again, we've seen proven customer success with it. So to your point, it's ready to scale, it's starting, I think we're going to see a lot of companies doing this over the next few years. But before we jump to the solution, let me maybe take a few minutes just to clarify the need, why we're seeing, why we're seeing customers jump to do this. So customers that use SAP, they use it to manage the core of their business. So think order processing, management, finance, inventory, supply chain, and so much more. So if you're running SAP in your company, that data creates a great opportunity for you to drive innovation and modernization. So what we see customers want to do, they want to do more with their data and more means they want to take SAP with non-SAP data and use it together to drive new insights. They want to use real-time data to drive real-time analytics, which they couldn't do to date. They want to bring together descriptive with predictive analytics. So adding machine learning in AI to drive more value from the data. And naturally they want to do it faster. So find ways to iterate faster on their solutions, have freedom with the data and agility. And I think this is really where cloud data platforms like Snowflake and AWS, you know, bring that value to be able to drive that. Now to do that you need to unlock the SAP data, which is a lot of also where Qlik comes in because typical challenges these customers run into is the complexity, inherent in SAP data. Tens of thousands of tables, proprietary formats, complex data models, licensing restrictions, and more than, you have performance issues, they usually run into how do we handle the throughput, the volumes while maintaining lower latency and impact. Where do we find knowledge to really understand how to get all this done? So these are the things we've looked at when we came together to create a solution and make it unique. So when you think about its uniqueness, because we put together a lot, and I'll go through three, four key things that come together to make this unique. First is about data delivery. How do you have the SAP data delivery? So how do you get it from ECC, from HANA from S/4HANA, how do you deliver the data and the metadata and how that integration well into Snowflake. And what we've done is we've focused a lot on optimizing that process and the continuous ingestion, so the real-time ingestion of the data in a way that works really well with the Snowflake system, data cloud. Second thing is we looked at SAP data transformation, so once the data arrives at Snowflake, how do we turn it into being analytics ready? So that's where data transformation and data worth automation come in. And these are all elements of this solution. So creating derivative datasets, creating data marts, and all of that is done by again, creating an optimized integration that pushes down SQL based transformations, so they can be processed inside Snowflake, leveraging its powerful engine. And then the third element is bringing together data visualization analytics that can also take all the data now that in organizing inside Snowflake, bring other data in, bring machine learning from SageMaker, and then you go to create a seamless integration to bring analytic applications to life. So these are all things we put together in the solution. And maybe the last point is we actually took the next step with this and we created something we refer to as solution accelerators, which we're really, really keen about. Think about this as prepackaged templates for common business analytic needs like order to cash, finance, inventory. And we can either dig into that a little more later, but this gets the next level of value to the customers all built into this joint solution. >> Yeah, I want to get to the accelerators, but real quick, Peter, your reaction to the solution, what's unique about it? And obviously Snowflake, we've been seeing the progression data applications, more developers developing on top of Snowflake, data as code kind of implies developer ecosystem. This is kind of interesting. I mean, you got partnering with Qlik and AWS, it's kind of a developer-like thinking real solution. What's unique about this SAP solution that's, that's different than what customers can get anywhere else or not? >> Yeah, well listen, I think first of all, you have to start with the idea of the solution. This are three companies coming together to build a holistic solution that is all about, you know, creating a great opportunity to turn SAP data into value this is Itamar was talking about, that's really what we're talking about here and there's a lot of technology underneath it. I'll talk more about the Snowflake technology, what's involved here, and then cover some of the AWS pieces as well. But you know, we're focusing on getting that value out and accelerating time to value for our joint customers. As Itamar was saying, you know, there's a lot of complexity with the SAP data and a lot of value there. How can we manage that in a prepackaged way, bringing together best of breed solutions with proven capabilities and bringing this to market quickly for our joint customers. You know, Snowflake and AWS have been strong partners for a number of years now, and that's not only on how Snowflake runs on top of AWS, but also how we integrate with their complementary analytics and then all products. And so, you know, we want to be able to leverage those in addition to what Qlik is bringing in terms of the data transformations, bringing data out of SAP in the visualization as well. All very critical. And then we want to bring in the predictive analytics, AWS brings and what Sage brings. We'll talk about that a little bit later on. Some of the technologies that we're leveraging are some of our latest cutting edge technologies that really make things easier for both our partners and our customers. For example, Qlik leverages Snowflakes recently released Snowpark for Python functionality to push down those data transformations from clicking the Snowflake that Itamar's mentioning. And while we also leverage Snowpark for integrations with Amazon SageMaker, but there's a lot of great new technology that just makes this easy and compelling for customers. >> I think that's the big word, easy button here for what may look like a complex kind of integration, kind of turnkey, really, really compelling example of the modern era we're living in, as we always say in theCUBE. You mentioned accelerators, SAP accelerators. Can you give an example of how that works with the technology from the third party providers to deliver this business value Itamar, 'cause that was an interesting comment. What's the example? Give an example of this acceleration. >> Yes, certainly. I think this is something that really makes this truly, truly unique in the industry and again, a great opportunity for customers. So we kind talked earlier about there's a lot of things that need to be done with SP data to turn it to value. And these accelerator, as the name suggests, are designed to do just that, to kind of jumpstart the process and reduce the time and the risk involved in such project. So again, these are pre-packaged templates. We basically took a lot of knowledge, and a lot of configurations, best practices about to get things done and we put 'em together. So think about all the steps, it includes things like data extraction, so already knowing which tables, all the relevant tables that you need to get data from in the contexts of the solution you're looking for, say like order to cash, we'll get back to that one. How do you continuously deliver that data into Snowflake in an in efficient manner, handling things like data type mappings, metadata naming conventions and transformations. The data models you build all the way to data mart definitions and all the transformations that the data needs to go through moving through steps until it's fully analytics ready. And then on top of that, even adding a library of comprehensive analytic dashboards and integrations through machine learning and AI and put all of that in a way that's in pre-integrated and tested to work with Snowflake and AWS. So this is where again, you get this entire recipe that's ready. So take for example, I think I mentioned order to cash. So again, all these things I just talked about, I mean, for those who are not familiar, I mean order to cash is a critical business process for every organization. So especially if you're in retail, manufacturing, enterprise, it's a big... This is where, you know, starting with booking a sales order, following by fulfilling the order, billing the customer, then managing the accounts receivable when the customer actually pays, right? So this all process, you got sales order fulfillment and the billing impacts customer satisfaction, you got receivable payments, you know, the impact's working capital, cash liquidity. So again, as a result this order to cash process is a lifeblood for many businesses and it's critical to optimize and understand. So the solution accelerator we created specifically for order to cash takes care of understanding all these aspects and the data that needs to come with it. So everything we outline before to make the data available in Snowflake in a way that's really useful for downstream analytics, along with dashboards that are already common for that, for that use case. So again, this enables customers to gain real-time visibility into their sales orders, fulfillment, accounts receivable performance. That's what the Excel's are all about. And very similarly, we have another one for example, for finance analytics, right? So this will optimize financial data reporting, helps customers get insights into P&L, financial risk of stability or inventory analytics that helps with, you know, improve planning and inventory management, utilization, increased efficiencies, you know, so in supply chain. So again, these accelerators really help customers get a jumpstart and move faster with their solutions. >> Peter, this is the easy button we just talked about, getting things going, you know, get the ball rolling, get some acceleration. Big part of this are the three companies coming together doing this. >> Yeah, and to build on what Itamar just said that the SAP data obviously has tremendous value. Those sales orders, distribution data, financial data, bringing that into Snowflake makes it easily accessible, but also it enables it to be combined with other data too, is one of the things that Snowflake does so well. So you can get a full view of the end-to-end process and the business overall. You know, for example, I'll just take one, you know, one example that, that may not come to mind right away, but you know, looking at the impact of weather conditions on supply chain logistics is relevant and material and have interest to our customers. How do you bring those different data sets together in an easy way, bringing the data out of SAP, bringing maybe other data out of other systems through Qlik or through Snowflake, directly bringing data in from our data marketplace and bring that all together to make it work. You know, fundamentally organizational silos and the data fragmentation exist otherwise make it really difficult to drive modern analytics projects. And that in turn limits the value that our customers are getting from SAP data and these other data sets. We want to enable that and unleash. >> Yeah, time for value. This is great stuff. Itamar final question, you know, what are customers using this? What do you have? I'm sure you have customers examples already using the solution. Can you share kind of what these examples look like in the use cases and the value? >> Oh yeah, absolutely. Thank you. Happy to. We have customers across different, different sectors. You see manufacturing, retail, energy, oil and gas, CPG. So again, customers in those segments, typically sectors typically have SAP. So we have customers in all of them. A great example is like Siemens Energy. Siemens Energy is a global provider of gas par services. You know, over what, 28 billion, 30 billion in revenue. 90,000 employees. They operate globally in over 90 countries. So they've used SAP HANA as a core system, so it's running on premises, multiple locations around the world. And what they were looking for is a way to bring all these data together so they can innovate with it. And the thing is, Peter mentioned earlier, not just the SAP data, but also bring other data from other systems to bring it together for more value. That includes finance data, these logistics data, these customer CRM data. So they bring data from over 20 different SAP systems. Okay, with Qlik data integration, feeding that into Snowflake in under 20 minutes, 24/7, 365, you know, days a year. Okay, they get data from over 20,000 tables, you know, over million, hundreds of millions of records daily going in. So it is a great example of the type of scale, scalability, agility and speed that they can get to drive these kind of innovation. So that's a great example with Siemens. You know, another one comes to mind is a global manufacturer. Very similar scenario, but you know, they're using it for real-time executive reporting. So it's more like feasibility to the production data as well as for financial analytics. So think, think, think about everything from audit to texts to innovate financial intelligence because all the data's coming from SAP. >> It's a great time to be in the data business again. It keeps getting better and better. There's more data coming. It's not stopping, you know, it's growing so fast, it keeps coming. Every year, it's the same story, Peter. It's like, doesn't stop coming. As we wrap up here, let's just get customers some information on how to get started. I mean, obviously you're starting to see the accelerators, it's a great program there. What a great partnership between the two companies and AWS. How can customers get started to learn about the solution and take advantage of it, getting more out of their SAP data, Peter? >> Yeah, I think the first place to go to is talk to Snowflake, talk to AWS, talk to our account executives that are assigned to your account. Reach out to them and they will be able to educate you on the solution. We have packages up very nicely and can be deployed very, very quickly. >> Well gentlemen, thank you so much for coming on. Appreciate the conversation. Great overview of the partnership between, you know, Snowflake and Qlik and AWS on a joint solution. You know, getting more out of the SAP data. It's really kind of a key, key solution, bringing SAP data to life. Thanks for coming on theCUBE. Appreciate it. >> Thank you. >> Thank you John. >> Okay, this is theCUBE coverage here at RE:Invent 2022. I'm John Furrier, your host of theCUBE. Thanks for watching. (upbeat music)

>>Everyone, welcome to the cube here in Palo Alto, California for a special presentation on Cloud native at scale, enabling super cloud modern applications with Platform nine. I'm John Furry, your host of The Cube. We've got a great lineup of three interviews we're streaming today. Mattor Makki, who's the co-founder and VP of Product of Platform nine. She's gonna go into detail around Arlon, the open source products, and also the value of what this means for infrastructure as code and for cloud native at scale. Bickley the chief architect of Platform nine Cube alumni. Going back to the OpenStack days. He's gonna go into why Arlon, why this infrastructure as code implication, what it means for customers and the implications in the open source community and where that value is. Really great wide ranging conversation there. And of course, Vascar, Gort, the CEO of Platform nine, is gonna talk with me about his views on Super Cloud and why Platform nine has a scalable solutions to bring cloud native at scale. So enjoy the program, see you soon. Hello and welcome to the cube here in Palo Alto, California for a special program on cloud native at scale, enabling next generation cloud or super cloud for modern application cloud native developers. I'm John Forry, host of the Cube. Pleasure to have here me Makowski, co-founder and VP of product at Platform nine. Thanks for coming in today for this Cloudnative at scale conversation. >>Thank you for having >>Me. So Cloudnative at scale, something that we're talking about because we're seeing the, the next level of mainstream success of containers Kubernetes and cloud native develop, basically DevOps in the C I C D pipeline. It's changing the landscape of infrastructure as code, it's accelerating the value proposition and the super cloud as we call it, has been getting a lot of traction because this next generation cloud is looking a lot different, but kind of the same as the first generation. What's your view on Super cloud as it fits to cloud native as scales up? >>Yeah, you know, I think what's interesting, and I think the reason why Super Cloud is a really good and a really fit term for this, and I think, I know my CEO was chatting with you as well, and he was mentioning this as well, but I think there needs to be a different term than just multi-cloud or cloud. And the reason is because as cloud native and cloud deployments have scaled, I think we've reached a point now where instead of having the traditional data center style model, where you have a few large distributors of infrastructure and workload at a few locations, I think the model is kind of flipped around, right? Where you have a large number of micro sites. These micro sites could be your public cloud deployment, your private on-prem infrastructure deployments, or it could be your edge environment, right? And every single enterprise, every single industry is moving in that direction. And so you gotta rougher that with a terminology that, that, that indicates the scale and complexity of it. And so I think super cloud is a, is an appropriate term for >>That. So you brought a couple things I want to dig into. You mentioned Edge Notes. We're seeing not only edge nodes being the next kind of area of innovation, mainly because it's just popping up everywhere. And that's just the beginning. Wouldn't even know what's around the corner. You got buildings, you got iot, o ot, and it kind of coming together, but you also got this idea of regions, global infrastructures, big part of it. I just saw some news around cloud flare shutting down a site here, there's policies being made at scale. These new challenges there. Can you share because you can have edge. So hybrid cloud is a winning formula. Everybody knows that it's a steady state. Yeah. But across multiple clouds brings in this new un engineered area, yet it hasn't been done yet. Spanning clouds. People say they're doing it, but you start to see the toe in the water, it's happening, it's gonna happen. It's only gonna get accelerated with the edge and beyond globally. So I have to ask you, what is the technical challenges in doing this? Because it's something business consequences as well, but there are technical challenge. Can you share your view on what the technical challenges are for the super cloud across multiple edges and >>Regions? Yeah, absolutely. So I think, you know, in in the context of this, the, this, this term of super cloud, I think it's sometimes easier to visualize things in terms of two access, right? I think on one end you can think of the scale in terms of just pure number of nodes that you have, deploy number of clusters in the Kubernetes space. And then on the other access you would have your distribution factor, right? Which is, do you have these tens of thousands of nodes in one site or do you have them distributed across tens of thousands of sites with one node at each site? Right? And if you have just one flavor of this, there is enough complexity, but potentially manageable. But when you are expanding on both these access, you really get to a point where that skill really needs some well thought out, well-structured solutions to address it, right? A combination of homegrown tooling along with your, you know, favorite distribution of Kubernetes is not a strategy that can help you in this environment. It may help you when you have one of this or when you, when you scale, is not at the level. >>Can you scope the complexity? Because I mean, I hear a lot of moving parts going on there, the technology's also getting better. We we're seeing cloud native become successful. There's a lot to configure, there's a lot to install. Can you scope the scale of the problem? Because we're talking about at scale Yep. Challenges here. >>Yeah, absolutely. And I think, you know, I I like to call it, you know, the, the, the problem that the scale creates, you know, there's various problems, but I think one, one problem, one way to think about it is, is, you know, it works on my cluster problem, right? So, you know, I come from engineering background and there's a, you know, there's a famous saying between engineers and QA and the support folks, right? Which is, it works on my laptop, which is I tested this change, everything was fantastic, it worked flawlessly on my machine, on production, It's not working. The exact same problem now happens and these distributed environments, but at massive scale, right? Which is that, you know, developers test their applications, et cetera within the sanctity of their sandbox environments. But once you expose that change in the wild world of your production deployment, right? >>And the production deployment could be going at the radio cell tower at the edge location where a cluster is running there, or it could be sending, you know, these applications and having them run at my customer's site where they might not have configured that cluster exactly the same way as I configured it, or they configured the cluster, right? But maybe they didn't deploy the security policies or they didn't deploy the other infrastructure plugins that my app relies on all of these various factors at their own layer of complexity. And there really isn't a simple way to solve that today. And that is just, you know, one example of an issue that happens. I think another, you know, whole new ball game of issues come in the context of security, right? Because when you are deploying applications at scale in a distributed manner, you gotta make sure someone's job is on the line to ensure that the right security policies are enforced regardless of that scale factor. So I think that's another example of problems that occur. >>Okay. So I have to ask about scale because there are a lot of multiple steps involved when you see the success cloud native, you know, you see some, you know, some experimentation. They set up a cluster, say it's containers and Kubernetes, and then you say, Okay, we got this, we can configure it. And then they do it again and again, they call it day two. Some people call it day one, day two operation, whatever you call it. Once you get past the first initial thing, then you gotta scale it. Then you're seeing security breaches, you're seeing configuration errors. This seems to be where the hotpot is. And when companies transition from, I got this to, Oh no, it's harder than I thought at scale. Can you share your reaction to that and how you see this playing out? >>Yeah, so, you know, I think it's interesting. There's multiple problems that occur when, you know, the, the two factors of scale is we talked about start expanding. I think one of them is what I like to call the, you know, it, it works fine on my cluster problem, which is back in, when I was a developer, we used to call this, it works on my laptop problem, which is, you know, you have your perfectly written code that is operating just fine on your machine, your sandbox environment. But the moment it runs production, it comes back with p zeros and POS from support teams, et cetera. And those issues can be really difficult to try us, right? And so in the Kubernetes environment, this problem kind of multi folds, it goes, you know, escalates to a higher degree because yeah, you have your sandbox developer environments, they have their clusters and things work perfectly fine in those clusters because these clusters are typically handcrafted or a combination of some scripting and handcrafting. >>And so as you give that change to then run at your production edge location, like say you radio sell tower site, or you hand it over to a customer to run it on their cluster, they might not have not have configured that cluster exactly how you did it, or they might not have configured some of the infrastructure plugins. And so the things don't work. And when things don't work, triaging them becomes like ishly hard, right? It's just one of the examples of the problem. Another whole bucket of issues is security, which is, is you have these distributed clusters at scale, you gotta ensure someone's job is on the line to make sure that these security policies are configured properly. >>So this is a huge problem. I love that comment. That's not not happening on my system. It's the classic, you know, debugging mentality. Yeah. But at scale it's hard to do that with error prone. I can see that being a problem. And you guys have a solution you're launching, Can you share what our lawn is, this new product, What is it all about? Talk about this new introduction. >>Yeah, absolutely. I'm very, very excited. You know, it's one of the projects that we've been working on for some time now because we are very passionate about this problem and just solving problems at scale in on-prem or at in the cloud or at edge environments. And what arwan is, it's an open source project and it is a tool, it's a Kubernetes native tool for complete end to end management of not just your clusters, but your clusters. All of the infrastructure that goes within and along the sites of those clusters, security policies, your middleware plugins, and finally your applications. So what alarm lets you do in a nutshell is in a declarative way, it lets you handle the configuration and management of all of these components in at scale. >>So what's the elevator pitch simply put for what this solves in, in terms of the chaos you guys are reigning in. What's the, what's the bumper sticker? Yeah, >>What would it do? There's a perfect analogy that I love to reference in this context, which is think of your assembly line, you know, in a traditional, let's say, you know, an auto manufacturing factory or et cetera, and the level of efficiency at scale that that assembly line brings, right online. And if you look at the logo we've designed, it's this funny little robot. And it's because when we think of online, we, we think of these enterprise large scale environments, you know, sprawling at scale creating chaos because there isn't necessarily a well thought through, well structured solution that's similar to an assembly line, which is taking each components, you know, addressing them, manufacturing, processing them in a standardized way, then handing to the next stage. But again, it gets, you know, processed in a standardized way. And that's what Arlon really does. That's like the I pitch. If you have problems of scale of managing your infrastructure, you know, that is distributed. Arlon brings the assembly line level of efficiency and consistency >>For those. So keeping it smooth, the assembly on things are flowing. C C I CD pipelining. Exactly. So that's what you're trying to simplify that ops piece for the developer. I mean, it's not really ops, it's their ops, it's coding. >>Yeah. Not just developer, the ops, the operations folks as well, right? Because developers, you know, there is, the developers are responsible for one picture of that layer, which is my apps, and then maybe that middleware of application that they interface with, but then they hand it over to someone else who's then responsible to ensure that these apps are secure properly, that they are logging, logs are being collected properly, monitoring and observability integrated. And so it solves problems for both those >>Teams. Yeah. It's DevOps. So the DevOps is the cloud native developer. The OP teams have to kind of set policies. Is that where the declarative piece comes in? Is that why that's important? >>Absolutely. Yeah. And, and, and, and you know, Kubernetes really in introduced or elevated this declarative management, right? Because, you know, c communities clusters are Yeah. Or your, yeah, you know, specifications of components that go in Kubernetes are defined in a declarative way. And Kubernetes always keeps that state consistent with your defined state. But when you go outside of that world of a single cluster, and when you actually talk about defining the clusters or defining everything that's around it, there really isn't a solution that does that today. And so online addresses that problem at the heart of it, and it does that using existing open source well known solutions. >>Ed, do I wanna get into the benefits? What's in it for me as the customer developer? But I want to finish this out real quick and get your thoughts. You mentioned open source. Why open source? What's the, what's the current state of the product? You run the product group over at platform nine, is it open source? And you guys have a product that's commercial? Can you explain the open source dynamic? And first of all, why open source? Yeah. And what is the consumption? I mean, open source is great, People want open source, they can download it, look up the code, but maybe wanna buy the commercial. So I'm assuming you have that thought through, can you share open source and commercial relationship? >>Yeah, I think, you know, starting with why open source? I think it's, you know, we as a company, we have, you know, one of the things that's absolutely critical to us is that we take mainstream open source technologies components and then we, you know, make them available to our customers at scale through either a SaaS model on from model, right? But, so as we are a company or startup or a company that benefits, you know, in a massive way by this open source economy, it's only right, I think in my mind that we do our part of the duty, right? And contribute back to the community that feeds us. And so, you know, we have always held that strongly as one of our principles. And we have, you know, created and built independent products starting all the way with fi, which was a serverless product, you know, that we had built to various other, you know, examples that I can give. But that's one of the main reasons why opensource and also opensource because we want the community to really firsthand engage with us on this problem, which is very difficult to achieve if your product is behind a wall, you know, behind, behind a block box. >>Well, and that's, that's what the developers want too. I mean, what we're seeing in reporting with Super Cloud is the new model of consumption is I wanna look at the code and see what's in there. That's right. And then also, if I want to use it, I, I'll do it. Great. That's open source, that's the value. But then at the end of the day, if I wanna move fast, that's when people buy in. So it's a new kind of freemium, I guess, business model. I guess that's the way that, Well, but that's, that's the benefit. Open source. This is why standards and open source is growing so fast. You have that confluence of, you know, a way for helpers to try before they buy, but also actually kind of date the application, if you will. We, you know, Adrian Karo uses the dating me metaphor, you know, Hey, you know, I wanna check it out first before I get married. Right? And that's what open source, So this is the new, this is how people are selling. This is not just open source, this is how companies are selling. >>Absolutely. Yeah. Yeah. You know, I think, and you know, two things. I think one is just, you know, this, this, this cloud native space is so vast that if you, if you're building a close flow solution, sometimes there's also a risk that it may not apply to every single enterprises use cases. And so having it open source gives them an opportunity to extend it, expand it, to make it proper to their use case if they choose to do so, right? But at the same time, what's also critical to us is we are able to provide a supported version of it with an SLA that we, you know, that's backed by us, a SAS hosted version of it as well, for those customers who choose to go that route, you know, once they have used the open source version and loved it and want to take it at scale and in production and need, need, need a partner to collaborate with, who can, you know, support them for that production >>Environment. I have to ask you now, let's get into what's in it for the customer. I'm a customer, why should I be enthused about Arlo? What's in it for me? You know? Cause if I'm not enthused about it, I'm not gonna be confident and it's gonna be hard for me to get behind this. Can you share your enthusiastic view of, you know, why I should be enthused about Arlo customer? >>Yeah, absolutely. And so, and there's multiple, you know, enterprises that we talk to, many of them, you know, our customers, where this is a very kind of typical story that you hear, which is we have, you know, a Kubernetes distribution. It could be on premise, it could be public clouds, native es, and then we have our C I CD pipelines that are automating the deployment of applications, et cetera. And then there's this gray zone. And the gray zone is well before you can you, your CS CD pipelines can deploy the apps. Somebody needs to do all of their groundwork of, you know, defining those clusters and yeah. You know, properly configuring them. And as these things, these things start by being done hand grown. And then as the, as you scale, what typically enterprises would do today is they will have their home homegrown DIY solutions for this. >>I mean, the number of folks that I talk to that have built Terra from automation, and then, you know, some of those key developers leave. So it's a typical open source or typical, you know, DIY challenge. And the reason that they're writing it themselves is not because they want to. I mean, of course technology is always interesting to everybody, but it's because they can't find a solution that's out there that perfectly fits the problem. And so that's that pitch. I think Spico would be delighted. The folks that we've talked, you know, spoken with, have been absolutely excited and have, you know, shared that this is a major challenge we have today because we have, you know, few hundreds of clusters on s Amazon and we wanna scale them to few thousands, but we don't think we are ready to do that. And this will give us >>Stability. Yeah, I think people are scared, not sc I won't say scare, that's a bad word. Maybe I should say that they feel nervous because, you know, at scale small mistakes can become large mistakes. This is something that is concerning to enterprises. And, and I think this is gonna come up at co con this year where enterprises are gonna say, Okay, I need to see SLAs. I wanna see track record, I wanna see other companies that have used it. Yeah. How would you answer that question to, or, or challenge, you know, Hey, I love this, but is there any guarantees? Is there any, what's the SLAs? I'm an enterprise, I got tight, you know, I love the open source trying to free fast and loose, but I need hardened code. >>Yeah, absolutely. So, so two parts to that, right? One is Arlan leverages existing open source components, products that are extremely popular. Two specifically. One is Lon uses Argo cd, which is probably one of the highest rated and used CD open source tools that's out there, right? It's created by folks that are as part of Intuit team now, you know, really brilliant team. And it's used at scale across enterprises. That's one. Second is arlon also makes use of cluster api capi, which is a ES sub-component, right? For lifecycle management of clusters. So there is enough of, you know, community users, et cetera, around these two products, right? Or, or, or open source projects that will find Arlan to be right up in their alley because they're already comfortable, familiar with algo cd. Now Arlan just extends the scope of what Algo CD can do. And so that's one. And then the second part is going back to a point of the comfort. And that's where, you know, Platform nine has a role to play, which is when you are ready to deploy Alon at scale, because you've been, you know, playing with it in your DEF test environments, you're happy with what you get with it, then Platform nine will stand behind it and provide that sla. >>And what's been the reaction from customers you've talked to Platform nine customers with, with, that are familiar with, with Argo and then Arlo? What's been some of the feedback? >>Yeah, I, I, I think the feedback's been fantastic. I mean, I can give you examples of customers where, you know, initially, you know, when you are, when you're telling them about your entire portfolio of solutions, it might not strike a card right away. But then we start talking about Arlan and, and we talk about the fact that it uses Argo CD and they start opening up, they say, We have standardized on Argo and we have built these components, homegrown, we would be very interested. Can we co-develop? Does it support these use cases? So we've had that kind of validation. We've had validation all the way at the beginning of our line before we even wrote a single line of code saying this is something we plan on doing. And the customer said, If you had it today, I would've purchased it. So it's been really great validation. >>All right. So next question is, what is the solution to the customer? If I asked you, Look it, I have, I'm so busy, my team's overworked. I got a skills gap. I don't need another project that's, I'm so tied up right now and I'm just chasing my tail. How does Platform nine help me? >>Yeah, absolutely. So I think, you know, one of the core tenets of Platform nine has always been that we try to bring that public cloud like simplicity by hosting, you know, this in a lot of such similar tools in a SaaS hosted manner for our customers, right? So our goal behind doing that is taking away or trying to take away all of that complexity from customer's hands and offloading it to our hands, right? And giving them that full white glove treatment as we call it. And so from a customer's perspective, one, something like arlon will integrate with what they have so they don't have to rip and replace anything. In fact, it will, even in the next versions, it may even discover your clusters that you have today and, you know, give you an inventory and that, >>So customers have clusters that are growing, that's a sign correct call you guys. >>Absolutely. Either they're, they have massive large clusters, right? That they wanna split into smaller clusters, but they're not comfortable doing that today, or they've done that already on say, public cloud or otherwise. And now they have management challenges. So >>Especially operationalizing the clusters, whether they want to kind of reset everything and remove things around and reconfigure Yeah. And or scale out. >>That's right. Exactly. >>And you provide that layer of policy. >>Absolutely. >>Yes. That's the key value >>Here. That's right. >>So policy based configuration for cluster scale up >>Profile and policy based declarative configuration and life cycle management for clusters. >>If I asked you how this enables Super club, what would you say to that? >>I think this is one of the key ingredients to super cloud, right? If you think about a super cloud environment, there's at least few key ingredients that that come to my mind that are really critical. Like they are, you know, life saving ingredients at that scale. One is having a really good strategy for managing that scale, you know, in a, going back to assembly line in a very consistent, predictable way so that our lot solves then you, you need to compliment that with the right kind of observability and monitoring tools at scale, right? Because ultimately issues are gonna happen and you're gonna have to figure out, you know, how to solve them fast. And alon by the way, also helps in that direction, but you also need observability tools. And then especially if you're running it on the public cloud, you need some cost management tools. In my mind, these three things are like the most necessary ingredients to make Super Cloud successful. And, you know, alarm flows >>In one. Okay, so now the next level is, Okay, that makes sense. There's under the covers kind of speak under the hood. Yeah. How does that impact the app developers and the cloud native modern application workflows? Because the impact to me, seems the apps are gonna be impacted. Are they gonna be faster, stronger? I mean, what's the impact if you do all those things, as you mentioned, what's the impact of the apps? >>Yeah, the impact is that your apps are more likely to operate in production the way you expect them to, because the right checks and balances have gone through, and any discrepancies have been identified prior to those apps, prior to your customer running into them, right? Because developers run into this challenge to their, where there's a split responsibility, right? I'm responsible for my code, I'm responsible for some of these other plugins, but I don't own the stack end to end. I have to rely on my ops counterpart to do their part, right? And so this really gives them, you know, the right tooling for >>That. So this is actually a great kind of relevant point, you know, as cloud becomes more scalable, you're starting to see this fragmentation gone of the days of the full stack developer to the more specialized role. But this is a key point, and I have to ask you because if this Arlo solution takes place, as you say, and the apps are gonna be stupid, there's designed to do, the question is, what did, does the current pain look like of the apps breaking? What does the signals to the customer Yeah. That they should be calling you guys up into implementing Arlo, Argo, and, and, and on all the other goodness to automate, What are some of the signals? Is it downtime? Is it, is it failed apps, Is it latency? What are some of the things that Yeah, absolutely would be in indications of things are effed up a little bit. >>Yeah. More frequent down times, down times that are, that take longer to triage. And so you are, you know, the, you know, your mean times on resolution, et cetera, are escalating or growing larger, right? Like we have environments of customers where they, they have a number of folks on in the field that have to take these apps and run them at customer sites. And that's one of our partners. And they're extremely interested in this because the, the rate of failures they're encountering for this, you know, the field when they're running these apps on site, because the field is automating their clusters that are running on sites using their own script. So these are the kinds of challenges, and those are the pain points, which is, you know, if you're looking to reduce your, your meantime to resolution, if you're looking to reduce the number of failures that occur on your production site, that's one. And second, if you are looking to manage these at scale environments with a relatively small, focused, nimble ops team, which has an immediate impact on your, So those are, those are the >>Signals. This is the cloud native at scale situation, the innovation going on. Final thought is your reaction to the idea that if the world goes digital, which it is, and the confluence of physical and digital coming together, and cloud continues to do its thing, the company becomes the application, not where it used to be supporting the business, you know, the back office and the IIA terminals and some PCs and handhelds. Now if technology's running, the business is the business. Yeah. The company's the application. Yeah. So it can't be down. So there's a lot of pressure on, on CSOs and CIOs now and see, and boards is saying, how is technology driving the top line revenue? That's the number one conversation. Yeah. Do you see that same thing? >>Yeah. It's interesting. I think there's multiple pressures at the CXO CIO level, right? One is that there needs to be that visibility and clarity and guarantee almost that, you know, that the, the technology that's, you know, that's gonna drive your top line is gonna drive that in a consistent, reliable, predictable manner. And then second, there is the constant pressure to do that while always lowering your costs of doing it, right? Especially when you're talking about, let's say retailers or those kinds of large scale vendors, they many times make money by lowering the amount that they spend on, you know, providing those goods to their end customers. So I think those, both those factors kind of come into play and the solution to all of them is usually in a very structured strategy around automation. >>Final question. What does cloudnative at scale look like to you? If all the things happen the way we want 'em to happen, The magic wand, the magic dust, what does it look like? >>What that looks like to me is a CIO sipping at his desk on coffee production is running absolutely smooth. And his, he's running that at a nimble, nimble team size of at the most, a handful of folks that are just looking after things with things. So just >>Taking care of, and the CIO doesn't exist. There's no CSO there at the beach. >>Yeah. >>Thank you for coming on, sharing the cloud native at scale here on the cube. Thank you for your time. >>Fantastic. Thanks for having >>Me. Okay. I'm John Fur here for special program presentation, special programming cloud native at scale, enabling super cloud modern applications with Platform nine. Thanks for watching. Welcome back everyone to the special presentation of cloud native at scale, the cube and platform nine special presentation going in and digging into the next generation super cloud infrastructure as code and the future of application development. We're here at Bickley, who's the chief architect and co-founder of Platform nine b. Great to see you Cube alumni. We, we met at an OpenStack event in about eight years ago, or well later, earlier when opens Stack was going. Great to see you and great to see congratulations on the success of platform nine. >>Thank you very much. >>Yeah. You guys have been at this for a while and this is really the, the, the year we're seeing the, the crossover of Kubernetes because of what happens with containers. Everyone now was realized, and you've seen what Docker's doing with the new docker, the open source Docker now just a success Exactly. Of containerization, right? And now the Kubernetes layer that we've been working on for years is coming, bearing fruit. This is huge. >>Exactly. Yes. >>And so as infrastructure's code comes in, we talked to Bacar talking about Super Cloud, I met her about, you know, the new Arlon, our R lawn you guys just launched, the infrastructure's code is going to another level. And then it's always been DevOps infrastructure is code. That's been the ethos that's been like from day one, developers just code. Then you saw the rise of serverless and you see now multi-cloud or on the horizon, connect the dots for us. What is the state of infrastructures code today? >>So I think, I think I'm, I'm glad you mentioned it, everybody or most people know about infrastructures code. But with Kubernetes, I think that project has evolved at the concept even further. And these dates, it's infrastructure as configuration, right? So, which is an evolution of infrastructure as code. So instead of telling the system, here's how I want my infrastructure by telling it, you know, do step A, B, C, and D instead with Kubernetes, you can describe your desired state declaratively using things called manifest resources. And then the system kind of magically figures it out and tries to converge the state towards the one that you specify. So I think it's, it's a even better version of infrastructures code. >>Yeah, yeah. And, and that really means it's developer just accessing resources. Okay. Not declaring, Okay, give me some compute, stand me up some, turn the lights on, turn 'em off, turn 'em on. That's kind of where we see this going. And I like the configuration piece. Some people say composability, I mean now with open source, so popular, you don't have to have to write a lot of code. It's code being developed. And so it's into integration, it's configuration. These are areas that we're starting to see computer science principles around automation, machine learning, assisting open source. Cuz you got a lot of code that's right in hearing software, supply chain issues. So infrastructure as code has to factor in these new, new dynamics. Can you share your opinion on these new dynamics of, as open source grows, the glue layers, the configurations, the integration, what are the core issues? >>I think one of the major core issues is with all that power comes complexity, right? So, you know, despite its expressive power systems like Kubernetes and declarative APIs let you express a lot of complicated and complex stacks, right? But you're dealing with hundreds if not thousands of these yamo files or resources. And so I think, you know, the emergence of systems and layers to help you manage that complexity is becoming a key challenge and opportunity in, in this space that, >>That's, I wrote a LinkedIn post today was comments about, you know, hey, enterprise is the new breed, the trend of SaaS companies moving our consumer comp consumer-like thinking into the enterprise has been happening for a long time, but now more than ever, you're seeing it the old way used to be solve complexity with more complexity and then lock the customer in. Now with open source, it's speed, simplification and integration, right? These are the new dynamic power dynamics for developers. Yeah. So as companies are starting to now deploy and look at Kubernetes, what are the things that need to be in place? Because you have some, I won't say technical debt, but maybe some shortcuts, some scripts here that make it look like infrastructure is code. People have done some things to simulate or or make infrastructure as code happen. Yes. But to do it at scale Yes. Is harder. What's your take on this? What's your >>View? It's hard because there's a per proliferation of methods, tools, technologies. So for example, today it's very common for DevOps and platform engineering tools, I mean, sorry, teams to have to deploy a large number of Kubernetes clusters, but then apply the applications and configurations on top of those clusters. And they're using a wide range of tools to do this, right? For example, maybe Ansible or Terraform or bash scripts to bring up the infrastructure and then the clusters. And then they may use a different set of tools such as Argo CD or other tools to apply configurations and applications on top of the clusters. So you have this sprawl of tools. You, you also have this sprawl of configurations and files because the more objects you're dealing with, the more resources you have to manage. And there's a risk of drift that people call that where, you know, you think you have things under control, but some people from various teams will make changes here and there and then before the end of the day systems break and you have no idea of tracking them. So I think there's real need to kind of unify, simplify, and try to solve these problems using a smaller, more unified set of tools and methodologies. And that's something that we try to do with this new project. Arlon. >>Yeah. So, so we're gonna get into Arlan in a second. I wanna get into the why Arlon. You guys announced that at our GoCon, which was put on here in Silicon Valley at the, at the by intu. They had their own little day over there at their headquarters. But before we get there, Vascar, your CEO came on and he talked about Super Cloud at our inaugural event. What's your definition of super cloud? If you had to kind of explain that to someone at a cocktail party or someone in the industry technical, how would you look at the super cloud trend that's emerging? It's become a thing. What's your, what would be your contribution to that definition or the narrative? >>Well, it's, it's, it's funny because I've actually heard of the term for the first time today, speaking to you earlier today. But I think based on what you said, I I already get kind of some of the, the gist and the, the main concepts. It seems like super cloud, the way I interpret that is, you know, clouds and infrastructure, programmable infrastructure, all of those things are becoming commodity in a way. And everyone's got their own flavor, but there's a real opportunity for people to solve real business problems by perhaps trying to abstract away, you know, all of those various implementations and then building better abstractions that are perhaps business or application specific to help companies and businesses solve real business problems. >>Yeah, I remember that's a great, great definition. I remember, not to date myself, but back in the old days, you know, IBM had a proprietary network operating system, so to deck for the mini computer vendors, deck net and SNA respectively. But T C P I P came out of the osi, the open systems interconnect and remember, ethernet beat token ring out. So not to get all nerdy for all the young kids out there, look, just look up token ring, you'll see, you've probably never heard of it. It's IBM's, you know, connection for the internet at the, the layer too is Amazon, the ethernet, right? So if T C P I P could be the Kubernetes and the container abstraction that made the industry completely change at that point in history. So at every major inflection point where there's been serious industry change and wealth creation and business value, there's been an abstraction Yes. Somewhere. Yes. What's your reaction to that? >>I think this is, I think a saying that's been heard many times in this industry and, and I forgot who originated it, but I think the saying goes like, there's no problem that can't be solved with another layer of indirection, right? And we've seen this over and over and over again where Amazon and its peers have inserted this layer that has simplified, you know, computing and, and infrastructure management. And I believe this trend is going to continue, right? The next set of problems are going to be solved with these insertions of additional abstraction layers. I think that that's really a, yeah, it's gonna continue. >>It's interesting. I just really wrote another post today on LinkedIn called the Silicon Wars AMD Stock is down arm has been on rise, we've remember pointing for many years now, that arm's gonna be hugely, it has become true. If you look at the success of the infrastructure as a service layer across the clouds, Azure, aws, Amazon's clearly way ahead of everybody. The stuff that they're doing with the silicon and the physics and the, the atoms, the pro, you know, this is where the innovation, they're going so deep and so strong at ISAs, the more that they get that gets come on, they have more performance. So if you're an app developer, wouldn't you want the best performance and you'd wanna have the best abstraction layer that gives you the most ability to do infrastructures, code or infrastructure for configuration, for provisioning, for managing services. And you're seeing that today with service MeSHs, a lot of action going on in the service mesh area in, in this community of co con, which will be a covering. So that brings up the whole what's next? You guys just announced our lawn at ar GoCon, which came out of Intuit. We've had Maria Teel at our super cloud event, She's a cto, you know, they're all in the cloud. So they contributed that project. Where did Arlon come from? What was the origination? What's the purpose? Why our lawn, why this announcement? Yeah, >>So the, the inception of the project, this was the result of us realizing that problem that we spoke about earlier, which is complexity, right? With all of this, these clouds, these infrastructure, all the variations around and you know, compute storage networks and the proliferation of tools we talked about the Ansibles and Terraforms and Kubernetes itself, you can think of that as another tool, right? We saw a need to solve that complexity problem, and especially for people and users who use Kubernetes at scale. So when you have, you know, hundreds of clusters, thousands of applications, thousands of users spread out over many, many locations, there, there needs to be a system that helps simplify that management, right? So that means fewer tools, more expressive ways of describing the state that you want and more consistency. And, and that's why, you know, we built AR lawn and we built it recognizing that many of these problems or sub problems have already been solved. So Arlon doesn't try to reinvent the wheel, it instead rests on the shoulders of several giants, right? So for example, Kubernetes is one building block, GI ops, and Argo CD is another one, which provides a very structured way of applying configuration. And then we have projects like cluster API and cross plane, which provide APIs for describing infrastructure. So arlon takes all of those building blocks and builds a thin layer, which gives users a very expressive way of defining configuration and desired state. So that's, that's kind of the inception of, And >>What's the benefit of that? What does that give the, what does that give the developer, the user, in this case, >>The developers, the, the platform engineer, team members, the DevOps engineers, they get a a ways to provision not just infrastructure and clusters, but also applications and configurations. They get a way, a system for provisioning, configuring, deploying, and doing life cycle management in a, in a much simpler way. Okay. Especially as I said, if you're dealing with a large number of applications. >>So it's like an operating fabric, if you will. Yes. For them. Okay, so let's get into what that means for up above and below the, the, this abstraction or thin layer below the infrastructure. We talked a lot about what's going on below that. Yeah. Above our workloads at the end of the day, and I talk to CXOs and IT folks that, that are now DevOps engineers. They care about the workloads and they want the infrastructure's code to work. They wanna spend their time getting in the weeds, figuring out what happened when someone made a push that that happened or something happened. They need observability and they need to, to know that it's working. That's right. And here's my workloads running effectively. So how do you guys look at the workload side of it? Cuz now you have multiple workloads on these fabric, right? >>So workloads, so Kubernetes has defined kind of a standard way to describe workloads and you can, you know, tell Kubernetes, I want to run this container this particular way, or you can use other projects that are in the Kubernetes cloud native ecosystem, like K native, where you can express your application in more at a higher level, right? But what's also happening is in addition to the workloads, DevOps and platform engineering teams, they need to very often deploy the applications with the clusters themselves. Clusters are becoming this commodity. It's, it's becoming this host for the application and it kind of comes bundled with it. In many cases it is like an appliance, right? So DevOps teams have to provision clusters at a really incredible rate and they need to tear them down. Clusters are becoming more, >>It's coming like an EC two instance, spin up a cluster. We've heard people used words like that. That's >>Right. And before arlon you kind of had to do all of that using a different set of tools as, as I explained. So with AR loan you can kind of express everything together. You can say I want a cluster with a health monitoring stack and a logging stack and this ingress controller and I want these applications and these security policies. You can describe all of that using something we call the profile. And then you can stamp out your app, your applications and your clusters and manage them in a very, So >>It's essentially standard, like creates a mechanism. Exactly. Standardized, declarative kind of configurations. And it's like a playbook, just deploy it. Now what there is between say a script like I'm, I have scripts, I can just automate scripts >>Or yes, this is where that declarative API and infrastructure as configuration comes in, right? Because scripts, yes you can automate scripts, but the order in which they run matters, right? They can break, things can break in the middle and, and sometimes you need to debug them. Whereas the declarative way is much more expressive and powerful. You just tell the system what you want and then the system kind of figures it out. And there are these things are controllers which will in the background reconcile all the state to converge towards your desire. It's a much more powerful, expressive and reliable way of getting things done. >>So infrastructure as configuration is built kind of on, it's a super set of infrastructures code because it's >>An evolution. >>You need edge's code, but then you can configure the code by just saying do it. You basically declaring saying Go, go do that. That's right. Okay, so, alright, so cloud native at scale, take me through your vision of what that means. Someone says, Hey, what does cloud native at scale mean? What's success look like? How does it roll out in the future as you, not future next couple years. I mean people are now starting to figure out, okay, it's not as easy as it sounds. Kubernetes has value. We're gonna hear this year at CubeCon a lot of this, what does cloud native at scale >>Mean? Yeah, there are different interpretations, but if you ask me, when people think of scale, they think of a large number of deployments, right? Geographies, many, you know, supporting thousands or tens or millions of, of users there, there's that aspect to scale. There's also an equally important a aspect of scale, which is also something that we try to address with Arran. And that is just complexity for the people operating this or configuring this, right? So in order to describe that desired state, and in order to perform things like maybe upgrades or updates on a very large scale, you want the humans behind that to be able to express and direct the system to do that in, in relatively simple terms, right? And so we want the tools and the abstractions and the mechanisms available to the user to be as powerful but as simple as possible. So there's, I think there's gonna be a number and there have been a number of CNCF and cloud native projects that are trying to attack that complexity problem as well. And Arlon kind of falls in in that >>Category. Okay, so I'll put you on the spot rogue, that CubeCon coming up and now this'll be shipping this segment series out before. What do you expect to see at this year? It's the big story this year. What's the, what's the most important thing happening? Is it in the open source community and also within a lot of the, the people jockeying for leadership. I know there's a lot of projects and still there's some white space in the overall systems map about the different areas get run time and there's ability in all these different areas. What's the, where's the action? Where, where's the smoke? Where's the fire? Where's the piece? Where's the tension? >>Yeah, so I think one thing that has been happening over the past couple of coupon and I expect to continue and, and that is the, the word on the street is Kubernetes is getting boring, right? Which is good, right? >>Boring means simple. >>Well, well >>Maybe, >>Yeah, >>Invisible, >>No drama, right? So, so the, the rate of change of the Kubernetes features and, and all that has slowed but in, in a, in a positive way. But there's still a general sentiment and feeling that there's just too much stuff. If you look at a stack necessary for hosting applications based on Kubernetes, there are just still too many moving parts, too many components, right? Too much complexity. I go, I keep going back to the complexity problem. So I expect Cube Con and all the vendors and the players and the startups and the people there to continue to focus on that complexity problem and introduce further simplifications to, to the stack. >>Yeah. Vic, you've had an storied career VMware over decades with them within 12 years with 14 years or something like that. Big number co-founder here a platform. I you's been around for a while at this game, man. We talked about OpenStack, that project we interviewed at one of their events. So OpenStack was the beginning of that, this new revolution. I remember the early days it was, it wasn't supposed to be an alternative to Amazon, but it was a way to do more cloud cloud native. I think we had a Cloud Aati team at that time. We would joke we, you know, about, about the dream. It's happening now, now at Platform nine. You guys have been doing this for a while. What's the, what are you most excited about as the chief architect? What did you guys double down on? What did you guys pivot from or two, did you do any pivots? Did you extend out certain areas? Cuz you guys are in a good position right now, a lot of DNA in Cloud native. What are you most excited about and what does Platform Nine bring to the table for customers and for people in the industry watching this? >>Yeah, so I think our mission really hasn't changed over the years, right? It's been always about taking complex open source software because open source software, it's powerful. It solves new problems, you know, every year and you have new things coming out all the time, right? Opens Stack was an example and then Kubernetes took the world by storm. But there's always that complexity of, you know, just configuring it, deploying it, running it, operating it. And our mission has always been that we will take all that complexity and just make it, you know, easy for users to consume regardless of the technology, right? So the successor to Kubernetes, you know, I don't have a crystal ball, but you know, you have some indications that people are coming up of new and simpler ways of running applications. There are many projects around there who knows what's coming next year or the year after that. But platform will a, platform nine will be there and we will, you know, take the innovations from the the community. We will contribute our own innovations and make all of those things very consumable to customers. >>Simpler, faster, cheaper. Exactly. Always a good business model technically to make that happen. Yes. Yeah, I think the, the reigning in the chaos is key, you know, Now we have now visibility into the scale. Final question before we depart this segment. What is at scale, how many clusters do you see that would be a watermark for an at scale conversation around an enterprise? Is it workloads we're looking at or, or clusters? How would you, Yeah, how would you describe that? When people try to squint through and evaluate what's a scale, what's the at scale kind of threshold? >>Yeah. And, and the number of clusters doesn't tell the whole story because clusters can be small in terms of the number of nodes or they can be large. But roughly speaking when we say, you know, large scale cluster deployments, we're talking about maybe hundreds, two thousands. >>Yeah. And final final question, what's the role of the hyperscalers? You got AWS continuing to do well, but they got their core ias, they got a PAs, they're not too too much putting a SaaS out there. They have some SaaS apps, but mostly it's the ecosystem. They have marketplaces doing, doing over $2 billion billions of transactions a year and, and it's just like, just sitting there. It hasn't really, they're now innovating on it, but that's gonna change ecosystems. What's the role the cloud play in the cloud need of its scale? >>The, the hyper squares? >>Yeah, yeah. A's Azure Google, >>You mean from a business perspective, they're, they have their own interests that, you know, that they're, they will keep catering to, they, they will continue to find ways to lock their users into their ecosystem of services and, and APIs. So I don't think that's gonna change, right? They're just gonna keep well, >>They got great performance. I mean, from a, from a hardware standpoint, yes. That's gonna be key, >>Right? Yes. I think the, the move from X 86 being the dominant way and platform to run workloads is changing, right? That, that, that, that, and I think the, the hyper skaters really want to be in the game in terms of, you know, the, the new risk and arm ecosystems, the platforms. >>Yeah. Not joking aside, Paul Morritz, when he was the CEO of VMware, when he took over once said, I remember our first year doing the cube. Oh the cloud is one big distributed computer. It's, it's hardware and you got software and you got middleware and he kinda over, well he's kind of tongue in cheek, but really you're talking about large compute and sets of services that is essentially a distributed computer. Yes, >>Exactly. >>It's, we're back in the same game. Thank you for coming on the segment. Appreciate your time. This is cloud native at scale special presentation with Platform nine. Really unpacking super cloud Arlon open source and how to run large scale applications on the cloud, cloud native develop for developers. And John Furrier with the cube. Thanks for Washington. We'll stay tuned for another great segment coming right up. Hey, welcome back everyone to Super Cloud 22. I'm John Fur, host of the Cuba here all day talking about the future of cloud. Where's it all going? Making it super multi-cloud is around the corner and public cloud is winning. Got the private cloud on premise and Edge. Got a great guest here, Vascar Gorde, CEO of Platform nine, just on the panel on Kubernetes. An enabler blocker. Welcome back. Great to have you on. >>Good to see you >>Again. So Kubernetes is a blocker enabler by, with a question mark I put on on there. Panel was really to discuss the role of Kubernetes. Now great conversation operations is impacted. What's just thing about what you guys are doing at Platform nine? Is your role there as CEO and the company's position, kind of like the world spun into the direction of Platform nine while you're at the helm, right? >>Absolutely. In fact, things are moving very well and since they came to us, it was an insight to call ourselves the platform company eight years ago, right? So absolutely whether you are doing it in public clouds or private clouds, you know, the application world is moving very fast in trying to become digital and cloud native. There are many options for you to run the infrastructure. The biggest blocking factor now is having a unified platform. And that's what where we come into >>Patrick, we were talking before we came on stage here about your background and we were kind of talking about the glory days in 2000, 2001 when the first ASPs application service providers came out. Kind of a SaaS vibe, but that was kind of all kind of cloud-like >>It wasn't, >>And web services started then too. So you saw that whole growth. Now, fast forward 20 years later, 22 years later, where we are now, when you look back then to here and all the different cycles, >>In fact, you know, as we were talking offline, I was in one of those ASPs in the year 2000 where it was a novel concept of saying we are providing a software and a capability as a service, right? You sign up and start using it. I think a lot has changed since then. The tooling, the tools, the technology has really skyrocketed. The app development environment has really taken off exceptionally well. There are many, many choices of infrastructure now, right? So I think things are in a way the same but also extremely different. But more importantly now for any company, regardless of size, to be a digital native, to become a digital company is extremely mission critical. It's no longer a nice to have everybody's in the journey somewhere. >>Everyone is going digital transformation here. Even on a so-called downturn recession that's upcoming inflations sea year. It's interesting. This is the first downturn, the history of the world where the hyperscale clouds have been pumping on all cylinders as an economic input. And if you look at the tech trends, GDPs down, but not tech. Nope. Cause pandemic showed everyone digital transformation is here and more spend and more growth is coming even in, in tech. So this is a unique factor which proves that that digital transformation's happening and company, every company will need a super cloud. >>Everyone, every company, regardless of size, regardless of location, has to become modernize their infrastructure. And modernizing infrastructure is not just some, you know, new servers and new application tools. It's your approach, how you're serving your customers, how you're bringing agility in your organization. I think that is becoming a necessity for every enterprise to survive. >>I wanna get your thoughts on Super Cloud because one of the things Dave Alon and I want to do with Super Cloud and calling it that was we, I, I personally, and I know Dave as well, he can, I'll speak from, he can speak for himself. We didn't like multi-cloud. I mean not because Amazon said don't call things multi-cloud, it just didn't feel right. I mean everyone has multiple clouds by default. If you're running productivity software, you have Azure and Office 365. But it wasn't truly distributed. It wasn't truly decentralized, it wasn't truly cloud enabled. It didn't, it felt like they're not ready for a market yet. Yet public clouds booming on premise. Private cloud and Edge is much more on, you know, more, More dynamic, more unreal. >>Yeah. I think the reason why we think Super cloud is a better term than multi-cloud. Multi-cloud are more than one cloud, but they're disconnected. Okay, you have a productivity cloud, you have a Salesforce cloud, you may have, everyone has an internal cloud, right? So, but they're not connected. So you can say, okay, it's more than one cloud. So it's, you know, multi-cloud. But super cloud is where you are actually trying to look at this holistically. Whether it is on-prem, whether it is public, whether it's at the edge, it's a store at the branch. You are looking at this as one unit. And that's where we see the term super cloud is more applicable because what are the qualities that you require if you're in a super cloud, right? You need choice of infrastructure, you need, but at the same time you need a single pan or a single platform for you to build your innovations on, regardless of which cloud you're doing it on, right? So I think Super Cloud is actually a more tightly integrated orchestrated management philosophy we think. >>So let's get into some of the super cloud type trends that we've been reporting on. Again, the purpose of this event is as a pilot to get the conversations flowing with, with the influencers like yourselves who are running companies and building products and the builders, Amazon and Azure are doing extremely well. Google's coming up in third Cloudworks in public cloud. We see the use cases on premises use cases. Kubernetes has been an interesting phenomenon because it's become from the developer side a little bit, but a lot of ops people love Kubernetes. It's really more of an ops thing. You mentioned OpenStack earlier. Kubernetes kind of came out of that open stack. We need an orchestration. And then containers had a good shot with, with Docker. They re pivoted the company. Now they're all in an open source. So you got containers booming and Kubernetes as a new layer there. >>What's, >>What's the take on that? What does that really mean? Is that a new defacto enabler? It >>Is here. It's for here for sure. Every enterprise somewhere in the journey is going on. And you know, most companies are, 70 plus percent of them have 1, 2, 3 container based, Kubernetes based applications now being rolled out. So it's very much here. It is in production at scale by many customers. And it, the beauty of it is yes, open source, but the biggest gating factor is the skill set. And that's where we have a phenomenal engineering team, right? So it's, it's one thing to buy a tool and >>Just be clear, you're a managed service for Kubernetes. >>We provide, provide a software platform for cloud acceleration as a service and it can run anywhere. It can run in public private. We have customers who do it in truly multi-cloud environments. It runs on the edge, it runs at this in stores about thousands of stores in a retailer. So we provide that and also for specific segments where data sovereignty and data residency are key regulatory reasons. We also un on-prem as an air gap version. Can >>You give an example on how you guys are deploying your platform to enable a super cloud experience for your customer? Right. >>So I'll give you two different examples. One is a very large networking company, public networking company. They have hundreds of products, hundreds of r and d teams that are building different, different products. And if you look at few years back, each one was doing it on a different platforms, but they really needed to bring the agility. And they worked with us now over three years where we are their build test dev pro platform where all their products are built on, right? And it has dramatically increased their agility to release new products. Number two, it actually is a light out operation. In fact, the customer says like, like the Maytag service person, cuz we provide it as a service and it barely takes one or two people to maintain it for them. >>So it's kinda like an SRE vibe. One person managing a >>Large 4,000 engineers building infrastructure >>On their tools, >>Whatever they want on their tools. They're using whatever app development tools they use, but they use our platform. What >>Benefits are they seeing? Are they seeing speed? >>Speed, definitely. Okay. Definitely they're speeding. Speed uniformity because now they're building able to build, so their customers who are using product A and product B are seeing a similar set of tools that are being used. >>So a big problem that's coming outta this super cloud event that we're, we're seeing and we heard it all here, ops and security teams. Cause they're kind of part of one thing, but option security specifically need to catch up speed wise. Are you delivering that value to ops and security? Right? >>So we, we work with ops and security teams and infrastructure teams and we layer on top of that. We have like a platform team. If you think about it, depending on where you have data centers, where you have infrastructure, you have multiple teams, okay, but you need a unified platform. Who's your buyer? Our buyer is usually, you know, the product divisions of companies that are looking at or the CTO would be a buyer for us functionally cio definitely. So it it's, it's somewhere in the DevOps to infrastructure. But the ideal one we are beginning to see now many large corporations are really looking at it as a platform and saying we have a platform group on which any app can be developed and it is run on any infrastructure. So the platform engineering teams. So >>You working two sides to that coin. You've got the dev side and then >>And then infrastructure >>Side. >>Okay. Another customer that I give an example, which I would say is kind of the edge of the store. So they have thousands of stores. Retail, retail, you know food retailer, right? They have thousands of stores that are on the globe, 50,000, 60,000. And they really want to enhance the customer experience that happens when you either order the product or go into the store and pick up your product or buy or browse or sit there. They have applications that were written in the nineties and then they have very modern AIML applications today. They want something that will not have to send an IT person to install a rack in the store or they can't move everything to the cloud because the store operations has to be local. The menu changes based on it's classic edge. It's classic edge, yeah. Right? They can't send it people to go install rack access servers then they can't sell software people to go install the software and any change you wanna put through that, you know, truck roll. So they've been working with us where all they do is they ship, depending on the size of the store, one or two or three little servers with instructions that >>You, you say little servers like how big one like a box, like a small little box, >>Right? And all the person in the store has to do like what you and I do at home and we get a, you know, a router is connect the power, connect the internet and turn the switch on. And from there we pick it up. >>Yep. >>We provide the operating system, everything and then the applications are put on it. And so that dramatically brings the velocity for them. They manage thousands of >>Them. True plug and play >>Two, plug and play thousands of stores. They manage it centrally. We do it for them, right? So, so that's another example where on the edge then we have some customers who have both a large private presence and one of the public clouds. Okay. But they want to have the same platform layer of orchestration and management that they can use regardless of the locations. >>So you guys got some success. Congratulations. Got some traction there. It's awesome. The question I want to ask you is that's come up is what is truly cloud native? Cuz there's lift and shift of the cloud >>That's not cloud native. >>Then there's cloud native. Cloud native seems to be the driver for the super cloud. How do you talk to customers? How do you explain when someone says what's cloud native, what isn't cloud native? >>Right. Look, I think first of all, the best place to look at what is the definition and what are the attributes and characteristics of what is truly a cloud native, is CNC foundation. And I think it's very well documented, very well. >>Tucan, of course Detroit's >>Coming so, so it's already there, right? So we follow that very closely, right? I think just lifting and shifting your 20 year old application onto a data center somewhere is not cloud native. Okay? You can't put to cloud, not you have to rewrite and redevelop your application in business logic using modern tools. Hopefully more open source and, and I think that's what Cloudnative is and we are seeing a lot of our customers in that journey. Now everybody wants to be cloudnative, but it's not that easy, okay? Because it's, I think it's first of all, skill set is very important. Uniformity of tools that there's so many tools there. Thousands and thousands of tools you could spend your time figuring out which tool to use. Okay? So I think the complexity is there, but the business benefits of agility and uniformity and customer experience are truly being done. >>And I'll give you an example, I don't know how clear native they are, right? And they're not a customer of ours, but you order pizzas, you do, right? If you just watch the pizza industry, how dominoes actually increase their share and mind share and wallet share was not because they were making better pizzas or not, I don't know anything about that, but the whole experience of how you order, how you watch what's happening, how it's delivered. There were a pioneer in it. To me, those are the kinds of customer experiences that cloud native can provide. >>Being agility and having that flow to the application changes what the expectations >>Are >>For the customer. Customer, >>The customer's expectations change, right? Once you get used to a better customer experience, you learn. >>That's to wrap it up. I wanna just get your perspective again. One of the benefits of chatting with you here and having you part of the Super Cloud 22 is you've seen many cycles, you have a lot of insights. I want to ask you, given your career where you've been and what you've done and now let's CEO platform nine, how would you compare what's happening now with other inflection points in the industry? And you've been, again, you've been an entrepreneur, you sold your company to Oracle, you've been seeing the big companies, you've seen the different waves. What's going on right now put into context this moment in time around Super Cloud. >>Sure. I think as you said, a lot of battles. CARSs being been in an asb, being in a real time software company, being in large enterprise software houses and a transformation. I've been on the app side, I did the infrastructure right and then tried to build our own platforms. I've gone through all of this myself with lot of lessons learned in there. I think this is an event which is happening now for companies to go through to become cloud native and digitalize. If I were to look back and look at some parallels of the tsunami that's going on is a couple of paddles come to me. One is, think of it, which was forced to honors like y2k. Everybody around the world had to have a plan, a strategy, and an execution for y2k. I would say the next big thing was e-commerce. I think e-commerce has been pervasive right across all industries. >>And disruptive. >>And disruptive, extremely disruptive. If you did not adapt and adapt and accelerate your e-commerce initiative, you were, it was an existence question. Yeah. I think we are at that pivotal moment now in companies trying to become digital and cloudnative. You know, that is what I see >>Happening there. I think that that e-commerce is interesting and I think just to riff with you on that is that it's disrupting and refactoring the business models. I think that is something that's coming out of this is that it's not just completely changing the gain, it's just changing how you operate, >>How you think and how you operate. See, if you think about the early days of e-commerce, just putting up a shopping cart that made you an e-commerce or e retailer or an e e e customer, right? Or so. I think it's the same thing now is I think this is a fundamental shift on how you're thinking about your business. How are you gonna operate? How are you gonna service your customers? I think it requires that just lift and shift is not gonna work. >>Nascar, thank you for coming on, spending the time to come in and share with our community and being part of Super Cloud 22. We really appreciate, we're gonna keep this open. We're gonna keep this conversation going even after the event, to open up and look at the structural changes happening now and continue to look at it in the open in the community. And we're gonna keep this going for, for a long, long time as we get answers to the problems that customers are looking for with cloud cloud computing. I'm Sean Fur with Super Cloud 22 in the Cube. Thanks for watching. >>Thank you. Thank you. >>Hello and welcome back. This is the end of our program, our special presentation with Platform nine on cloud native at scale, enabling the super cloud. We're continuing the theme here. You heard the interviews Super Cloud and its challenges, new opportunities around solutions around like Platform nine and others with Arlon. This is really about the edge situations on the internet and managing the edge multiple regions, avoiding vendor lock in. This is what this new super cloud is all about. The business consequences we heard and and the wide ranging conversations around what it means for open source and the complexity problem all being solved. I hope you enjoyed this program. There's a lot of moving pieces and things to configure with cloud native install, all making it easier for you here with Super Cloud and of course Platform nine contributing to that. Thank you for watching.

>>Hello, welcome to the Cube here in Palo Alto, California for a special presentation on Cloud native at scale, enabling super cloud modern applications with Platform nine. I'm John Furr, your host of The Cube. We had a great lineup of three interviews we're streaming today. Meor Ma Makowski, who's the co-founder and VP of Product of Platform nine. She's gonna go into detail around Arlon, the open source products, and also the value of what this means for infrastructure as code and for cloud native at scale. Bickley the chief architect of Platform nine Cube alumni. Going back to the OpenStack days. He's gonna go into why Arlon, why this infrastructure as code implication, what it means for customers and the implications in the open source community and where that value is. Really great wide ranging conversation there. And of course, Vascar, Gort, the CEO of Platform nine, is gonna talk with me about his views on Super Cloud and why Platform nine has a scalable solutions to bring cloudnative at scale. So enjoy the program. See you soon. Hello everyone. Welcome to the cube here in Palo Alto, California for special program on cloud native at scale, enabling next generation cloud or super cloud for modern application cloud native developers. I'm John Furry, host of the Cube. A pleasure to have here, me Makoski, co-founder and VP of product at Platform nine. Thanks for coming in today for this Cloudnative at scale conversation. Thank >>You for having me. >>So Cloudnative at scale, something that we're talking about because we're seeing the, the next level of mainstream success of containers Kubernetes and cloud native develop, basically DevOps in the C I C D pipeline. It's changing the landscape of infrastructure as code, it's accelerating the value proposition and the super cloud as we call it, has been getting a lot of traction because this next generation cloud is looking a lot different, but kind of the same as the first generation. What's your view on super cloud as it fits to cloud native as scales up? >>Yeah, you know, I think what's interesting, and I think the reason why Super Cloud is a really good, in a really fit term for this, and I think, I know my CEO was chatting with you as well, and he was mentioning this as well, but I think there needs to be a different term than just multi-cloud or cloud. And the reason is because as cloud native and cloud deployments have scaled, I think we've reached a point now where instead of having the traditional data center style model where you have a few large distributions of infrastructure and workload at a few locations, I think the model is kind of flipped around, right? Where you have a large number of microsites, these microsites could be your public cloud deployment, your private on-prem infrastructure deployments, or it could be your edge environment, right? And every single enterprise, every single industry is moving in that direction. And so you gotta rougher that with a terminology that, that, that indicates the scale and complexity of it. And so I think supercloud is a, is an appropriate term for that. >>So you brought a couple of things I want to dig into. You mentioned edge nodes. We're seeing not only edge nodes being the next kind of area of innovation, mainly because it's just popping up everywhere. And that's just the beginning. Wouldn't even know what's around the corner. You got buildings, you got iot, ot, and IT kind of coming together, but you also got this idea of regions, global infras infrastructures, big part of it. I just saw some news around CloudFlare shutting down a site here. There's policies being made at scale, These new challenges there. Can you share because you can have edge. So hybrid cloud is a winning formula. Everybody knows that it's a steady state. Yeah. But across multiple clouds brings in this new un engineered area, yet it hasn't been done yet. Spanning clouds. People say they're doing it, but you start to see the toe in the water, it's happening, it's gonna happen. It's only gonna get accelerated with the edge and beyond globally. So I have to ask you, what is the technical challenges in doing this? Because there's something business consequences as well, but there are technical challenges. Can you share your view on what the technical challenges are for the super cloud or across multiple edges and regions? >>Yeah, absolutely. So I think, you know, in in the context of this, the, this, this term of super cloud, I think it's sometimes easier to visualize things in terms of two access, right? I think on one end you can think of the scale in terms of just pure number of nodes that you have deploy a number of clusters in the Kubernetes space. And then on the other axis you would have your distribution factor, right? Which is, do you have these tens of thousands of nodes in one site or do you have them distributed across tens of thousands of sites with one node at each site? Right? And if you have just one flavor of this, there is enough complexity, but potentially manageable. But when you are expanding on both these access, you really get to a point where that scale really needs some well thought out, well structured solutions to address it, right? A combination of homegrown tooling along with your, you know, favorite distribution of Kubernetes is not a strategy that can help you in this environment. It may help you when you have one of this or when you, when you scale, is not at the level. >>Can you scope the complexity? Because I mean, I hear a lot of moving parts going on there, the technology's also getting better. We we're seeing cloud native become successful. There's a lot to configure, there's a lot to install. Can you scope the scale of the problem? Because we're talking about at scale Yep. Challenges here. Yeah, >>Absolutely. And I think, you know, I I like to call it, you know, the, the, the problem that the scale creates, you know, there's various problems, but I think one, one problem, one way to think about it is, is, you know, it works on my cluster problem, right? So I, you know, I come from engineering background and there's a, you know, there's a famous saying between engineers and QA and the support folks, right? Which is, it works on my laptop, which is I tested this chain, everything was fantastic, it worked flawlessly on my machine, on production, It's not working. The exact same problem now happens and these distributed environments, but at massive scale, right? Which is that, you know, developers test their applications, et cetera within the sanctity of their sandbox environments. But once you expose that change in the wild world of your production deployment, right? >>And the production deployment could be going at the radio cell tower at the edge location where a cluster is running there, or it could be sending, you know, these applications and having them run at my customer site where they might not have configured that cluster exactly the same way as I configured it, or they configured the cluster, right? But maybe they didn't deploy the security policies, or they didn't deploy the other infrastructure plugins that my app relies on. All of these various factors are their own layer of complexity. And there really isn't a simple way to solve that today. And that is just, you know, one example of an issue that happens. I think another, you know, whole new ball game of issues come in the context of security, right? Because when you are deploying applications at scale in a distributed manner, you gotta make sure someone's job is on the line to ensure that the right security policies are enforced regardless of that scale factor. So I think that's another example of problems that occur. >>Okay. So I have to ask about scale, because there are a lot of multiple steps involved when you see the success of cloud native. You know, you see some, you know, some experimentation. They set up a cluster, say it's containers and Kubernetes, and then you say, Okay, we got this, we can figure it. And then they do it again and again, they call it day two. Some people call it day one, day two operation, whatever you call it. Once you get past the first initial thing, then you gotta scale it. Then you're seeing security breaches, you're seeing configuration errors. This seems to be where the hotspot is in when companies transition from, I got this to, Oh no, it's harder than I thought at scale. Can you share your reaction to that and how you see this playing out? >>Yeah, so, you know, I think it's interesting. There's multiple problems that occur when, you know, the two factors of scale, as we talked about, start expanding. I think one of them is what I like to call the, you know, it, it works fine on my cluster problem, which is back in, when I was a developer, we used to call this, it works on my laptop problem, which is, you know, you have your perfectly written code that is operating just fine on your machine, your sandbox environment. But the moment it runs production, it comes back with p zeros and pos from support teams, et cetera. And those issues can be really difficult to triage us, right? And so in the Kubernetes environment, this problem kind of multi folds, it goes, you know, escalates to a higher degree because you have your sandbox developer environments, they have their clusters and things work perfectly fine in those clusters because these clusters are typically handcrafted or a combination of some scripting and handcrafting. >>And so as you give that change to then run at your production edge location, like say your radio cell tower site, or you hand it over to a customer to run it on their cluster, they might not have not have configured that cluster exactly how you did, or they might not have configured some of the infrastructure plugins. And so the things don't work. And when things don't work, triaging them becomes nightmarishly hard, right? It's just one of the examples of the problem, another whole bucket of issues is security, which is, is you have these distributed clusters at scale, you gotta ensure someone's job is on the line to make sure that these security policies are configured properly. >>So this is a huge problem. I love that comment. That's not not happening on my system. It's the classic, you know, debugging mentality. Yeah. But at scale it's hard to do that with error prone. I can see that being a problem. And you guys have a solution you're launching. Can you share what Arlon is this new product? What is it all about? Talk about this new introduction. >>Yeah, absolutely. Very, very excited. You know, it's one of the projects that we've been working on for some time now because we are very passionate about this problem and just solving problems at scale in on-prem or at in the cloud or at edge environments. And what arlon is, it's an open source project, and it is a tool, it's a Kubernetes native tool for complete end to end management of not just your clusters, but your clusters. All of the infrastructure that goes within and along the site of those clusters, security policies, your middleware, plug-ins, and finally your applications. So what our LA you do in a nutshell is in a declarative way, it lets you handle the configuration and management of all of these components in at scale. >>So what's the elevator pitch simply put for what dissolves in, in terms of the chaos you guys are reigning in, what's the, what's the bumper sticker? Yeah, what >>Would it do? There's a perfect analogy that I love to reference in this context, which is think of your assembly line, you know, in a traditional, let's say, you know, an auto manufacturing factory or et cetera, and the level of efficiency at scale that that assembly line brings, right? Our line, and if you look at the logo we've designed, it's this funny little robot. And it's because when we think of online, we think of these enterprise large scale environments, you know, sprawling at scale, creating chaos because there isn't necessarily a well thought through, well structured solution that's similar to an assembly line, which is taking each component, you know, addressing them, manufacturing, processing them in a standardized way, then handing to the next stage. But again, it gets, you know, processed in a standardized way. And that's what arlon really does. That's like the deliver pitch. If you have problems of scale of managing your infrastructure, you know, that is distributed. Arlon brings the assembly line level of efficiency and consistency for >>Those. So keeping it smooth, the assembly on things are flowing. See c i CD pipe pipelining. Exactly. So that's what you're trying to simplify that ops piece for the developer. I mean, it's not really ops, it's their ops, it's coding. >>Yeah. Not just developer, the ops, the operations folks as well, right? Because developers, you know, there is, developers are responsible for one picture of that layer, which is my apps, and then maybe that middleware of applications that they interface with, but then they hand it over to someone else who's then responsible to ensure that these apps are secure properly, that they are logging, logs are being collected properly, monitoring and observability integrated. And so it solves problems for both >>Those teams. Yeah. It's DevOps. So the DevOps is the cloud needed developer's. That's right. The option teams have to kind of set policies. Is that where the declarative piece comes in? Is that why that's important? >>Absolutely. Yeah. And, and, and, and you know, ES really in introduced or elevated this declarative management, right? Because, you know, s clusters are Yeah. Or your, yeah, you know, specifications of components that go in Kubernetes are defined a declarative way, and Kubernetes always keeps that state consistent with your defined state. But when you go outside of that world of a single cluster, and when you actually talk about defining the clusters or defining everything that's around it, there really isn't a solution that does that today. And so Arlon addresses that problem at the heart of it, and it does that using existing open source well known solutions. >>And do I want to get into the benefits? What's in it for me as the customer developer? But I want to finish this out real quick and get your thoughts. You mentioned open source. Why open source? What's the, what's the current state of the product? You run the product group over at Platform nine, is it open source? And you guys have a product that's commercial? Can you explain the open source dynamic? And first of all, why open source? Yeah. And what is the consumption? I mean, open source is great, People want open source, they can download it, look up the code, but maybe wanna buy the commercial. So I'm assuming you have that thought through, can you share open source and commercial relationship? >>Yeah, I think, you know, starting with why open source? I think it's, you know, we as a company, we have, you know, one of the things that's absolutely critical to us is that we take mainstream open source technologies components and then we, you know, make them available to our customers at scale through either a SaaS model or on-prem model, right? But, so as we are a company or startup or a company that benefits, you know, in a massive way by this open source economy, it's only right, I think in my mind that we do our part of the duty, right? And contribute back to the community that feeds us. And so, you know, we have always held that strongly as one of our principles. And we have, you know, created and built independent products starting all the way with fision, which was a serverless product, you know, that we had built to various other, you know, examples that I can give. But that's one of the main reasons why opensource and also open source, because we want the community to really firsthand engage with us on this problem, which is very difficult to achieve if your product is behind a wall, you know, behind, behind a block box. >>Well, and that's, that's what the developers want too. And what we're seeing in reporting with Super Cloud is the new model of consumption is I wanna look at the code and see what's in there. That's right. And then also, if I want to use it, I'll do it. Great. That's open source, that's the value. But then at the end of the day, if I wanna move fast, that's when people buy in. So it's a new kind of freemium, I guess, business model. I guess that's the way that long. But that's, that's the benefit. Open source. This is why standards and open source is growing so fast. You have that confluence of, you know, a way for developers to try before they buy, but also actually kind of date the application, if you will. We, you know, Adrian Karo uses the dating met metaphor, you know, Hey, you know, I wanna check it out first before I get married. Right? And that's what open source, So this is the new, this is how people are selling. This is not just open source, this is how companies are selling. >>Absolutely. Yeah. Yeah. You know, I think, and you know, two things. I think one is just, you know, this, this, this cloud native space is so vast that if you, if you're building a close flow solution, sometimes there's also a risk that it may not apply to every single enterprises use cases. And so having it open source gives them an opportunity to extend it, expand it, to make it proper to their use case if they choose to do so, right? But at the same time, what's also critical to us is we are able to provide a supported version of it with an SLA that we, you know, that's backed by us, a SAS hosted version of it as well, for those customers who choose to go that route, you know, once they have used the open source version and loved it and want to take it at scale and in production and need, need, need a partner to collaborate with, who can, you know, support them for that production >>Environment. I have to ask you now, let's get into what's in it for the customer. I'm a customer. Yep. Why should I be enthused about Arla? What's in it for me? You know? Cause if I'm not enthused about it, I'm not gonna be confident and it's gonna be hard for me to get behind this. Can you share your enthusiastic view of, you know, why I should be enthused about Arlo? I'm a >>Customer. Yeah, absolutely. And so, and there's multiple, you know, enterprises that we talk to, many of them, you know, our customers, where this is a very kind of typical story that you hear, which is we have, you know, a Kubernetes distribution. It could be on premise, it could be public clouds, native Kubernetes, and then we have our C I C D pipelines that are automating the deployment of applications, et cetera. And then there's this gray zone. And the gray zone is well before you can you, your CS c D pipelines can deploy the apps. Somebody needs to do all of that groundwork of, you know, defining those clusters and yeah. You know, properly configuring them. And as these things, these things start by being done hand grown. And then as the, as you scale, what typically enterprises would do today is they will have their home homegrown DIY solutions for this. >>I mean, the number of folks that I talk to that have built Terra from automation, and then, you know, some of those key developers leave. So it's a typical open source or typical, you know, DIY challenge. And the reason that they're writing it themselves is not because they want to. I mean, of course technology is always interesting to everybody, but it's because they can't find a solution that's out there that perfectly fits the problem. And so that's that pitch. I think Ops FICO would be delighted. The folks that we've talk, you know, spoken with, have been absolutely excited and have, you know, shared that this is a major challenge we have today because we have, you know, few hundreds of clusters on ecos Amazon, and we wanna scale them to few thousands, but we don't think we are ready to do that. And this will give us the >>Ability to, Yeah, I think people are scared. Not sc I won't say scare, that's a bad word. Maybe I should say that they feel nervous because, you know, at scale small mistakes can become large mistakes. This is something that is concerning to enterprises. And, and I think this is gonna come up at co con this year where enterprises are gonna say, Okay, I need to see SLAs. I wanna see track record, I wanna see other companies that have used it. Yeah. How would you answer that question to, or, or challenge, you know, Hey, I love this, but is there any guarantees? Is there any, what's the SLAs? I'm an enterprise, I got tight, you know, I love the open source trying to free fast and loose, but I need hardened code. >>Yeah, absolutely. So, so two parts to that, right? One is Arlan leverages existing open source components, products that are extremely popular. Two specifically. One is Arlan uses Argo cd, which is probably one of the highest and used CD open source tools that's out there. Right's created by folks that are as part of into team now, you know, really brilliant team. And it's used at scale across enterprises. That's one. Second is Alon also makes use of Cluster api cappi, which is a Kubernetes sub-component, right? For lifecycle management of clusters. So there is enough of, you know, community users, et cetera, around these two products, right? Or, or, or open source projects that will find Arlan to be right up in their alley because they're already comfortable, familiar with Argo cd. Now Arlan just extends the scope of what City can do. And so that's one. And then the second part is going back to a point of the comfort. And that's where, you know, platform line has a role to play, which is when you are ready to deploy online at scale, because you've been, you know, playing with it in your DEF test environments, you're happy with what you get with it, then Platform nine will stand behind it and provide that >>Sla. And what's been the reaction from customers you've talked to Platform nine customers with, with that are familiar with, with Argo and then rlo? What's been some of the feedback? >>Yeah, I, I think the feedback's been fantastic. I mean, I can give you examples of customers where, you know, initially, you know, when you are, when you're telling them about your entire portfolio of solutions, it might not strike a card right away. But then we start talking about Arlan and, and we talk about the fact that it uses Argo adn, they start opening up, they say, We have standardized on Argo and we have built these components, homegrown, we would be very interested. Can we co-develop? Does it support these use cases? So we've had that kind of validation. We've had validation all the way at the beginning of our land before we even wrote a single line of code saying this is something we plan on doing. And the customer said, If you had it today, I would've purchased it. So it's been really great validation. >>All right. So next question is, what is the solution to the customer? If I asked you, Look it, I have, I'm so busy, my team's overworked. I got a skills gap. I don't need another project that's, I'm so tied up right now and I'm just chasing my tail. How does Platform nine help me? >>Yeah, absolutely. So I think, you know, one of the core tenets of Platform nine has always been been that we try to bring that public cloud like simplicity by hosting, you know, this in a lot of such similar tools in a SaaS hosted manner for our customers, right? So our goal behind doing that is taking away or trying to take away all of that complexity from customers' hands and offloading it to our hands, right? And giving them that full white glove treatment, as we call it. And so from a customer's perspective, one, something like arlon will integrate with what they have so they don't have to rip and replace anything. In fact, it will, even in the next versions, it may even discover your clusters that you have today and you know, give you an inventory. And that will, >>So if customers have clusters that are growing, that's a sign correct call you guys. >>Absolutely. Either they're, they have massive large clusters, right? That they wanna split into smaller clusters, but they're not comfortable doing that today, or they've done that already on say, public cloud or otherwise. And now they have management challenges. So >>Especially operationalizing the clusters, whether they want to kind of reset everything and remove things around and reconfigure Yep. And or scale out. >>That's right. Exactly. And >>You provide that layer of policy. >>Absolutely. >>Yes. That's the key value here. >>That's right. >>So policy based configuration for cluster scale up, >>Well profile and policy based declarative configuration and lifecycle management for clusters. >>If I asked you how this enables supercloud, what would you say to that? >>I think this is one of the key ingredients to super cloud, right? If you think about a super cloud environment, there's at least few key ingredients that that come to my mind that are really critical. Like they are, you know, life saving ingredients at that scale. One is having a really good strategy for managing that scale, you know, in a, going back to assembly line in a very consistent, predictable way so that our lot solves then you, you need to compliment that with the right kind of observability and monitoring tools at scale, right? Because ultimately issues are gonna happen and you're gonna have to figure out, you know, how to solve them fast. And arlon by the way, also helps in that direction, but you also need observability tools. And then especially if you're running it on the public cloud, you need some cost management tools. In my mind, these three things are like the most necessary ingredients to make Super Cloud successful. And you know, our alarm fills in >>One. Okay. So now the next level is, Okay, that makes sense. Is under the covers kind of speak under the hood. Yeah. How does that impact the app developers and the cloud native modern application workflows? Because the impact to me, seems the apps are gonna be impacted. Are they gonna be faster, stronger? I mean, what's the impact if you do all those things, as you mentioned, what's the impact of the apps? >>Yeah, the impact is that your apps are more likely to operate in production the way you expect them to, because the right checks and balances have gone through, and any discrepancies have been identified prior to those apps, prior to your customer running into them, right? Because developers run into this challenge to their, where there's a split responsibility, right? I'm responsible for my code, I'm responsible for some of these other plugins, but I don't own the stack end to end. I have to rely on my ops counterpart to do their part, right? And so this really gives them, you know, the right tooling for that. >>So this is actually a great kind of relevant point, you know, as cloud becomes more scalable, you're starting to see this fragmentation gone of the days of the full stack developer to the more specialized role. But this is a key point, and I have to ask you because if this RLO solution takes place, as you say, and the apps are gonna be stupid, they're designed to do, the question is, what did does the current pain look like of the apps breaking? What does the signals to the customer Yeah. That they should be calling you guys up into implementing Arlo, Argo and, and all the other goodness to automate? What are some of the signals? Is it downtime? Is it, is it failed apps, Is it latency? What are some of the things that Yeah, absolutely would be indications of things are effed up a little bit. Yeah. >>More frequent down times, down times that are, that take longer to triage. And so you are, you know, the, you know, your mean times on resolution, et cetera, are escalating or growing larger, right? Like we have environments of customers where they're, they have a number of folks on in the field that have to take these apps and run them at customer sites. And that's one of our partners. And they're extremely interested in this because they're the, the rate of failures they're encountering for this, you know, the field when they're running these apps on site, because the field is automating their clusters that are running on sites using their own script. So these are the kinds of challenges, and those are the pain points, which is, you know, if you're looking to reduce your meantime to resolution, if you're looking to reduce the number of failures that occur on your production site, that's one. And second, if you are looking to manage these at scale environments with a relatively small, focused, nimble ops team, which has an immediate impact on your budget. So those are, those are the signals. >>This is the cloud native at scale situation, the innovation going on. Final thought is your reaction to the idea that if the world goes digital, which it is, and the confluence of physical and digital coming together, and cloud continues to do its thing, the company becomes the application, not where it used to be supporting the business, you know, the back office and the maybe terminals and some PCs and handhelds. Now if technology's running, the business is the business. Yeah. Company's the application. Yeah. So it can't be down. So there's a lot of pressure on, on CSOs and CIOs now and boards is saying, How is technology driving the top line revenue? That's the number one conversation. Yep. Do you see that same thing? >>Yeah. It's interesting. I think there's multiple pressures at the CXO CIO level, right? One is that there needs to be that visibility and clarity and guarantee almost that, you know, that the, the technology that's, you know, that's gonna drive your top line is gonna drive that in a consistent, reliable, predictable manner. And then second, there is the constant pressure to do that while always lowering your costs of doing it, right? Especially when you're talking about, let's say retailers or those kinds of large scale vendors, they many times make money by lowering the amount that they spend on, you know, providing those goods to their end customers. So I think those, both those factors kind of come into play and the solution to all of them is usually in a very structured strategy around automation. >>Final question. What does cloudnative at scale look like to you? If all the things happen the way we want 'em to happen, The magic wand, the magic dust, what does it look like? >>What that looks like to me is a CIO sipping at his desk on coffee production is running absolutely smooth. And his, he's running that at a nimble, nimble team size of at the most, a handful of folks that are just looking after things, but things are >>Just taking care of the CIO doesn't exist. There's no ciso, they're at the beach. >>Yep. >>Thank you for coming on, sharing the cloud native at scale here on the cube. Thank you for your time. >>Fantastic. Thanks for >>Having me. Okay. I'm John Fur here for special program presentation, special programming cloud native at scale, enabling super cloud modern applications with Platform nine. Thanks for watching. Welcome back everyone to the special presentation of cloud native at scale, the cube and platform nine special presentation going in and digging into the next generation super cloud infrastructure as code and the future of application development. We're here with Bickley, who's the chief architect and co-founder of Platform nine Pick. Great to see you Cube alumni. We, we met at an OpenStack event in about eight years ago, or later, earlier when OpenStack was going. Great to see you and great to see congratulations on the success of platform nine. >>Thank you very much. >>Yeah. You guys have been at this for a while and this is really the, the, the year we're seeing the, the crossover of Kubernetes because of what happens with containers. Everyone now has realized, and you've seen what Docker's doing with the new docker, the open source Docker now just the success Exactly. Of containerization, right? And now the Kubernetes layer that we've been working on for years is coming, bearing fruit. This is huge. >>Exactly. Yes. >>And so as infrastructures code comes in, we talked to Bacar talking about Super Cloud, I met her about, you know, the new Arlon, our, our lawn, and you guys just launched the infrastructures code is going to another level, and then it's always been DevOps infrastructures code. That's been the ethos that's been like from day one, developers just code. Then you saw the rise of serverless and you see now multi-cloud or on the horizon, connect the dots for us. What is the state of infrastructure as code today? >>So I think, I think I'm, I'm glad you mentioned it, everybody or most people know about infrastructures code. But with Kubernetes, I think that project has evolved at the concept even further. And these dates, it's infrastructure is configuration, right? So, which is an evolution of infrastructure as code. So instead of telling the system, here's how I want my infrastructure by telling it, you know, do step A, B, C, and D instead with Kubernetes, you can describe your desired state declaratively using things called manifest resources. And then the system kind of magically figures it out and tries to converge the state towards the one that you specified. So I think it's, it's a even better version of infrastructures code. >>Yeah. And that really means it's developer just accessing resources. Okay. That declare, Okay, give me some compute, stand me up some, turn the lights on, turn 'em off, turn 'em on. That's kind of where we see this going. And I like the configuration piece. Some people say composability, I mean now with open source so popular, you don't have to have to write a lot of code, this code being developed. And so it's into integration, it's configuration. These are areas that we're starting to see computer science principles around automation, machine learning, assisting open source. Cuz you got a lot of code that's right in hearing software, supply chain issues. So infrastructure as code has to factor in these new dynamics. Can you share your opinion on these new dynamics of, as open source grows, the glue layers, the configurations, the integration, what are the core issues? >>I think one of the major core issues is with all that power comes complexity, right? So, you know, despite its expressive power systems like Kubernetes and declarative APIs let you express a lot of complicated and complex stacks, right? But you're dealing with hundreds if not thousands of these yamo files or resources. And so I think, you know, the emergence of systems and layers to help you manage that complexity is becoming a key challenge and opportunity in, in this space. >>That's, I wrote a LinkedIn post today was comments about, you know, hey, enterprise is a new breed. The trend of SaaS companies moving our consumer comp consumer-like thinking into the enterprise has been happening for a long time, but now more than ever, you're seeing it the old way used to be solve complexity with more complexity and then lock the customer in. Now with open source, it's speed, simplification and integration, right? These are the new dynamic power dynamics for developers. Yeah. So as companies are starting to now deploy and look at Kubernetes, what are the things that need to be in place? Because you have some, I won't say technical debt, but maybe some shortcuts, some scripts here that make it look like infrastructure is code. People have done some things to simulate or or make infrastructure as code happen. Yes. But to do it at scale Yes. Is harder. What's your take on this? What's your view? >>It's hard because there's a per proliferation of methods, tools, technologies. So for example, today it's very common for DevOps and platform engineering tools, I mean, sorry, teams to have to deploy a large number of Kubernetes clusters, but then apply the applications and configurations on top of those clusters. And they're using a wide range of tools to do this, right? For example, maybe Ansible or Terraform or bash scripts to bring up the infrastructure and then the clusters. And then they may use a different set of tools such as Argo CD or other tools to apply configurations and applications on top of the clusters. So you have this sprawl of tools. You, you also have this sprawl of configurations and files because the more objects you're dealing with, the more resources you have to manage. And there's a risk of drift that people call that where, you know, you think you have things under control, but some people from various teams will make changes here and there and then before the end of the day systems break and you have no idea of tracking them. So I think there's real need to kind of unify, simplify, and try to solve these problems using a smaller, more unified set of tools and methodologies. And that's something that we try to do with this new project. Arlon. >>Yeah. So, so we're gonna get into Arlan in a second. I wanna get into the why Arlon. You guys announced that at AR GoCon, which was put on here in Silicon Valley at the, at the community meeting by in two, they had their own little day over there at their headquarters. But before we get there, vascar, your CEO came on and he talked about Super Cloud at our in AAL event. What's your definition of super cloud? If you had to kind of explain that to someone at a cocktail party or someone in the industry technical, how would you look at the super cloud trend that's emerging? It's become a thing. What's your, what would be your contribution to that definition or the narrative? >>Well, it's, it's, it's funny because I've actually heard of the term for the first time today, speaking to you earlier today. But I think based on what you said, I I already get kind of some of the, the gist and the, the main concepts. It seems like super cloud, the way I interpret that is, you know, clouds and infrastructure, programmable infrastructure, all of those things are becoming commodity in a way. And everyone's got their own flavor, but there's a real opportunity for people to solve real business problems by perhaps trying to abstract away, you know, all of those various implementations and then building better abstractions that are perhaps business or applications specific to help companies and businesses solve real business problems. >>Yeah, I remember that's a great, great definition. I remember, not to date myself, but back in the old days, you know, IBM had a proprietary network operating system, so of deck for the mini computer vendors, deck net and SNA respectively. But T C P I P came out of the osi, the open systems interconnect and remember, ethernet beat token ring out. So not to get all nerdy for all the young kids out there, look, just look up token ring, you'll see, you've probably never heard of it. It's IBM's, you know, connection for the internet at the, the layer two is Amazon, the ethernet, right? So if T C P I P could be the Kubernetes and the container abstraction that made the industry completely change at that point in history. So at every major inflection point where there's been serious industry change and wealth creation and business value, there's been an abstraction Yes. Somewhere. Yes. What's your reaction to that? >>I think this is, I think a saying that's been heard many times in this industry and, and I forgot who originated it, but I think that the saying goes like, there's no problem that can't be solved with another layer of indirection, right? And we've seen this over and over and over again where Amazon and its peers have inserted this layer that has simplified, you know, computing and, and infrastructure management. And I believe this trend is going to continue, right? The next set of problems are going to be solved with these insertions of additional abstraction layers. I think that that's really a, yeah, it's gonna >>Continue. It's interesting. I just, when I wrote another post today on LinkedIn called the Silicon Wars AMD stock is down arm has been on a rise. We remember pointing for many years now that arm's gonna be hugely, it has become true. If you look at the success of the infrastructure as a service layer across the clouds, Azure, aws, Amazon's clearly way ahead of everybody. The stuff that they're doing with the silicon and the physics and the, the atoms, the pro, you know, this is where the innovation, they're going so deep and so strong at ISAs, the more that they get that gets come on, they have more performance. So if you're an app developer, wouldn't you want the best performance and you'd wanna have the best abstraction layer that gives you the most ability to do infrastructures, code or infrastructure for configuration, for provisioning, for managing services. And you're seeing that today with service MeSHs, a lot of action going on in the service mesh area in in this community of, of co con, which will be a covering. So that brings up the whole what's next? You guys just announced our lawn at Argo Con, which came out of Intuit. We've had Mariana Tessel at our super cloud event. She's the cto, you know, they're all in the cloud. So they contributed that project. Where did Arlon come from? What was the origination? What's the purpose? Why our lawn, why this announcement? >>Yeah, so the, the inception of the project, this was the result of us realizing that problem that we spoke about earlier, which is complexity, right? With all of this, these clouds, these infrastructure, all the variations around and, you know, compute storage networks and the proliferation of tools we talked about the Ansibles and Terraforms and Kubernetes itself. You can, you can think of that as another tool, right? We saw a need to solve that complexity problem, and especially for people and users who use Kubernetes at scale. So when you have, you know, hundreds of clusters, thousands of applications, thousands of users spread out over many, many locations, there, there needs to be a system that helps simplify that management, right? So that means fewer tools, more expressive ways of describing the state that you want and more consistency. And, and that's why, you know, we built our lawn and we built it recognizing that many of these problems or sub problems have already been solved. So Arlon doesn't try to reinvent the wheel, it instead rests on the shoulders of several giants, right? So for example, Kubernetes is one building block, GI ops, and Argo CD is another one, which provides a very structured way of applying configuration. And then we have projects like cluster API and cross plane, which provide APIs for describing infrastructure. So arlon takes all of those building blocks and builds a thin layer, which gives users a very expressive way of defining configuration and desired state. So that's, that's kind of the inception of, And >>What's the benefit of that? What does that give the, what does that give the developer, the user, in this case, >>The developers, the, the platform engineer, team members, the DevOps engineers, they get a a ways to provision not just infrastructure and clusters, but also applications and configurations. They get a way, a system for provisioning, configuring, deploying, and doing life cycle management in a, in a much simpler way. Okay. Especially as I said, if you're dealing with a large number of applications. >>So it's like an operating fabric, if you will. Yes. For them. Okay, so let's get into what that means for up above and below the the, this abstraction or thin layer below as the infrastructure. We talked a lot about what's going on below that. Yeah. Above our workloads. At the end of the day, you know, I talk to CXOs and IT folks that are now DevOps engineers. They care about the workloads and they want the infrastructures code to work. They wanna spend their time getting in the weeds, figuring out what happened when someone made a push that that happened or something happened. They need observability and they need to, to know that it's working. That's right. And is my workloads running effectively? So how do you guys look at the workload side of it? Cuz now you have multiple workloads on these fabric, >>Right? So workloads, so Kubernetes has defined kind of a standard way to describe workloads and you can, you know, tell Kubernetes, I want to run this container this particular way, or you can use other projects that are in the Kubernetes cloud native ecosystem like K native, where you can express your application in more at a higher level, right? But what's also happening is in addition to the workloads, DevOps and platform engineering teams, they need to very often deploy the applications with the clusters themselves. Clusters are becoming this commodity. It's, it's becoming this host for the application and it kind of comes bundled with it. In many cases it is like an appliance, right? So DevOps teams have to provision clusters at a really incredible rate and they need to tear them down. Clusters are becoming more, >>It's kinda like an EC two instance, spin up a cluster. We very, people used words like that. That's >>Right. And before arlon you kind of had to do all of that using a different set of tools as, as I explained. So with Armon you can kind of express everything together. You can say I want a cluster with a health monitoring stack and a logging stack and this ingress controller and I want these applications and these security policies. You can describe all of that using something we call a profile. And then you can stamp out your app, your applications and your clusters and manage them in a very, so >>Essentially standard creates a mechanism. Exactly. Standardized, declarative kind of configurations. And it's like a playbook. You deploy it. Now what's there is between say a script like I'm, I have scripts, I could just automate scripts >>Or yes, this is where that declarative API and infrastructures configuration comes in, right? Because scripts, yes you can automate scripts, but the order in which they run matters, right? They can break, things can break in the middle and, and sometimes you need to debug them. Whereas the declarative way is much more expressive and powerful. You just tell the system what you want and then the system kind of figures it out. And there are these things about controllers which will in the background reconcile all the state to converge towards your desire. It's a much more powerful, expressive and reliable way of getting things done. >>So infrastructure has configuration is built kind of on, it's as super set of infrastructures code because it's >>An evolution. >>You need edge's code, but then you can configure the code by just saying do it. You basically declaring and saying Go, go do that. That's right. Okay, so, alright, so cloud native at scale, take me through your vision of what that means. Someone says, Hey, what does cloud native at scale mean? What's success look like? How does it roll out in the future as you, not future next couple years? I mean people are now starting to figure out, okay, it's not as easy as it sounds. Could be nice, it has value. We're gonna hear this year coan a lot of this. What does cloud native at scale >>Mean? Yeah, there are different interpretations, but if you ask me, when people think of scale, they think of a large number of deployments, right? Geographies, many, you know, supporting thousands or tens or millions of, of users there, there's that aspect to scale. There's also an equally important a aspect of scale, which is also something that we try to address with Arran. And that is just complexity for the people operating this or configuring this, right? So in order to describe that desired state and in order to perform things like maybe upgrades or updates on a very large scale, you want the humans behind that to be able to express and direct the system to do that in, in relatively simple terms, right? And so we want the tools and the abstractions and the mechanisms available to the user to be as powerful but as simple as possible. So there's, I think there's gonna be a number and there have been a number of CNCF and cloud native projects that are trying to attack that complexity problem as well. And Arlon kind of falls in in that >>Category. Okay, so I'll put you on the spot road that CubeCon coming up and obviously this will be shipping this segment series out before. What do you expect to see at Coan this year? What's the big story this year? What's the, what's the most important thing happening? Is it in the open source community and also within a lot of the, the people jogging for leadership. I know there's a lot of projects and still there's some white space in the overall systems map about the different areas get run time and there's ability in all these different areas. What's the, where's the action? Where, where's the smoke? Where's the fire? Where's the piece? Where's the tension? >>Yeah, so I think one thing that has been happening over the past couple of cons and I expect to continue and, and that is the, the word on the street is Kubernetes is getting boring, right? Which is good, right? >>Boring means simple. >>Well, well >>Maybe, >>Yeah, >>Invisible, >>No drama, right? So, so the, the rate of change of the Kubernetes features and, and all that has slowed but in, in a, in a positive way. But there's still a general sentiment and feeling that there's just too much stuff. If you look at a stack necessary for hosting applications based on Kubernetes, there are just still too many moving parts, too many components, right? Too much complexity. I go, I keep going back to the complexity problem. So I expect Cube Con and all the vendors and the players and the startups and the people there to continue to focus on that complexity problem and introduce further simplifications to, to the stack. >>Yeah. Vic, you've had an storied career, VMware over decades with them obviously in 12 years with 14 years or something like that. Big number co-founder here at Platform. Now you guys have been around for a while at this game. We, man, we talked about OpenStack, that project you, we interviewed at one of their events. So OpenStack was the beginning of that, this new revolution. And I remember the early days it was, it wasn't supposed to be an alternative to Amazon, but it was a way to do more cloud cloud native. I think we had a cloud ERO team at that time. We would to joke we, you know, about, about the dream. It's happening now, now at Platform nine. You guys have been doing this for a while. What's the, what are you most excited about as the chief architect? What did you guys double down on? What did you guys tr pivot from or two, did you do any pivots? Did you extend out certain areas? Cuz you guys are in a good position right now, a lot of DNA in Cloud native. What are you most excited about and what does Platform nine bring to the table for customers and for people in the industry watching this? >>Yeah, so I think our mission really hasn't changed over the years, right? It's been always about taking complex open source software because open source software, it's powerful. It solves new problems, you know, every year and you have new things coming out all the time, right? OpenStack was an example when the Kubernetes took the world by storm. But there's always that complexity of, you know, just configuring it, deploying it, running it, operating it. And our mission has always been that we will take all that complexity and just make it, you know, easy for users to consume regardless of the technology, right? So the successor to Kubernetes, you know, I don't have a crystal ball, but you know, you have some indications that people are coming up of new and simpler ways of running applications. There are many projects around there who knows what's coming next year or the year after that. But platform will a, platform nine will be there and we will, you know, take the innovations from the the community. We will contribute our own innovations and make all of those things very consumable to customers. >>Simpler, faster, cheaper. Exactly. Always a good business model technically to make that happen. Yes. Yeah, I think the, the reigning in the chaos is key, you know, Now we have now visibility into the scale. Final question before we depart this segment. What is at scale, how many clusters do you see that would be a watermark for an at scale conversation around an enterprise? Is it workloads we're looking at or, or clusters? How would you, Yeah, how would you describe that? When people try to squint through and evaluate what's a scale, what's the at scale kind of threshold? >>Yeah. And, and the number of clusters doesn't tell the whole story because clusters can be small in terms of the number of nodes or they can be large. But roughly speaking when we say, you know, large scale cluster deployments, we're talking about maybe hundreds, two thousands. >>Yeah. And final final question, what's the role of the hyperscalers? You got AWS continuing to do well, but they got their core ias, they got a PAs, they're not too too much putting a SaaS out there. They have some SaaS apps, but mostly it's the ecosystem. They have marketplaces doing over $2 billion billions of transactions a year and, and it's just like, just sitting there. It hasn't really, they're now innovating on it, but that's gonna change ecosystems. What's the role the cloud play in the cloud native of its scale? >>The, the hyperscalers, >>Yeahs Azure, Google. >>You mean from a business perspective? Yeah, they're, they have their own interests that, you know, that they're, they will keep catering to, they, they will continue to find ways to lock their users into their ecosystem of services and, and APIs. So I don't think that's gonna change, right? They're just gonna keep, >>Well they got great I performance, I mean from a, from a hardware standpoint, yes, that's gonna be key, right? >>Yes. I think the, the move from X 86 being the dominant way and platform to run workloads is changing, right? That, that, that, that, and I think the, the hyperscalers really want to be in the game in terms of, you know, the the new risk and arm ecosystems and the platforms. >>Yeah, not joking aside, Paul Morritz, when he was the CEO of VMware, when he took over once said, I remember our first year doing the cube. Oh the cloud is one big distributed computer, it's, it's hardware and he got software and you got middleware and he kind over, well he's kind of tongue in cheek, but really you're talking about large compute and sets of services that is essentially a distributed computer. >>Yes, >>Exactly. It's, we're back on the same game. Vic, thank you for coming on the segment. Appreciate your time. This is cloud native at scale special presentation with Platform nine. Really unpacking super cloud Arlon open source and how to run large scale applications on the cloud Cloud Native Phil for developers and John Furrier with the cube. Thanks for Washington. We'll stay tuned for another great segment coming right up. Hey, welcome back everyone to Super Cloud 22. I'm John Fur, host of the Cuba here all day talking about the future of cloud. Where's it all going? Making it super multi-cloud clouds around the corner and public cloud is winning. Got the private cloud on premise and edge. Got a great guest here, Vascar Gorde, CEO of Platform nine, just on the panel on Kubernetes. An enabler blocker. Welcome back. Great to have you on. >>Good to see you >>Again. So Kubernetes is a blocker enabler by, with a question mark. I put on on that panel was really to discuss the role of Kubernetes. Now great conversation operations is impacted. What's interest thing about what you guys are doing at Platform nine? Is your role there as CEO and the company's position, kind of like the world spun into the direction of Platform nine while you're at the helm? Yeah, right. >>Absolutely. In fact, things are moving very well and since they came to us, it was an insight to call ourselves the platform company eight years ago, right? So absolutely whether you are doing it in public clouds or private clouds, you know, the application world is moving very fast in trying to become digital and cloud native. There are many options for you do on the infrastructure. The biggest blocking factor now is having a unified platform. And that's what we, we come into, >>Patrick, we were talking before we came on stage here about your background and we were gonna talk about the glory days in 2000, 2001, when the first as piece application service providers came out, kind of a SaaS vibe, but that was kind of all kind of cloudlike. >>It wasn't, >>And and web services started then too. So you saw that whole growth. Now, fast forward 20 years later, 22 years later, where we are now, when you look back then to here and all the different cycles, >>I, in fact you, you know, as we were talking offline, I was in one of those ASPs in the year 2000 where it was a novel concept of saying we are providing a software and a capability as a service, right? You sign up and start using it. I think a lot has changed since then. The tooling, the tools, the technology has really skyrocketed. The app development environment has really taken off exceptionally well. There are many, many choices of infrastructure now, right? So I think things are in a way the same but also extremely different. But more importantly now for any company, regardless of size, to be a digital native, to become a digital company is extremely mission critical. It's no longer a nice to have everybody's in the journey somewhere. >>Everyone is going digital transformation here. Even on a so-called downturn recession that's upcoming inflation's here. It's interesting. This is the first downturn in the history of the world where the hyperscale clouds have been pumping on all cylinders as an economic input. And if you look at the tech trends, GDPs down, but not tech. >>Nope. >>Cuz the pandemic showed everyone digital transformation is here and more spend and more growth is coming even in, in tech. So this is a unique factor which proves that that digital transformation's happening and company, every company will need a super cloud. >>Everyone, every company, regardless of size, regardless of location, has to become modernize their infrastructure. And modernizing Infras infrastructure is not just some new servers and new application tools, It's your approach, how you're serving your customers, how you're bringing agility in your organization. I think that is becoming a necessity for every enterprise to survive. >>I wanna get your thoughts on Super Cloud because one of the things Dave Ante and I want to do with Super Cloud and calling it that was we, I, I personally, and I know Dave as well, he can, I'll speak from, he can speak for himself. We didn't like multi-cloud. I mean not because Amazon said don't call things multi-cloud, it just didn't feel right. I mean everyone has multiple clouds by default. If you're running productivity software, you have Azure and Office 365. But it wasn't truly distributed. It wasn't truly decentralized, it wasn't truly cloud enabled. It didn't, it felt like they're not ready for a market yet. Yet public clouds booming on premise. Private cloud and Edge is much more on, you know, more, more dynamic, more real. >>Yeah. I think the reason why we think super cloud is a better term than multi-cloud. Multi-cloud are more than one cloud, but they're disconnected. Okay, you have a productivity cloud, you have a Salesforce cloud, you may have, everyone has an internal cloud, right? So, but they're not connected. So you can say okay, it's more than one cloud. So it's you know, multi-cloud. But super cloud is where you are actually trying to look at this holistically. Whether it is on-prem, whether it is public, whether it's at the edge, it's a store at the branch. You are looking at this as one unit. And that's where we see the term super cloud is more applicable because what are the qualities that you require if you're in a super cloud, right? You need choice of infrastructure, you need, but at the same time you need a single pain, a single platform for you to build your innovations on regardless of which cloud you're doing it on, right? So I think Super Cloud is actually a more tightly integrated orchestrated management philosophy we think. >>So let's get into some of the super cloud type trends that we've been reporting on. Again, the purpose of this event is to, as a pilots, to get the conversations flowing with with the influencers like yourselves who are running companies and building products and the builders, Amazon and Azure are doing extremely well. Google's coming up in third cloudworks in public cloud. We see the use cases on premises use cases. Kubernetes has been an interesting phenomenon because it's become from the developer side a little bit, but a lot of ops people love Kubernetes. It's really more of an ops thing. You mentioned OpenStack earlier. Kubernetes kind of came out of that open stack. We need an orchestration and then containers had a good shot with, with Docker. They re pivoted the company. Now they're all in an open source. So you got containers booming and Kubernetes as a new layer there. What's the, what's the take on that? What does that really mean? Is that a new defacto enabler? It >>Is here. It's for here for sure. Every enterprise somewhere else in the journey is going on. And you know, most companies are, 70 plus percent of them have won two, three container based, Kubernetes based applications now being rolled out. So it's very much here, it is in production at scale by many customers. And the beauty of it is, yes, open source, but the biggest gating factor is the skill set. And that's where we have a phenomenal engineering team, right? So it's, it's one thing to buy a tool >>And just be clear, you're a managed service for Kubernetes. >>We provide, provide a software platform for cloud acceleration as a service and it can run anywhere. It can run in public private. We have customers who do it in truly multi-cloud environments. It runs on the edge, it runs at this in stores are thousands of stores in a retailer. So we provide that and also for specific segments where data sovereignty and data residency are key regulatory reasons. We also un OnPrem as an air gap version. >>Can you give an example on how you guys are deploying your platform to enable a super cloud experience for your >>Customer? Right. So I'll give you two different examples. One is a very large networking company, public networking company. They have, I dunno, hundreds of products, hundreds of r and d teams that are building different, different products. And if you look at few years back, each one was doing it on a different platforms but they really needed to bring the agility and they worked with us now over three years where we are their build test dev pro platform where all their products are built on, right? And it has dramatically increased their agility to release new products. Number two, it actually is a light out operation. In fact the customer says like, like the Maytag service person cuz we provide it as a service and it barely takes one or two people to maintain it for them. >>So it's kinda like an SRE vibe. One person managing a >>Large 4,000 engineers building infrastructure >>On their tools, >>Whatever they want on their tools. They're using whatever app development tools they use, but they use our platform. >>What benefits are they seeing? Are they seeing speed? >>Speed, definitely. Okay. Definitely they're speeding. Speed uniformity because now they're building able to build, so their customers who are using product A and product B are seeing a similar set of tools that are being used. >>So a big problem that's coming outta this super cloud event that we're, we're seeing and we've heard it all here, ops and security teams cuz they're kind of too part of one theme, but ops and security specifically need to catch up speed wise. Are you delivering that value to ops and security? Right. >>So we, we work with ops and security teams and infrastructure teams and we layer on top of that. We have like a platform team. If you think about it, depending on where you have data centers, where you have infrastructure, you have multiple teams, okay, but you need a unified platform. Who's your buyer? Our buyer is usually, you know, the product divisions of companies that are looking at or the CTO would be a buyer for us functionally cio definitely. So it it's, it's somewhere in the DevOps to infrastructure. But the ideal one we are beginning to see now many large corporations are really looking at it as a platform and saying we have a platform group on which any app can be developed and it is run on any infrastructure. So the platform engineering teams, >>You working two sides of that coin. You've got the dev side and then >>And then infrastructure >>Side side, okay. >>Another customer like give you an example, which I would say is kind of the edge of the store. So they have thousands of stores. Retail, retail, you know food retailer, right? They have thousands of stores that are on the globe, 50,000, 60,000. And they really want to enhance the customer experience that happens when you either order the product or go into the store and pick up your product or buy or browse or sit there. They have applications that were written in the nineties and then they have very modern AIML applications today. They want something that will not have to send an IT person to install a rack in the store or they can't move everything to the cloud because the store operations has to be local. The menu changes based on, It's a classic edge. It's classic edge. Yeah. Right. They can't send it people to go install rack access servers then they can't sell software people to go install the software and any change you wanna put through that, you know, truck roll. So they've been working with us where all they do is they ship, depending on the size of the store, one or two or three little servers with instructions that >>You, you say little servers like how big one like a net box box, like a small little >>Box and all the person in the store has to do like what you and I do at home and we get a, you know, a router is connect the power, connect the internet and turn the switch on. And from there we pick it up. >>Yep. >>We provide the operating system, everything and then the applications are put on it. And so that dramatically brings the velocity for them. They manage >>Thousands of them. True plug and play >>Two, plug and play thousands of stores. They manage it centrally. We do it for them, right? So, so that's another example where on the edge then we have some customers who have both a large private presence and one of the public clouds. Okay. But they want to have the same platform layer of orchestration and management that they can use regardless of the location. So >>You guys got some success. Congratulations. Got some traction there. It's awesome. The question I want to ask you is that's come up is what is truly cloud native? Cuz there's lift and shift of the cloud >>That's not cloud native. >>Then there's cloud native. Cloud native seems to be the driver for the super cloud. How do you talk to customers? How do you explain when someone says what's cloud native, what isn't cloud native? >>Right. Look, I think first of all, the best place to look at what is the definition and what are the attributes and characteristics of what is truly a cloud native, is CNC foundation. And I think it's very well documented where you, well >>Con of course Detroit's >>Coming here, so, so it's already there, right? So, so we follow that very closely, right? I think just lifting and shifting your 20 year old application onto a data center somewhere is not cloud native. Okay? You can't put to cloud native, you have to rewrite and redevelop your application and business logic using modern tools. Hopefully more open source and, and I think that's what Cloudnative is and we are seeing a lot of our customers in that journey. Now everybody wants to be cloudnative, but it's not that easy, okay? Because it's, I think it's first of all, skill set is very important. Uniformity of tools that there's so many tools there. Thousands and thousands of tools you could spend your time figuring out which tool to use. Okay? So I think the complexities there, but the business benefits of agility and uniformity and customer experience are truly them. >>And I'll give you an example. I don't know how clear native they are, right? And they're not a customer of ours, but you order pizzas, you do, right? If you just watch the pizza industry, how dominoes actually increase their share and mind share and wallet share was not because they were making better pizzas or not, I don't know anything about that, but the whole experience of how you order, how you watch what's happening, how it's delivered. There were a pioneer in it. To me, those are the kinds of customer experiences that cloud native can provide. >>Being agility and having that flow to the application changes what the expectations of the, for the customer. >>Customer, the customer's expectations change, right? Once you get used to a better customer experience, you learn >>Best car. To wrap it up, I wanna just get your perspective again. One of the benefits of chatting with you here and having you part of the Super Cloud 22 is you've seen many cycles, you have a lot of insights. I want to ask you, given your career where you've been and what you've done and now the CEO platform nine, how would you compare what's happening now with other inflection points in the industry? And you've been, again, you've been an entrepreneur, you sold your company to Oracle, you've been seeing the big companies, you've seen the different waves. What's going on right now put into context this moment in time around Super >>Cloud. Sure. I think as you said, a lot of battles. Cars being been, been in an asp, been in a realtime software company, being in large enterprise software houses and a transformation. I've been on the app side, I did the infrastructure right and then tried to build our own platforms. I've gone through all of this myself with a lot of lessons learned in there. I think this is an event which is happening now for companies to go through to become cloud native and digitalize. If I were to look back and look at some parallels of the tsunami that's going on is a couple of paddles come to me. One is, think of it, which was forced to honors like y2k. Everybody around the world had to have a plan, a strategy, and an execution for y2k. I would say the next big thing was e-commerce. I think e-commerce has been pervasive right across all industries. >>And disruptive. >>And disruptive, extremely disruptive. If you did not adapt and adapt and accelerate your e-commerce initiative, you were, it was an existence question. Yeah. I think we are at that pivotal moment now in companies trying to become digital and cloudnative that know that is what I see >>Happening there. I think that that e-commerce was interesting and I think just to riff with you on that is that it's disrupting and refactoring the business models. I think that is something that's coming out of this is that it's not just completely changing the game, it's just changing how you operate, >>How you think, and how you operate. See, if you think about the early days of eCommerce, just putting up a shopping cart didn't made you an eCommerce or an E retailer or an e e customer, right? Or so. I think it's the same thing now is I think this is a fundamental shift on how you're thinking about your business. How are you gonna operate? How are you gonna service your customers? I think it requires that just lift and shift is not gonna work. >>Mascar, thank you for coming on, spending the time to come in and share with our community and being part of Super Cloud 22. We really appreciate, we're gonna keep this open. We're gonna keep this conversation going even after the event, to open up and look at the structural changes happening now and continue to look at it in the open in the community. And we're gonna keep this going for, for a long, long time as we get answers to the problems that customers are looking for with cloud cloud computing. I'm Sean Feer with Super Cloud 22 in the Cube. Thanks for watching. >>Thank you. Thank you, John. >>Hello. Welcome back. This is the end of our program, our special presentation with Platform nine on cloud native at scale, enabling the super cloud. We're continuing the theme here. You heard the interviews Super Cloud and its challenges, new opportunities around the solutions around like Platform nine and others with Arlon. This is really about the edge situations on the internet and managing the edge multiple regions, avoiding vendor lock in. This is what this new super cloud is all about. The business consequences we heard and and the wide ranging conversations around what it means for open source and the complexity problem all being solved. I hope you enjoyed this program. There's a lot of moving pieces and things to configure with cloud native install, all making it easier for you here with Super Cloud and of course Platform nine contributing to that. Thank you for watching.

>> From theCUBE Studios in Palo Alto and Boston, bringing you data-driven insights from theCUBE and ETR, this is Breaking Analysis with Dave Vellante. >> This past week we saw two of the Big 3 cloud providers present the latest update on their respective cloud visions, their business progress, their announcements and innovations. The content at these events had many overlapping themes, including modern cloud infrastructure at global scale, applying advanced machine intelligence, AKA AI, end-to-end data platforms, collaboration software. They talked a lot about the future of work automation. And they gave us a little taste, each company of the Metaverse Web 3.0 and much more. Despite these striking similarities, the differences between these two cloud platforms and that of AWS remains significant. With Microsoft leveraging its massive application software footprint to dominate virtually all markets and Google doing everything in its power to keep up with the frenetic pace of today's cloud innovation, which was set into motion a decade and a half ago by AWS. Hello and welcome to this week's Wikibon CUBE Insights, powered by ETR. In this Breaking Analysis, we unpack the immense amount of content presented by the CEOs of Microsoft and Google Cloud at Microsoft Ignite and Google Cloud Next. We'll also quantify with ETR survey data the relative position of these two cloud giants in four key sectors: cloud IaaS, BI analytics, data platforms and collaboration software. Now one thing was clear this past week, hybrid events are the thing. Google Cloud Next took place live over a 24-hour period in six cities around the world, with the main gathering in New York City. Microsoft Ignite, which normally is attended by 30,000 people, had a smaller event in Seattle, in person with a virtual audience around the world. AWS re:Invent, of course, is much different. Yes, there's a virtual component at re:Invent, but it's all about a big live audience gathering the week after Thanksgiving, in the first week of December in Las Vegas. Regardless, Satya Nadella keynote address was prerecorded. It was highly produced and substantive. It was visionary, energetic with a strong message that Azure was a platform to allow customers to build their digital businesses. Doing more with less, which was a key theme of his. Nadella covered a lot of ground, starting with infrastructure from the compute, highlighting a collaboration with Arm-based, Ampere processors. New block storage, 60 regions, 175,000 miles of fiber cables around the world. He presented a meaningful multi-cloud message with Azure Arc to support on-prem and edge workloads, as well as of course the public cloud. And talked about confidential computing at the infrastructure level, a theme we hear from all cloud vendors. He then went deeper into the end-to-end data platform that Microsoft is building from the core data stores to analytics, to governance and the myriad tooling Microsoft offers. AI was next with a big focus on automation, AI, training models. He showed demos of machines coding and fixing code and machines automatically creating designs for creative workers and how Power Automate, Microsoft's RPA tooling, would combine with Microsoft Syntex to understand documents and provide standard ways for organizations to communicate with those documents. There was of course a big focus on Azure as developer cloud platform with GitHub Copilot as a linchpin using AI to assist coders in low-code and no-code innovations that are coming down the pipe. And another giant theme was a workforce transformation and how Microsoft is using its heritage and collaboration and productivity software to move beyond what Nadella called productivity paranoia, i.e., are remote workers doing their jobs? In a world where collaboration is built into intelligent workflows, and he even showed a glimpse of the future with AI-powered avatars and partnerships with Meta and Cisco with Teams of all firms. And finally, security with a bevy of tools from identity, endpoint, governance, et cetera, stressing a suite of tools from a single provider, i.e., Microsoft. So a couple points here. One, Microsoft is following in the footsteps of AWS with silicon advancements and didn't really emphasize that trend much except for the Ampere announcement. But it's building out cloud infrastructure at a massive scale, there is no debate about that. Its plan on data is to try and provide a somewhat more abstracted and simplified solutions, which differs a little bit from AWS's approach of the right database tool, for example, for the right job. Microsoft's automation play appears to provide simple individual productivity tools, kind of a ground up approach and make it really easy for users to drive these bottoms up initiatives. We heard from UiPath that forward five last month, a little bit of a different approach of horizontal automation, end-to-end across platforms. So quite a different play there. Microsoft's angle on workforce transformation is visionary and will continue to solidify in our view its dominant position with Teams and Microsoft 365, and it will drive cloud infrastructure consumption by default. On security as well as a cloud player, it has to have world-class security, and Azure does. There's not a lot of debate about that, but the knock on Microsoft is Patch Tuesday becomes Hack Wednesday because Microsoft releases so many patches, it's got so much Swiss cheese in its legacy estate and patching frequently, it becomes a roadmap and a trigger for hackers. Hey, patch Tuesday, these are all the exploits that you can go after so you can act before the patches are implemented. And so it's really become a problem for users. As well Microsoft is competing with many of the best-of-breed platforms like CrowdStrike and Okta, which have market momentum and appear to be more attractive horizontal plays for customers outside of just the Microsoft cloud. But again, it's Microsoft. They make it easy and very inexpensive to adopt. Now, despite the outstanding presentation by Satya Nadella, there are a couple of statements that should raise eyebrows. Here are two of them. First, as he said, Azure is the only cloud that supports all organizations and all workloads from enterprises to startups, to highly regulated industries. I had a conversation with Sarbjeet Johal about this, to make sure I wasn't just missing something and we were both surprised, somewhat, by this claim. I mean most certainly AWS supports more certifications for example, and we would think it has a reasonable case to dispute that claim. And the other statement, Nadella made, Azure is the only cloud provider enabling highly regulated industries to bring their most sensitive applications to the cloud. Now, reasonable people can debate whether AWS is there yet, but very clearly Oracle and IBM would have something to say about that statement. Now maybe it's not just, would say, "Oh, they're not real clouds, you know, they're just going to hosting in the cloud if you will." But still, when it comes to mission-critical applications, you would think Oracle is really the the leader there. Oh, and Satya also mentioned the claim that the Edge browser, the Microsoft Edge browser, no questions asked, he said, is the best browser for business. And we could see some people having some questions about that. Like isn't Edge based on Chrome? Anyway, so we just had to question these statements and challenge Microsoft to defend them because to us it's a little bit of BS and makes one wonder what else in such as awesome keynote and it was awesome, it was hyperbole. Okay, moving on to Google Cloud Next. The keynote started with Sundar Pichai doing a virtual session, he was remote, stressing the importance of Google Cloud. He mentioned that Google Cloud from its Q2 earnings was on a $25-billion annual run rate. What he didn't mention is that it's also on a 3.6 billion annual operating loss run rate based on its first half performance. Just saying. And we'll dig into that issue a little bit more later in this episode. He also stressed that the investments that Google has made to support its core business and search, like its global network of 22 subsea cables to support things like, YouTube video, great performance obviously that we all rely on, those innovations there. Innovations in BigQuery to support its search business and its threat analysis that it's always had and its AI, it's always been an AI-first company, he's stressed, that they're all leveraged by the Google Cloud Platform, GCP. This is all true by the way. Google has absolutely awesome tech and the talk, as well as his talk, Pichai, but also Kurian's was forward thinking and laid out a vision of the future. But it didn't address in our view, and I talked to Sarbjeet Johal about this as well, today's challenges to the degree that Microsoft did and we expect AWS will at re:Invent this year, it was more out there, more forward thinking, what's possible in the future, somewhat less about today's problem, so I think it's resonates less with today's enterprise players. Thomas Kurian then took over from Sundar Pichai and did a really good job of highlighting customers, and I think he has to, right? He has to say, "Look, we are in this game. We have customers, 9 out of the top 10 media firms use Google Cloud. 8 out of the top 10 manufacturers. 9 out of the top 10 retailers. Same for telecom, same for healthcare. 8 out of the top 10 retail banks." He and Sundar specifically referenced a number of companies, customers, including Avery Dennison, Groupe Renault, H&M, John Hopkins, Prudential, Minna Bank out of Japan, ANZ bank and many, many others during the session. So you know, they had some proof points and you got to give 'em props for that. Now like Microsoft, Google talked about infrastructure, they referenced training processors and regions and compute optionality and storage and how new workloads were emerging, particularly data-driven workloads in AI that required new infrastructure. He explicitly highlighted partnerships within Nvidia and Intel. I didn't see anything on Arm, which somewhat surprised me 'cause I believe Google's working on that or at least has come following in AWS's suit if you will, but maybe that's why they're not mentioning it or maybe I got to do more research there, but let's park that for a minute. But again, as we've extensively discussed in Breaking Analysis in our view when it comes to compute, AWS via its Annapurna acquisition is well ahead of the pack in this area. Arm is making its way into the enterprise, but all three companies are heavily investing in infrastructure, which is great news for customers and the ecosystem. We'll come back to that. Data and AI go hand in hand, and there was no shortage of data talk. Google didn't mention Snowflake or Databricks specifically, but it did mention, by the way, it mentioned Mongo a couple of times, but it did mention Google's, quote, Open Data cloud. Now maybe Google has used that term before, but Snowflake has been marketing the data cloud concept for a couple of years now. So that struck as a shot across the bow to one of its partners and obviously competitor, Snowflake. At BigQuery is a main centerpiece of Google's data strategy. Kurian talked about how they can take any data from any source in any format from any cloud provider with BigQuery Omni and aggregate and understand it. And with the support of Apache Iceberg and Delta and Hudi coming in the future and its open Data Cloud Alliance, they talked a lot about that. So without specifically mentioning Snowflake or Databricks, Kurian co-opted a lot of messaging from these two players, such as life and tech. Kurian also talked about Google Workspace and how it's now at 8 million users up from 6 million just two years ago. There's a lot of discussion on developer optionality and several details on tools supported and the open mantra of Google. And finally on security, Google brought out Kevin Mandian, he's a CUBE alum, extremely impressive individual who's CEO of Mandiant, a leading security service provider and consultancy that Google recently acquired for around 5.3 billion. They talked about moving from a shared responsibility model to a shared fate model, which is again, it's kind of a shot across AWS's bow, kind of shared responsibility model. It's unclear that Google will pay the same penalty if a customer doesn't live up to its portion of the shared responsibility, but we can probably assume that the customer is still going to bear the brunt of the pain, nonetheless. Mandiant is really interesting because it's a services play and Google has stated that it is not a services company, it's going to give partners in the channel plenty of room to play. So we'll see what it does with Mandiant. But Mandiant is a very strong enterprise capability and in the single most important area security. So interesting acquisition by Google. Now as well, unlike Microsoft, Google is not competing with security leaders like Okta and CrowdStrike. Rather, it's partnering aggressively with those firms and prominently putting them forth. All right. Let's get into the ETR survey data and see how Microsoft and Google are positioned in four key markets that we've mentioned before, IaaS, BI analytics, database data platforms and collaboration software. First, let's look at the IaaS cloud. ETR is just about to release its October survey, so I cannot share the that data yet. I can only show July data, but we're going to give you some directional hints throughout this conversation. This chart shows net score or spending momentum on the vertical axis and overlap or presence in the data, i.e., how pervasive the platform is. That's on the horizontal axis. And we've inserted the Wikibon estimates of IaaS revenue for the companies, the Big 3. Actually the Big 4, we included Alibaba. So a couple of points in this somewhat busy data chart. First, Microsoft and AWS as always are dominant on both axes. The red dotted line there at 40% on the vertical axis. That represents a highly elevated spending velocity and all of the Big 3 are above the line. Now at the same time, GCP is well behind the two leaders on the horizontal axis and you can see that in the table insert as well in our revenue estimates. Now why is Azure bigger in the ETR survey when AWS is larger according to the Wikibon revenue estimates? And the answer is because Microsoft with products like 365 and Teams will often be considered by respondents in the survey as cloud by customers, so they fit into that ETR category. But in the insert data we're stripping out applications and SaaS from Microsoft and Google and we're only isolating on IaaS. The other point is when you take a look at the early October returns, you see downward pressure as signified by those dotted arrows on every name. The only exception was Dell, or Dell and IBM, which showing slightly improved momentum. So the survey data generally confirms what we know that AWS and Azure have a massive lead and strong momentum in the marketplace. But the real story is below the line. Unlike Google Cloud, which is on pace to lose well over 3 billion on an operating basis this year, AWS's operating profit is around $20 billion annually. Microsoft's Intelligent Cloud generated more than $30 billion in operating income last fiscal year. Let that sink in for a moment. Now again, that's not to say Google doesn't have traction, it does and Kurian gave some nice proof points and customer examples in his keynote presentation, but the data underscores the lead that Microsoft and AWS have on Google in cloud. And here's a breakdown of ETR's proprietary net score methodology, that vertical axis that we showed you in the previous chart. It asks customers, are you adopting the platform new? That's that lime green. Are you spending 6% or more? That's the forest green. Is you're spending flat? That's the gray. Is you're spending down 6% or worse? That's the pinkest color. Or are you replacing the platform, defecting? That's the bright red. You subtract the reds from the greens and you get a net score. Now one caveat here, which actually is really favorable from Microsoft, the Microsoft data that we're showing here is across the entire Microsoft portfolio. The other point is, this is July data, we'll have an update for you once ETR releases its October results. But we're talking about meaningful samples here, the ends. 620 for AWS over a thousand from Microsoft in more than 450 respondents in the survey for Google. So the real tell is replacements, that bright red. There is virtually no churn for AWS and Microsoft, but Google's churn is 5x, those two in the survey. Now 5% churn is not high, but you'd like to see three things for Google given it's smaller size. One is less churn, two is much, much higher adoption rates in the lime green. Three is a higher percentage of those spending more, the forest green. And four is a lower percentage of those spending less. And none of these conditions really applies here for Google. GCP is still not growing fast enough in our opinion, and doesn't have nearly the traction of the two leaders and that shows up in the survey data. All right, let's look at the next sector, BI analytics. Here we have that same XY dimension. Again, Microsoft dominating the picture. AWS very strong also in both axes. Tableau, very popular and respectable of course acquired by Salesforce on the vertical axis, still looking pretty good there. And again on the horizontal axis, big presence there for Tableau. And Google with Looker and its other platforms is also respectable, but it again, has some work to do. Now notice Streamlit, that's a recent Snowflake acquisition. It's strong in the vertical axis and because of Snowflake's go-to-market (indistinct), it's likely going to move to the right overtime. Grafana is also prominent in the Y axis, but a glimpse at the most recent survey data shows them slightly declining while Looker actually improves a bit. As does Cloudera, which we'll move up slightly. Again, Microsoft just blows you away, doesn't it? All right, now let's get into database and data platform. Same X Y dimensions, but now database and data warehouse. Snowflake as usual takes the top spot on the vertical axis and it is actually keeps moving to the right as well with again, Microsoft and AWS is dominant in the market, as is Oracle on the X axis, albeit it's got less spending velocity, but of course it's the database king. Google is well behind on the X axis but solidly above the 40% line on the vertical axis. Note that virtually all platforms will see pressure in the next survey due to the macro environment. Microsoft might even dip below the 40% line for the first time in a while. Lastly, let's look at the collaboration and productivity software market. This is such an important area for both Microsoft and Google. And just look at Microsoft with 365 and Teams up into the right. I mean just so impressive in ubiquitous. And we've highlighted Google. It's in the pack. It certainly is a nice base with 174 N, which I can tell you that N will rise in the next survey, which is an indication that more people are adopting. But given the investment and the tech behind it and all the AI and Google's resources, you'd really like to see Google in this space above the 40% line, given the importance of this market, of this collaboration area to Google's success and the degree to which they emphasize it in their pitch. And look, this brings up something that we've talked about before on Breaking Analysis. Google doesn't have a tech problem. This is a go-to-market and marketing challenge that Google faces and it's up against two go-to-market champs and Microsoft and AWS. And Google doesn't have the enterprise sales culture. It's trying, it's making progress, but it's like that racehorse that has all the potential in the world, but it's just missing some kind of key ingredient to put it over at the top. It's always coming in third, (chuckles) but we're watching and Google's obviously, making some investments as we shared with earlier. All right. Some final thoughts on what we learned this week and in this research: customers and partners should be thrilled that both Microsoft and Google along with AWS are spending so much money on innovation and building out global platforms. This is a gift to the industry and we should be thankful frankly because it's good for business, it's good for competitiveness and future innovation as a platform that can be built upon. Now we didn't talk much about multi-cloud, we haven't even mentioned supercloud, but both Microsoft and Google have a story that resonates with customers in cross cloud capabilities, unlike AWS at this time. But we never say never when it comes to AWS. They sometimes and oftentimes surprise you. One of the other things that Sarbjeet Johal and John Furrier and I have discussed is that each of the Big 3 is positioning to their respective strengths. AWS is the best IaaS. Microsoft is building out the kind of, quote, we-make-it-easy-for-you cloud, and Google is trying to be the open data cloud with its open-source chops and excellent tech. And that puts added pressure on Snowflake, doesn't it? You know, Thomas Kurian made some comments according to CRN, something to the effect that, we are the only company that can do the data cloud thing across clouds, which again, if I'm being honest is not really accurate. Now I haven't clarified these statements with Google and often things get misquoted, but there's little question that, as AWS has done in the past with Redshift, Google is taking a page out of Snowflake, Databricks as well. A big difference in the Big 3 is that AWS doesn't have this big emphasis on the up-the-stack collaboration software that both Microsoft and Google have, and that for Microsoft and Google will drive captive IaaS consumption. AWS obviously does some of that in database, a lot of that in database, but ISVs that compete with Microsoft and Google should have a greater affinity, one would think, to AWS for competitive reasons. and the same thing could be said in security, we would think because, as I mentioned before, Microsoft competes very directly with CrowdStrike and Okta and others. One of the big thing that Sarbjeet mentioned that I want to call out here, I'd love to have your opinion. AWS specifically, but also Microsoft with Azure have successfully created what Sarbjeet calls brand distance. AWS from the Amazon Retail, and even though AWS all the time talks about Amazon X and Amazon Y is in their product portfolio, but you don't really consider it part of the retail organization 'cause it's not. Azure, same thing, has created its own identity. And it seems that Google still struggles to do that. It's still very highly linked to the sort of core of Google. Now, maybe that's by design, but for enterprise customers, there's still some potential confusion with Google, what's its intentions? How long will they continue to lose money and invest? Are they going to pull the plug like they do on so many other tools? So you know, maybe some rethinking of the marketing there and the positioning. Now we didn't talk much about ecosystem, but it's vital for any cloud player, and Google again has some work to do relative to the leaders. Which brings us to supercloud. The ecosystem and end customers are now in a position this decade to digitally transform. And we're talking here about building out their own clouds, not by putting in and building data centers and installing racks of servers and storage devices, no. Rather to build value on top of the hyperscaler gift that has been presented. And that is a mega trend that we're watching closely in theCUBE community. While there's debate about the supercloud name and so forth, there little question in our minds that the next decade of cloud will not be like the last. All right, we're going to leave it there today. Many thanks to Sarbjeet Johal, and my business partner, John Furrier, for their input to today's episode. Thanks to Alex Myerson who's on production and manages the podcast and Ken Schiffman as well. Kristen Martin and Cheryl Knight helped get the word out on social media and in our newsletters. And Rob Hof is our editor in chief over at SiliconANGLE, who does some wonderful editing. And check out SiliconANGLE, a lot of coverage on Google Cloud Next and Microsoft Ignite. Remember, all these episodes are available as podcast wherever you listen. Just search Breaking Analysis podcast. I publish each week on wikibon.com and siliconangle.com. And you can always get in touch with me via email, david.vellante@siliconangle.com or you can DM me at dvellante or comment on my LinkedIn posts. And please do check out etr.ai, the best survey data in the enterprise tech business. This is Dave Vellante for the CUBE Insights, powered by ETR. Thanks for watching and we'll see you next time on Breaking Analysis. (gentle music)

(upbeat music) >> TheCUBE presents UiPath Forward 5. Brought to you by UiPath. >> Hello and welcome back to TheCUBE's coverage of UiPath Forward 5. We're here in Las Vegas at the Venetian Convention Center. This is day two. We're wrapping up Dave Nicholson and Dave Vellante. This is the fourth time theCUBE has been at UiPath Forward. And we've seen the transformation of the company from, essentially, what was a really interesting and easy to adopt point product to now one through acquisitions, IPO, has made a number of enhancements to its platform. David Cardenas is here. Deputy Director of Operations for County of Los Angeles, the Department of Public Health. David, good to see you. Thanks for coming on theCUBE. >> Thanks for having me on guys. Appreciate it. >> So what is your role? What does it have to do with automation? >> So I had been, actually started off in the IT space within the public health. Had served as a CIO previously, but now been moving into broader operations. And I basically manage all of the back office operations for the department, HR, IT, finance, all that. >> So you've had a wild ride in the last couple of years. >> Yeah, I think, like I've been talking earlier, it's just been, the last two years have just been horrendous. It's been a really difficult experience for us. >> Yeah, and I mean, the scars are there, and maybe permanently. But it also had major effects on organizations, on operations that, again, seem to be permanent. How would you describe the situation in your organization? >> So I think it, the urgency that came along with the pandemic response, kind of required us to look at things, you know, differently. We had to be, realize we had to be a lot more nimble than when we were and try to figure out how to enhance our operations. But really look at the core of what we're doing and figure out how it is to be more efficient. So I think we've kind of seen it as an opportunity to really examine ourselves a little bit more deeply and see what things we need to do to kind of, to fix our operations and get things on a better path. >> You know, I think a lot of organizations we talked to say that. But I want to understand how you handle this is, you didn't have time to sit back in the middle of the pandemic. >> Yeah. >> And then as you exit, what I call the isolation economy, people are so burned out, you know? So how do you deal with that organizational trauma? Say, okay now, let's sit back and think about this. Do people, are they eager to do so? Do they have the appetite for it? What's that dynamic like? >> So I think certainly there's a level of exhaustion inside the organization. I can't say that there isn't because it's just been, you know, two years of 24/7/365 kind of work. And that's tough on any organization. But I think what we realize is that there's, you know, we need to move into action quickly 'cause we don't know what's going to come next, right? And we're expecting that this is just a sign of what's to come and that we're just at the start of that stage of, we're just going to see a lot more outbreaks, we're going to see a lot more conditions kind of hitting us. And if we're not prepared for that, we're not going to be able to respond for the, and preserve the health and safety of our citizens, right? So I think we're taking a very active, like, look at these opportunities and see what we've done and say how do we now make the changes that we made in response to the pandemic permanent so that the next time this comes at us, we won't have to be struggling the way that we were to try to figure things out because we'll have such a better foundation in place to be able to move things forward. >> I mean, I've never served in the military, but I imagine that when you're in the military, you're always prepared for some kind of, you know, in your world, code red, right? >> Yeah. >> So it's like this code red culture. And that seems to have carried through, right? People are, you know, constantly aware that, wow. We got caught off guard and we don't want that to happen again. Because that was a big part of the trauma was just the unknown- >> Right. >> and the lack of preparedness. So thinking about technology and its role in helping you to prepare for that type of uncertainty. Can you describe how you're applying technology to prepare for the next unknown? >> So I think, so that first part of what you said, I think the difficulty we've always had in the public health side is that there's the, generally the approach to healthcare is very reactionary, right? Your first interface with the healthcare system is, "I'm going to go see my doctor; I'm going to go to the hospital." The work that we do in public health is to try to do everything we can to keep you out of that, right? So it's broad-based messaging, social media now is going to put us out there. But also, to be able to surveil disease in a different way. And so the holy grail for us in healthcare has always been, at least on the public health side, has been to try to see how can we tap in more actively that when you go see the doctor or when you go to the hospital, how can I get access to that information very, very quickly so that I know, and can see, and surveil my entire county in my jurisdiction and know, oh, there's an outbreak of disease happening in this section of the county. We're 10 million people with, you know, hundreds of square miles inside of LA. There are places where we can see very, you know, specific targets that we know we have to hit. But the data's a little stale and we find out several months after. We need to figure out a way to do that more actively. Technology's going to be our path to be able to capture that information more actively and come up on something a little bit, so we can track things faster and be able to respond more quickly. So that's our focus for all our technology implementations, automation like UiPath has offered us and other things, is around how to gather that information more quickly and put that into action so we can do quick interventions. >> People have notoriously short memories. Please tell me (chuckles) any of the friction that you may have experienced in years past before the pandemic. That those friction points where people are thinking, "Eh, what are the odds?" >> Yeah. "Eh, I've got finite budget, I think I'm going to spend it on this thing over here." Do you, are you able to still ride sort of the wave of mind share at this point when putting programs together for the future? >> So whatever friction was there during the pandemic wiped away. I mean, we had amazing collaboration with the medical provider community, our hospital partners. The healthcare system in LA was working very closely with us to make sure that we were responding. And there is that wave that we are trying to make sure that we use this as an opportunity to kind of ride it so that we can implement all the things that we want. 'Cause we don't know how long that's going to last us. The last time that I saw anything this large was after the anthrax attacks and the bioterrorism attacks that we had after 9/11. >> How interesting. >> Public health was really in lens at that point. And we had a huge infusion of funding, a lot of support from stakeholders, both politically and within the healthcare system. And we were able to make some large steps in movement at that point. This feels the same but in a larger scale because now it touched every part of the infrastructure. And we saw how society really had to react to what was going on in a different way than anyone has ever prepared for. And so now is we think is a time where we know that people are making more investments. And our success is going to be their success in the longterm. >> And you have to know that expectations are now set- >> Extremely high. >> at a completely different level, right? >> Yes, absolutely. >> There is no, "Oh, we don't have enough PPE." >> Correct. >> Right? >> David: Correct. >> The the expectation level is, hey, you should have learned from all of- >> We should have it; we can deliver it, We'll have it at the ready when we need to provide it. Yes, absolutely. >> Okay, so I sort of mentioned, we're, David cubed on theCUBE (all laughing). So three Daves. You spoke today at the conference? >> Actually I'm speaking later actually in the session in an hour or so. >> Oh Okay. My understanding is that you've got this concept of putting humans at the center of the automation. What does that mean? Why is that important? Help us understand that. >> So I think what we found in the crisis is that the high demand for information was something we hadn't seen before, right? We're one of the largest media markets in the United States. And what we really had trouble with is trying to figure out how to serve the residents, to provide them the information that we needed to provide to them. And so what we had traditionally done is press releases, you know, just general marketing campaigns, billboards, trying to send our message out. And when you're talking about a pandemic where on a daily basis, hour-by-hour people wanted to know what was going on in their local communities. Like, we had to change the way that we focused on. So we started thinking about, what is the information that the residents of our county need? And how can we set up an infrastructure to sustain the feeding of that? Because if we can provide more information, people will make their own personal decisions around their personal risk, their personal safety measures they need to take, and do so more actively. More so than, you know, one of us going on camera to say, "This is what you should do." They can look for themselves and look at the data that's in front of them and be able to make those choices for themselves, right? And so we needed to make sure that everything that we were doing wasn't built around feeding it to our political stakeholders, which are important stakeholders. We needed to make sure that they're aware and are messaging out, and our leadership are aware. But it's what could we give the public to be able to make them have access to information that we were collecting on an every single day basis to be able to make the decisions for their lives. And so the automation was key to that. We were at the beginning of the pandemic just had tons and tons of resources that we were throwing at the problem that was, our systems were slow, we didn't have good ability to move data back and forth between our systems, and we needed a stop-gap solution to really fill that need and be able to make the data cycles to meet the data cycles. We had basically every day had to deliver reports and analytics and dashboards by like 10 o'clock in the morning because we knew that the 12 an hour and the five-hour news cycles were going to hit and the press were going to then take those and message out. And the public started to kind of come in at that same time and look at 10 and 11 o'clock and 12 o'clock. >> Yeah. >> We could see it from how many hits were hitting our website, looking for that information. So when we failed and had a cycle where that data cycle didn't work and we couldn't deliver, the public would let us know, the press would let us know, the stakeholders would let us know. We had never experienced anything like that before, right. Where people had like this voracious appetite for the information. So we needed to have a very bulletproof process to make sure that every single 24 hours we were delivering that data, making it available at the ready. >> Software robots enabled that. >> Exactly. >> Okay. And so how were you able to implement that so quickly within such a traumatic environment? >> So I think, I guess necessity is always the mother of invention. It kind of drove us to go real quickly to look at what we had. We had data entry operations set up where we had dozens and dozens of people whose sole job in life on a 24-hour cycle was to receive medical reports that we we're getting, interview data that's coming from our case interviews, hospitalization data that was coming in through all these different channels. And it was all coming in in various forms. And they were entering that into our systems of record. And that's what we were using, extracts from that system of record, what was using to generate the data analyses in our systems and our dashboards. And so we couldn't rely on those after a while because the data was coming in at such high volume. There wasn't enough data entry staff to be able to fit the need, right? And so we needed to replace those humans and take them out of that data entry cycle, pop in the bots. And so what we started to look at is, let's pick off the, where it is that that data entry cycle starts and see what we could do to kind of replace that cycle. And we started off with a very discreet workload that was focused on some of our case interview data that was being turned into PDFs that somebody was using to enter into our systems. And we said, "Well before you do that," since we can't import into the systems 'cause it wasn't working, the import utilities weren't working. We got 'em into simple Excel spreadsheets, mapped those to the fields in our systems and let the bots do that over and over again. And we just started off with that one-use case and just tuned it and went cycle after cycle. The bots just got better and better to the point where we had almost like 95% success rates on each submission of data transactions that we did every day. >> Okay, and you applied that automation, I don't know, how many bots was it roughly? >> We're now at like 30; we started with about five. >> Okay, oh, interesting. So you started with five and you applied 'em to this specific use case to handle the velocity and volume of data- >> Correct. >> that was coming in. But that's obviously dynamic and it's changed. >> Absolutely. >> I presume it's shifted to other areas now. So how did you take what you learned there and then apply it to other use cases in other parts of the organization? >> So, fortunately for us, the process that was being used to capture the information to generate the dashboards and the analyses for the case interview data, which is what we started with- >> Yeah. >> Was essentially being used the same for the hospitalization data that we were getting and for tracking deaths as they were coming in as well. And so the bots essentially were just, we just took one process, take the same bots, copy them over essentially, and had them follow the very same process. We didn't try to introduce any different workflow than what was being done for the first one so we could replicate quickly. So I think it was lucky for us a lot- >> Dave V.: I was going to say, was that luck or by design? >> It was the same people doing the same analyses, right? So in the end they were thinking about how to be efficient themselves. So they kind of had coalesced around a similar process. And so it was kind of like fortunate, but it was by design in terms of how they- >> Dave V.: It was logical to them. >> Logical to them to make it. >> Interesting. >> So for us to be able to insert the bots became pretty easy on the front end. It's just now as we're trying to now expand to other areas that were now encountering like unique processes that we just can't replicate that quickly. We're having to like now dig into. >> So how are you handling that? First of all, how are you determining which processes? Is it sort of process driven? Is it data driven? How do you determine that? >> So obviously right now the focus still is COVID. So the the priorities scale that we've set internally for analyzing those opportunities really is centered around, you know, which things are really going to help our pandemic response, right? We're expecting another surge that's going to happen probably in the next couple of weeks. That'll probably take us through December. Hopefully, at that point, things start to calm down. But that means high-data volume again; these same process. So we're looking at optimizing the processes that we have, what can we do to make those cycles better, faster, you know, what else can we add? The data teams haven't stopped to try to figure out how else can they turn out new data reports, new data analysis, to give us a different perspective on the new variants and the new different outbreaks and hotspots that are popping up. And so we also have to kind of keep up with where they're going on these data dashboards. So they're adding more data into these reports so we know we have to optimize that. And then there's these kind of tangential work. So for example, COVID brought about, unfortunately, a lot of domestic violence reports. And so we have a lot of domestic violence agencies that we work with and that we have interactions with and to monitor their work, we have certain processes. So that's kind of like COVID-adjacent. But it's because it's such a very critical task, we're looking at how we can kind of help in those processes and areas. Same thing in like in our substance abuse area. We have substance use disorder treatment services that we provide. And we're delivering those at a higher rate because COVID kind of created more of a crisis than we would've liked. And so that's how we're prioritizing. It's really about what is the social need, what does the community need, and how can we put the technology work in those areas? >> So how do you envision the future of automation in your organization and the future of your organization? What does that look like? Paint a picture for us. >> So I'm hoping that it really does, you know, so we're going to take everything that's COVID related in the disease control areas, both in terms of our laboratory operations, in terms of our clinic operations, the way we respond, vaccination campaigns, things of that nature. And we're going to look at it to see what can efficiencies can we do there because it's a natural outgrowth of everything we've done on COVID up to this point. So, you know, it's almost like it's as simple as you're just replicating it with another disease. The disease might have different characteristics, but the work process that we follow is very similar. It's not like we're going to change everything and do something completely different for a respiratory condition as we would for some other type of foodborne condition or something else that might happen. So we certainly see very easy opportunities to just to grow out what we've already done in terms of the processes is to do that. So that's wave one, is really focus on that grow out. The second piece I think is to look at these kind of other general kind of community-based type of operations and see what operations we can do there to kind of implement some improvements there. And then I'm certainly in my new role of, in Deputy Director of Operation, I'm a CIO before. Now that I'm in this operations role, I have access to the full administrative apparatus for the department. And believe me, there's enough to keep me busy there. (Dave V. Laughing) And so that's going to be kind of my third prong is to kind of look at the implement there. >> Awesome. Go ahead, Dave. >> Yeah, so, this is going to be taking a step back, kind of a higher level view. If we could direct the same level of rigor and attention towards some other thing that we've directed towards COVID, if you could snap your fingers and make that happen, what would that thing be in the arena of public health in LA County in particular, or if you want California, United States. What is something that you feel maybe needs more attention that it's getting right now? >> So I think I touched on it a little bit earlier, but I think it's the thing we've been always been trying to get to is how to really become just very intentional about how we share data more actively, right? I don't have to know everything about you, but there are certain things I care about when you go to the doctor for that doctor and that physician to tell me. Our physicians, our healthcare system as you know, is always under a lot of pressure. Doctors don't have the time to sit down and write a form out for me and tell me everything that's going on. During COVID they did because they were, they cared about their patients so much and knew, I need to know what's going on at every single moment. And if I don't tell you what's going on in my office, you'll never know and can't tell us what's going on in the community. So they had a vested interest in telling us. But on a normal day-to-day, they don't have the time for that. I got to replace that. We got to make sure that when we get to, not me only, but everyone in this public health community has to be focused and working with our healthcare partners to automate the dissemination and the distribution of information so that I have the information at my fingers, that I can then tell you, "Here's what's going on in your local community," down to your neighborhood, down to your zip code, your census tracked, down to your neighbors' homes. We'll be able to tell you, "This is your risk. Here are the things that are going on. This is what you have to watch out for." And the more that we can be more that focused and laser-focused on meeting that goal, we will be able to do our job more effectively. >> And you can do that while preserving people's privacy. >> Privacy, absolutely. >> Yeah, absolutely. But if people are informed then they can make their own decisions. >> Correct. >> And they're not frustrated at the systems. David, we got to wrap. >> Sure. >> But maybe you can help us. What's your impression of the, first of all, is this your first Forward? You've been to others? >> This is my first time. >> Okay. >> My first time. >> What's your sort of takeaway when you go back to the office or home and people say, "Hey, how was the show? What, what'd you learn?" What are you going to say? >> Well, from just seeing all the partners here and kind of seeing all the different events I've been able to go to and the sessions there's, you don't know many times I've gone to and say, "We've got to be doing that." And so there's certainly these opportunities for, you know, more AI, more automation opportunities that we have not, we just haven't even touched on really. I think that we really need to do that. I have to be able to, as a public institution at some point our budgets get capped. We only have so much that we're going to receive. Even riding this wave, there's only so much we're going to be able to get. So we have to be very efficient and use our resources more. There's a lot more that we can do with AI, a lot more with the tools that we saw, some of the work product that are coming out at this conference that we think we can directly apply to kind of take the humans out of that, their traditional roles, get them doing higher level work so I can get the most out of them and have this other more mundane type of work, just have the systems just do it. I don't need anybody doing that necessarily, that work. I need to be able to leverage them for other higher level capabilities. >> Well thank you for that. Thanks for coming on theCUBE and really appreciate. Dave- >> It's been great talking to you guys, thank you. >> Dave, you know, I love software shows because the business impact is so enormous and I especially love cool software shows. You know, this first of all, the venue. 3,500 people here. Very cool venue. I like the fact that it's not like booth in your face, booth competition. I mean I love VMware, VMworld, VMware Explore. But it's like, "My booth is bigger than your booth." This is really nice and clean, and it's all about the experience. >> A lot of steak, not as much sizzle. >> Yeah, definitely. >> A lot of steak. >> And the customer content at the UiPath events is always outstanding. But we are entering a new era for UiPath, and we're talking. We heard a lot about the Enterprise platform. You know, the big thing is this company's been in this quarterly shock-lock since last April when it went public. And it hasn't all been pretty. And so new co-CEO comes in, they've got, you know, resetting priorities around financials, go to market, they've got to have profitable growth. So watching that that closely. But also product innovation so the co-CEOs will be able to split that up, split their duties up. Daniel Dines the product visionary, product guru. Rob Enslin, you know- making the operations work. >> Operations execution business, yeah. >> We heard that Carl Eschenbach did the introduction. Carl's a major operator, wanted that DNA into the company. 'Cause they got to keep product innovation. And I want to, I want to see R&D spending, stay relatively high. >> Product innovation, but under the heading of platform. And that's the key thing is just not being that tool set. The positioning has been, I think, accurate that, you know, over history, we started with these RPA tools and now we've moved into business process automation and now we're moving into new frontiers where, where truly, AI and ML are being leveraged. I love the re-infer story about going in and using natural national (chuckles) national, natural language processing. I can't even say it, to go through messaging. That's sort of a next-level of intelligence to be able to automate things that couldn't be automated before. So that whole platform story is key. And they seem to have made a pretty good case for their journey into platform as far as I'm concerned. >> Well, yeah, to me again. So it's always about the customers, want to come to an event like this, you listen to what they say in the keynotes and then you listen to what the customers say. And there's a very strong alignment in the UiPath community between, you know, the marketing and the actual implementation. You know, marketing's always going to be ahead. But, we saw this a couple of years ago with platform. And now we're seeing it, you know, throughout the customer base, 10,000+ customers. I think this company could have, you know, easily double, tripled, maybe even 10x that. All right, we got to wrap. Dave Nicholson, thank you. Two weeks in a row. Good job. And let's see. Check out siliconangle.com for all the news. Check out thecube.net; wikibon.com has the research. We'll be on the road as usual. theCUBE, you can follow us. UiPath Forward 5, Dave Vellante for Dave Nicholson. We're out and we'll see you next time. Thanks for watching. (gentle music)

hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

(upbeat music) >> Hello and welcome to theCUBE's presentation of the AWS Startup Showcase. This is season two, episode four of the ongoing series covering the exciting hot startups from the AWS ecosystem. Here we're talking about cybersecurity in this episode. I'm your host, John Furrier here we're excited to have CUBE alumni who's back Snehal Antani who's the CEO and co-founder of Horizon3.ai talking about exploitable weaknesses and vulnerabilities with autonomous pen testing. Snehal, it's great to see you. Thanks for coming back. >> Likewise, John. I think it's been about five years since you and I were on the stage together. And I've missed it, but I'm glad to see you again. >> Well, before we get into the showcase about your new startup, that's extremely successful, amazing margins, great product. You have a unique journey. We talked about this prior to you doing the journey, but you have a great story. You left the startup world to go into the startup, like world of self defense, public defense, NSA. What group did you go to in the public sector became a private partner. >> My background, I'm a software engineer by education and trade. I started my career at IBM. I was a CIO at GE Capital, and I think we met once when I was there and I became the CTO of Splunk. And we spent a lot of time together when I was at Splunk. And at the end of 2017, I decided to take a break from industry and really kind of solve problems that I cared deeply about and solve problems that mattered. So I left industry and joined the US Special Operations Community and spent about four years in US Special Operations, where I grew more personally and professionally than in anything I'd ever done in my career. And exited that time, met my co-founder in special ops. And then as he retired from the air force, we started Horizon3. >> So there's really, I want to bring that up one, 'cause it's fascinating that not a lot of people in Silicon Valley and tech would do that. So thanks for the service. And I know everyone who's out there in the public sector knows that this is a really important time for the tactical edge in our military, a lot of things going on around the world. So thanks for the service and a great journey. But there's a storyline with the company you're running now that you started. I know you get the jacket on there. I noticed get a little military vibe to it. Cybersecurity, I mean, every company's on their own now. They have to build their own militia. There is no government supporting companies anymore. There's no militia. No one's on the shores of our country defending the citizens and the companies, they got to offend for themselves. So every company has to have their own military. >> In many ways, you don't see anti-aircraft rocket launchers on top of the JP Morgan building in New York City because they rely on the government for air defense. But in cyber it's very different. Every company is on their own to defend for themselves. And what's interesting is this blend. If you look at the Ukraine, Russia war, as an example, a thousand companies have decided to withdraw from the Russian economy and those thousand companies we should expect to be in the ire of the Russian government and their proxies at some point. And so it's not just those companies, but their suppliers, their distributors. And it's no longer about cyber attack for extortion through ransomware, but rather cyber attack for punishment and retaliation for leaving. Those companies are on their own to defend themselves. There's no government that is dedicated to supporting them. So yeah, the reality is that cybersecurity, it's the burden of the organization. And also your attack surface has expanded to not just be your footprint, but if an adversary wants to punish you for leaving their economy, they can get, if you're in agriculture, they could disrupt your ability to farm or they could get all your fruit to spoil at the border 'cause they disrupted your distributors and so on. So I think the entire world is going to change over the next 18 to 24 months. And I think this idea of cybersecurity is going to become truly a national problem and a problem that breaks down any corporate barriers that we see in previously. >> What are some of the things that inspired you to start this company? And I loved your approach of thinking about the customer, your customer, as defending themselves in context to threats, really leaning into it, being ready and able to defend. Horizon3 has a lot of that kind of military thinking for the good of the company. What's the motivation? Why this company? Why now? What's the value proposition? >> So there's two parts to why the company and why now. The first part was what my observation, when I left industry realm or my military background is watching "Jack Ryan" and "Tropic Thunder" and I didn't come from the military world. And so when I entered the special operations community, step one was to keep my mouth shut, learn, listen, and really observe and understand what made that community so impressive. And obviously the people and it's not about them being fast runners or great shooters or awesome swimmers, but rather there are learn-it-alls that can solve any problem as a team under pressure, which is the exact culture you want to have in any startup, early stage companies are learn-it-alls that can solve any problem under pressure as a team. So I had this immediate advantage when we started Horizon3, where a third of Horizon3 employees came from that special operations community. So one is this awesome talent. But the second part that, I remember this quote from a special operations commander that said we use live rounds in training because if we used fake rounds or rubber bullets, everyone would act like metal of honor winners. And the whole idea there is you train like you fight, you build that muscle memory for crisis and response and so on upfront. So when you're in the thick of it, you already know how to react. And this aligns to a pain I had in industry. I had no idea I was secure until the bad guy showed up. I had no idea if I was fixing the right vulnerabilities, logging the right data in Splunk, or if my CrowdStrike EDR platform was configured correctly, I had to wait for the bad guys to show up. I didn't know if my people knew how to respond to an incident. So what I wanted to do was proactively verify my security posture, proactively harden my systems. I needed to do that by continuously pen testing myself or continuously testing my security posture. And there just wasn't any way to do that where an IT admin or a network engineer could in three clicks have the power of a 20 year pen testing expert. And that was really what we set out to do, not build a autonomous pen testing platform for security people, build it so that anybody can quickly test their security posture and then use the output to fix problems that truly matter. >> So the value preposition, if I get this right is, there's a lot of companies out there doing pen tests. And I know I hate pen tests. They're like, cause you do DevOps, it changes you got to do another pen test. So it makes sense to do autonomous pen testing. So congratulations on seeing that that's obvious to that, but a lot of other have consulting tied to it. Which seems like you need to train someone and you guys taking a different approach. >> Yeah, we actually, as a company have zero consulting, zero professional services. And the whole idea is that build a true software as a service offering where an intern, in fact, we've got a video of a nine year old that in three clicks can run pen tests against themselves. And because of that, you can wire pen tests into your DevOps tool chain. You can run multiple pen tests today. In fact, I've got customers running 40, 50 pen tests a month against their organization. And that what that does is completely lowers the barrier of entry for being able to verify your posture. If you have consulting on average, when I was a CIO, it was at least a three month lead time to schedule consultants to show up and then they'd show up, they'd embarrass the security team, they'd make everyone look bad, 'cause they're going to get in, leave behind a report. And that report was almost identical to what they found last year because the older that report, the one the date itself gets stale, the context changes and so on. And then eventually you just don't even bother fixing it. Or if you fix a problem, you don't have the skills to verify that has been fixed. So I think that consulting led model was acceptable when you viewed security as a compliance checkbox, where once a year was sufficient to meet your like PCI requirements. But if you're really operating with a wartime mindset and you actually need to harden and secure your environment, you've got to be running pen test regularly against your organization from different perspectives, inside, outside, from the cloud, from work, from home environments and everything in between. >> So for the CISOs out there, for the CSOs and the CXOs, what's the pitch to them because I see your jacket that says Horizon3 AI, trust but verify. But this trust is, but is canceled out, just as verify. What's the product that you guys are offering the service. Describe what it is and why they should look at it. >> Yeah, sure. So one, when I back when I was the CIO, don't tell me we're secure in PowerPoint. Show me we're secure right now. Show me we're secure again tomorrow. And then show me we're secure again next week because my environment is constantly changing and the adversary always has a vote and they're always evolving. And this whole idea of show me we're secure. Don't trust that your security tools are working, verify that they can detect and respond and stifle an attack and then verify tomorrow, verify next week. That's the big mind shift. Now what we do is-- >> John: How do they respond to that by the way? Like they don't believe you at first or what's the story. >> I think, there's actually a very bifurcated response. There are still a decent chunk of CIOs and CSOs that have a security is a compliance checkbox mindset. So my attitude with them is I'm not going to convince you. You believe it's a checkbox. I'll just wait for you to get breached and sell to your replacement, 'cause you'll get fired. And in the meantime, I spend all my energy with those that actually care about proactively securing and hardening their environments. >> That's true. People do get fired. Can you give an example of what you're saying about this environment being ready, proving that you're secure today, tomorrow and a few weeks out. Give me an example. >> Of, yeah, I'll give you actually a customer example. There was a healthcare organization and they had about 5,000 hosts in their environment and they did everything right. They had Fortinet as their EDR platform. They had user behavior analytics in place that they had purchased and tuned. And when they ran a pen test self-service, our product node zero immediately started to discover every host on the network. It then fingerprinted all those hosts and found it was able to get code execution on three machines. So it got code execution, dumped credentials, laterally maneuvered, and became a domain administrator, which in IT, if an attacker becomes a domain admin, they've got keys to the kingdom. So at first the question was, how did the node zero pen test become domain admin? How'd they get code execution, Fortinet should have detected and stopped it. Well, it turned out Fortinet was misconfigured on three boxes out of 5,000. And these guys had no idea and it's just automation that went wrong and so on. And now they would've only known they had misconfigured their EDR platform on three hosts if the attacker had showed up. The second question though was, why didn't they catch the lateral movement? Which all their marketing brochures say they're supposed to catch. And it turned out that that customer purchased the wrong Fortinet modules. One again, they had no idea. They thought they were doing the right thing. So don't trust just installing your tools is good enough. You've got to exercise and verify them. We've got tons of stories from patches that didn't actually apply to being able to find the AWS admin credentials on a local file system. And then using that to log in and take over the cloud. In fact, I gave this talk at Black Hat on war stories from running 10,000 pen tests. And that's just the reality is, you don't know that these tools and processes are working for you until the bad guys have shown. >> The velocities there. You can accelerate through logs, you know from the days you've been there. This is now the threat. Being, I won't say lazy, but just not careful or just not thinking. >> Well, I'll do an example. We have a lot of customers that are Horizon3 customers and Splunk customers. And what you'll see their behavior is, is they'll have Horizon3 up on one screen. And every single attacker command executed with its timestamp is up on that screen. And then look at Splunk and say, hey, we were able to dump vCenter credentials from VMware products at this time on this host, what did Splunk see or what didn't they see? Why were no logs generated? And it turns out that they had some logging blind spots. So what they'll actually do is run us to almost like stimulate the defensive tools and then see what did the tools catch? What did they miss? What are those blind spots and how do they fix it. >> So your price called node zero. You mentioned that. Is that specifically a suite, a tool, a platform. How do people consume and engage with you guys? >> So the way that we work, the whole product is designed to be self-service. So once again, while we have a sales team, the whole intent is you don't need to have to talk to a sales rep to start using the product, you can log in right now, go to Horizon3.ai, you can run a trial log in with your Google ID, your LinkedIn ID, start running pen test against your home or against your network against this organization right now, without talking to anybody. The whole idea is self-service, run a pen test in three clicks and give you the power of that 20 year pen testing expert. And then what'll happen is node zero will execute and then it'll provide to you a full report of here are all of the different paths or attack paths or sequences where we are able to become an admin in your environment. And then for every attack path, here is the path or the kill chain, the proof of exploitation for every step along the way. Here's exactly what you've got to do to fix it. And then once you've fixed it, here's how you verify that you've truly fixed the problem. And this whole aha moment is run us to find problems. You fix them, rerun us to verify that the problem has been fixed. >> Talk about the company, how many people do you have and get some stats? >> Yeah, so we started writing code in January of 2020, right before the pandemic hit. And then about 10 months later at the end of 2020, we launched the first version of the product. We've been in the market for now about two and a half years total from start of the company till present. We've got 130 employees. We've got more customers than we do employees, which is really cool. And instead our customers shift from running one pen test a year to 40, 50 pen test. >> John: And it's full SaaS. >> The whole product is full SaaS. So no consulting, no pro serve. You run as often as you-- >> Who's downloading, who's buying the product. >> What's amazing is, we have customers in almost every section or sector now. So we're not overly rotated towards like healthcare or financial services. We've got state and local education or K through 12 education, state and local government, a number of healthcare companies, financial services, manufacturing. We've got organizations that large enterprises. >> John: Security's diverse. >> It's very diverse. >> I mean, ransomware must be a big driver. I mean, is that something that you're seeing a lot. >> It is. And the thing about ransomware is, if you peel back the outcome of ransomware, which is extortion, at the end of the day, what ransomware organizations or criminals or APTs will do is they'll find out who all your employees are online. They will then figure out if you've got 7,000 employees, all it takes is one of them to have a bad password. And then attackers are going to credential spray to find that one person with a bad password or whose Netflix password that's on the dark web is also their same password to log in here, 'cause most people reuse. And then from there they're going to most likely in your organization, the domain user, when you log in, like you probably have local admin on your laptop. If you're a windows machine and I've got local admin on your laptop, I'm going to be able to dump credentials, get the admin credentials and then start to laterally maneuver. Attackers don't have to hack in using zero days like you see in the movies, often they're logging in with valid user IDs and passwords that they've found and collected from somewhere else. And then they make that, they maneuver by making a low plus a low equal a high. And the other thing in financial services, we spend all of our time fixing critical vulnerabilities, attackers know that. So they've adapted to finding ways to chain together, low priority vulnerabilities and misconfigurations and dangerous defaults to become admin. So while we've over rotated towards just fixing the highs and the criticals attackers have adapted. And once again they have a vote, they're always evolving their tactics. >> And how do you prevent that from happening? >> So we actually apply those same tactics. Rarely do we actually need a CVE to compromise your environment. We will harvest credentials, just like an attacker. We will find misconfigurations and dangerous defaults, just like an attacker. We will combine those together. We'll make use of exploitable vulnerabilities as appropriate and use that to compromise your environment. So the tactics that, in many ways we've built a digital weapon and the tactics we apply are the exact same tactics that are applied by the adversary. >> So you guys basically simulate hacking. >> We actually do the hacking. Simulate means there's a fakeness to it. >> So you guys do hack. >> We actually compromise. >> Like sneakers the movie, those sneakers movie for the old folks like me. >> And in fact that was my inspiration. I've had this idea for over a decade now, which is I want to be able to look at anything that laptop, this Wi-Fi network, gear in hospital or a truck driving by and know, I can figure out how to gain initial access, rip that environment apart and be able to opponent. >> Okay, Chuck, he's not allowed in the studio anymore. (laughs) No, seriously. Some people are exposed. I mean, some companies don't have anything. But there's always passwords or so most people have that argument. Well, there's nothing to protect here. Not a lot of sensitive data. How do you respond to that? Do you see that being kind of putting the head in the sand or? >> Yeah, it's actually, it's less, there's not sensitive data, but more we've installed or applied multifactor authentication, attackers can't get in now. Well MFA only applies or does not apply to lower level protocols. So I can find a user ID password, log in through SMB, which isn't protected by multifactor authentication and still upon your environment. So unfortunately I think as a security industry, we've become very good at giving a false sense of security to organizations. >> John: Compliance drives that behavior. >> Compliance drives that. And what we need. Back to don't tell me we're secure, show me, we've got to, I think, change that to a trust but verify, but get rid of the trust piece of it, just to verify. >> Okay, we got a lot of CISOs and CSOs watching this showcase, looking at the hot startups, what's the message to the executives there. Do they want to become more leaning in more hawkish if you will, to use the military term on security? I mean, I heard one CISO say, security first then compliance 'cause compliance can make you complacent and then you're unsecure at that point. >> I actually say that. I agree. One definitely security is different and more important than being compliant. I think there's another emerging concept, which is I'd rather be defensible than secure. What I mean by that is security is a point in time state. I am secure right now. I may not be secure tomorrow 'cause something's changed. But if I'm defensible, then what I have is that muscle memory to detect, respondent and stifle an attack. And that's what's more important. Can I detect you? How long did it take me to detect you? Can I stifle you from achieving your objective? How long did it take me to stifle you? What did you use to get in to gain access? How long did that sit in my environment? How long did it take me to fix it? So on and so forth. But I think it's being defensible and being able to rapidly adapt to changing tactics by the adversary is more important. >> This is the evolution of how the red line never moved. You got the adversaries in our networks and our banks. Now they hang out and they wait. So everyone thinks they're secure. But when they start getting hacked, they're not really in a position to defend, the alarms go off. Where's the playbook. Team springs into action. I mean, you kind of get the visual there, but this is really the issue being defensible means having your own essentially military for your company. >> Being defensible, I think has two pieces. One is you've got to have this culture and process in place of training like you fight because you want to build that incident response muscle memory ahead of time. You don't want to have to learn how to respond to an incident in the middle of the incident. So that is that proactively verifying your posture and continuous pen testing is critical there. The second part is the actual fundamentals in place so you can detect and stifle as appropriate. And also being able to do that. When you are continuously verifying your posture, you need to verify your entire posture, not just your test systems, which is what most people do. But you have to be able to safely pen test your production systems, your cloud environments, your perimeter. You've got to assume that the bad guys are going to get in, once they're in, what can they do? So don't just say that my perimeter's secure and I'm good to go. It's the soft squishy center that attackers are going to get into. And from there, can you detect them and can you stop them? >> Snehal, take me through the use. You got to be sold on this, I love this topic. Alright, pen test. Is it, what am I buying? Just pen test as a service. You mentioned dark web. Are you actually buying credentials online on behalf of the customer? What is the product? What am I buying if I'm the CISO from Horizon3? What's the service? What's the product, be specific. >> So very specifically and one just principles. The first principle is when I was a buyer, I hated being nickled and dimed buyer vendors, which was, I had to buy 15 different modules in order to achieve an objective. Just give me one line item, make it super easy to buy and don't nickel and dime me. Because I've spent time as a buyer that very much has permeated throughout the company. So there is a single skew from Horizon3. It is an annual subscription based on how big your environment is. And it is inclusive of on-prem internal pen tests, external pen tests, cloud attacks, work from home attacks, our ability to harvest credentials from the dark web and from open source sources. Being able to crack those credentials, compromise. All of that is included as a singles skew. All you get as a CISO is a singles skew, annual subscription, and you can run as many pen tests as you want. Some customers still stick to, maybe one pen test a quarter, but most customers shift when they realize there's no limit, we don't nickel and dime. They can run 10, 20, 30, 40 a month. >> Well, it's not nickel and dime in the sense that, it's more like dollars and hundreds because they know what to expect if it's classic cloud consumption. They kind of know what their environment, can people try it. Let's just say I have a huge environment, I have a cloud, I have an on-premise private cloud. Can I dabble and set parameters around pricing? >> Yes you can. So one is you can dabble and set perimeter around scope, which is like manufacturing does this, do not touch the production line that's on at the moment. We've got a hospital that says every time they run a pen test, any machine that's actually connected to a patient must be excluded. So you can actually set the parameters for what's in scope and what's out of scope up front, most again we're designed to be safe to run against production so you can set the parameters for scope. You can set the parameters for cost if you want. But our recommendation is I'd rather figure out what you can afford and let you test everything in your environment than try to squeeze every penny from you by only making you buy what can afford as a smaller-- >> So the variable ratio, if you will is, how much they spend is the size of their environment and usage. >> Just size of the environment. >> So it could be a big ticket item for a CISO then. >> It could, if you're really large, but for the most part-- >> What's large? >> I mean, if you were Walmart, well, let me back up. What I heard is global 10 companies spend anywhere from 50 to a hundred million dollars a year on security testing. So they're already spending a ton of money, but they're spending it on consultants that show up maybe a couple of times a year. They don't have, humans can't scale to test a million hosts in your environment. And so you're already spending that money, spend a fraction of that and use us and run as much as you want. And that's really what it comes down to. >> John: All right. So what's the response from customers? >> What's really interesting is there are three use cases. The first is that SOC manager that is using us to verify that their security tools are actually working. So their Splunk environment is logging the right data. It's integrating properly with CrowdStrike, it's integrating properly with their active directory services and their password policies. So the SOC manager is using us to verify the effectiveness of their security controls. The second use case is the IT director that is using us to proactively harden their systems. Did they install VMware correctly? Did they install their Cisco gear correctly? Are they patching right? And then the third are for the companies that are lucky to have their own internal pen test and red teams where they use us like a force multiplier. So if you've got 10 people on your red team and you still have a million IPs or hosts in your environment, you still don't have enough people for that coverage. So they'll use us to do recon at scale and attack at scale and let the humans focus on the really juicy hard stuff that humans are successful at. >> Love the product. Again, I'm trying to think about how I engage on the test. Is there pilots? Is there a demo version? >> There's a free trials. So we do 30 day free trials. The output can actually be used to meet your SOC 2 requirements. So in many ways you can just use us to get a free SOC 2 pen test report right now, if you want. Go to the website, log in for a free trial, you can log into your Google ID or your LinkedIn ID, run a pen test against your organization and use that to answer your PCI segmentation test requirements, your SOC 2 requirements, but you will be hooked. You will want to run us more often. And you'll get a Horizon3 tattoo. >> The first hits free as they say in the drug business. >> Yeah. >> I mean, so you're seeing that kind of response then, trial converts. >> It's exactly. In fact, we have a very well defined aha moment, which is you run us to find, you fix, you run us to verify, we have 100% technical win rate when our customers hit a find, fix, verify cycle, then it's about budget and urgency. But 100% technical win rate because of that aha moment, 'cause people realize, holy crap, I don't have to wait six months to verify that my problems have actually been fixed. I can just come in, click, verify, rerun the entire pen test or rerun a very specific part of it on what I just patched my environment. >> Congratulations, great stuff. You're here part of the AWS Startup Showcase. So I have to ask, what's the relationship with AWS, you're on their cloud. What kind of actions going on there? Is there secret sauce on there? What's going on? >> So one is we are AWS customers ourselves, our brains command and control infrastructure. All of our analytics are all running on AWS. It's amazing, when we run a pen test, we are able to use AWS and we'll spin up a virtual private cloud just for that pen test. It's completely ephemeral, it's all Lambda functions and graph analytics and other techniques. When the pen test ends, you can delete, there's a single use Docker container that gets deleted from your environment so you have nothing on-prem to deal with and the entire virtual private cloud tears itself down. So at any given moment, if we're running 50 pen tests or a hundred pen tests, self-service, there's a hundred virtual private clouds being managed in AWS that are spinning up, running and tearing down. It's an absolutely amazing underlying platform for us to make use of. Two is that many customers that have hybrid environments. So they've got a cloud infrastructure, an Office 365 infrastructure and an on-prem infrastructure. We are a single attack platform that can test all of that together. No one else can do it. And so the AWS customers that are especially AWS hybrid customers are the ones that we do really well targeting. >> Got it. And that's awesome. And that's the benefit of cloud? >> Absolutely. And the AWS marketplace. What's absolutely amazing is the competitive advantage being part of the marketplace has for us, because the simple thing is my customers, if they already have dedicated cloud spend, they can use their approved cloud spend to pay for Horizon3 through the marketplace. So you don't have to, if you already have that budget dedicated, you can use that through the marketplace. The other is you've already got the vendor processes in place, you can purchase through your existing AWS account. So what I love about the AWS company is one, the infrastructure we use for our own pen test, two, the marketplace, and then three, the customers that span that hybrid cloud environment. That's right in our strike zone. >> Awesome. Well, congratulations. And thanks for being part of the showcase and I'm sure your product is going to do very, very well. It's very built for what people want. Self-service get in, get the value quickly. >> No agents to install, no consultants to hire. safe to run against production. It's what I wanted. >> Great to see you and congratulations and what a great story. And we're going to keep following you. Thanks for coming on. >> Snehal: Phenomenal. Thank you, John. >> This is the AWS Startup Showcase. I'm John John Furrier, your host. This is season two, episode four on cybersecurity. Thanks for watching. (upbeat music)

>>Good afternoon, everyone. And welcome back to the VMware Explorer. 2022 live from San Francisco. Lisa Martin, here with Dave. Valante good to be sitting next to you, sir. >>Yeah. Yeah. The big set >>And we're very excited to be welcoming buck. One of our esteemed alumni Sanja poin joins us, the CEO and president of cohesive. Nice to see >>You. Thank you, Lisa. Thank you, Dave. It's great to meet with you all the time and the new sort of setting here, but first >>Time, first time we've been in west, is that right? We've been in north. We've been in south. We've been in Las Vegas, right. But west, >>I mean, it's also good to be back with live shows with absolutely, you know, after sort of the two or three or hiatus. And it was a hard time for the whole world, but I'm kind of driving a little bit of adrenaline just being here with people. So >>You've also got some adrenaline, sorry, Dave. Yeah, you're good because you are new in the role at cohesive. You wrote a great blog that you are identified. The four reasons I came to cohesive. Tell the audience, just give 'em a little bit of a teaser about that. >>Yeah, I think you should all read it. You can Google and, and Google find that article. I talked about the people Mohi is a fantastic founder. You know, he was the, you know, the architect of the Google file system. And you know, one of the senior Google executives was on my board. Bill Corrin said one of the smartest engineers. He was the true father of hyperconverge infrastructure. A lot of the code of Nutanix. He wrote, I consider him really the father of that technology, which brought computer storage. And when he took that same idea of bringing compute to secondary storage, which is really what made the scale out architect unique. And we were at your super cloud event talking about that, Dave. Yeah. Right. So it's a people I really got to respect his smarts, his integrity and the genius, what he is done. I think the customer base, I called a couple of customers. One of them, a fortune 100 customer. I, I can't tell you who it was, but a very important customer. I've known him. He said, I haven't seen tech like this since VMware, 20 years ago, Amazon 10 years ago and now Ko. So that's special league. We're winning very much in the enterprise and that type of segment, the partners, you know, we have HPE, Cisco as investors. Amazon's an investors. So, you know, and then finally the opportunity, I think this whole area of data management and data security now with threats, like ransomware big opportunity. >>Okay. So when you were number two at VMware, you would come on and say, we'd love all our partners and of course, okay. So you know, a little bit about how to work with, with VMware. So, so when you now think about the partnership between cohesive and VMware, what are the things that you're gonna stress to your constituents on the VMware side to convince them that Hey, partnering with cohesive is gonna gonna drive more value for customers, you know, put your thumb on the scale a little bit. You know, you gotta, you gotta unfair advantage somewhat, but you should use it. So what's the narrative gonna be like? >>Yeah, I think listen with VMware and Amazon, that probably their top two partners, Dave, you know, like one of the first calls I made was to Raghu and he knew about this decision before. That's the level of trust I have in him. I even called Michael Dell, you know, before I made the decision, there's a little bit of overlap with Dell, but it's really small compared to the overlap, the potential with Dell hardware that we could compliment. And then I called four CEOs. I was, as I was making this decision, Andy Jassey at Amazon, he was formerly AWS CEO sat Nadela at Microsoft Thomas cor at Google and Arvin Christian, IBM to say, I'm thinking about this making decision. They are many of the mentors and friends to me. So I believe in an ecosystem. And you know, even Chuck Robbins, who the CEO of Cisco is an investor, I texted him and said, Hey, finally, we can be friends. >>It was harder to us to be friends with Cisco, given the overlap of NSX. So I have a big tent towards everybody in our ecosystem with VMware. I think the simple answer is there's no overlap okay. With, with the kind of the primary storage capabilities with VSAN. And by the same thing with Nutanix, we will be friends and, and extend that to be the best data protection solution. But given also what we could do with security, I think this is gonna go a lot further. And then it's all about meet the field. We have common partners. I think, you know, sort of the narrative I talked about in that blog is just like snowflake was replacing Terada and ServiceNow replace remedy and CrowdStrike, replacing Symantec, we're replacing legacy vendors. We are viewed as the modern solution cloud optimized for private and public cloud. We can help you and make VMware and vs a and VCF very relevant to that part of the data management and data security continuum, which I think could end VMware. And by the way, the same thing into the public cloud. So most of the places where we're being successful is clearly withs, but increasingly there's this discussion also about playing into the cloud. So I think both with VMware and Amazon, and of course the other partners in the hyperscaler service, storage, networking place and security, we have some big plans. >>How, how much do you see this? How do you see this multi-cloud narrative that we're hearing here from, from VMware evolving? How much of an opportunity is it? How are customers, you know, we heard about cloud chaos yesterday at the keynote, are customers, do they, do they admit that there's cloud chaos? Some probably do some probably don't how much of an opportunity is that for cohesive, >>It's tremendous opportunity. And I think that's why you need a Switzerland type player in this space to be successful. And you know, and you can't explicitly rule out the fact that the big guys get into this space, but I think it's, if you're gonna back up office 365 or what they call now, Microsoft 365 into AWS or Google workspace into Azure or Salesforce into one of those clouds, you need a Switzerland player. It's gonna be hard. And in many cases, if you're gonna back up data or you protect that data into AWS banks need a second copy of that either on premise or Azure. So it's very hard, even if they have their own native data protection for them to be dual cloud. So I think a multi-cloud story and the fact that there's at least three big vendors of cloud in, in the us, you know, one in China, if include Alibaba creates a Switzerland opportunity for us, that could be fairly big. >>And I think, you know, what we have to do is make sure while we'll be optimized, our preferred cloud is AWS. Our control plane runs there. We can't take an all in AWS stack with the control plane and the data planes at AWS to Walmart. So what I've explained to both Microsoft and AWS is that data plane will need to be multi-cloud. So I can go to an, a Walmart and say, I can back up your data into Azure if you choose to, but the control plane's still gonna be an AWS, same thing with Google. Maybe they have another account. That's very Google centric. So that's how we're gonna believe the, the control plane will be in AWS. We'll optimize it there, but the data plane will be multicloud. >>Yeah. And that's what Mo had explained at Supercloud. You know, and I talked to him, he really helped me hone in on the deployment models. Yes. Where, where, where the cohesive deployment model is instantiating that technology stack into each cloud region and each cloud, which gives you latency advantages and other advantages >>And single code based same platform. >>And then bringing it, tying it together with a unified, you know, interface. That was he, he was, he was key. In fact, I, I wrote about it recently and, and gave him and the other 29 >>Quite a bit in that session, he went deep with you. I >>Mean, with Mohi, when you get a guy who developed a Google file system, you know, who can technically say, okay, this is technically correct or no, Dave, your way off be. So I that's why I had to >>Go. I, I thought you did a great job in that interview because you probed him pretty deep. And I'm glad we could do that together with him next time. Well, maybe do that together here too, but it was really helpful. He's the, he's the, he's the key reason I'm here. >>So you say data management is ripe for disrupt disruption. Talk about that. You talked about this Switzerland effect. That sounds to me like a massive differentiator for cohesive. Why is data management right for disruption and why is cohesive the right partner to do it? >>Yeah, I think, listen, everyone in this sort of data protection backup from years ago have been saying the S Switzerland argument 18 years ago, I was a at Veras an executive there. We used the Switzerland argument, but what's changed is the cloud. And what's changed as a threat vector in security. That's, what's changed. And in that the proposition of a, a Switzerland player has just become more magnified because you didn't have a sales force or Workday service now then, but now you do, you didn't have multi-cloud. You had hardware vendors, you know, Dell, HPE sun at the time. IBM, it's now Lenovo. So that heterogeneity of, of on-premise service, storage, networking, HyperCloud, and, and the apps world has gotten more and more diverse. And I think you really need scale out architectures. Every one of the legacy players were not built with scale out architectures. >>If you take that fundamental notion of bringing compute to storage, you could almost paralyze. Imagine you could paralyze backup recovery and bring so much scale and speed that, and that's what Mo invented. So he took that idea of how he had invented and built Nutanix and applied that to secondary storage. So now everything gets faster and cheaper at scale. And that's a disruptive technology ally. What snowflake did to ator? I mean, the advantage of snowflake is when you took that same concept data, warehousing is not a new concept it's existed from since Ralph Kimball and bill Inman and the people who are fathers of data warehousing, they took that to Webscale. And in that came a disruptive force toter data, right on snowflake. And then of course now data bricks and big query, similar things. So we're doing the same thing. We just have to showcase the customers, which we do. And when large customers see that they're replacing the legacy solutions, I have a lot of respect for legacy solutions, but at some point in time of a solution was invented in 1995 or 2000, 2005. It's right. For change. >>So you use snowflake as an example, Frank SL doesn't like when I say playbook, cuz I says, Dave, I'm a situational CEO, no playbook, but there are patterns here. And one of the things he did is to your point go after, you know, Terra data with a better data warehouse, simplify scale, et cetera. And now he's, he's a constructing a Tam expansion strategy, same way he did at ServiceNow. And I see you guys following a similar pattern. Okay. You get your foot in the door. Let's face it. I mean, a lot of this started with, you know, just straight back. Okay, great. Now it's extending into data management now extending to multi-cloud that's like concentric circles in a Tam expansion strategy. How, how do you, as, as a CEO, that's part of your job is Tam expansion. >>So yeah, I think the way to think about the Tam is, I mean, people say it's 20, 30 billion, but let me tell you how you can piece it apart in size, Dave and Lisa number one, I estimate there's probably about 10 to 20 exabytes of data managed by these legacy players of on-prem stores that they back up to. Okay. So you add them all up in the market shares that they respectively are. And by the way, at the peak, the biggest of these companies got to 2 billion and then shrunk. That was Verto when I was there in 2004, 2 billion, every one of them is small and they stopped growing. You look at the IDC charts. Many of them are shrinking. We are the fastest growing in the last two years, but I estimate there's about 20 exabytes of data that collectively among the legacy players, that's either gonna stay on prem or move to the cloud. Okay. So the opportunity as they replace one of those legacy tools with us is first off to manage that 20 X by cheaper, faster with the Webscale glass offer the cloud guys, we could tip that into the cloud. Okay. >>But you can't stop there. >>Okay. No, we are not doing just backup recovery. We have a platform that can do files. We can do test dev analytics and now security. Okay. That data is potentially at a risk, not so much in the past, but for ransomware, right? How do we classify that? How do we govern that data? How do we run potential? You know, the same way you did antivirus some kind of XDR algorithms on the data to potentially not just catch the recovery process, which is after fact, but maybe the predictive act of before to know, Hey, there's somebody loitering around this data. So if I'm basically managing in the exabytes of data and I can proactively tell you what, this is, one CIO described this very simply to me a few weeks ago that I, and she said, I have 3000 applications, okay. I wanna be prepared for a black Swan event, except it's not a nine 11 planes getting the, the buildings. >>It is an extortion event. And I want to know when that happens, which of my 3000 apps I recover within one hour within one day within one week, no later than one month. Okay. And I don't wanna pay the bad guys at penny. That's what we do. So that's security discussions. We didn't have that discussion in 2004 when I was at another company, because we were talking about flood floods and earthquakes as a disaster recovery. Now you have a lot more security opportunity to be able to describe that. And that's a boardroom discussion. She needs to have that >>Digital risk. O O okay, go ahead please. I >>Was just gonna say, ransomware attack happens every what? One, every 11, 9, 11 seconds. >>And the dollar amount are going up, you know, dollar are going up. Yep. >>And, and when you pay the ransom, you don't always get your data back. So you that's not. >>And listen, there's always an ethical component. Should you do it or not do it? If you, if you don't do it and you're threatened, they may have left an Easter egg there. Listen, I, I feel very fortunate that I've been doing a lot in security, right? I mean, I built the business at, at, at VMware. We got it to over a billion I'm on the board of sneak. I've been doing security and then at SAP ran. So I know a lot about security. So what we do in security and the ecosystem that supports us in security, we will have a very carefully crafted stay tuned. Next three weeks months, you'll see us really rolling out a very kind of disciplined aspect, but we're not gonna pivot this company and become a cyber security company. Some others in our space have done that. I think that's not who we are. We are a data management and a data security company. We're not just a pure security company. We're doing both. And we do it well, intelligently, thoughtfully security is gonna be built into our platform, not voted on. Okay. And there'll be certain security things that we do organically. There's gonna be a lot that we do through partnerships, this >>Security market that's coming to you. You don't have to go claim that you're now a security vendor, right? The market very naturally saying, wow, a comprehensive security strategy has to incorporate a data protection strategy and a recovery, you know, and the things that we've talking about Mount ransomware, I want to ask you, you I've been around a long time, longer than you actually Sanjay. So, but you you've, you've seen a lot. You look, >>Thank you. That's all good. Oh, >>Shucks. So the market, I've never seen a market like this, right? I okay. After the.com crash, we said, and I know you can't talk about IPO. That's not what I'm talking about, but everything was bad after that. Right. 2008, 2000, everything was bad. I've never seen a market. That's half full, half empty, you know, snowflake beats and raises the stock, goes through the roof. Dev if it, if the area announced today, Mongo, DB, beat and Ray, that things getting crushed and, and after market never seen anything like this. It's so fed, driven and, and hard to protect. And, and of course, I know it's a marathon, you know, it's not a sprint, but have you ever seen anything like this? >>Listen, I walk worked through 18 quarters as COO of VMware. You've seen where I've seen public quarters there and you know, was very fortunate. Thanks to the team. I don't think I missed my numbers in 18 quarters except maybe once close. But we, it was, it's tough. Being a public company of the company is tough. I did that also at SAP. So the journey from 10 to 20 billion at SAP, the journey from six to 12 at VMware, that I was able to be fortunate. It's humbling because you, you really, you know, we used to have this, we do the earnings call and then we kind of ask ourselves, what, what do you think the stock price was gonna be a day and a half later? And we'd all take bets as to where this, I think you just basically, as a, as a sea level executive, you try to build a culture of beaten, raise, beaten, raise, beaten, raise, and you wanna set expectations in a way that you're not setting them up for failure. >>And you know, it's you, there's, Dave's a wonderful CEO as is Frank Salman. So it's hard for me to dissect. And sometimes the market are fickle on some small piece of it. But I think also the, when I, I encourage people say, take the long term view. When you take the long term view, you're not bothered about the ups and downs. If you're building a great company over the length of time, now it will be very clear over the arc of many, many quarters that you're business is trouble. If you're starting to see a decay in growth. And like, for example, when you start to see a growth, start to decay significantly by five, 10 percentage points, okay, there's something macro going on at this company. And that's what you won't avoid. But these, you know, ups and downs, my view is like, if you've got both Mongo D and snowflake are fantastic companies, they're CEOs of people I respect. They've actually kind of an, a, you know, advisor to us as a company, you knows moat very well. So we respect him, respect Frank, and you, there have been other quarters where Frank's, you know, the Snowflake's had a down result after that. So you build a long term and they are on the right side of history, snowflake, and both of them in terms of being a modern cloud relevant in the case of MongoDB, open source, two data technology, that's, you know, winning, I, I, we would like to be like them one day >>As, as the new CEO of cohesive, what are you most ask? What are you most anxious about and what are you most excited about? >>I think, listen, you know, you know, everything starts with the employee. You, I always believe I wrote my first memo to all employees. There was an article in Harvard business review called service profit chains that had a seminal impact on my leadership, which is when they studied companies who had been consistently profitable over a long period of time. They found that not just did those companies serve their customers well, but behind happy engaged customers were happy, engaged employees. So I always believe you start with the employee and you ensure that they're engaged, not just recruiting new employees. You know, I put on a tweet today, we're hiring reps and engineers. That's okay. But retaining. So I wanna start with ensuring that everybody, sometimes we have to make some unfortunate decisions with employees. We've, we've got a part company with, but if we can keep the best and brightest retained first, then of course, you know, recruiting machine, I'm trying to recruit the best and brightest to this company, people all over the place. >>I want to get them here. It's been, so I mean, heartwarming to come Tom world and just see people from all walks, kind of giving me hugs. I feel incredibly blessed. And then, you know, after employees, it's customers and partners, I feel like the tech is in really good hands. I don't have to worry about that. Cuz Mo it's in charge. He's got this thing. I can go to bed knowing that he's gonna keep innovating the future. Maybe in some of the companies I've worried about the tech innovation piece, but most doing a great job there. I can kind of leave that in his cap of hands, but employees, customers, partners, that's kind of what I'm focused on. None of them are for me, like a keep up at night, but there are are opportunities, right? And sometimes there's somebody you're trying to salvage to make sure or somebody you're trying to convince to join. >>But you know, customers, I love pursuing customers. I love the win. I hate to lose. So fortune 1000 global, 2000 companies, small companies, big companies, I wanna win every one of them. And it's not, it's not like, I mean, I know all these CEOs in my competitors. I texted him the day I joined and said, listen, I'll compete, honorably, whatever have you, but it's like Kobe and LeBron Kobe's passed away now. So maybe it's Steph Curry. LeBron, whoever your favorite athlete is you put your best on the court and you win. And that's how I am. That's nothing I've known no other gear than to put my best on the court and win, but do it honorably. It should not be the one that you're doing it. Unethically. You're doing it personally. You're not calling people's names. You're competing honorably. And when you win the team celebrates, it's not a victory for me. It's a victory for the team. >>I always think I'm glad that you brought up the employee experience and we're almost out of time, but I always think the employee experience and the customer experience are inextricably linked. This employees have to be empowered. They have to have the data that they need to do their job so that they can deliver to the customer. You can't do one without the other. >>That's so true. I mean, I, it's my belief. And I've talked also on this show and others about servant leadership. You know, one of my favorite poems is Brenda Naor. I went to bed in life. I dreamt that life was joy. I woke up and realized life was service. I acted in service was joy. So when you have a leadership model, which is it's about, I mean, there's lots of layers between me and the individual contributor, but I really care about that sales rep and the engineer. That's the leaf level of the organization. What can I get obstacle outta their way? I love skipping levels of going right. That sales rep let's go and crack this deal. You know? So you have that mindset. Yeah. I mean, you, you empower, you invert the pyramid and you realize the power is at the leaf level of an organization. >>So that's what I'm trying to do. It's a little easier to do it with 2000 people than I dunno, either 20, 20, 2000 people or 35,000 reported me at VMware. And I mean a similar number at SAP, which was even bigger, but you can shape this. Now we are, we're not a startup anymore. We're a midsize company. We'll see. Maybe along the way, there's an IP on the path. We'll wait for that. When it comes, it's a milestone. It's not the destination. So we do that and we are, we, I told people we are gonna build this green company. Cohesive is gonna be a great company like VMware one day, like Amazon. And there's always a day of early beginnings, but we have to work harder. This is kind of like the, you know, eight year old version of your kid, as opposed to the 18 year old version of the kid. And you gotta work a little harder. So I love it. Yeah. >>Good luck. Awesome. Thank you. Best of luck. Congratulations. On the role, it sounds like there's a tremendous amount of adrenaline, a momentum carrying you forward Sanjay. We always appreciate having you. Thank >>You for having in your show. >>Thank you. Our pleasure, Lisa. Thank you for Sanja poin and Dave ante. I'm Lisa Martin. You're watching the cube live from VMware Explorer, 2022, stick around our next guest. Join us momentarily.

>>Good afternoon, everyone. And welcome back to the Cube's day two coverage of VMware Explorer, 2022 live from San Francisco. Lisa Martin, here with Dave. Valante good to be sitting next to you, sir. >>Yeah, the big >>Set and we're very excited to be welcoming back. One of our esteemed alumni Sanja poin joins us, the CEO and president of cohesive. Nice to see >>You. Thank you, Lisa. Thank you, Dave. It's great to meet with you all the time and the new sort of setting here, but >>First time we've been in west, is that right? We've been in north. We've been in south. We've been in Las Vegas, right. But west >>Nice. Well, I mean, it's also good to be back with live shows with absolutely, you know, after sort of the two or three or high. And it was a hard time for the whole world, but I'm kind of driving a little bit of adrenaline just being here with people. So >>You've also got some adrenaline, sorry, Dave. Yeah, you're good because you are new in the role at cohesive. You wrote a great blog that you are identified. The four reasons I came to cohesive. Tell the audience, just give 'em a little bit of a teaser about that. >>Yeah, I think you should all read it. You can Google and, and Google find that article. I talked about the people Mohi is a fantastic founder. You know, he was the, you know, the architect of the Google file system. And you know, one of the senior Google executives who was on my board, bill Corrin said one of the smartest engineers. He was the true father of hyperconverge infrastructure. A lot of the code of Nutanix. He wrote, I consider him really the father of that technology, which brought computer storage. And when he took that same idea of bringing compute to secondary storage, which is really what made the scale out architect unique. And we were at your super cloud event talking about that, Dave. Yeah. Right. So it's a people I really got to respect his smarts, his integrity and the genius, what he is done. >>I think the customer base, I called a couple of customers. One of them, a fortune 100 customer. I, I can't tell you who it was, but a very important customer. I've known him. He said, I haven't seen tech like this since VMware, 20 years ago, Amazon 10 years ago. And now COER so that's special league. We're winning very much in the enterprise and that type of segment, the partners, you know, we have HPE, Cisco as investors, Amazon's an investors. So, you know, and then finally the opportunity, I think this whole area of data management and data security now with threats, like ransomware big opportunity. >>Sure. Okay. So when you were number two at VMware, you would come on and say, we'd love all our partners and of course, okay. So you know, a little bit about how to work with, with VMware. So, so when you now think about the partnership between cohesive and VMware, what are the things that you're gonna stress to your constituents on the VMware side to convince them that Hey, partnering with cohesive is gonna gonna drive more value for customers, you know, put your thumb on the scale a little bit. You know, you gotta, you gotta unfair advantage somewhat, but you should use it. So what's the narrative gonna be like? >>Yeah. I think listen with VMware and Amazon, that probably their top two partners, Dave, you know, like one of the first calls I made was to Raghu and he knew about this decision before. That's the level of trust I have in him. I even called Michael Dell, you know, before I made the decision, there's a little bit of an overlap with Dell, but it's really small compared to the overlap, the potential with Dell hardware that we could compliment. And then I called four CEOs. I was, as I was making this decision, Andy Jassy at Amazon, he was formerly AWS CEO sat Nadela at Microsoft Thomas cor at Google and Arvin Christian at IBM to say, I'm thinking about this making decision. They are many of the mentors and friends to me. So I believe in an ecosystem. And you know, even Chuck Robbins, who the CEO of Cisco is an investor, I texted him and said, Hey, finally, we can be friends. >>It was harder to us to be friends with Cisco, given the overlap of NEX. So I have a big tent towards everybody in our ecosystem with VMware. I think the simple answer is there's no overlap okay. With, with the kind of the primary storage capabilities with VSAN. And by the same thing with Nutanix, we will be friends and, and extend that to be the best data protection solution. But given also what we could do with security, I think this is gonna go a lot further. And then it's all about meet in the field. We have common partners. I think, you know, sort of the narrative I talked about in that blog is just like snowflake was replacing Terada and ServiceNow replace remedy and CrowdStrike, replacing Symantec, we're replacing legacy vendors. We are viewed as the modern solution cloud optimized for private and public cloud. We can help you and make VMware and VSAN and VCF very relevant to that part of the data management and data security continuum, which I think could enhance VMware. And by the way, the same thing into the public cloud. So most of the places where we're being successful is clearly withs, but increasingly there's this discussion also about playing into the cloud. So I think both with VMware and Amazon, and of course the other partners in the hyperscaler service, storage, networking place and security, we have some big plans. >>How, how much do you see this? How do you see this multi-cloud narrative that we're hearing here from, from VMware evolving? How much of an opportunity is it? How are customers, you know, we heard about cloud chaos yesterday at the keynote, are customers, do they, do they admit that there's cloud chaos? Some probably do some probably don't how much of an opportunity is that for cohesive, >>It's tremendous opportunity. And I think that's why you need a Switzerland type player in this space to be successful. And you know, and you can't explicitly rule out the fact that the big guys get into this space, but I think it's, if you're gonna back up office 365 or what they call now, Microsoft 365 into AWS or Google workspace into Azure or Salesforce into one of those clouds, you need a Switzerland player it's gonna be out. And in many cases, if you're gonna back up data or you protect that data into AWS banks need a second copy of that either on premise or Azure. So it's very hard, even if they have their own native data protection for them to be dual cloud. So I think a multi-cloud story and the fact that there's at least three big vendors of cloud in, in the us, you know, one in China, if include Alibaba creates a Switzerland opportunity for us, that could be fairly big. >>And I think, you know, what we have to do is make sure while we'll be optimized, our preferred cloud is AWS. Our control plane runs there. We can't take an all in AWS stack with the control plane and the data planes at AWS to Walmart. So what I've explained to both Microsoft and AWS is that data plane will need to be multicloud. So I can go to an a Walmart and say, I can back up your data into Azure if you choose to, but the control, plane's still gonna be an AWS, same thing with Google. Maybe they have another account. That's very Google centric. So that's how we're gonna play the, the control plane will be in AWS. We'll optimize it there, but the data plane will be multi-cloud. >>Yeah. And that's what Mo had explained at Supercloud. You know, and I talked to, he really helped me hone in on the deployment models. Yes. Where, where, where the cohesive deployment model is instantiating that technology stack into each cloud region and each cloud, which gives you latency advantages and other advantages >>And single code based same platform, >>And then bringing it, tying it together with a unified, you know, interface. That was he, he was, he was key. In fact, I, I wrote about it recently and, and gave him and the other 20, >>Quite a bit in that session. Yeah. So he went deep with you. I >>Mean, with Mohi, when you get a guy who developed a Google file system, you know, who can technically say, okay, this is technically correct or no, Dave, your way off be so I that's why I had to >>Go. I, I thought you did a great job in that interview because you probed him pretty deep and I'm glad we could do that together with him next time. Well, maybe do that together here too, but it was really helpful. He's the, he's the, he's the key reason I'm here. >>So you say data management is ripe for disrupt disruption. Talk about that. You talked about this Switzerland effect. That sounds to me like a massive differentiator for cohesive. Why is data management right. For disruption and why is cohesive the right partner to do it? >>Yeah, I think, listen, everyone in this sort of data protection backup from years ago have been saying the S Switzerland argument 18 years ago, I was a at Veras an executive there. We used the Switzerland argument, but what's changed is the cloud. And what's changed as a threat vector in security. That's, what's changed. And in that the proposition of a, a Switzerland player has just become more magnified because you didn't have a sales force or Workday service now then, but now you do, you didn't have multi-cloud. You had hardware vendors, you know, Dell, HPE sun at the time. IBM, it's now Lenovo. So that heterogeneity of, of on-premise service, storage, networking, HyperCloud, and, and the apps world has gotten more and more diverse. And I think you really need scale out architectures. Every one of the legacy players were not built with scale out architectures. >>If you take that fundamental notion of bringing compute to storage, you could almost paralyze. Imagine you could paralyze backup recovery and bring so much scale and speed that, and that's what Mo invented. So he took that idea of how he had invented and built Nutanix and applied that to secondary storage. So now everything gets faster and cheaper at scale. And that's a disruptive technology ally. What snowflake did to ator? I mean, the advantage of snowflake is when you took that same concept data, warehousing is not a new concept it's existed from since Ralph Kimble and bill Inman and the people who are fathers of data warehousing, they took that to Webscale. And in that came a disruptive force toter data, right? And snowflake. And then of course now data bricks and big query, similar things. So we're doing the same thing. We just have to showcase the customers, which we do. And when large customers see that they're replacing the legacy solutions, I have a lot of respect for legacy solutions, but at some point in time of a solution was invented in 1995 or 2000, 2005. It's right. For change. >>So you use snowflake as an example, Frank sluman doesn't like when I say playbook, cuz I says, Dave, I'm a situational. See you no playbook, but there are patterns here. And one of the things he did is to your point go after, you know, Terra data with a better data warehouse, simplify scale, et cetera. And now he's, he's a constructing a Tam expansion strategy, same way he did at ServiceNow. And I, you guys following a similar pattern. Okay. You get your foot in the door. Let's face it. I mean, a lot of this started with, you know, just straight back. Okay, great. Now it's extending into data management now extending to multi-cloud that's like concentric circles in a Tam expansion strategy. How, how do as, as a CEO, that's part of your job is Tam expansion. >>So yeah, I think the way to think about the Tam is, I mean, people say it's 20, 30 billion, but let me tell you how you can piece it apart in size, Dave and Lisa number one, I estimate there's probably about 10 to 20 exabytes of data managed by these legacy players of on-prem stores that they back up to. Okay. So you add them all up in the market shares that they respectively are. And by the way, at the peak, the biggest of these companies got to 2 billion and then shrunk. That was Verto when I was there in 2004, 2 billion, every one of them is small and they stopped growing. You look at the IDC charts. Many of them are shrinking. We are the fastest growing in the last two years, but I estimate there's about 20 exabytes of data that collectively among the legacy players, that's either gonna stay on prem or move to the cloud. Okay. So the opportunity as they replace one of those legacy tools with us is first off to manage that 20 X bike cheaper, faster with the Webscale, a glass or for the cloud guys, we could tip that into the cloud. Okay. >>But you can't stop there. >>Okay. No, we are not doing just back recovery. Right. We have a platform that can do files. We can do test dev analytics and now security. Okay. That data is potentially at a risk, not so much in the past, but for ransomware, right? How do we classify that? How do we govern that data? How do we run potential? You know, the same way you did antivirus some kind of XDR algorithms on the data to potentially not just catch the recovery process, which is after fact, but maybe the predictive act of before to know, Hey, there's somebody loitering around this data. So if I'm basically managing in the exabytes of data and I can proactively tell you what, this is, one CIO described this very simply to me a few weeks ago that I, and she said, I have 3000 applications, okay. I wanna be prepared for a black Swan event, except it's not a nine 11 planes hitting the, the buildings. >>It is an extortion event. And I want to know when that happens, which of my 3000 apps I recover within one hour within one day within one week, no lay than one month. Okay. And I don't wanna pay the bad guys of penny. That's what we do. So that's security discussions. We didn't have that discussion in 2004 when I was at another company, because we were talking about flood floods and earthquakes as a disaster recovery. Now you have a lot more security opportunity to be able to describe that. And that's a boardroom discussion. She needs to have that >>Digital risk. O O okay, go ahead please. I >>Was just gonna say, ransomware attack happens every what? One, every 11, 9, 11 seconds. >>And the dollar amount are going up, you know, dollar of what? >>Yep. And, and when you pay the ransom, you don't always get your data back. So you that's >>Not. And listen, there's always an ethical component. Should you do it or not do it? If you, if you don't do it and you're threatened, they may have left an Easter egg there. Listen, I, I feel very fortunate that I've been doing a lot in security, right? I mean, I built the business at, at, at VMware. We got it to over a billion I'm on the board of sneak. I've been doing security and then at SAP ran. So I know a lot about security. So what we do in security and the ecosystem that supports us in security, we will have a very carefully crafted stay tuned. Next three weeks months, you'll see us really rolling out a very kind of disciplined aspect, but we're not gonna pivot this company and become a cyber security company. Some others in our space have done that. I think that's not who we are. We are a data management and a data security company. We're not just a pure security company. We're doing both. And we do it well, intelligently, thoughtfully security is gonna be built into our platform, not bolted on, okay. And there'll be certain security things that we do organically. There's gonna be a lot that we do through partnerships, >>This security market that's coming to you. You don't have to go claim that you're now a security vendor, right? The market very naturally saying, wow, a comprehensive security strategy has to incorporate a data protection strategy and a recovery, you know, and the things we've talking about, Mount ransomware, I want to ask you, you know, I've been around a long time, longer than you actually Sanjay. So, but you you've, you've seen a lot. You look incredibly, >>Thank you. That's all good. Oh, >>Shocks. So the market, I've never seen a market like this, right? I okay. After the.com crash, we said, and I know you can't talk about IPO. That's not what I'm talking about, but everything was bad after that. Right. 2008, 2000, everything was bad. I've never seen a market. That's half full, half empty, you know, snowflake beats and raises the stock, goes through the roof. Dev if it, the area announced today, Mongo, DB, beat and Ray, that things getting crushed. And, and after market never seen anything like this. It's so fed, driven and, and hard to protect. And, and of course, I know it's a marathon, you know, it's not a sprint, but have you ever seen anything like this? >>Listen, I walk worked through 18 quarters as COO of VMware. You seen, I've seen public quarters there and you know, was very fortunate. Thanks to the team. I don't think I missed my numbers in 18 quarters except maybe once close. But we, it was, it's tough. Being a public company. Officer of the company is tough. I did that also at SAP. So the journey from 10 to 20 billion at SAP, the journey from six to 12 at VMware, that I was able to be fortunate. It's humbling because you, you really, you know, we used to have this, we do the earnings call and then we kind of ask ourselves, what, what do you think the stock price was gonna be a day and a half later? And we'd all take bets as to wear this. I think you just basically, as a, as a sea level executive, you try to build a culture of beaten, raise, beaten, raise, beaten, raise, and you wanna set expectations in a way that you're not setting them up for failure. >>And you know, it's you, there's, Dave's a wonderful CEO as is Frank movement. So it's hard for me to dissect. And sometimes the market are fickle on some small piece of it. But I think also the, when I, I encourage people say, take the long term view. When you take the long term view, you're not bothered about the ups and downs. If you're building a great company over the length of time, now it will be very clear over the arc of many, many quarters that you're business is trouble. If you're starting to see a decay in growth. And like, for example, when you start to see a growth, start to decay significantly by five, 10 percentage points, okay, there's something macro going on at this company. And that's what you won't avoid. But these, you know, ups and downs, my view is like, if you've got both Mongo, DIA and snowflake are fantastic companies, they're CEOs of people I respect. They've actually a kind of an, a, you know, advisor to us as a company, you knows mot very well. So we respect him, respect Frank, and you, there have been other quarters where Frank's, you know, the snowflakes had a down result after that. So you build a long term and they are on the right side of history, snowflake, and both of them in terms of being a modern cloud relevant in the case of MongoDB open source to data technology, that's, you know, winning, I, we would like to be like them one day >>As, as the new CEO of cohesive, what are you most, what are you most anxious about? And what are you most excited about? >>I think, listen, you know, you know, everything starts with the employee. You, I always believe I wrote my first memo to all employees. There was an article in Harvard business review called service profit chains that had a seminal impact on my leadership, which is when they studied companies who had been consistently profitable over a long period of time. They found that not just did those companies serve their customers well, but behind happy engaged customers were happy, engaged employees. So I always believe you start with the employee and you ensure that they're engaged, not just recruiting new employees. You know, I put on a tweet today, we're hiring reps and engineers. That's okay. But retaining. So I wanna start with ensuring that everybody, sometimes we have to make some unfortunate decisions with employees. We've, we've got a part company with, but if we can keep the best and brightest retained first, then of course, you know, recruiting machine, I'm trying to recruit the best and brightest to this company, people all over the place. >>I want to get them here. It's been, so I mean, heartwarming to come to world and just see people from all walks, kind of giving me hugs. I feel incredibly blessed. And then, you know, after employees, it's customers and partners, I feel like the tech is in really good hands. I don't have to worry about that. Cuz Mo it's in charge. He's got this thing. I can go to bed knowing that he's gonna keep innovating the future. Maybe in some of the companies, I would worried about the tech innovation piece, but most doing a great job there. I can kind of leave that in his cap of hands, but employees, customers, partners, that's kind of what I'm focused on. None of them are for me, like a keep up at night, but they're are opportunities, right? And sometimes there's somebody you're trying to salvage to make sure or somebody you're trying to convince to join. >>But you know, customers, I love pursuing customers. I love the win. I hate to lose. So fortune 1000 global, 2000 companies, small companies, big companies, I wanna win every one of 'em and it's not, it's not like, I mean, I know all these CEOs in my competitors. I texted him the day I joined and said, listen, I'll compete, honorably, whatever have you, but it's like Kobe and LeBron Kobe's passed away now. So maybe it's step Curry. LeBron, whoever your favorite athlete is you put your best on the court and you win. And that's how I am. That's nothing I've known no other gear than to put my best on the court and win, but do it honorably. It should not be the one that you're doing it. Unethically. You're doing it personally. You're not calling people's names. You're competing honorably. And when you win the team celebrates, it's not a victory for me, it's a victory for the team. >>I always think I'm glad that you brought out the employee experience and we're almost out of time, but I always think the employee experience and the customer experience are inextricably linked. This employees have to be empowered. They have to have the data that they need to do their job so that they can deliver to the customer. You can't do one without the other. >>That's so true. I mean, I, it's my belief. And I've talked also on this show and others about servant leadership. You know, one of my favorite poems is Brenda NA Tago. I went to bed in life. I dreamt that life was joy. I woke up and realized life was service. I acted in service was joy. So when you have a leadership model, which is it's about, I mean, there's lots of layers between me and the individual contributor, but I really care about that sales rep and the engineer. That's the leaf level of the organization. What can I get obstacle outta their way? I love skipping levels and going write that sales rep let's go and crack this deal. You know? So you have that mindset. Yeah. I mean, you, you empower, you invert the pyramid and you realize the power is at the leaf level of an organization. >>So that's what I'm trying to do. It's a little easier to do it with 2000 people than I dunno, either 20, 20, 2000 people or 35,000 reported me at VMware. And I mean a similar number at SAP, which was even bigger, but you can shape this. Now we are, we're not a startup anymore. We're a mid-size company. We'll see. Maybe along the way, there's an IP on the path. We'll wait for that. When it comes, it's a milestone. It's not the destination. So we do that and we are, we, I told people we are gonna build this green company. Cohesive is gonna be a great company like VMware one day, like Amazon. And there's always a day of early beginnings, but we have to work harder. This is kind of like the, you know, eight year old version of your kid, as opposed to the 18 year old version of the kid. And you gotta work a little harder. So I love it. Yeah. >>Good luck. Awesome. Thank you too. Best of luck. Congratulations on the role, it sounds like there's a tremendous amount of adrenaline, a momentum carrying you forward Sanja. We always appreciate having thank >>You for having in your show. >>Thank you. Our pleasure, Lisa. Thank you for Sanjay poin and Dave ante. I'm Lisa Martin. You're watching the cube live from VMware Explorer, 2022, stick around our next guest. Join us momentarily.

(upbeat music) >> Welcome back, everyone to CUBE Supercloud 22. I'm John Furrier, your host. Got a great influencer, Cloud Cloud RRT segment with Sarbjeet Johal, Cloud influencer, Cloud economist, Cloud consultant, Cloud advisor. Sarbjeet, welcome back, CUBE alumni. Good to see you. >> Thanks John and nice to be here. >> Now, what's your title? Cloud consultant? Analyst? >> Consultant, actually. Yeah, I'm launching my own business right now formally, soon. It's in stealth mode right now, we'll be (inaudible) >> Well, I'll just call you a Cloud guru, Cloud influencer. You've been great, friend of theCUBE. Really powerful on social. You share a lot of content. You're digging into all the trends. Supercloud is a thing, it's getting a lot of traction. We introduced that concept last reinvent. We were riffing before that. As we kind of were seeing the structural change that is now Supercloud, it really is kind of the destination or outcome of what we're seeing with hybrid cloud as a steady state into the what's now, they call multicloud, which is kind of awkward. It feels like it's default. Like multicloud, multi-vendor, but Supercloud has much more of a comprehensive abstraction around it. What's your thoughts? >> As you said, as Dave says that too, the Supercloud has that abstraction built into it. It's built on top of cloud, right? So it's being built on top of the CapEx which is being spent by likes of AWS and Azure and Google Cloud, and many others, right? So it's leveraging that infrastructure and building software stack on top of that, which is a platform. I see that as a platform being built on top of infrastructure as code. It's another platform which is not native to the cloud providers. So it's like a kind of cross-Cloud platform. That's what I said. >> Yeah, VMware calls it that cloud-cross cloud. I'm not a big fan of the name but I get what you're saying. We had a segment on earlier with Adrian Cockcroft, Laurie McVety and Chris Wolf, all part of the Cloud RRT like ourselves, and you've involved in Cloud from day one. Remember the OpenStack days Early Cloud, AWS, when they started we saw the trajectory and we saw the change. And I think the OpenStack in those early days were tell signs because you saw the movement of API first but Amazon just grew so fast. And then Azure now is catching up, their CapEx is so large that companies like Snowflake's like, "Why should I build my own? "I just sit on top of AWS, "move fast on one native cloud, then figure it out." Seems to be one of the playbooks of the Supercloud. >> Yeah, that is true. And there are reasons behind that. And I think number one reason is the skills gravity. What I call it, the developers and/or operators are trained on one set of APIs. And I've said that many times, to out compete your competition you have to out educate the market. And we know which cloud has done that. We know what traditional vendor has done that, in '90s it was Microsoft, they had VBS number one language and they were winning. So in the cloud era, it's AWS, their marketing efforts, their go-to market strategy, the micro nature of the releasing the micro sort of features, if you will, almost every week there's a new feature. So they have got it. And other two are trying to mimic that and they're having low trouble light. >> Yeah and I think GCP has been struggling compared to the three and native cloud on native as you're right, completely successful. As you're caught up and you see the Microsoft, I think is a a great selling point around multiple clouds. And the question that's on the table here is do you stay with the native cloud or you jump right to multicloud? Now multicloud by default is kind of what I see happening. We've been debating this, I'd love to get your thoughts because, Microsoft has a huge install base. They've converted to Office 365. They even throw SQL databases in there to kind of give it a little extra bump on the earnings but I've been super critical on their numbers. I think their shares are, there's clearly overstating their share, in my opinion, compared to AWS is a need of cloud, Azure though is catching up. So you have customers that are happy with Microsoft, that are going to run their apps on Azure. So if a customer has Azure and Microsoft that's technically multiple clouds. >> Yeah, true. >> And it's not a strategy, it's just an outcome. >> Yeah, I see Microsoft cloud as friendly to the internal developers. Internal developers of enterprises. but AWS is a lot more ISV friendly which is the software shops friendly. So that's what they do. They just build software and give it to somebody else. But if you're in-house developer and you have been a Microsoft shop for a long time, which enterprise haven't been that, right? So Microsoft is well entrenched into the enterprise. We know that, right? >> Yeah. >> For a long time. >> Yeah and the old joke was developers love code and just go with a lock in and then ops people don't want lock in because they want choice. So you have the DevOps movement that's been successful and they get DevSecOps. The real focus to me, I think, is the operating teams because the ops side is really with the pressure vis-a-vis. I want to get your reaction because we're seeing kind of the script flip. DevOps worked, infrastructure's code has worked. We don't yet see security as code yet. And you have things like cloud native services which is all developer, goodness. So I think the developers are doing fine. Give 'em a thumbs up and open source's booming. So they're shifting left, CI/CD pipeline. You have some issues around repo, monolithic repos, but devs are doing fine. It's the ops that are now have to level up because that seems to be a hotspot. What's your take? What's your reaction to that? Do you agree? And if you say you agree, why? >> Yeah, I think devs are doing fine because some of the devs are going into ops. Like the whole movement behind DevOps culture is that devs and ops is one team. The people who are building that application they're also operating that as well. But that's very foreign and few in enterprise space. We know that, right? Big companies like Google, Microsoft, Amazon, Twitter, those guys can do that. They're very tech savvy shops. But when it comes to, if you go down from there to the second tier of enterprises, they are having hard time with that. Once you create software, I've said that, I sound like a broken record here. So once you create piece of software, you want to operate it. You're not always creating it. Especially when it's inhouse software development. It's not your core sort of competency to. You're not giving that software to somebody else or they're not multiple tenants of that software. You are the only user of that software as a company, or maybe maximum to your employees and partners. But that's where it stops. So there are those differences and when it comes to ops, we have to still differentiate the ops of the big companies, which are tech companies, pure tech companies and ops of the traditional enterprise. And you are right, the ops of the traditional enterprise are having tough time to cope up with the changing nature of things. And because they have to run the old traditional stacks whatever they happen to have, SAP, Oracle, financial, whatnot, right? Thousands of applications, they have to run that. And they have to learn on top of that, new scripting languages to operate the new stack, if you will. >> So for ops teams do they have to spin up operating teams for every cloud specialized tooling, there's consequences to that. >> Yeah. There's economics involved, the process, if you are learning three cloud APIs and most probably you will end up spending a lot more time and money on that. Number one, number two, there are a lot more problems which can arise from that, because of the differences in how the APIs work. The rule says if you pick one primary cloud and then you're focused on that, and most of your workloads are there, and then you go to the secondary cloud number two or three on as need basis. I think that's the right approach. >> Well, I want to get your take on something that I'm observing. And again, maybe it's because I'm old school, been around the IT block for a while. I'm observing the multi-vendors kind of as Dave calls the calisthenics, they're out in the market, trying to push their wears and convincing everyone to run their workloads on their infrastructure. multicloud to me sounds like multi-vendor. And I think there might not be a problem yet today so I want to get your reaction to my thoughts. I see the vendors pushing hard on multicloud because they don't have a native cloud. I mean, IBM ultimately will probably end up being a SaaS application on top of one of the CapEx hyperscale, some say, but I think the playbook today for customers is to stay on one native cloud, run cloud native hybrid go in on OneCloud and go fast. Then get success and then go multiple clouds. versus having a multicloud set of services out of the gate. Because if you're VMware you'd love to have cross cloud abstraction layer but that's lock in too. So what's your lock in? Success in the marketplace or vendor access? >> It's tricky actually. I've said that many times, that you don't wake up in the morning and say like, we're going to do multicloud. Nobody does that by choice. So it falls into your lab because of mostly because of what MNA is. And sometimes because of the price to performance ratio is better somewhere else for certain kind of workloads. That's like foreign few, to be honest with you. That's part of my read is, that being a developer an operator of many sort of systems, if you will. And the third tier which we talked about during the VMworld, I think 2019 that you want vendor diversity, just in case one vendor goes down or it's broken up by feds or something, and you want another vendor, maybe for price negotiation tactics, or- >> That's an op mentality. >> Yeah, yeah. >> And that's true, they want choice. They want to get locked in. >> You want choice because, and also like things can go wrong with the provider. We know that, we focus on top three cloud providers and we sort of assume that they'll be there for next 10 years or so at least. >> And what's also true is not everyone can do everything. >> Yeah, exactly. So you have to pick the provider based on all these sort of three sets of high level criteria, if you will. And I think the multicloud should be your last choice. Like you should not be gearing up for that by default but it should be by design, as Chuck said. >> Okay, so I need to ask you what does Supercloud in my opinion, look like five, 10 years out? What's the outcome of a good Supercloud structure? What's it look like? Where did it come from? How did it get there? What's your take? >> I think Supercloud is getting born in the absence of having standards around cloud. That's what it is. Because we don't have standards, we long, or we want the services at different cloud providers, Which have same APIs and there's less learning curve or almost zero learning curve for our developers and operators to learn that stuff. Snowflake is one example and VMware Stack is available at different cloud providers. That's sort of infrastructure as a service example if you will. And snowflake is a sort of data warehouse example and they're going down the stack. Well, they're trying to expand. So there are many examples like that. What was the question again? >> Is Supercloud 10 years out? What does it look like? What's the components? >> Yeah, I think the Supercloud 10 years out will expand because we will expand the software stack faster than the hardware stack and hardware stack will be expanding of course, with the custom chips and all that. There was the huge event yesterday was happening from AWS. >> Yeah, the Silicon. >> Silicon Day. And that's an eyeopening sort of movement and the whole technology consumption, if you will. >> And yeah, the differentiation with the chips with supply chain kind of herding right now, we think it's going to be a forcing function for more cloud adoption. Because if you can't buy networking gear you going to go to the cloud. >> Yeah, so Supercloud to me in 10 years, it will be bigger, better in the likes of HashiCorp. Actually, I think we need likes of HashiCorp on the infrastructure as a service side. I think they will be part of the Supercloud. They are kind of sitting on the side right now kind of a good vendor lost in transition kind of thing. That sort of thing. >> It's like Kubernetes, we'll just close out here. We'll make a statement. Is Kubernetes a developer thing or an infrastructure thing? It's an ops thing. I mean, people are coming out and saying Kubernetes is not a developer issue. >> It's ops thing. >> It's an ops thing. It's in operation, it's under the hood. So you, again, this infrastructure's a service integrating this super pass layer as Dave Vellante and Wikibon call it. >> Yeah, it's ops thing, actually, which enables developers to get that the Azure service, like you can deploy your software in sort of different format containers, and then you don't care like what VMs are those? And, but Serverless is the sort of arising as well. It was hard for a while now it's like the lull state, but I think Serverless will be better in next three to five years on. >> Well, certainly the hyperscale is like AWS and Azure and others have had great CapEx and investments. They need to stay ahead, in your opinion, final question, how do they stay ahead? 'Cause, AWS is not going to stand still nor will Azure, they're pedaling as fast as they can. Google's trying to figure out where they fit in. Are they going to be a real cloud or a software stack? Same with Oracle. To me, it's really, the big race is now with AWS and Azure's nipping at their heels. Hyperscale, what do they need to do to differentiate going forward? >> I think they are in a limbo. They, on one side, they don't want to compete with their customers who are sitting on top of them, likes of Snowflake and others, right? And VMware as well. But at the same time, they have to keep expanding and keep innovating. And they're debating within their themselves. Like, should we compete with these guys? Should we launch similar sort of features and functionality? Or should we keep it open? And what I have heard as of now that internally at AWS, especially, they're thinking about keeping it open and letting people sort of (inaudible)- >> And you see them buying some the Cerner with Oracle that bought Cerner, Amazon bought a healthcare company. I think the likes of MongoDB, Snowflake, Databricks, are perfect examples of what we'll see I think on the AWS side. Azure, I'm not so sure, they like to have a little bit more control at the top of the stack with the SaaS, but I think Databricks has been so successful open source, Snowflake, a little bit more proprietary and closed than Databricks. They're doing well is on top of data, and MongoDB has got great success. All of these things compete with AWS higher level services. So, that advantage of those companies not having the CapEx investment and then going multiple clouds on other ecosystems that's a path of customers. Stay one, go fast, get traction, then go. >> That's huge. Actually the last sort comment I want to make is that, Also, that you guys include this in the definition of Supercloud, the likes of Capital One and Soner sort of vendors, right? So they are verticals, Capital One is in this financial vertical, and then Soner which Oracle bar they are in this healthcare vertical. And remember in the beginning of the cloud and when the cloud was just getting born. We used to say that we will have the community clouds which will be serving different verticals. >> Specialty clouds. >> Specialty clouds, community clouds. And actually that is happening now at very sort of small level. But I think it will start happening at a bigger level. The Goldman Sachs and others are trying to build these services on the financial front risk management and whatnot. I think that will be- >> Well, what's interesting, which you're bringing up a great discussion. We were having discussions around these vertical clouds like Goldman Sachs Capital One, Liberty Mutual. They're going all in on one native cloud then going into multiple clouds after, but then there's also the specialty clouds around functionality, app identity, data security. So you have multiple 3D dimensional clouds here. You can have a specialty cloud just on identity. I mean, identity on Amazon is different than Azure. Huge issue. >> Yeah, I think at some point we have to distinguish these things, which are being built on top of these infrastructure as a service, in past with a platform, a service, which is very close to infrastructure service, like the lines are blurred, we have to distinguish these two things from these Superclouds. Actually, what we are calling Supercloud maybe there'll be better term, better name, but we are all industry path actually, including myself and you or everybody else. Like we tend to mix these things up. I think we have to separate these things a little bit to make things (inaudible) >> Yeah, I think that's what the super path thing's about because you think about the next generation SaaS has to be solved by innovations of the infrastructure services, to your point about HashiCorp and others. So it's not as clear as infrastructure platform, SaaS. There's going to be a lot of interplay between this levels of services. >> Yeah, we are in this flasker situation a lot of developers are lost. A lot of operators are lost in this transition and it's just like our economies right now. Like I was reading at CNBC today, and here's sort of headline that people are having hard time understanding what state the economy is in. And so same is true with our technology economy. Like we don't know what state we are in. It's kind of it's in the transition phase right now. >> Well we're definitely in a bad economy relative to the consumer market. I've said on theCUBE publicly, Dave has as well, not as aggressive. I think the tech is still in a boom. I don't think there's tech bubble at all that's bursting, I think, the digital transformation from post COVID is going to continue. And this is the first recession downturn where the hyperscalers have been in market, delivering the economic value, almost like they're pumping on all cylinders and going to the next level. Go back to 2008, Amazon web services, where were they? They were just emerging out. So the cloud economic impact has not been factored into the global GDP relationship. I think all the firms that are looking at GDP growth and tech spend as a correlation, are completely missing the boat on the fact that cloud economics and digital transformation is a big part of the new economics. So refactoring business models this is continuing and it's just the early days. >> Yeah, I have said that many times that cloud works good in the bad economy and cloud works great in the good economy. Do you know why? Because there are different type of workloads in the good economy. A lot of experimentation, innovative solutions go into the cloud. You can do experimentation that you have extra money now, but in the bad economy you don't want to spend the CapEx because don't have money. Money is expensive at that point. And then you want to keep working and you don't need (inaudible) >> I think inflation's a big factor too right now. Well, Sarbjeet, great to see you. Thanks for coming into our studio for our stage performance for Supercloud 22, this is a pilot episode that we're going to get a consortium of experts Cloud RRT like yourselves, in the conversation to discuss what the architecture is. What is a taxonomy? What are the key building blocks and what things need to be in place for Supercloud capability? Because it's clear that if without standards, without defacto standards, we're at this tipping point where if it all comes together, not all one company can do everything. Customers want choice, but they also want to go fast too. So DevOps is working. It's going the next level. We see this as Supercloud. So thank you so much for your participation. >> Thanks for having me. And I'm looking forward to listen to the other sessions (inaudible) >> We're going to take it on A stickers. We'll take it on the internet. I'm John Furrier, stay tuned for more Supercloud 22 coverage, here at the Palo Alto studios in one minute. (bright music)

(upbeat music) >> Welcome back everyone to Supercloud22, I'm John Furrier, host of theCUBE here in Palo Alto. For this next ecosystem's segment we have Muddu Sudhakar, who is the co-founder and CEO of Aisera, a friend of theCUBE, Cube alumni, serial entrepreneur, multiple exits, been on multiple times with great commentary. Muddu, thank you for coming on, and supporting our- >> Also thank you for having me, John. >> Yeah, thank you. Great handshake there, I love to do it. One, I wanted you here because, two reasons, one is, congratulations on your new funding. >> Thank you. >> For $90 million, Series D funding. >> Series D funding. >> So, huge validation in this market. >> It is. >> You have been experienced software so, it's a real testament to your team. But also, you're kind of in the Supercloud vortex. This new wave that Supercloud is part of is, I call it the pretext to what's coming with multi-clouds. It is the next level. >> I see. >> Structural change and we have been reporting on it, Dave and I, and we are being challenged. So, we decided to open it up. >> Very good, I would love it. >> And have a conversation rather than waiting eight months to prove that we are right. Which, we are right, but that is a long story. >> You're always right. (both laughs) >> What do you think of Supercloud, that's going on? What is the big trend? Because its public cloud is great, so there is no conflict there. >> Right. >> It's got great business, it's integrated, IaaS, to SaaS, PaaS, all in the beginning, or the middle. All that is called good. Now you have on-premise high rate cloud. >> Right. >> Edge is right around the corner. Exploding in new capabilities. So, complexity is still here. >> That's right, I think, you nailed it. We talk about hybrid cloud, and multi cloud. Supercloud is kind of elevates the message even better. Because you still have to leave for some of our clouds, public clouds. There will be some of our clouds, still running on the Edge. That's where, the Edge cloud comes in. Some will still be on-prem. So, the Supercloud as a concept is beyond hybrid and multi cloud. To me, I will run some of our cloud on Amazon. Some could be on Aisera, some could be running only on Edge, right? >> Mm hm >> And we still have, what we call remote executors. Some leaders of service now. You have, what we call the mid-server, is what I think it was called. Where you put in a small code and run it. >> Yeah. >> So, I think all those things will be running on-prem environment and VMware cloud, et cetera. >> And if you look back at, I think it has been five years now, maybe four or five years since Andy Jassy at reInvent announced Outposts. Think that was the moment in time that Dave and I took this pause back and said "Okay, that's Amazon." who listens to their customers. Acknowledging Hybrid. >> Right. >> Then we saw the rise of Snowflakes, the Databricks, specialty clouds. You start to see people who are building on top of AWS. But at MongoDB, it is a database, now they are a full blown, large scale data platform. These companies took advantage of the public cloud to build, as Jerry Chen calls it, "Castles in the cloud." >> Right. >> That seems to be happening in all areas. What do you think about that? >> Right, so what is driving the cloud? To me, we talk about machine learning in AI, right? Versus clouded options. We used to call it lift and shift. The outposts and lift and shift. Initially this was to get the data into the cloud. I think if you see, the vendor that I like the most, is, I'm not picking any favorite but, Microsoft Azure, they're thinking like your Supercloud, right? Amazon is other things, but Azure is a lot more because they run on-prem. They are also on Azure CloudFront, Amazon CloudFront. So I think, Azure and Amazon are doing a lot more in the area of Supercloud. What is really helping is the machine learning environment, needs Superclouds. Because I will be running some on the Edge, some compute, some will be running on the public cloud, some could be running on my data center. So, I think the Supercloud is really suited for AI and automation really well. >> Yeah, it is a good point about Microsoft, too. And I think Microsoft's existing install base saved Azure. >> Okay. >> They brought Office 365, Sequel Server, cause their customers weren't leaving Microsoft. They had the productivity thing nailed down as well as the ability to catch up >> That's right. >> To AWS. So, natural extension to on-premise with Microsoft. >> I think... >> Tell us- >> Your Supercloud is what Microsoft did. Right? Azure. If you think of, like, they had an Office 365, their SharePoint, their Dynamics, taking all of those properties, running on the Azure. And still giving the migration path into a data center. Is Supercloud. So, the early days Supercloud came from Azure. >> Well, that's a good point, we will certainly debate that. I will also say that Snowflake built on AWS. >> That's right. >> Okay, and became a super powerhouse with the data business. As did Databricks. >> That's right. >> Then went to Azure >> That's right. >> So, you're seeing kind of the Playbook. >> Right. >> Go fast on Cloud Native, the native cloud. Get that fly wheel going, then get going, somewhere else. >> It is, and to that point I think you and me are talking, right? If you are to start at one cloud and go to another cloud, the amount of work as a vendor for us to use for implement. Today, like we use all three clouds, including the Gov Cloud. It's a lot of work. So, what will happen, the next toolkit we use? Even services like Elastic. People will not, the word commoditize, is not the word, but people will create an abstraction layer, even for S3. >> Explain that, explain that in detail. So, elastic? What do you mean by that? >> Yeah, so what that means is today, Elasticsearch, if you do an Elasticsearch on Amazon, if I go to Azure, I don't want enter another Elasticsearch layer. Ideally I want us to write an abstracted search layer. So, that when I move my services into a different cloud I don't want to re-compute and re-calculate everything. That's a lot of work. Particularly once you have a production customer, if I were to shift the workloads, even to the point of infrastructure, take S3, if I read infrastructure to S3 and tomorrow I go to Azure. Azure will have its own objects store. I don't want to re-validate that. So what will happen is digital component, Kubernetes is already there, we want storage, we want network layer, we want VPM services, elastic as well as all fundamental stuff, including MongoDB, should be abstracted to run. On the Superclouds. >> Okay, well that is a little bit of a unicorn fantasy. But let's break that down. >> Sure. >> Do you think that's possible? >> It is. Because I think, if I am on MongoDB, I should be able to give a horizontal layer to MongoDB that is optimized for all three of them. I don't want MongoDB. >> First of all, everyone will buy that. >> Sure. >> I'm skeptical that that's possible. Given where we are at right now. So, you're saying that a vendor will provide an abstraction layer. >> No, I'm saying that either MongoDB, itself will do it, or a third party layer will come as a service which will abstract all this layer so that we will write to an AP layer. >> So what do you guys doing? How do you handle multiple clouds? You guys are taking that burden on, because it makes sense, you should build the abstraction layer. Not rely on a third party vendor right? >> We are doing it because there is no third party available offer it. But if you offer a third party tomorrow, I will use that as a Supercloud service. >> If they're 100% reliable? >> That's right. That's exactly it. >> They have to do the work. >> They have to do the work because if today I am doing it because no one else is offering it- >> Okay so what people might not know is that you are an angel investor as well as an entrepreneur been very successful, so you're rich, you have a lot of money. If I were a startup and I said, Muddu, I want to build this abstraction layer. What would be funding advice that you would give me as an entrepreneur? As a company to do that? >> I would do it like an Apigee that Google acquired, you should create an Apigee-like layer, for infrastructure upfront services, I think that is a very good option. >> And you think that is viable? >> It is very much viable. >> Would that be part of Supercloud architecture, in your opinion? >> It is. Right? And that will abstract all the clouds to some level. Like it is like Kubernetes abstract, so that if I am running on Kubernetes I can transfer to any cloud. >> Yeah >> But that should go from computer into other infrastructures. >> It's seems to me, Muddu, and I want to get your thoughts about this whole Supercloud defacto standard opportunity. It feels like we are waiting for a moment where there is some sort of defacto unification, whether it is in the distraction layer, or a standards body. There is no W3C here going on. I mean, W3C was for web consortium, for world wide web. The Supercloud seems to be having the same impact the web had. Transformative, disruptive, re-factoring business operations. Is there a standardized body or an opportunity for a defacto? Like Kubernetes was a great example of a unification around something for orchestration. Is there a better version in the Supercloud model where we need a standard? >> Yes and no. The reason is because by the time you come to standard, take time to look what happened. First, we started with VMs, then became Docker and Containers then we came to Kubernetes. So it goes through a journey. I think the next few years will be stood on SuperCloud let's make customers happy, let's make enough services going, and then the standards will come. Standards will be almost 2-3 years later. So I don't think standards should happen right now. Right now, all we need is, we need enough start ups to create the super layer abstraction, with the goal in mind of AI automation. The reason, AI is because AI needs to be able to run that. Automated because running a work flow is, I can either run a workflow in the cloud services, I can run it on on-prem, I can run it on database, so you have two good applications, take AI and automation with Supercloud and make enough enough noise on that make enough applications, then the standards will come. >> On this project we have been with SuperCloud these past day we have heard a lot of people talking. The themes that developers are okay, they are doing great. Open source is booming. >> Yes >> Cloud Native's got major traction. Developers are going fast and they love it, shifting left, all these great things. They're putting a lot of data, DevOps and the security teams, they're the ones who are leveling up. We are hearing a lot of conversations around how they can be faster. What is your view on this as relative to that Supercloud nirvana getting there? How are DevOps and security teams leveling up to devs? >> A couple of things. I think that in the world of DevSecOps and security ops. The reason security is important, right? Given what is going on, but you don't need to do security the manual way. I think that whole new operation that you and me talked about, AI ops should happen. Where the AI ops is for service operation, for performance, for incident or for security. Nobody thinks of AI security. So, the DevOps people should think more world of AI ops, so that I can predict, prevent things before they happen. Then the security will be much better. So AI ops with Supercloud will probably be that nirvana. But that is what should happen. >> In the AI side of things, what you guys are doing, what are you learning, on scale, relative to data? Is there, you said machine learning needs data, it needs scale operation. What's your view on the automation piece of all this? >> I think to me, the data is the single, underrated, unsung kind of hero in the whole machine learning. Everyone talks about AI and machine learning algorithms. Algorithms are as important, but even more important is data. Lack of data I can't do algorithms. So my advice to customers is don't lose your data. That is why I see, Frank, my old boss, setting everything up into the data cloud, in Snowflake. Data is so important, store the data, analyze the data. Data is the new AI. You and me talk so many times- >> Yeah >> It's underrated, people are not anticipating how important it is. But the data is coming from logs, events, whether there is knowledge documents, any data in any form. I think keep the data, analyze the data, data patterns, and then things like SuperCloud can really take advantage of that. >> So, in the Supercloud equation one of the things that has come up is that the native clouds do great. Their IaaS to SaaS is interactions that solve a lot of problems. There is integration that is good. >> Right. >> Now when you go off cloud, you get regions, get latency issues- >> Right >> You have more complexity. So what's the trade off in the Supercloud journey, if you had to guess? And just thinking out loud here, what would be some of the architectural trade offs of how you do it, what's the sequence? What's the order of operations to get Superclouding going? >> Yeah, very good questions here. I think once you start going from the public cloud, the clouds there scale to lets say, even a regional data center onto an Edge, latency will kick in. The lack of computer function will kick in. So there I think everything should become asynchronous, right? You will run the application in a limited environment. You should anticipate for small memories, small compute, long latencies, but still following should happen. So some operations should become the old-school following, like, it's like the email. I send an email, it's an asynchronous thing, I made a sponsor, I think most of message passing should go back to the old-school architectures They should become asynchronous where thing can rely. I think, as long as algorithms can take that into Edge, I think that Superclouds can really bridge between the public cloud to the edge. >> Muddu, thanks for coming, we really appreciate your insights here. You've always been a great friend, great commentator. If you weren't the CEO and a famous angel investor, we would certainly love to have you as a theCUBE analyst, here on theCUBE. >> I am always available for you. (John laughs) >> When you retire, you can come back. Final point, we've got time left. We'll give you a chance to talk about the company. I'm really intrigued by the success of your ninety million dollar financing realm because we are in a climate where people aren't getting those kinds of investments. It's usually down-rounds. >> Okay >> 409 adjustments, people are struggling. You got an up-round and you got a big number. Why the success? What is going on with the company? Why are you guys getting such great validation? Goldman Sachs, Thoma Bravo, Zoom, these are big names, these are the next gen winners. >> It is. >> Why are they picking you? Why are they investing in you? >> I think it is not one thing, it is many things. First all, I think it is a four-year journey for us where we are right now. So, the company started late 2017. It is getting the right customers, partners, employees, team members. So it is a lot hard work went in. So a lot of thanks to the Aisera community for where we are. Why customers and where we are? Look, fundamentally there is a problem to solve. Like, what Aisera is trying to solve is can we automate customer service? Whether internal employees, external customer support. Do it for IT, HR, sales, marketing, all the way to ops. Like you talk about DevSecOps, I don't want thousands of tune ups for ops. If I can make that job better, >> Yeah >> I want to, any job I want to automate. I call it, elevate the human, right? >> Yeah. >> And that's the reason- >> 'Cause you're saying people have to learn specialty tools, and there are consequences to that. >> Right, and to me, people should focus on more important tasks and use AI as a tool to automate those things right? It's like thinking of offering Apple City as Alexa as a service, that is how we are trying to offer customer service, like, right? And if it can do that consistently, and reduce costs, cost is a big reason why customers like us a lot, we have eliminated the cost in this down economy, I will amplify our message even more, right? I am going to take a bite out of their expense. Whether it is tool expense, it's on resources. Second, is user productivity And finally, experience. People want experience. >> Final question, folks out there, first of all, what do you think about Supercloud? And if someone asks you what is this Supercloud thing? How would you answer? >> Supercloud, is, to me, beyond multi cloud and hybrid cloud. It is to bridge applications that are build in Supercloud can run on all clouds seamlessly. You don't need to compile them, re-clear them. Supercloud is one place to build, develop, and deploy. >> Great, Muddu. Thank you for coming on. Supercloud22 here breaking it down with the ecosystem commentary, we have a lot of people coming to the small group of experts in our network, bringing you in open conversation around the future of cloud computing and applications globally. And again, it is all about the next generation cloud. This is theCUBE, thanks for watching. (upbeat music)